Modrá smrt na win7 Ultimate 32x

[toomuuula]

Čau už fakt nevím , čím by to mohlo být.

Přikládám v raru všech 10 souborů z minidump adresáře.

Kód: Vybrat vše

  Adresa uloženého souboru:  	  Velikost  
http://www.ulozto.cz/4755985/minidump.rar

[MiliNess]

Jedná se o chybu při stránkování paměti. Stáhněte si nejprve utilitu GoldMemory, vypalte ISO na CD, nabootujte z něho a spusťte 12 hodinový test.
Také otestujte HDD třeba pomocí utility HDDTune.

[MiliNess]

Dále je velmi pravděpodobné, že máte systém napaden nějakým rootkitem. Poprosím kolegyni, aby se na to podívala. S těmi testy paměti a disku zatím sečkejte.

[toomuuula]

Ok zatím počkám. Navíc musím jít koupit cd má to pár kilogajtů a nechce se mi to vypalovat na DVD. Potom mě napiště co dál.

[motji]

Hezké odpoledne , mrkneme na to .
Pro začátek vložte log ze Rsitu, viz můj podpis.

[toomuuula]

Na Vir jsem také myslel , už mám log v preventivkách.

Kód: Vybrat vše

http://www.viry.cz/forum/viewtopic.php?f=30&t=100842

[motji]

Budeme pokračovat zde, ať to neřešíme ve dvou topicích

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[toomuuula]

ComboFix 10-05-06.04 - Tomas 07.05.2010 13:03:27.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2815.1939 [GMT 2:00]
Spuštěný z: c:\users\Tomas\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Tomas\AppData\Roaming\PnkBstrK.sys

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-07 do 2010-05-07 )))))))))))))))))))))))))))))))
.

