VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Modrá smrt

https://forum.viry.cz:443/viewtopic.php?t=110173

Stránka 1 z 3

Modrá smrt

Napsal: 11 bře 2011 15:23
od Leniiisek
Dobrý den,
už po několik dní nám naskakuje modrá smrt. A ne jednou za den. (Buď když toho na počítači děláme hodně, nebo naopak nic.) Už dřív jsme s tím měli problém, hrozně zasviněný PC. Přikládám log z Combofix. Dík za jakýkoli nápady...


ComboFix 11-03-10.03 - Lenííísek 11.03.2011 15:06:49.10.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.508 [GMT 1:00]
Spuštěný z: d:\programy\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-11 do 2011-03-11 )))))))))))))))))))))))))))))))
.
.
2011-03-10 12:49 . 2004-07-15 23:20 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2011-03-10 12:49 . 2004-07-15 23:20 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2011-03-10 12:49 . 2004-07-15 23:19 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2011-03-10 12:49 . 2004-07-15 23:18 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2011-03-10 12:49 . 2004-07-15 23:18 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2011-03-10 12:49 . 2011-03-10 12:49 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2011-03-10 12:49 . 2011-03-10 12:49 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2011-03-05 15:39 . 2011-03-05 15:39 -------- d-----w- c:\documents and settings\Tomáš\Local Settings\Data aplikací\Cyberlink
2011-03-05 11:42 . 2011-03-05 11:42 -------- d-----w- c:\documents and settings\Lenííísek\Local Settings\Data aplikací\Cyberlink
2011-02-27 17:32 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-02-27 17:32 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-02-27 17:32 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-02-27 17:32 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-02-27 17:32 . 2010-02-04 09:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-02-27 17:32 . 2010-02-04 09:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-02-27 17:32 . 2010-02-04 09:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-02-27 17:32 . 2010-02-04 09:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-02-27 16:24 . 2011-02-27 16:24 -------- d-----w- c:\documents and settings\Lenííísek\Data aplikací\progeSOFT
2011-02-27 16:22 . 2011-02-27 16:22 -------- d-----w- c:\documents and settings\All Users\progeSOFT
2011-02-27 16:21 . 2010-03-16 11:15 540672 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\apc64.dll
2011-02-27 16:21 . 2010-03-16 11:15 462901 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\link.exe
2011-02-27 16:21 . 2010-03-16 11:15 252416 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\vba6mtrt.dll
2011-02-27 16:21 . 2010-03-16 11:15 180276 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\mspdb60.dll
2011-02-27 16:21 . 2010-03-16 11:15 14096 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\vb6debug.dll
2011-02-27 16:21 . 2010-03-16 11:15 57344 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\1033\apc60itl.dll
2011-02-27 16:21 . 2010-03-16 11:15 159744 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\1033\VBE6INTL.DLL
2011-02-27 16:20 . 2010-03-16 11:13 2134016 ----a-w- c:\windows\system32\cdintf251.dll
2011-02-27 16:19 . 1999-11-08 12:45 339968 ----a-w- c:\windows\system32\Slide.ocx
2011-02-27 16:19 . 1999-07-21 16:25 274432 ----a-w- c:\windows\system32\DwgThumbnail.ocx
2011-02-27 16:19 . 2010-03-16 11:16 61440 ----a-w- c:\windows\system32\wintab32.dll
2011-02-27 16:19 . 2010-03-16 11:14 73728 ----a-w- c:\windows\system32\skeydrv.dll
2011-02-27 16:19 . 2010-03-16 11:14 129632 ----a-w- c:\windows\system32\skeyinst.dll
2011-02-27 16:19 . 2010-03-16 11:14 43968 ----a-w- c:\windows\system32\drivers\eusk3usb.sys
2011-02-27 16:19 . 2011-02-27 16:19 1115704 ----a-w- c:\windows\system32\O2CPlayer.OCX
2011-02-27 16:19 . 2010-03-16 11:12 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-27 16:19 . 1998-04-24 23:00 368912 ----a-w- c:\windows\system32\vbar332.dll
2011-02-27 16:19 . 2001-03-13 14:51 1066176 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2011-02-27 07:49 . 2011-02-27 07:49 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2011-02-27 07:37 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-27 07:37 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-02-27 07:37 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-02-15 14:08 . 2011-02-15 14:08 -------- d-----w- c:\program files\Common Files\Skype
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-05 11:33 . 2009-08-17 16:20 29480 ----a-w- c:\windows\system32\msxml3a.dll
2011-02-27 11:31 . 2009-09-25 12:33 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-02-27 11:31 . 2010-08-28 11:48 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-02-27 11:31 . 2009-09-25 12:32 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-02-27 07:49 . 2009-09-25 12:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-02-24 19:57 . 2008-10-06 19:21 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2011-01-04 17:56 . 2009-09-25 12:32 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2010-12-20 18:09 . 2010-12-20 18:09 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-12-19 11:38 . 2010-12-13 13:52 53248 ----a-w- c:\windows\system32\apache.dll
2009-10-20 12:10 . 2009-10-20 12:10 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-03-09_20.26.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-11 14:01 . 2011-03-11 14:01 16384 c:\windows\Temp\Perflib_Perfdata_35c.dat
+ 2010-09-23 02:47 . 2010-09-23 02:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 01:03 . 2010-09-23 01:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\eula.exe
+ 2010-09-23 00:52 . 2010-09-23 00:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\acrotextextractor.exe
+ 2010-09-22 16:12 . 2010-09-22 16:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroRd32Info.exe
+ 2010-09-10 16:17 . 2010-09-10 16:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-22 18:41 . 2010-09-22 18:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-23 02:47 . 2010-09-23 02:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-22 16:04 . 2010-09-22 16:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-22 17:39 . 2010-09-22 17:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-22 16:50 . 2010-09-22 16:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\a3dutility.exe
+ 2010-09-22 16:05 . 2010-09-22 16:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\rt3d.dll
+ 2010-06-19 15:51 . 2010-06-19 15:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AGM.dll
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\106b1.msp
