Při najíždění OS spadne, prosím o kontrolu logu

[rada85]

Logfile of random's system information tool 1.08 (written by random/random)
Run by User at 2011-06-02 14:21:40
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 172 GB (86%) free of 200 GB
Total RAM: 1021 MB (72% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1085031214-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1085031214-1801674531-1003UA.job
C:\WINDOWS\tasks\Norton Security Scan for User.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Documents and Settings\User\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll [2011-03-08 432640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
{D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-09-03 19573352]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-23 98304]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2011-02-04 949376]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2011-02-04 434176]
"NPSStartup"= []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]
"VW100 Connection Manager"=C:\Program Files\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe [2009-11-04 11910144]
"Google Update"=C:\Documents and Settings\User\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-02-11 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-06-22 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

======List of files/folders created in the last 1 months======

2011-06-02 14:21:44 ----D---- C:\Program Files\trend micro
2011-06-02 14:21:40 ----D---- C:\rsit
2011-06-02 14:18:32 ----D---- C:\Program Files\CCleaner
2011-06-02 14:09:10 ----D---- C:\Documents and Settings\User\Data aplikací\Malwarebytes
2011-06-02 14:09:01 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-06-02 14:08:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-06-02 14:08:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-06-02 14:08:55 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-06-02 13:28:23 ----A---- C:\WINDOWS\ntbtlog.txt
2011-05-23 12:16:13 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-05-23 12:15:46 ----D---- C:\WINDOWS\system32\drivers\NSS
2011-05-23 12:15:45 ----D---- C:\Program Files\Norton Security Scan
2011-05-23 12:15:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-05-23 12:15:34 ----D---- C:\Program Files\NortonInstaller
2011-05-23 12:15:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-05-23 10:09:51 ----D---- C:\Documents and Settings\User\Data aplikací\DDMSettings
2011-05-23 09:33:15 ----D---- C:\Documents and Settings\User\Data aplikací\DivX
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2011-05-23 09:32:56 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\vxblock.dll
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\pxwave.dll
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\pxsfs.dll
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\pxmas.dll
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\pxdrv.dll
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\pxafs.dll
2011-05-23 09:32:55 ----N---- C:\WINDOWS\system32\px.dll
2011-05-23 09:32:28 ----D---- C:\Program Files\Common Files\DivX Shared
2011-05-23 09:13:34 ----D---- C:\Program Files\DivX
2011-05-23 09:09:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-05-21 21:46:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-05-21 21:46:07 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2011-06-02 14:21:44 ----RD---- C:\Program Files
2011-06-02 14:09:01 ----D---- C:\WINDOWS\system32\drivers
2011-06-02 14:08:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-02 14:07:37 ----D---- C:\WINDOWS\Minidump
2011-06-02 14:07:37 ----D---- C:\WINDOWS
2011-06-02 13:47:49 ----A---- C:\WINDOWS\DUMP3855.tmp
2011-05-29 19:05:01 ----D---- C:\WINDOWS\Temp
2011-05-29 19:04:32 ----A---- C:\WINDOWS\ModemLog_Vertex Wireless CDC Modem #3.txt
2011-05-28 22:07:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-28 20:57:06 ----D---- C:\WINDOWS\system32\config
2011-05-28 10:35:58 ----D---- C:\WINDOWS\Prefetch
2011-05-26 20:52:23 ----D---- C:\Documents and Settings\User\Data aplikací\Skype
2011-05-26 19:59:36 ----D---- C:\Documents and Settings\User\Data aplikací\skypePM
2011-05-23 12:16:19 ----SD---- C:\WINDOWS\Tasks
2011-05-23 12:16:13 ----D---- C:\Program Files\Common Files
2011-05-23 09:32:56 ----D---- C:\WINDOWS\system32
2011-05-23 09:32:32 ----SHD---- C:\WINDOWS\Installer
2011-05-21 21:46:07 ----RD---- C:\Program Files\Skype
2011-05-21 21:46:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-05-13 07:24:05 ----HD---- C:\WINDOWS\inf
2011-05-11 21:05:19 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-06-15 12160]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2011-02-04 15424]
S1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
S2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2011-02-04 512096]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-06-23 5068288]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-09-03 6139496]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-01-14 277352]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\vwmfbus.sys [2009-05-29 90240]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\WINDOWS\system32\DRIVERS\vwmfdiag.sys [2009-05-29 98688]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\WINDOWS\system32\DRIVERS\vwmfmdfl.sys [2009-05-29 14976]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\WINDOWS\system32\DRIVERS\vwmfmdm.sys [2009-05-29 121984]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\WINDOWS\system32\DRIVERS\vwmfserd.sys [2009-05-29 98688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-06-22 602112]
S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2011-02-04 552064]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2006-10-31 167936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[rada85]

