Re: random time BSOD
Napsal: 18 pro 2012 22:46
Log ComboFix vypadá takto: http://forum.viry.cz/viewtopic.php?f=30 ... x#p1173524 .
Stránka 2 z 2
Re: random time BSOD
Napsal: 18 pro 2012 22:47
Zkuste spustit v nouz. režimu.
Re: random time BSOD
Napsal: 19 pro 2012 08:41
BTW mcafee som odinstaloval uz par tyzdnou dozadu neviem ako mohol tvrdit ze je spusteny hladal som ho aj v procesoch ale nic som nenasiel ...
Kód: Vybrat vše
ComboFix 12-12-17.02 - Dream . 12. 2012 8:33.1.8 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8094.7119 [GMT 1:00]
Running from: c:\users\Dream\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
c:\users\Public\AlexaNSISPlugin.3616.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-11-19 to 2012-12-19 )))))))))))))))))))))))))))))))
.
.
2012-12-19 07:37 . 2012-12-19 07:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-19 07:37 . 2012-12-19 07:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-19 07:29 . 2012-12-19 07:30 -------- d-----w- c:\users\Dream\AppData\Local\LSC
2012-12-19 07:24 . 2012-12-19 07:24 -------- d-----w- c:\users\Dream\AppData\Local\Google
2012-12-16 08:46 . 2012-12-16 08:46 28992 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-12-15 19:53 . 2012-12-15 19:53 -------- d-----w- c:\users\Dream\AppData\Local\ElevatedDiagnostics
2012-12-15 19:52 . 2012-12-15 19:52 -------- d-----w- c:\users\Dream\AppData\Local\Adobe
2012-12-12 18:00 . 2012-11-05 20:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-12 17:57 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 17:52 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-09 01:12 . 2012-12-09 01:12 228768 ----a-w- c:\windows\system32\drivers\MPFILTER.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-17 12:38 . 1601-01-01 00:14 647208 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2012-11-17 12:38 . 1601-01-01 00:14 289664 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2012-10-31 07:39 . 2012-10-31 07:39 91568 ----a-w- c:\windows\system32\drivers\SCDEMU.sys
2012-10-30 17:20 . 2012-10-30 17:20 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-10-30 08:42 . 1601-01-01 00:14 228 --sha-w- c:\windows\system32\UICommu.bin
2012-10-30 08:23 . 1601-01-01 00:14 0 --sha-w- c:\windows\system32\NCCount.bin
2012-10-30 08:23 . 2012-07-11 09:11 65536 ----a-w- c:\windows\system32\ExchangSector.bin
2012-10-16 07:39 . 2012-11-27 21:07 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-13 20:38 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-13 20:38 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-04 16:40 . 2012-12-12 18:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-13 20:36 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42 . 2012-11-13 20:36 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-13 20:36 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-13 20:36 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-09-27 23:18 . 1601-01-01 00:14 65309168 ------w- c:\windows\system32\MRT.exe
2012-09-25 22:47 . 2012-11-13 20:25 78336 ----a-w- c:\windows\SysWow64\synceng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2012-07-11 09:09 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2011-12-09 548864]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-23 1675160]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-07-11 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-10-30 834544]
R1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-07-11 13408]
R1 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys [2012-02-11 217392]
R1 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys [2011-12-13 23648]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-04-28 119424]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [2012-03-26 572976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-04-28 163456]
R3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-04-28 36480]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-04-28 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-04-28 111232]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-04-28 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-04-28 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-04-28 281472]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-04-28 550528]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;NisSrv;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-11-15 313960]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
R3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
R3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [2012-02-06 958800]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-03 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-07-11 57952]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-07-11 39008]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-12-16 28992]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-07-11 30816]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-04-28 30848]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-01-15 208168]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-11 09:09]
.
2012-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-11 09:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2012-07-11 09:09 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-02-14 22:52 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-07-11 09:09 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-02 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-02 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-02 440600]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-12-15 564352]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\btvstack.exe" [2012-04-28 1022592]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\athbttray.exe" [2012-04-28 801920]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-07-11 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-07-11 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-07-11 206176]
"OneKeyReminder"="c:\program files\Lenovo\OneKey App\OneKey Recovery\OneKey Reminder.exe" [2012-01-12 537896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"OneKeyReminder"="c:\program files\Lenovo\OneKey App\OneKey Recovery\OneKey Reminder.exe" [2012-01-12 537896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 172.16.0.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{008f6853-9cb4-41c5-a950-39d55e5e06ba} - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
BHO-{F443A627-5009-4323-9C1D-7FD598D0D712} - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
Toolbar-Locked - (no file)
Toolbar-{EA582743-9076-4178-9AA6-7393FDF4D5CE} - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-19 08:39:38
ComboFix-quarantined-files.txt 2012-12-19 07:39
.
Pre-Run: 575 765 282 816 bytes free
Post-Run: 575 935 074 304 bytes free
.
- - End Of File - - 7C064085F33CDE7AA91CE22A05CB0E2B
Re: random time BSOD
Napsal: 19 pro 2012 18:51
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\program files\McAfee.com
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"
mcui_exe"=-
RegLockDel::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Re: random time BSOD
Napsal: 20 pro 2012 07:08
Ok vcera mi odpojili internet , nieco z wifi, tak som si stihol stiahnut len ten script ale vyzera to ze je po probleme, usetrenych 30 dolarov mozem venovat foru miesto pofiderneho programu 
Dakujem za pomoc a trpezlivost.
Dakujem za pomoc a trpezlivost.Re: random time BSOD
Napsal: 20 pro 2012 19:22
Nemáte zač a děkujeme za příspěvek. 