VIRY.CZ

Ahoj, prosim o kontrolu logu. Samozdrejme nevim cim to je, ale zamrza me pc "pri ruznych cinnostech" "po ruzne dobe". Spis mam podezreni na nejaky kolidujici ovladace, ale opravdu nevim.
Predem diky mari.

Logfile of random's system information tool 1.08 (written by random/random)
Run by iddqd at 2010-08-28 19:29:41
Microsoft Windows 7 Professional
System drive C: has 632 GB (66%) free of 954 GB
Total RAM: 4087 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:51, on 28.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WhoCrashed\whocrashed.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\mixe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: OKI OPHD DCS Loader - Oki Data Corporation - C:\Windows\system32\spool\DRIVERS\x64\3\OPHDLDCS.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8237 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Essentials\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\ASUS.SYS\config\DVMExportService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\spool\DRIVERS\x64\3\OPHDLDCS.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {13C96AF3-71A8-4BB6-804E-D4EB2B456C1F}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe" /startup
C:\Windows\Explorer.EXE
"C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe"
"C:\Program Files\ASUS\Six Engine\SixEngine.exe" -b
"C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Logitech\G-series Software\LCDMon.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
"C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe"
KHALMNPR.EXE /API
"C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe"
"C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe"
"C:\Program Files (x86)\Logitech\G-series Software\Applets\LCDMedia.exe"
"C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe" -b
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\WhoCrashed\whocrashed.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2692.83054a0.1591740434 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 2692 plugin \\.\pipe\gecko-crash-server-pipe.2692
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\AUDIODG.EXE 0x3c0
"C:\Users\mixe\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1446504]
"Launch LGDCore"=C:\Program Files\Logitech\G-series Software\LGDCore.exe [2006-03-06 1777664]
"Launch LCDMon"=C:\Program Files\Logitech\G-series Software\LCDMon.exe [2006-03-06 709120]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-07-17 134160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-04-28 142120]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TurboV EVO"=C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [2009-08-20 7256576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-03 98304]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-24 2245120]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"ATICustomerCare"=C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-28 19:29:41 ----D---- C:\rsit
2010-08-28 19:29:41 ----D---- C:\Program Files\trend micro
2010-08-28 18:50:59 ----D---- C:\Program Files\WhoCrashed
2010-08-28 16:09:30 ----D---- C:\Windows\pss
2010-08-28 15:59:09 ----A---- C:\Windows\ntbtlog.txt
2010-08-27 16:18:28 ----D---- C:\Users\mixe\AppData\Roaming\HD Tune Pro
2010-08-27 16:18:24 ----D---- C:\Program Files (x86)\HD Tune Pro
2010-08-27 13:07:19 ----D---- C:\ProgramData\ATI
2010-08-27 13:00:33 ----D---- C:\Program Files (x86)\ATI
2010-08-27 12:58:15 ----D---- C:\ATI
2010-08-26 11:14:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-08-25 15:17:09 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 15:17:09 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-19 07:11:22 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-08-19 07:11:22 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-08-19 07:11:22 ----A---- C:\Windows\SYSWOW64\java.exe
2010-08-13 14:13:44 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-13 14:13:44 ----A---- C:\Windows\system32\schannel.dll
2010-08-13 14:13:44 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-13 14:13:44 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-13 14:13:44 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-13 14:13:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-13 14:13:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-13 14:13:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-13 14:13:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-13 14:13:38 ----A---- C:\Windows\system32\mshtml.dll
2010-08-13 14:13:37 ----A---- C:\Windows\system32\ieframe.dll