ComboFix 11-06-02.02 - User 03.06.2011 8:08.1.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1021.796 [GMT 2:00]
Spuštěný z: G:\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-03 do 2011-06-03 )))))))))))))))))))))))))))))))
.
.
2011-06-02 12:21 . 2011-06-02 12:21 -------- d-----w- c:\program files\trend micro
2011-06-02 12:21 . 2011-06-02 12:21 -------- d-----w- C:\rsit
2011-06-02 12:09 . 2011-06-02 12:09 -------- d-----w- c:\documents and settings\User\Data aplikací\Malwarebytes
2011-06-02 12:08 . 2011-06-02 12:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-05-23 10:16 . 2011-05-23 10:16 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\windows\system32\drivers\NSS
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\program files\Norton Security Scan
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\program files\NortonInstaller
2011-05-23 08:09 . 2011-05-23 08:09 -------- d-----w- c:\documents and settings\User\Data aplikací\DDMSettings
2011-05-23 07:33 . 2011-05-24 16:40 -------- d-----w- c:\documents and settings\User\Data aplikací\DivX
2011-05-23 07:13 . 2011-05-23 07:33 -------- d-----w- c:\program files\DivX
2011-05-23 07:09 . 2011-05-23 07:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DivX
2011-05-21 19:46 . 2011-05-21 19:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-05-21 19:46 . 2011-05-21 19:46 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 11:47 . 2011-02-04 17:02 94208 ----a-w- c:\windows\DUMP3855.tmp
2011-03-07 05:33 . 2011-02-04 16:16 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-06-15 . FA8C867F90782BAFA2CA39CC9BA36FDD . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-21 1233288]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-21 11:17 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-21 1233288]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-04-02 102400]
"VW100 Connection Manager"="c:\program files\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe" [2009-11-04 11910144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-09-03 19573352]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-22 98304]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2011-02-04 949376]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-02-04 434176]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2011-02-17 124928]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [4.2.2011 18:39 15424]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [6.2.2011 21:46 233472]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7.2.2011 19:15 246584]
S2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4.5.2010 13:07 503080]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4.2.2011 18:26 1691480]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [6.2.2011 21:46 36608]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [6.2.2011 21:46 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [6.2.2011 21:46 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [6.2.2011 21:46 121856]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM);c:\windows\system32\drivers\vwmfbus.sys [4.2.2011 20:01 90240]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM);c:\windows\system32\drivers\vwmfdiag.sys [4.2.2011 20:01 98688]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~;c:\windows\system32\drivers\vwmfmdfl.sys [4.2.2011 20:01 14976]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver;c:\windows\system32\drivers\vwmfmdm.sys [4.2.2011 20:01 121984]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM);c:\windows\system32\drivers\vwmfserd.sys [4.2.2011 20:01 98688]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-23 c:\windows\Tasks\Norton Security Scan for User.job
- c:\progra~1\NORTON~2\Engine\311~1.6\Nss.exe [2011-05-23 10:23]
.
2011-05-28 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-21 11:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=101916&l=dis
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
LSP: c:\windows\system32\imon.dll
TCP: Interfaces\{81D095F8-8BD4-446C-B38B-73D2BD8B376B}: NameServer = 78.136.128.4 78.136.128.12
FF - ProfilePath - c:\documents and settings\User\Data aplikací\Mozilla\Firefox\Profiles\fffly1u0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=101916&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101913&locale=en_EU&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-NPSStartup - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-03 08:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(240)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2011-06-03 08:16:14
ComboFix-quarantined-files.txt 2011-06-03 06:16
.
Před spuštěním: Volných bajtů: 179 897 966 592
Po spuštění: Volných bajtů: 183 179 325 440
.
- - End Of File - - 76DE2BED7CF8698D1903F2E875423E05

[Rudy]

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[rada85]