+ 2010-09-23 01:03 . 2010-09-23 01:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroRd32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-27 18:44 3911776 ----a-w- c:\program files\BitTorrentBar\tbBit0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\free-downloads.net\tbfre2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre2.dll" [2010-10-18 3908192]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBit0.dll" [2010-12-27 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre2.dll" [2010-10-18 3908192]
"{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\tbBit0.dll" [2010-12-27 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-19 68856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"Google Update"="c:\documents and settings\Lenííísek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-27 135664]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-30 149280]
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" [2007-06-29 286720]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-02-18 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-10-20 30192]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"RemoteControl10"="d:\programy\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-11-17 75048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Tom ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
.
c:\documents and settings\Lenˇˇˇsek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\programy\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^E-mail monitor 1.1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\E-mail monitor 1.1.lnk
backup=c:\windows\pss\E-mail monitor 1.1.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VirtuaWin.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\VirtuaWin.lnk
backup=c:\windows\pss\VirtuaWin.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Hamachi.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Hamachi.lnk
backup=c:\windows\pss\Hamachi.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Yahoo! Widgets.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Yahoo! Widgets.lnk
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2010-12-01 17:58 397176 ----a-w- d:\programy\BitTorrent\BitTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- d:\programy\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-02-24 19:17 385928 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RadioSure]
2010-02-02 18:17 913920 ----a-w- d:\programy\RadioSure-2.0.886-portable\RadioSure.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-10-19 18:28 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Czech\\setup.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Programy\\ICQ7.2\\ICQ.exe"=
"d:\\Programy\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Programy\\aTube Catcher 1.0\\yct.exe"=
"d:\\Programy\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"d:\\Programy\\Skype\\Phone\\Skype.exe"=
"d:\\hry\\ANNO 1404\\Anno4.exe"=
"d:\\hry\\ANNO 1404\\tools\\Anno4Web.exe"=
"d:\\hry\\ANNO 1404\\tools\\Benchmark.exe"=
"d:\\hry\\ANNO 1404\\Addon.exe"=
"d:\\hry\\ANNO 1404\\tools\\AddonWeb.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"d:\\hry\\World of Warcraft Wrath of The Lich King\\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"=
"d:\\Programy\\VLC\\vlc.exe"=
"d:\\hry\\Call of Duty - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Tommi\\uTorrent\\uTorrent.exe"=
"d:\\hry\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"d:\\Programy\\PowerDVD10\\PowerDVD Cinema\\PowerDVDCinema10.exe"=
"d:\\Programy\\PowerDVD10\\PowerDVD10.exe"=
"d:\\hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"d:\\hry\\Farming Simulator 2011\\game.exe"=
"d:\\hry\\Tom Clancy's Splinter Cell Chaos Theory\\System\\splintercell3.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23776:TCP"= 23776:TCP:BitComet 23776 TCP
"23776:UDP"= 23776:UDP:BitComet 23776 UDP
"22147:TCP"= 22147:TCP:BitComet 22147 TCP
"22147:UDP"= 22147:UDP:BitComet 22147 UDP
"3724:TCP"= 3724:TCP:1
"6112:TCP"= 6112:TCP:2
"6113:TCP"= 6113:TCP:3
"6114:TCP"= 6114:TCP:4
"4000:TCP"= 4000:TCP:5
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.5.2010 21:06 165584]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/03/05 12:36];d:\programy\PowerDVD10\NavFilter\000.fcl [17.11.2010 21:29 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.5.2010 21:06 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [12.10.2008 10:22 246520]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [31.10.2010 11:15 583640]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [26.12.2010 19:04 718072]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [12.12.2010 16:41 27136]
S2 gupdate1c99eacbb9579ce;Služba Google Update (gupdate1c99eacbb9579ce);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2009 23:41 133104]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;"c:\program files\LogMeIn Hamachi\hamachi-2.exe" -s --> c:\program files\LogMeIn Hamachi\hamachi-2.exe [?]
S3 AMDMSRIO;AMDMSRIO;\??\c:\docume~1\LENSEK~1\LOCALS~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys --> c:\docume~1\LENSEK~1\LOCALS~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [20.10.2009 13:10 30192]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.10.2008 11:53 717296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 12:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 22:41]
.
2011-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 22:41]
.
2011-03-10 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2010-10-31 07:46]
.
2011-02-19 c:\windows\Tasks\Wise Disk Cleaner Schedule Task.job
- d:\tommi\Wise Disk Cleaner\WiseDiskCleaner.exe [2011-01-03 19:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{E5E5909F-B771-4E28-9BF5-54DD753E32A6} - d:\programy\FreshDownload\fd.exe
TCP: {5A3E5E72-BE8F-47B5-B78C-CC3A73FC9A14} = 195.146.99.31,62.204.224.2,62.204.224.1
TCP: {C8AC6BBA-4F3A-4BF9-ACF9-87A87BDE9EAD} = 62.77.67.2,62.84.132.6
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-11 15:10
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\programy\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2852)
d:\programy\SugarSync\SugarSyncShellExt.dll
d:\programy\MediaMonkey\DeskPlayer.dll
d:\programy\CyberLink\PowerDVD\deskband32.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\msi.dll
d:\programy\Fences\FencesMenu.dll
d:\programy\fences\DesktopDock.dll
.
Celkový čas: 2011-03-11 15:13:08
ComboFix-quarantined-files.txt 2011-03-11 14:13
ComboFix2.txt 2011-03-10 20:36
ComboFix3.txt 2011-03-09 20:28
ComboFix4.txt 2010-09-25 15:41
ComboFix5.txt 2011-03-11 14:05
.
Před spuštěním: 2 008 326 144
Po spuštění: 2 045 222 912
.
- - End Of File - - 4904935C68ABA8C3DB2A664CE68EAD41