2010-08-13 14:13:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-13 14:13:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-13 14:13:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-13 14:13:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-13 14:13:35 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-13 14:13:35 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-13 14:13:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-13 14:13:35 ----A---- C:\Windows\system32\wininet.dll
2010-08-13 14:13:35 ----A---- C:\Windows\system32\urlmon.dll
2010-08-13 14:13:35 ----A---- C:\Windows\system32\mstime.dll
2010-08-13 14:13:35 ----A---- C:\Windows\system32\iepeers.dll
2010-08-13 14:13:35 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-13 14:13:34 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-13 14:13:34 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-13 14:13:34 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-13 14:13:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-13 14:13:34 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-13 14:13:34 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-13 14:13:34 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-13 14:13:34 ----A---- C:\Windows\system32\ieui.dll
2010-08-13 14:13:31 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-13 14:13:31 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-13 14:13:31 ----A---- C:\Windows\system32\rtutils.dll
2010-08-13 14:13:29 ----A---- C:\Windows\system32\win32k.sys
2010-08-13 14:13:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-13 14:13:27 ----A---- C:\Windows\system32\msxml3.dll
2010-08-04 04:22:36 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2010-08-04 04:07:12 ----A---- C:\Windows\system32\atio6axx.dll
2010-08-04 03:55:00 ----A---- C:\Windows\system32\atiapfxx.exe
2010-08-04 03:54:50 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2010-08-04 03:54:00 ----A---- C:\Windows\system32\aticfx64.dll
2010-08-04 03:52:04 ----A---- C:\Windows\system32\ATIDEMGX.dll
2010-08-04 03:51:54 ----A---- C:\Windows\system32\atieclxx.exe
2010-08-04 03:51:20 ----A---- C:\Windows\system32\atiesrxx.exe
2010-08-04 03:50:14 ----A---- C:\Windows\system32\atitmm64.dll
2010-08-04 03:49:56 ----A---- C:\Windows\system32\atipdl64.dll
2010-08-04 03:49:50 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2010-08-04 03:49:48 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2010-08-04 03:49:40 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2010-08-04 03:49:36 ----A---- C:\Windows\system32\atimuixx.dll
2010-08-04 03:49:32 ----A---- C:\Windows\system32\atiedu64.dll
2010-08-04 03:49:26 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2010-08-04 03:46:32 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2010-08-04 03:28:30 ----A---- C:\Windows\system32\atiumd6a.dll
2010-08-04 03:28:26 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2010-08-04 03:26:02 ----A---- C:\Windows\system32\aticalrt64.dll
2010-08-04 03:26:00 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2010-08-04 03:25:54 ----A---- C:\Windows\system32\aticalcl64.dll
2010-08-04 03:25:50 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2010-08-04 03:25:42 ----A---- C:\Windows\system32\aticaldd64.dll
2010-08-04 03:24:34 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2010-08-04 03:23:46 ----A---- C:\Windows\system32\coinst.dll
2010-08-04 03:22:34 ----A---- C:\Windows\system32\atiumd64.dll
2010-08-04 03:21:38 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2010-08-04 03:16:14 ----A---- C:\Windows\system32\atiadlxx.dll
2010-08-04 03:16:06 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2010-08-04 03:15:58 ----A---- C:\Windows\system32\atig6pxx.dll
2010-08-04 03:15:54 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2010-08-04 03:15:54 ----A---- C:\Windows\system32\atiglpxx.dll
2010-08-04 03:15:52 ----A---- C:\Windows\system32\atig6txx.dll
2010-08-04 03:15:48 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2010-08-04 03:15:44 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2010-08-04 03:15:08 ----A---- C:\Windows\system32\atiuxp64.dll
2010-08-04 03:15:02 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2010-08-04 03:14:56 ----A---- C:\Windows\system32\atiu9p64.dll
2010-08-04 03:14:48 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2010-08-04 03:14:12 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2010-08-04 03:09:28 ----A---- C:\Windows\system32\atimpc64.dll
2010-08-04 03:09:28 ----A---- C:\Windows\system32\amdpcom64.dll
2010-08-04 03:09:22 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2010-08-04 03:09:22 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2010-08-03 19:18:58 ----A---- C:\Users\mixe\AppData\Roaming\myMPQ.ini
2010-08-03 15:42:18 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 15:42:17 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-07-30 23:51:41 ----D---- C:\Users\mixe\AppData\Roaming\HandBrake
2010-07-30 23:51:38 ----D---- C:\Program Files (x86)\Handbrake