2010-05-07 09:38 . 2010-05-07 09:38 -------- d-----w- c:\program files\Ubisoft
2010-05-07 08:32 . 1994-09-20 22:00 12800 ----a-w- c:\windows\system\WING32.DLL
2010-05-07 08:30 . 2010-05-07 08:32 -------- d-----w- C:\rsit
2010-05-07 08:30 . 2010-05-07 08:32 -------- d-----w- c:\program files\trend micro
2010-05-03 19:45 . 2010-05-03 19:45 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-05-03 15:04 . 2010-05-03 15:04 -------- d-----w- c:\program files\GameSpy Arcade
2010-05-03 13:49 . 2010-05-03 13:49 -------- d-----w- c:\program files\SystemRequirementsLab
2010-05-03 13:49 . 2010-05-03 13:49 -------- d-----w- c:\users\Tomas\SystemRequirementsLab
2010-04-27 13:04 . 2010-04-27 13:04 2131336 ----a-w- c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
2010-04-26 10:43 . 2010-04-27 17:05 -------- d-----w- c:\program files\Ask.com
2010-04-26 10:43 . 2010-04-26 10:43 -------- d-----w- c:\program files\uTorrent
2010-04-26 10:43 . 2010-04-26 12:25 -------- d-----w- c:\users\Tomas\AppData\Roaming\uTorrent
2010-04-25 09:13 . 2010-05-07 08:59 -------- d-----w- c:\program files\Share Rapid Uploader
2010-04-24 14:44 . 2010-04-24 14:44 -------- d-----w- c:\program files\directx
2010-04-24 14:43 . 2010-05-03 15:05 -------- d-----w- c:\program files\3do
2010-04-21 17:47 . 2010-04-21 17:47 -------- d-----w- c:\program files\Common Files\PCSuite
2010-04-21 17:46 . 2010-04-21 17:46 34701512 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_cze.exe
2010-04-21 17:46 . 2010-04-21 17:46 95232 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-04-21 17:46 . 2010-04-21 17:46 8192 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-04-21 17:46 . 2010-04-21 17:46 61440 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-04-21 17:46 . 2010-04-21 17:46 10240 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-04-21 06:44 . 2010-04-21 06:44 242696 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-04-21 06:43 . 2010-04-21 06:43 1689952 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-20 15:38 . 2010-04-20 15:38 -------- d-----w- c:\programdata\Nokia
2010-04-20 14:53 . 2010-04-20 14:53 -------- d-----w- c:\program files\PC Connectivity Solution
2010-04-20 14:52 . 2010-04-20 14:48 35557896 ----a-w- c:\programdata\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\NokiaSoftwareUpdaterSetup_cs.exe
2010-04-20 14:52 . 2010-04-20 14:52 3351812 ----a-w- c:\programdata\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\Installer\CommonCustomActions\msxml6Exec.exe
2010-04-20 14:52 . 2010-04-20 14:52 36864 ----a-w- c:\programdata\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\Installer\CommonCustomActions\Sleep.exe
2010-04-20 14:52 . 2010-04-20 14:52 3203453 ----a-w- c:\programdata\Installations\{4186FEBC-F0CC-4185-A406-24292BC9877A}\Installer\CommonCustomActions\vcredistExec.exe
2010-04-09 07:52 . 2010-04-09 07:52 710424 ----a-w- c:\programdata\avg9\update\backup\avgcsrvx.exe
2010-04-09 07:52 . 2010-04-09 07:52 460640 ----a-w- c:\programdata\avg9\update\backup\avgcclix.dll
2010-04-09 07:52 . 2010-04-09 07:52 4258144 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-09 07:52 . 2010-04-09 07:52 395032 ----a-w- c:\programdata\avg9\update\backup\avgclitx.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 11:00 . 2010-03-04 14:13 -------- d-----w- c:\users\Tomas\AppData\Roaming\DNA
2010-05-07 09:38 . 2010-03-04 14:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-07 09:29 . 2010-03-04 14:13 -------- d-----w- c:\program files\DNA
2010-05-06 19:38 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-05-06 19:38 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-05-05 16:10 . 2010-03-04 13:16 -------- d-----w- c:\program files\JDownloader
2010-05-04 07:37 . 2010-04-02 13:44 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-04 07:37 . 2010-04-02 13:43 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-02 14:51 . 2010-03-04 14:44 -------- d-----w- c:\program files\Common Files\Steam
2010-04-24 19:20 . 2010-03-04 13:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\Skype
2010-04-24 19:09 . 2010-03-04 13:05 -------- d-----w- c:\users\Tomas\AppData\Roaming\skypePM
2010-04-21 17:47 . 2010-03-04 15:00 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-21 17:46 . 2010-03-04 14:29 -------- d-----w- c:\programdata\Installations
2010-04-21 06:43 . 2010-03-04 13:01 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-20 16:30 . 2010-04-20 16:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-04-20 16:29 . 2010-03-04 15:03 -------- d-----w- c:\programdata\PC Suite
2010-04-20 15:00 . 2010-03-04 14:51 -------- d-----w- c:\programdata\Microsoft Help
2010-04-20 14:53 . 2010-03-04 15:00 -------- d-----w- c:\program files\DIFX
2010-04-20 14:53 . 2010-03-04 14:59 -------- d-----w- c:\program files\Nokia
2010-04-20 14:21 . 2010-03-04 15:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\PC Suite
2010-04-20 14:21 . 2010-03-04 15:03 -------- d-----w- c:\users\Tomas\AppData\Roaming\Nokia
2010-04-06 15:22 . 2010-04-06 15:22 -------- d--h--w- c:\programdata\CanonIJEGV
2010-04-06 14:14 . 2010-04-06 14:14 -------- d-----w- c:\program files\linguatec
2010-04-06 14:13 . 2010-04-01 16:00 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-03 15:29 . 2010-04-03 15:29 -------- d-----w- c:\programdata\Reflexive
2010-04-02 14:57 . 2010-04-02 13:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-04-02 06:46 . 2010-04-02 06:46 -------- d-----w- c:\program files\GamePark
2010-04-01 14:52 . 2010-04-01 14:48 -------- d-----w- c:\programdata\NFS Underground
2010-03-31 10:30 . 2010-03-31 10:30 -------- d-----w- c:\program files\AMD