Re: Modrá smrt

Napsal: 11 bře 2011 18:19
od Rudy
Log vypadá OK. Co bylo napsáno na té modré obrazovce?

Re: Modrá smrt

Napsal: 11 bře 2011 18:57
od Leniiisek
Celý jsem to nepřepisovala, vypadalo to "normálně". Jediný, co jsem si napsala, bylo: KERNEL_STACK_INPAGE_ERROR

Re: Modrá smrt

Napsal: 11 bře 2011 19:50
od davider222
ak môžem poradiť tak si zapnite výpis pri crashi najlepšie minidumpy vo Win Xp to je v Vlastnosti Tento Počítač/Spresnenie/Spúšťanie a obnovovanie/Nastavenie/dole prepnúť na malý vypis pamäte následné minidumpy budú uložene v C:/Windows/Minidump...

z BSOD sa veľa nedozviete je tam len "orientačne" napísané a z týchto výpisov sa dá zistiť viac

ComboFix by ste nemali používať bez "nariadenia" radcu inak si môžete poškodiť systém...
pri najbližšom BSOD-e uploadnite niekde ten Minidump aby sa naňho mohol niekto pozrieť

skúšali ste prejsť PC minimálne aspon tým avast-om čo máte (úplnú kontrolu) ?

Re: Modrá smrt

Napsal: 11 bře 2011 20:11
od Rudy
Podle toho výpisu KERNEL_STACK_INPAGE_ERROR může jít o vir, chybu systemu i hardware. Udělejte sken ComboFix a dejte log.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: Modrá smrt

Napsal: 11 bře 2011 21:00
od Leniiisek
Co se týče Avastu, taky se objevily problémy. O té doby, co začali modré obrazovky, Avast se zbláznil a při spouštění píše chybu bitové kopie. Nefunguje, nikde se nezobrazuje, ale když jsem spouštěla ComboFix, hlásí, že jsou zapnuty rezidentní štíty Avastu.

Re: Modrá smrt

Napsal: 11 bře 2011 21:49
od Rudy
Jste-li si jistá, že nejsou zapnuty, klidně hlášku ignorujte a CF spusťte.

Re: Modrá smrt

Napsal: 12 bře 2011 11:13
od Leniiisek
Aktuální log z ComboFix:


ComboFix 11-03-11.02 - Lenííísek 12.03.2011 11:04:45.12.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.518 [GMT 1:00]
Spuštěný z: d:\programy\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-12 do 2011-03-12 )))))))))))))))))))))))))))))))
.
.
2011-03-11 19:50 . 2011-03-11 19:50 -------- d-----w- C:\found.001
2011-03-10 12:49 . 2004-07-15 23:20 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2011-03-10 12:49 . 2004-07-15 23:20 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2011-03-10 12:49 . 2004-07-15 23:19 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2011-03-10 12:49 . 2004-07-15 23:18 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2011-03-10 12:49 . 2004-07-15 23:18 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2011-03-10 12:49 . 2011-03-10 12:49 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2011-03-10 12:49 . 2011-03-10 12:49 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2011-03-05 15:39 . 2011-03-05 15:39 -------- d-----w- c:\documents and settings\Tomáš\Local Settings\Data aplikací\Cyberlink
2011-03-05 11:42 . 2011-03-05 11:42 -------- d-----w- c:\documents and settings\Lenííísek\Local Settings\Data aplikací\Cyberlink
2011-02-27 17:32 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-02-27 17:32 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-02-27 17:32 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-02-27 17:32 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-02-27 17:32 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-02-27 17:32 . 2010-02-04 09:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-02-27 17:32 . 2010-02-04 09:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-02-27 17:32 . 2010-02-04 09:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-02-27 17:32 . 2010-02-04 09:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-02-27 16:24 . 2011-02-27 16:24 -------- d-----w- c:\documents and settings\Lenííísek\Data aplikací\progeSOFT
2011-02-27 16:22 . 2011-02-27 16:22 -------- d-----w- c:\documents and settings\All Users\progeSOFT
2011-02-27 16:21 . 2010-03-16 11:15 540672 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\apc64.dll
2011-02-27 16:21 . 2010-03-16 11:15 462901 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\link.exe
2011-02-27 16:21 . 2010-03-16 11:15 252416 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\vba6mtrt.dll
2011-02-27 16:21 . 2010-03-16 11:15 180276 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\mspdb60.dll
2011-02-27 16:21 . 2010-03-16 11:15 14096 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\vb6debug.dll
2011-02-27 16:21 . 2010-03-16 11:15 57344 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\1033\apc60itl.dll
2011-02-27 16:21 . 2010-03-16 11:15 159744 ----a-w- c:\program files\Common Files\Microsoft Shared\VBA\VBA6\1033\VBE6INTL.DLL
2011-02-27 16:20 . 2010-03-16 11:13 2134016 ----a-w- c:\windows\system32\cdintf251.dll
2011-02-27 16:19 . 1999-11-08 12:45 339968 ----a-w- c:\windows\system32\Slide.ocx
2011-02-27 16:19 . 1999-07-21 16:25 274432 ----a-w- c:\windows\system32\DwgThumbnail.ocx
2011-02-27 16:19 . 2010-03-16 11:16 61440 ----a-w- c:\windows\system32\wintab32.dll
2011-02-27 16:19 . 2010-03-16 11:14 73728 ----a-w- c:\windows\system32\skeydrv.dll
2011-02-27 16:19 . 2010-03-16 11:14 129632 ----a-w- c:\windows\system32\skeyinst.dll
2011-02-27 16:19 . 2010-03-16 11:14 43968 ----a-w- c:\windows\system32\drivers\eusk3usb.sys
2011-02-27 16:19 . 2011-02-27 16:19 1115704 ----a-w- c:\windows\system32\O2CPlayer.OCX
2011-02-27 16:19 . 2010-03-16 11:12 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-27 16:19 . 1998-04-24 23:00 368912 ----a-w- c:\windows\system32\vbar332.dll
2011-02-27 16:19 . 2001-03-13 14:51 1066176 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2011-02-27 07:49 . 2011-02-27 07:49 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2011-02-27 07:37 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-27 07:37 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-02-27 07:37 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-02-27 07:37 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-02-15 14:08 . 2011-02-15 14:08 -------- d-----w- c:\program files\Common Files\Skype
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-05 11:33 . 2009-08-17 16:20 29480 ----a-w- c:\windows\system32\msxml3a.dll
2011-02-27 11:31 . 2009-09-25 12:33 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-02-27 11:31 . 2010-08-28 11:48 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-02-27 11:31 . 2009-09-25 12:32 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-02-27 07:49 . 2009-09-25 12:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-02-24 19:57 . 2008-10-06 19:21 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2011-01-04 17:56 . 2009-09-25 12:32 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2010-12-20 18:09 . 2010-12-20 18:09 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-12-19 11:38 . 2010-12-13 13:52 53248 ----a-w- c:\windows\system32\apache.dll
2009-10-20 12:10 . 2009-10-20 12:10 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-03-09_20.26.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-12 09:58 . 2011-03-12 09:58 16384 c:\windows\Temp\Perflib_Perfdata_1a4.dat
+ 2010-09-23 02:47 . 2010-09-23 02:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 01:03 . 2010-09-23 01:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\eula.exe
+ 2010-09-23 00:52 . 2010-09-23 00:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\acrotextextractor.exe
+ 2010-09-22 16:12 . 2010-09-22 16:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroRd32Info.exe
+ 2010-09-10 16:17 . 2010-09-10 16:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-22 18:41 . 2010-09-22 18:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-23 02:47 . 2010-09-23 02:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-22 16:04 . 2010-09-22 16:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-22 17:39 . 2010-09-22 17:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-22 16:50 . 2010-09-22 16:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\a3dutility.exe
+ 2010-09-22 16:05 . 2010-09-22 16:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\rt3d.dll
+ 2010-06-19 15:51 . 2010-06-19 15:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AGM.dll
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\106b1.msp
+ 2010-09-23 01:03 . 2010-09-23 01:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\AcroRd32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-27 18:44 3911776 ----a-w- c:\program files\BitTorrentBar\tbBit0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\free-downloads.net\tbfre2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfre2.dll" [2010-10-18 3908192]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBit0.dll" [2010-12-27 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre2.dll" [2010-10-18 3908192]