======List of files/folders modified in the last 1 months======

2010-08-28 19:29:41 ----RD---- C:\Program Files
2010-08-28 19:29:30 ----D---- C:\Windows\Temp
2010-08-28 19:07:09 ----D---- C:\Windows\system32\config
2010-08-28 19:00:45 ----D---- C:\Windows\System32
2010-08-28 19:00:45 ----D---- C:\Windows\inf
2010-08-28 19:00:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-28 16:09:30 ----D---- C:\Windows
2010-08-27 16:31:02 ----D---- C:\Windows\system32\LogFiles
2010-08-27 16:18:24 ----RD---- C:\Program Files (x86)
2010-08-27 15:49:30 ----SHD---- C:\System Volume Information
2010-08-27 13:55:14 ----D---- C:\Windows\Prefetch
2010-08-27 13:08:48 ----D---- C:\Windows\SoftwareDistribution
2010-08-27 13:07:19 ----HD---- C:\ProgramData
2010-08-27 13:03:17 ----D---- C:\Windows\system32\catroot
2010-08-27 13:00:36 ----SHD---- C:\Windows\Installer
2010-08-27 13:00:33 ----D---- C:\Program Files (x86)\Common Files
2010-08-27 13:00:23 ----D---- C:\Program Files\ATI Technologies
2010-08-27 13:00:05 ----RSD---- C:\Windows\assembly
2010-08-27 13:00:05 ----D---- C:\Windows\SysWOW64
2010-08-27 12:59:58 ----D---- C:\Windows\system32\drivers
2010-08-27 12:59:57 ----D---- C:\Windows\system32\DriverStore
2010-08-27 12:59:54 ----D---- C:\Windows\system32\catroot2
2010-08-27 12:59:17 ----D---- C:\Windows\winsxs
2010-08-27 12:59:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-27 12:51:42 ----D---- C:\games
2010-08-27 12:35:19 ----D---- C:\Program Files (x86)\uTorrent
2010-08-26 02:20:24 ----D---- C:\Windows\AppPatch
2010-08-19 07:11:20 ----D---- C:\Program Files (x86)\Java
2010-08-14 13:06:55 ----D---- C:\Windows\Microsoft.NET
2010-08-14 10:01:14 ----D---- C:\Windows\SYSWOW64\migration
2010-08-14 10:01:14 ----D---- C:\Program Files\Internet Explorer
2010-08-14 10:01:14 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-14 10:01:13 ----D---- C:\Windows\system32\migration
2010-08-14 00:50:03 ----D---- C:\ProgramData\Microsoft Help
2010-08-05 19:48:19 ----D---- C:\Program Files\Fraps
2010-08-04 03:37:46 ----A---- C:\Windows\system32\atidxx64.dll
2010-08-04 00:11:26 ----D---- C:\Users\mixe\AppData\Roaming\BSplayer
2010-08-03 20:52:33 ----A---- C:\Windows\system32\MRT.exe
2010-08-03 19:17:38 ----D---- C:\Windows\system32\Tasks
2010-07-31 15:39:20 ----D---- C:\ProgramData\Blizzard Entertainment
2010-07-30 23:59:20 ----SD---- C:\Users\mixe\AppData\Roaming\Microsoft
2010-07-30 23:46:52 ----HD---- C:\temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-07-18 109480]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-06 834544]
R1 archlp;archlp; C:\Windows\SysWOW64\drivers\archlp.sys [2009-02-06 161792]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 173984]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-04 7451648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-04 268288]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-07-17 54288]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-07-17 56336]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-10 1222144]
S2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
S3 a0x1ww2d;a0x1ww2d; C:\Windows\system32\drivers\a0x1ww2d.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 120336]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-04 7451648]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2009-10-16 50176]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-04 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe [2009-07-17 319488]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17424]
R2 OKI OPHD DCS Loader;OKI OPHD DCS Loader; C:\Windows\system32\spool\DRIVERS\x64\3\OPHDLDCS.EXE [2007-05-29 20480]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-08 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-08 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

Nevidím nic nebezpečného. Pro jistotu ale proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.8.2010 20:11:40
mbam-log-2010-08-28 (20-11-40).txt

Typ skenu: Rychlý sken
Skenované objekty: 122008
Uplynulý čas: 2 minuta(y), 52 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

____________________________________________
Hmmm tak ted uz jen zjistit proc ten system zamrza "grrr"

Log vypadá čistý. Opravdu to vypadá na nějaký sw konflikt. Zkuste obnovu systému k datu, kdy korektně fungoval.

Bude to znit asi velice vtipne, ale trapim se s tim uz druhej den. Vcera byl nejdele spustenej pc bez seknuti priblizne 5-10min. Ted uz to mam zapnuty asi 3hodiny a bez problemu. "P.S. uz jsem toho zkousel hodne od zacatku,jak z HW= kabelaz, prach/necistoty. Take SW ruzne memory testy atp."
Predtim nez sem to pustil (ted bezici) jsem to mel v nouzovym rezimu, kde jsem pres msconfig vypnul skoro vsechny sluzby a spousteny programy po spusteni. Ted rsp. pred trema hodinama sem zapnul normalni rezim, kde jsem chtel zkusit ten "WhoCrashed" tak jsem to nahral nasledne pozapinal vse, restartoval a ted to jak jsem psal jde uz 3hodiny.

Takze jsem naprosto, ale naprosto dezorientovanej a uplne se bojim, protoze nemam absolutne paru co to delalo.

Těžko říci. Neproběhla mezitím nějaká aktualizace?

O tom jsem taky premejslel, ale co mam v pameti tak bohuzel ne. Az potom co se to stalo jsem to zacal ruzne honit ze vsch stran, kterym uzivatelsky trosicku rozumim, ale nic nepomahalo prave naopak to spis vypada na naprosto nahodny jev.

P.S. Presto diky moc za ceknuti logu a preji krasny vecer

Hezký zbytek večera a nemáte zač!

VIRY.CZ

Prosim o kontrolu logu, zamrza pc

Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc

Re: Prosim o kontrolu logu, zamrza pc