2010-03-31 08:31 . 2010-03-30 16:43 1 ----a-w- c:\users\Tomas\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-30 16:42 . 2010-03-30 16:42 -------- d-----w- c:\users\Tomas\AppData\Roaming\OpenOffice.org
2010-03-28 10:01 . 2010-03-28 10:01 -------- d-----w- c:\programdata\ASUS
2010-03-27 08:07 . 2010-03-27 08:07 -------- d-----w- c:\users\Tomas\AppData\Roaming\Ubisoft
2010-03-27 08:07 . 2010-03-27 08:07 -------- d-----w- c:\programdata\Ubisoft
2010-03-25 19:15 . 2010-03-04 14:54 -------- d-----w- c:\users\Tomas\AppData\Roaming\BSplayer
2010-03-24 17:54 . 2010-03-24 17:54 -------- d-----w- c:\program files\AGEIA Technologies
2010-03-23 11:21 . 2010-03-23 09:52 -------- d-----w- c:\users\Tomas\AppData\Roaming\BatteryBar
2010-03-21 14:15 . 2010-03-21 14:15 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-03-18 19:27 . 2010-03-18 19:27 -------- d-----w- c:\program files\Intelore
2010-03-15 12:36 . 2010-03-15 12:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-15 12:36 . 2010-03-04 13:01 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-15 12:35 . 2010-03-04 13:01 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-10 15:24 . 2010-03-06 14:21 -------- d-----w- c:\program files\Pc translator
2010-03-09 15:17 . 2010-03-06 14:20 -------- d-----w- c:\users\Tomas\AppData\Roaming\LangSoft
2010-03-08 19:40 . 2010-03-08 19:37 -------- d-----w- c:\users\Tomas\AppData\Roaming\Ahead
2010-03-08 19:38 . 2010-03-08 19:34 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-08 19:34 . 2010-03-08 19:34 -------- d-----w- c:\programdata\Nero
2010-03-08 19:34 . 2010-03-08 19:34 -------- d-----w- c:\program files\Nero
2010-03-08 19:17 . 2010-03-08 19:17 -------- d-----w- c:\program files\CCleaner
2010-03-08 16:00 . 2010-03-08 16:00 -------- d--h--w- c:\programdata\CanonIJScan
2010-03-08 16:00 . 2010-03-08 16:00 -------- d-----w- c:\users\Tomas\AppData\Roaming\Canon
2010-03-08 15:58 . 2010-03-08 15:52 -------- d-----w- c:\program files\Canon
2010-03-08 15:57 . 2010-03-08 15:57 -------- d-----w- c:\program files\Common Files\CANON
2010-03-08 15:53 . 2010-03-08 15:53 -------- d--h--w- c:\program files\CanonBJ
2010-03-07 10:13 . 2010-03-07 10:13 592 ----a-w- c:\windows\eReg.dat
2010-03-06 14:23 . 2010-03-06 14:23 520192 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-03-06 14:23 . 2010-03-06 14:23 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-03-06 14:23 . 2010-03-06 14:23 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-03-04 15:05 . 2010-03-04 13:17 108824 ----a-w- c:\users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-04 15:03 . 2010-03-04 15:03 10134 ----a-r- c:\users\Tomas\AppData\Roaming\Microsoft\Installer\{1BFF0EA4-DFD8-8E28-90D4-8E435C7E0AAB}\ARPPRODUCTICON.exe
2010-03-04 14:29 . 2010-03-04 14:29 8192 ----a-w- c:\programdata\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Installer\CommonCustomActions\UninstCCD.exe
2010-03-04 14:29 . 2010-03-04 14:29 61440 ----a-w- c:\programdata\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-03-04 14:29 . 2010-03-04 14:29 10240 ----a-w- c:\programdata\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Installer\CommonCustomActions\UninstPCS.exe
2010-03-04 13:26 . 2010-03-04 13:26 0 ----a-w- c:\windows\nsreg.dat
2010-03-04 13:16 . 2010-03-04 13:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-04 13:12 . 2010-03-04 13:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-03-04 13:07 . 2010-03-04 13:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-04 12:39 . 2010-03-04 12:39 0 ----a-w- c:\windows\ativpsrm.bin
2010-03-02 17:20 . 2010-03-04 14:29 36100944 ----a-w- c:\programdata\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Nokia_PC_Suite_rel_7_0_7_0_cze_web.exe
2010-02-26 11:32 . 2010-03-04 14:59 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2010-03-04 323392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKLM\~\startupfolder\C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-17 16:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-10 16:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2009-10-26 15:26 753664 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 08:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-04 691696]
R3 GarenaPEngine;GarenaPEngine;c:\users\Tomas\AppData\Local\Temp\CFXF686.tmp [x]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-15 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-15 172032]
S2 AMDFusionSVC;Služby softwarového nástroje AMD Fusion;c:\program files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe [2009-09-08 383544]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-15 916760]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-15 308064]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\02fvkofh.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\Tomas\AppData\Local\Temp\CFXF686.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-05-07 13:12:30
ComboFix-quarantined-files.txt 2010-05-07 11:12

Před spuštěním: Volných bajtů: 25 477 103 616
Po spuštění: Volných bajtů: 26 360 741 888

- - End Of File - - A807D49FA15B56DE9653D79D363A1B46

[motji]

Garenu používáte?

[toomuuula]

Jasně často ...

[motji]

Já ted musím od počírače,ale večer V8m sem dám ještě skript na nějaké malé dočištění.
Virem to zřejmě nebude, zkuste otestovat ty RAM

[toomuuula]

Jasně nechám to navečer všechno ted s pc potřebuji dělat.

[MiliNess]

Pří práci můžete zatím alespoň zatím spustit HDD tune a zkontrolovat disk, na kterém máte stránkovací soubor. (většinou disk, na kterém je systém)

[toomuuula]

Ok udělám to...

[toomuuula]

Jo ještě předpokládám , že to mám vše ověřit Error Scenem + Health ne ?