"{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\tbBit0.dll" [2010-12-27 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2010-01-23 03:13 143360 ----a-w- d:\programy\SugarSync\SugarSyncShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-19 68856]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"Google Update"="c:\documents and settings\Lenííísek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-27 135664]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 380928]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-30 149280]
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" [2007-06-29 286720]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-02-18 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-10-20 30192]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"RemoteControl10"="d:\programy\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-11-17 75048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Tom ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
.
c:\documents and settings\Lenˇˇˇsek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [N/A]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\programy\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^E-mail monitor 1.1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\E-mail monitor 1.1.lnk
backup=c:\windows\pss\E-mail monitor 1.1.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VirtuaWin.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\VirtuaWin.lnk
backup=c:\windows\pss\VirtuaWin.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Hamachi.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Hamachi.lnk
backup=c:\windows\pss\Hamachi.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tomáš^Nabídka Start^Programy^Po spuštění^Yahoo! Widgets.lnk]
path=c:\documents and settings\Tomáš\Nabídka Start\Programy\Po spuštění\Yahoo! Widgets.lnk
backup=c:\windows\pss\Yahoo! Widgets.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2010-12-01 17:58 397176 ----a-w- d:\programy\BitTorrent\BitTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- d:\programy\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-02-24 19:17 385928 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RadioSure]
2010-02-02 18:17 913920 ----a-w- d:\programy\RadioSure-2.0.886-portable\RadioSure.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-10-19 18:28 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\Czech\\setup.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Programy\\ICQ7.2\\ICQ.exe"=
"d:\\Programy\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Programy\\aTube Catcher 1.0\\yct.exe"=
"d:\\Programy\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"d:\\Programy\\Skype\\Phone\\Skype.exe"=
"d:\\hry\\ANNO 1404\\Anno4.exe"=
"d:\\hry\\ANNO 1404\\tools\\Anno4Web.exe"=
"d:\\hry\\ANNO 1404\\tools\\Benchmark.exe"=
"d:\\hry\\ANNO 1404\\Addon.exe"=
"d:\\hry\\ANNO 1404\\tools\\AddonWeb.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"d:\\hry\\World of Warcraft Wrath of The Lich King\\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"=
"d:\\Programy\\VLC\\vlc.exe"=
"d:\\hry\\Call of Duty - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Tommi\\uTorrent\\uTorrent.exe"=
"d:\\hry\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"d:\\Programy\\PowerDVD10\\PowerDVD Cinema\\PowerDVDCinema10.exe"=
"d:\\Programy\\PowerDVD10\\PowerDVD10.exe"=
"d:\\hry\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"d:\\hry\\Farming Simulator 2011\\game.exe"=
"d:\\hry\\Tom Clancy's Splinter Cell Chaos Theory\\System\\splintercell3.exe"=
"d:\\hry\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23776:TCP"= 23776:TCP:BitComet 23776 TCP
"23776:UDP"= 23776:UDP:BitComet 23776 UDP
"22147:TCP"= 22147:TCP:BitComet 22147 TCP
"22147:UDP"= 22147:UDP:BitComet 22147 UDP
"3724:TCP"= 3724:TCP:1
"6112:TCP"= 6112:TCP:2
"6113:TCP"= 6113:TCP:3
"6114:TCP"= 6114:TCP:4
"4000:TCP"= 4000:TCP:5
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.5.2010 21:06 165584]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/03/05 12:36];d:\programy\PowerDVD10\NavFilter\000.fcl [17.11.2010 21:29 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.5.2010 21:06 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [12.10.2008 10:22 246520]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [31.10.2010 11:15 583640]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [26.12.2010 19:04 718072]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [12.12.2010 16:41 27136]
S2 gupdate1c99eacbb9579ce;Služba Google Update (gupdate1c99eacbb9579ce);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2009 23:41 133104]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;"c:\program files\LogMeIn Hamachi\hamachi-2.exe" -s --> c:\program files\LogMeIn Hamachi\hamachi-2.exe [?]
S3 AMDMSRIO;AMDMSRIO;\??\c:\docume~1\LENSEK~1\LOCALS~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys --> c:\docume~1\LENSEK~1\LOCALS~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [20.10.2009 13:10 30192]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.10.2008 11:53 717296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 12:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 22:41]
.
2011-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-06 22:41]
.
2011-03-11 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2010-10-31 07:46]
.
2011-02-19 c:\windows\Tasks\Wise Disk Cleaner Schedule Task.job
- d:\tommi\Wise Disk Cleaner\WiseDiskCleaner.exe [2011-01-03 19:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{E5E5909F-B771-4E28-9BF5-54DD753E32A6} - d:\programy\FreshDownload\fd.exe
TCP: {5A3E5E72-BE8F-47B5-B78C-CC3A73FC9A14} = 195.146.99.31,62.204.224.2,62.204.224.1
TCP: {C8AC6BBA-4F3A-4BF9-ACF9-87A87BDE9EAD} = 62.77.67.2,62.84.132.6
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-12 11:08
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\programy\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1024)
d:\programy\SugarSync\SugarSyncShellExt.dll
d:\programy\MediaMonkey\DeskPlayer.dll
d:\programy\CyberLink\PowerDVD\deskband32.dll
d:\programy\Fences\FencesMenu.dll
d:\programy\fences\DesktopDock.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-03-12 11:11:01
ComboFix-quarantined-files.txt 2011-03-12 10:11
ComboFix2.txt 2011-03-11 14:13
ComboFix3.txt 2011-03-10 20:36
ComboFix4.txt 2011-03-09 20:28
ComboFix5.txt 2011-03-11 19:37
.
Před spuštěním: 1 934 012 416
Po spuštění: 1 938 808 832
.
- - End Of File - - 12A4B4009F7762ECFBC7D64820201EB5