ComboFix 11-06-02.02 - User 04.06.2011 8:21.2.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1021.834 [GMT 2:00]
Spuštěný z: G:\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\User\Plocha\CFScript.txt..txt
AV: Eset NOD32 Antivirus 2.70 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-04 do 2011-06-04 )))))))))))))))))))))))))))))))
.
.
2011-06-02 12:21 . 2011-06-02 12:21 -------- d-----w- c:\program files\trend micro
2011-06-02 12:21 . 2011-06-02 12:21 -------- d-----w- C:\rsit
2011-06-02 12:09 . 2011-06-02 12:09 -------- d-----w- c:\documents and settings\User\Data aplikací\Malwarebytes
2011-06-02 12:08 . 2011-06-02 12:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-05-23 10:16 . 2011-05-23 10:16 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\windows\system32\drivers\NSS
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\program files\Norton Security Scan
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2011-05-23 10:15 . 2011-05-23 10:15 -------- d-----w- c:\program files\NortonInstaller
2011-05-23 08:09 . 2011-05-23 08:09 -------- d-----w- c:\documents and settings\User\Data aplikací\DDMSettings
2011-05-23 07:33 . 2011-05-24 16:40 -------- d-----w- c:\documents and settings\User\Data aplikací\DivX
2011-05-23 07:13 . 2011-05-23 07:33 -------- d-----w- c:\program files\DivX
2011-05-23 07:09 . 2011-05-23 07:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DivX
2011-05-21 19:46 . 2011-05-21 19:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-05-21 19:46 . 2011-05-21 19:46 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 11:47 . 2011-02-04 17:02 94208 ----a-w- c:\windows\DUMP3855.tmp
2011-03-07 05:33 . 2011-02-04 16:16 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-06-15 . FA8C867F90782BAFA2CA39CC9BA36FDD . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-04-02 102400]
"VW100 Connection Manager"="c:\program files\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe" [2009-11-04 11910144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-09-03 19573352]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-22 98304]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2011-02-04 949376]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-02-04 434176]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2011-02-17 124928]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [4.2.2011 18:39 15424]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [6.2.2011 21:46 233472]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7.2.2011 19:15 246584]
S2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4.5.2010 13:07 503080]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4.2.2011 18:26 1691480]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [6.2.2011 21:46 36608]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [6.2.2011 21:46 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [6.2.2011 21:46 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [6.2.2011 21:46 121856]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM);c:\windows\system32\drivers\vwmfbus.sys [4.2.2011 20:01 90240]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM);c:\windows\system32\drivers\vwmfdiag.sys [4.2.2011 20:01 98688]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~;c:\windows\system32\drivers\vwmfmdfl.sys [4.2.2011 20:01 14976]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver;c:\windows\system32\drivers\vwmfmdm.sys [4.2.2011 20:01 121984]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM);c:\windows\system32\drivers\vwmfserd.sys [4.2.2011 20:01 98688]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-23 c:\windows\Tasks\Norton Security Scan for User.job
- c:\progra~1\NORTON~2\Engine\311~1.6\Nss.exe [2011-05-23 10:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=101916&l=dis
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
LSP: c:\windows\system32\imon.dll
TCP: Interfaces\{81D095F8-8BD4-446C-B38B-73D2BD8B376B}: NameServer = 78.136.128.4 78.136.128.12
FF - ProfilePath - c:\documents and settings\User\Data aplikací\Mozilla\Firefox\Profiles\fffly1u0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com?o=101916&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101913&locale=en_EU&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - c:\program files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-04 08:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(240)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2011-06-04 08:29:28
ComboFix-quarantined-files.txt 2011-06-04 06:29
ComboFix2.txt 2011-06-03 06:16
.
Před spuštěním: Volných bajtů: 183 194 169 344
Po spuštění: Volných bajtů: 183 180 861 440
.
- - End Of File - - 7741834E345ED640373E87D6BA909715

[Rudy]

Smazáno, log již vypadá čistý. Nastala nějaká změna?

[rada85]

OS najede na chvilku na plochu, ale stejně spadne. O trochu se to posunulo, protože před tím, to skončilo u načítání osobního nastavení a to byl konec. Přes stav nouze jede v pohodě. VGA také problém nemá.

[Rudy]

Zkuste obnovu systému k datu, kdy korketně fungoval.

[rada85]

Obnova systému k datu kdy ještě fungoval tak to také nepomohlo...pořád se restartuje

[Rudy]

Odinstalujte to, co jste do PC nainstaloval těsně před tím, než se problém objevil (týká se i případných aktualizací systému). Pokud ani toto nepomůže, nezbude, než oprava z instal. média.

[rada85]

Tak nakonec jsem to vyřešil reinstalem OS.
Ale stejně díky.

[Rudy]

Nemáte zač!