Re: Modrá smrt

Napsal: 12 bře 2011 11:40
od Rudy
Ani zde není nic nebezpečného. Zkuste TDSSKiller: http://support.kaspersky.com/viruses/utility a uložte ho na plochu. Dále postupujte podle kolegova návodu:



2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

Re: Modrá smrt

Napsal: 12 bře 2011 11:46
od Leniiisek
2011/03/12 11:45:29.0515 2936 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/12 11:45:29.0953 2936 ================================================================================
2011/03/12 11:45:29.0953 2936 SystemInfo:
2011/03/12 11:45:29.0953 2936
2011/03/12 11:45:29.0953 2936 OS Version: 5.1.2600 ServicePack: 2.0
2011/03/12 11:45:29.0953 2936 Product type: Workstation
2011/03/12 11:45:29.0953 2936 ComputerName: STEJSKALPC
2011/03/12 11:45:29.0953 2936 UserName: Lenííísek
2011/03/12 11:45:29.0953 2936 Windows directory: C:\WINDOWS
2011/03/12 11:45:29.0953 2936 System windows directory: C:\WINDOWS
2011/03/12 11:45:29.0953 2936 Processor architecture: Intel x86
2011/03/12 11:45:29.0953 2936 Number of processors: 2
2011/03/12 11:45:29.0953 2936 Page size: 0x1000
2011/03/12 11:45:29.0953 2936 Boot type: Normal boot
2011/03/12 11:45:29.0953 2936 ================================================================================
2011/03/12 11:45:30.0109 2936 Initialize success
2011/03/12 11:45:31.0343 3720 ================================================================================
2011/03/12 11:45:31.0343 3720 Scan started
2011/03/12 11:45:31.0343 3720 Mode: Manual;
2011/03/12 11:45:31.0343 3720 ================================================================================
2011/03/12 11:45:31.0562 3720 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/03/12 11:45:31.0625 3720 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/12 11:45:31.0656 3720 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/12 11:45:31.0703 3720 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/03/12 11:45:31.0734 3720 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/03/12 11:45:31.0843 3720 AmdK8 (fcffa85cfd4bf7a4711012847048dca3) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/03/12 11:45:31.0953 3720 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
2011/03/12 11:45:32.0031 3720 asusgsb (d320732bcf5ff856120bd06855c66867) C:\WINDOWS\system32\drivers\asusgsb.sys
2011/03/12 11:45:32.0046 3720 asuskbnt (b3b881eb81013aac11594a5400ada47a) C:\WINDOWS\system32\drivers\atkkbnt.sys
2011/03/12 11:45:32.0062 3720 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/03/12 11:45:32.0093 3720 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/03/12 11:45:32.0125 3720 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/03/12 11:45:32.0156 3720 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2011/03/12 11:45:32.0171 3720 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/03/12 11:45:32.0187 3720 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/12 11:45:32.0234 3720 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/12 11:45:32.0296 3720 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/03/12 11:45:32.0312 3720 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/12 11:45:32.0359 3720 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/12 11:45:32.0390 3720 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/12 11:45:32.0484 3720 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/12 11:45:32.0531 3720 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/12 11:45:32.0562 3720 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/12 11:45:32.0578 3720 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/12 11:45:32.0609 3720 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/12 11:45:32.0718 3720 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/12 11:45:32.0765 3720 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/12 11:45:32.0796 3720 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/12 11:45:32.0796 3720 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/12 11:45:32.0843 3720 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/12 11:45:32.0875 3720 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/12 11:45:32.0937 3720 EIO (0daf3544804650526751c478aeccce63) C:\WINDOWS\system32\drivers\EIO.sys
2011/03/12 11:45:32.0968 3720 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/12 11:45:33.0000 3720 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/12 11:45:33.0015 3720 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/12 11:45:33.0031 3720 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/12 11:45:33.0062 3720 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/03/12 11:45:33.0078 3720 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/12 11:45:33.0109 3720 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/12 11:45:33.0140 3720 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/12 11:45:33.0171 3720 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/03/12 11:45:33.0203 3720 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/12 11:45:33.0234 3720 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/12 11:45:33.0265 3720 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/12 11:45:33.0328 3720 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/12 11:45:33.0359 3720 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/12 11:45:33.0390 3720 InCDfs (7bfc3eda22190c0fe8c2ca19e5379da5) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/03/12 11:45:33.0406 3720 InCDPass (fc4dbf18a4eb0d2fe3171471a3d0f9a8) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/03/12 11:45:33.0421 3720 InCDrec (f8e7c551def07fdc12ca5cc7ae5d975b) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/03/12 11:45:33.0453 3720 incdrm (31a5a3809249a326eb0ef58d563a9654) C:\WINDOWS\system32\drivers\incdrm.sys
2011/03/12 11:45:33.0593 3720 IntcAzAudAddService (c4006af18682fca0d8a011a0a21070f8) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/03/12 11:45:33.0656 3720 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/03/12 11:45:33.0687 3720 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/12 11:45:33.0703 3720 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/12 11:45:33.0718 3720 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/12 11:45:33.0734 3720 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/12 11:45:33.0781 3720 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/03/12 11:45:33.0796 3720 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/12 11:45:33.0812 3720 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/03/12 11:45:33.0843 3720 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/12 11:45:33.0859 3720 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/12 11:45:33.0875 3720 kbdhid (065b5a83aa78c0c7047bf22e0ab5c821) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/12 11:45:33.0906 3720 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/12 11:45:33.0921 3720 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/12 11:45:33.0984 3720 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/03/12 11:45:34.0015 3720 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/12 11:45:34.0031 3720 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/12 11:45:34.0046 3720 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/12 11:45:34.0078 3720 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/12 11:45:34.0093 3720 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/12 11:45:34.0125 3720 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/12 11:45:34.0171 3720 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/12 11:45:34.0203 3720 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/12 11:45:34.0218 3720 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/12 11:45:34.0234 3720 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/12 11:45:34.0250 3720 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/12 11:45:34.0281 3720 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/12 11:45:34.0296 3720 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/12 11:45:34.0312 3720 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/12 11:45:34.0343 3720 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/12 11:45:34.0375 3720 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/12 11:45:34.0390 3720 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/12 11:45:34.0406 3720 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/12 11:45:34.0437 3720 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/12 11:45:34.0453 3720 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/12 11:45:34.0468 3720 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/12 11:45:34.0484 3720 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/12 11:45:34.0500 3720 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/12 11:45:34.0546 3720 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/03/12 11:45:34.0578 3720 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/03/12 11:45:34.0609 3720 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
2011/03/12 11:45:34.0625 3720 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/12 11:45:34.0656 3720 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/12 11:45:34.0671 3720 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/12 11:45:34.0859 3720 nv (4f15e1e56703f59c0ac00022162e5308) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/12 11:45:34.0937 3720 nvata (4d6c6b46b3edf6f2e219a86b61d104ae) C:\WINDOWS\system32\DRIVERS\nvata.sys
2011/03/12 11:45:34.0968 3720 NVENETFD (1b83b60541be1b6db81641c448007f21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/03/12 11:45:35.0000 3720 nvnetbus (57b669f9234604a350174b86764444b0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/03/12 11:45:35.0031 3720 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/12 11:45:35.0046 3720 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/12 11:45:35.0078 3720 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/03/12 11:45:35.0093 3720 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/12 11:45:35.0109 3720 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/12 11:45:35.0140 3720 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/03/12 11:45:35.0156 3720 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/12 11:45:35.0187 3720 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/12 11:45:35.0218 3720 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
2011/03/12 11:45:35.0250 3720 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/03/12 11:45:35.0406 3720 PnkBstrK (10be25c04613b70d8ce1f412e14d9454) C:\WINDOWS\system32\drivers\PnkBstrK.sys
2011/03/12 11:45:35.0437 3720 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/12 11:45:35.0468 3720 Processor (9a10e4fd13824823da50d4758bd0a645) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/03/12 11:45:35.0484 3720 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/12 11:45:35.0500 3720 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/12 11:45:35.0531 3720 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/12 11:45:35.0625 3720 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/12 11:45:35.0656 3720 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/03/12 11:45:35.0671 3720 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/12 11:45:35.0687 3720 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/12 11:45:35.0703 3720 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/12 11:45:35.0734 3720 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/12 11:45:35.0750 3720 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/12 11:45:35.0781 3720 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/03/12 11:45:35.0796 3720 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/12 11:45:35.0828 3720 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/12 11:45:35.0859 3720 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/03/12 11:45:35.0906 3720 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/12 11:45:35.0921 3720 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/12 11:45:35.0953 3720 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/03/12 11:45:36.0000 3720 sfdrv01 (321231d53d409fbb9f6ffabdecfde2f6) C:\WINDOWS\system32\drivers\sfdrv01.sys
2011/03/12 11:45:36.0031 3720 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys
2011/03/12 11:45:36.0062 3720 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys
2011/03/12 11:45:36.0078 3720 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/12 11:45:36.0093 3720 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\WINDOWS\system32\drivers\sfsync02.sys
2011/03/12 11:45:36.0109 3720 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\WINDOWS\system32\drivers\sfvfs02.sys
2011/03/12 11:45:36.0156 3720 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/12 11:45:36.0203 3720 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/12 11:45:36.0250 3720 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/03/12 11:45:36.0281 3720 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/12 11:45:36.0312 3720 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/12 11:45:36.0359 3720 StillCam (06cda2a5a549bc455d004461e6bc5b33) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/03/12 11:45:36.0375 3720 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/12 11:45:36.0406 3720 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/12 11:45:36.0421 3720 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/12 11:45:36.0500 3720 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/12 11:45:36.0531 3720 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\WINDOWS\system32\DRIVERS\tap0901t.sys
2011/03/12 11:45:36.0562 3720 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/12 11:45:36.0593 3720 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/12 11:45:36.0625 3720 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/12 11:45:36.0671 3720 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/12 11:45:36.0718 3720 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/12 11:45:36.0765 3720 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/12 11:45:36.0796 3720 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/03/12 11:45:36.0828 3720 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/03/12 11:45:36.0843 3720 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/12 11:45:36.0859 3720 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/12 11:45:36.0875 3720 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/12 11:45:36.0906 3720 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/03/12 11:45:36.0921 3720 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/12 11:45:36.0953 3720 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/12 11:45:36.0968 3720 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\DRIVERS\usbser.sys
2011/03/12 11:45:37.0000 3720 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/03/12 11:45:37.0031 3720 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/12 11:45:37.0062 3720 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/03/12 11:45:37.0093 3720 Video3D (8643da4a6c83da6c10fcab1e5ab6632d) C:\WINDOWS\system32\Drivers\Video3D32.sys
2011/03/12 11:45:37.0109 3720 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/12 11:45:37.0125 3720 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/12 11:45:37.0171 3720 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/03/12 11:45:37.0218 3720 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/12 11:45:37.0281 3720 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/03/12 11:45:37.0312 3720 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/12 11:45:37.0343 3720 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/12 11:45:37.0375 3720 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/12 11:45:37.0515 3720 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) D:\Programy\PowerDVD10\NavFilter\000.fcl
2011/03/12 11:45:37.0609 3720 ================================================================================
2011/03/12 11:45:37.0609 3720 Scan finished
2011/03/12 11:45:37.0609 3720 ================================================================================
2011/03/12 11:45:41.0359 0940 Deinitialize success

Re: Modrá smrt

Napsal: 12 bře 2011 11:56
od Rudy
Virus, ani rootkit problém nezpůsobují. Zde: http://support.microsoft.com/kb/315266/cs najdete řešení problému přímo od MS. Pokud by nepomohl, nebo daný problém není váš případ, zkuste obnovu systému k datu, kdy korektně fungoval. Nepomůže-li to, bude se jednat o hardwarovou chybu.

Re: Modrá smrt

Napsal: 12 bře 2011 13:49
od Leniiisek
Podle té stránky by to měa být tato příčina:

0xC0000185 nebo STATUS_IO_DEVICE_ERROR: nesprávné ukončení, vada kabelů zařízení s rozhraním SCSI nebo se dvě zařízení pokouší použít stejné přerušení IRQ.

Ovšem začala se objevovat i chyba 0x000000F4.

Re: Modrá smrt

Napsal: 12 bře 2011 18:16
od Rudy
Zkuste:

1. Reinstalovat ovladače hardwaru, zejména zákl. desky.
2. Stáhněte a spusťte Memtest: http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/ . Test zkontroluje paměti RAM. Nechte běžet alespoň 1hod.

Re: Modrá smrt

Napsal: 13 bře 2011 00:24
od Leniiisek
Stav počítače už je bohužel v tak špatný, že maximální délka testu byla cca 15 minut (asi 110% a bez chyby), pak to spadlo. Konečně se mi podařilo vůbec otevřít nějaké okno. Další chyba byla KERNEL_DATA_INPAGE_ERROR, ale to bude asi to samé. Reinstalovat zkusím až později, myslím, že to každou chvíli spadne.

Re: Modrá smrt

Napsal: 13 bře 2011 00:30
od motji
Dobrý večer :)
Omlouvám se za vstup.


:arrow: stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V


:arrow: Zkuste najt složku c:\windows\minidump, pokud jsou v ní nějaké soubory, složku dejte do raru a vložte jaki přílohu
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz