Win XP - m. smrt

Zpráva

sendy80 · #1 Příspěvek od **sendy80** » 22 kvě 2012 16:55

Dobrý den,
zhruba po hodinovém provozu mi naskočí modrá obrazovka, nestalo se mi to poprvé, jsem lama, tak nevím, jestli se mi podařilo nahrát ten Minidump. Snad na ,, Ulož To ,, Mini052212-01.rar
předem děkuji za pomoc!!!

#2 Příspěvek od **Rudy** » 22 kvě 2012 17:11

Zdarvím!
Pokud se vám to podařilo, dejte odkaz, kde je uložen. Také můžete soubor přiložit přímo sem k vašemu příspěvku.

sendy80 · #3 Příspěvek od **sendy80** » 22 kvě 2012 17:19

tak snad je to on, jenom jsem si ho přejmenovala

#4 Příspěvek od **Rudy** » 22 kvě 2012 18:03

Váš problém bude pravděpodobně hardwarový. Nemáte v PC něco přetaktováno?

pk · #5 Příspěvek od pk » 23 kvě 2012 10:58

Váš problém bude pravděpodobně hardwarový. Nemáte v PC něco přetaktováno?

Na základě čeho tak usuzujete???

1. Minidump je corrupted, z něho se nedá téměř nic vyčíst, ani seznam nahraných driverů. Pomohlo by kdyby uživatel nahrál i jiný dump než ten poslední z adresáře \Windows\Minidump.
2. Chyba EXCEPTION_DOUBLE_FAULT vě většině případů značí přetečení na stacku => konflikt dvou programů. Zvlášť častý jev na XP. Z normálního dumpu by se dalo poznat o jaké dva programy se jedná (patrně nějaké antiviry, firewally, bezpečnostní programy, ...)

sendy80 · #6 Příspěvek od **sendy80** » 23 kvě 2012 16:22

dobrý den,
Rudy: tak o přetaktování v pc opravdu nic nevím, v tomhle ohledu jsem opravdu začátečnice, jenom snad, že ve správci zařízení - Adaptéry PCMCIA - řadič Intel sběrnice PCMCIA kompatibilní s PCIC je vykřičník ve žlutém kolečku. vůbec netuším co to je?.

pk: a kde najdu ten jiný dump? ráda ho přiložím

ještě snad, jestli nepomůže ten log z rsit:

Logfile of random's system information tool 1.09 (written by random/random)
Run by -- at 2012-05-23 17:52:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (31%) free of 30 GB
Total RAM: 1535 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:47, on 23.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\OSD.EXE
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\--\Dokumenty\Downloads\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\Program Files\trend micro\--.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10004
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=aed&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HDInspector.exe] C:\Program Files\Hard Drive Inspector\HDInspector.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Povolit program Bezdrátová klávesnice a myš Labtec.lnk = ?
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - https://download.seznam.cz/listicka/toolbar2007.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3845376781
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{25F1BE69-A1FD-42F9-8646-A9B06370D4E2}: NameServer = 62.129.50.20,62.129.32.100
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Labtec Inc. - (no file)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

--
End of file - 11721 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AWC AutoSweep.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-651377827-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-651377827-725345543-1003UA.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll [2011-09-05 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-05-16 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-04-18 1869152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-25 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-04-09 3991200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-18 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-05-16 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-05-16 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll [2011-09-05 220888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-25 192112]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-04-18 1869152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2010-11-29 2676696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-11 241664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"HDInspector.exe"=C:\Program Files\Hard Drive Inspector\HDInspector.exe [2010-08-10 3145464]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\--\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-10-20 136176]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17151624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2011-09-23 11515184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [2012-05-08 9533848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-30 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe"="C:\Program Files\Sudden Strike II\game\code\Release\game_exe.exe:*:Enabled:Game_Exe"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.enc"=ITIG726.acm
"MSVideo"=vfwwdm32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-05-17 23:36:16 ----D---- C:\Program Files\GridinSoft Trojan Killer
2012-05-16 17:42:24 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-05-16 17:42:23 ----A---- C:\WINDOWS\system32\javaws.exe
2012-05-16 17:42:23 ----A---- C:\WINDOWS\system32\javaw.exe
2012-05-16 17:42:23 ----A---- C:\WINDOWS\system32\java.exe
2012-05-15 14:33:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\AltrixSoft
2012-05-15 14:31:27 ----D---- C:\Program Files\Hard Drive Inspector
2012-05-15 14:31:08 ----D---- C:\Program Files\Common Files\AltrixSoft
2012-05-14 15:30:47 ----ASH---- C:\hiberfil.sys
2012-05-13 18:51:59 ----RA---- C:\WINDOWS\system32\OLD630.tmp
2012-05-13 18:51:57 ----RA---- C:\WINDOWS\system32\OLD62B.tmp
2012-05-13 18:30:44 ----D---- C:\WINDOWS\LastGood(2)
2012-05-13 15:59:00 ----ASH---- C:\pagefile.sys
2012-05-09 22:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-05-09 22:25:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-05-09 22:25:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-05-09 22:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-05-09 14:54:29 ----D---- C:\Program Files\Common Files\Skype
2012-05-09 14:50:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2012-05-05 18:21:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2012-05-04 16:56:11 ----D---- C:\Program Files\1ClickDownload
2012-05-04 16:02:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Premium
2012-05-04 16:01:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Bcool
2012-05-04 15:57:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallMate
2012-05-01 12:54:15 ----D---- C:\Program Files\Speccy
2012-04-28 14:03:05 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2012-05-23 17:52:39 ----D---- C:\Program Files\trend micro
2012-05-23 17:42:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-23 17:29:08 ----D---- C:\Documents and Settings\--\Data aplikací\Skype
2012-05-23 16:32:01 ----D---- C:\WINDOWS\Temp
2012-05-23 16:24:21 ----D---- C:\WINDOWS\Microsoft.NET
2012-05-23 16:24:10 ----RSD---- C:\WINDOWS\assembly
2012-05-23 16:21:14 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-23 16:20:05 ----D---- C:\WINDOWS
2012-05-22 18:47:05 ----D---- C:\Config.Msi
2012-05-22 18:47:04 ----SHD---- C:\WINDOWS\Installer
2012-05-22 17:37:04 ----D---- C:\WINDOWS\Minidump
2012-05-21 15:50:30 ----D---- C:\Documents and Settings\--\Data aplikací\Macromedia
2012-05-21 15:37:26 ----D---- C:\WINDOWS\system32\config
2012-05-21 15:23:24 ----D---- C:\WINDOWS\system32
2012-05-21 15:04:27 ----D---- C:\WINDOWS\system32\drivers
2012-05-17 23:36:34 ----HD---- C:\WINDOWS\inf
2012-05-17 23:36:16 ----RD---- C:\Program Files
2012-05-17 23:28:14 ----SD---- C:\WINDOWS\Tasks
2012-05-17 17:36:59 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-16 17:42:02 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-05-16 16:19:43 ----D---- C:\Program Files\Microsoft Office
2012-05-16 15:12:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-05-15 16:45:19 ----D---- C:\WINDOWS\system32\NtmsData
2012-05-15 14:31:08 ----D---- C:\Program Files\Common Files
2012-05-14 23:04:44 ----D---- C:\Documents and Settings\--\Data aplikací\DAEMON Tools Lite
2012-05-14 23:04:41 ----D---- C:\WINDOWS\Debug
2012-05-14 19:13:45 ----D---- C:\WINDOWS\WinSxS
2012-05-14 19:13:08 ----D---- C:\WINDOWS\system32\XPSViewer
2012-05-14 19:08:28 ----A---- C:\WINDOWS\system32\MRT.exe
2012-05-14 19:07:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-05-14 18:39:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-05-14 17:36:43 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-05-14 15:36:20 ----D---- C:\WINDOWS\system32\CatRoot
2012-05-14 15:31:51 ----D---- C:\Program Files\PC Tools Firewall Plus
2012-05-14 15:28:28 ----D---- C:\WINDOWS\system32\wbem
2012-05-14 15:28:21 ----D---- C:\WINDOWS\Registration
2012-05-14 15:13:25 ----D---- C:\WINDOWS\system
2012-05-14 15:13:21 ----D---- C:\WINDOWS\Help
2012-05-14 15:13:17 ----D---- C:\Program Files\NetMeeting
2012-05-14 15:12:32 ----D---- C:\WINDOWS\system32\Setup
2012-05-14 15:12:19 ----D---- C:\Program Files\Windows NT
2012-05-14 15:09:55 ----D---- C:\WINDOWS\system32\Restore
2012-05-12 18:10:21 ----D---- C:\WINDOWS\security
2012-05-09 22:25:26 ----HD---- C:\WINDOWS\$hf_mig$
2012-05-09 14:54:30 ----RD---- C:\Program Files\Skype
2012-05-09 14:54:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-05-05 19:16:37 ----A---- C:\WINDOWS\win.ini
2012-05-04 16:24:05 ----D---- C:\Documents and Settings\--\Data aplikací\BitComet
2012-04-29 14:42:02 ----D---- C:\WINDOWS\Prefetch
2012-04-29 14:19:58 ----D---- C:\Program Files\Google
2012-04-28 23:32:16 ----AC---- C:\WINDOWS\RtlRack.ini
2012-04-28 14:30:03 ----D---- C:\Program Files\CCleaner
2012-04-24 17:44:58 ----D---- C:\Program Files\Common Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-28 691696]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-05-18 74112]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 11776]
R1 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 9548]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2012-03-09 231760]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 5504]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-04-19 2317504]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-02-11 13824]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2000-01-01 41376]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNdisMP;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2000-01-01 14240]
R3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys []
S0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys []
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-02-10 14336]
S3 awgxrddv;awgxrddv; C:\WINDOWS\system32\drivers\awgxrddv.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-13 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys []
S3 pctNdis;PC Tools Firewall Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2012-04-06 11232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-05-16 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2010-11-17 287024]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-04-09 3063968]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-04-18 918880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 HDDSvc;HDD Information Service; C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe [2010-07-22 458488]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-13 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

#7 Příspěvek od **Rudy** » 23 kvě 2012 20:05

pk píše:
Váš problém bude pravděpodobně hardwarový. Nemáte v PC něco přetaktováno?
Na základě čeho tak usuzujete???

1. Minidump je corrupted, z něho se nedá téměř nic vyčíst, ani seznam nahraných driverů. Pomohlo by kdyby uživatel nahrál i jiný dump než ten poslední z adresáře \Windows\Minidump.
2. Chyba EXCEPTION_DOUBLE_FAULT vě většině případů značí přetečení na stacku => konflikt dvou programů. Zvlášť častý jev na XP. Z normálního dumpu by se dalo poznat o jaké dva programy se jedná (patrně nějaké antiviry, firewally, bezpečnostní programy, ...)

Dobrý den,

Prosím, zkuste dát většinu problému v oblasti text zprávy, ne předmět.

BCCode 0x1000007f je obvykle hardwarový problém. Mohlo by to být vadná RAM nebo základní deska, nebo naznačují, že BIOS časování není správně nastaven nebo je přetaktovaný.

Nejprve bych spustit diagnostiku paměti na kartě vyloučit problémy s pamětí. Hůl může být vadný, nebo ram by mohl být zaměněn (zejména když byla nová tyč přidal před začátkem tohoto problému). Pokud paměť diagnostické pasy, obnovit výchozí nastavení časování v systému BIOS (což znamená, že byste se měli vrátit veškeré přetaktování nebo ruční změny). Pokud se to nepodaří vyřešit problém, možná budete muset poradit s odborníkem.

(Zdroj: http://translate.google.cz/translate?hl ... %3Dimvnsfd )

pk · #8 Příspěvek od pk » 23 kvě 2012 21:16

@sendy80: podivejte se do adresare \Windows\minidump zda tam nejsou jeste dalsi soubory. Pri kazdem BSODu se obvykle vytvari dalsi dump.

@Rudy: prilozeny link nelze brat za verohodny. Opet to je neci domnenka, ze se jedna o hw problem. To neni vubec pravda. Zminena chyba (0x7F, kod 8: EXCEPTION_DOUBLE_FAULT) znamena, ze pri zpracovani vyjimky doslo k dalsi vyjimce. Ve vetsine pripadu to znamena preteceni zasobniku (nikoliv hw chyba). Na XP je celkem bezne, ze bezi-li vice security programu - kdy jeden driver zachyti pozadavek, ten zachyti dalsi driver, apod. tak dojde k preteceni zasobniku. Sam jsem analyzoval nekolik takovych dumpu. Nejjednodussi je bud upgrade na Win7, anebo analyzou dumpu zjistit ktere dva programy se hadaji a jeden z nich odinstalovat/nahradit alternativou.

#9 Příspěvek od **Rudy** » 23 kvě 2012 21:44

EXCEPTION_DOUBLE_FAULT

OK, tohle jsem si přeložil docela dobře sám.

patrně nějaké antiviry

Ve vláknu máte log. Ukažte mi je. Případně fw, nebo jiné bezpečnostní rezidentní programy. Na fóru zásadně nedoporučujeme provozovat paralelně rezidentní programy stejného druhu a uživatele varujeme při jejich nálezu.

prilozeny link nelze brat za verohodny

Ježto máte warn, nemusím brát za věrohodného ani já vás. Podle mne bude třeba přijít na problém vylučovací metodou. klidně jsem to mohl vzít z jiného konce.

sendy80 · #10 Příspěvek od **sendy80** » 23 kvě 2012 21:46

dobrý večer,
bohužel, další minidump tam není, zřejmě protože jsem se předevčírem snažila všemožně čistit a opravovat pc free aplikacemi ( Ccleaner, Glary Utilities....)

sendy80 · #11 Příspěvek od **sendy80** » 23 kvě 2012 21:56

prosím, na mne musíte trochu polopatě, dost dobře nevím co mám dělat

#12 Příspěvek od **Rudy** » 24 kvě 2012 18:48

Dejte log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

sendy80 · #13 Příspěvek od **sendy80** » 25 kvě 2012 10:42

dobrý den přeji,
asi jsem to zblbla a combofix se mi neuložil na plochu

snad je to tenhle log.:

ComboFix 12-05-25.02 - -- 25.05.2012 10:36:16.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.896 [GMT 2:00]
Spuštěný z: c:\documents and settings\--\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\--\WINDOWS
C:\prefs.js
c:\program files\facemoods.com
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system\msvcr71.dll
c:\windows\system32\OLD62B.tmp
c:\windows\system32\OLD630.tmp
c:\windows\system32\sycd5.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-25 do 2012-05-25 )))))))))))))))))))))))))))))))
.
.
2012-05-23 16:23 . 2012-05-23 16:23 -------- d-----w- c:\documents and settings\--\Data aplikací\PC Cleaners
2012-05-23 16:23 . 2012-05-23 16:24 -------- d-----w- c:\documents and settings\--\Data aplikací\PCPro
2012-05-23 16:23 . 2012-05-23 16:22 4101392 ----a-w- c:\windows\uninst.exe
2012-05-23 16:23 . 2012-05-23 16:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC1Data
2012-05-17 21:36 . 2012-05-21 13:04 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2012-05-16 15:42 . 2012-05-16 15:42 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-05-16 15:42 . 2012-05-16 15:42 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-15 12:33 . 2012-05-15 12:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AltrixSoft
2012-05-15 12:31 . 2012-05-15 12:31 -------- d-----w- c:\program files\Hard Drive Inspector
2012-05-15 12:31 . 2012-05-15 12:31 -------- d-----w- c:\program files\Common Files\AltrixSoft
2012-05-14 13:28 . 2012-05-14 13:28 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-13 16:30 . 2012-05-14 13:14 -------- d-----w- c:\windows\LastGood(2)
2012-05-13 15:44 . 2012-05-13 15:44 6429 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\UICORE.JS
2012-05-13 15:44 . 2012-05-13 15:44 63115 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\USERTILE.JS
2012-05-13 15:44 . 2012-05-13 15:44 4599 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\UIRESOURCE.JS
2012-05-13 15:44 . 2012-05-13 15:44 9310 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\TEXTBOX.JS
2012-05-13 15:44 . 2012-05-13 15:44 8646 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\TILEBOX.JS
2012-05-13 15:44 . 2012-05-13 15:44 5927 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\TEXT.JS
2012-05-13 15:44 . 2012-05-13 15:44 8613 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\SAVEDUSER.JS
2012-05-13 15:44 . 2012-05-13 15:44 1651 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\QUERYSTRING.JS
2012-05-13 15:44 . 2012-05-13 15:44 6910 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\NEWUSERCOMM.JS
2012-05-13 15:44 . 2012-05-13 15:44 18541 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\LOCALIZATION.JS
2012-05-13 15:44 . 2012-05-13 15:44 8288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\IMAGE.JS
2012-05-13 15:44 . 2012-05-13 15:44 6208 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\LINK.JS
2012-05-13 15:43 . 2012-05-13 15:43 51852 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\EXTERNALWRAPPER.JS
2012-05-13 15:43 . 2012-05-13 15:43 20719 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\DIVWRAPPER.JS
2012-05-13 15:43 . 2012-05-13 15:43 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\COMBOBOX.JS
2012-05-13 15:43 . 2012-05-13 15:43 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\CHECKBOX.JS
2012-05-13 15:43 . 2012-05-13 15:43 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC(2)\BUTTON.JS
2012-05-09 12:54 . 2012-05-09 12:54 -------- d-----w- c:\program files\Common Files\Skype
2012-05-09 12:50 . 2012-05-24 12:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\boost_interprocess
2012-05-05 16:21 . 2012-05-05 16:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2012-05-04 14:56 . 2012-05-04 14:56 -------- d-----w- c:\program files\1ClickDownload
2012-05-04 14:02 . 2012-05-04 14:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Premium
2012-05-04 14:01 . 2012-05-04 14:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Bcool
2012-05-04 13:57 . 2012-05-05 11:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InstallMate
2012-05-01 10:54 . 2012-05-01 10:54 -------- d-----w- c:\program files\Speccy
2012-04-28 12:03 . 2012-04-28 12:03 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 15:42 . 2010-05-10 09:29 472864 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-22 15:06 . 2012-04-22 15:06 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-22 15:06 . 2011-05-19 11:28 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:55 . 2004-08-17 15:45 2071296 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2004-08-17 13:44 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2004-08-17 13:45 2194816 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-06 13:53 . 2012-04-05 12:55 11232 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-03-09 13:51 . 2010-03-17 12:26 231760 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2012-03-07 00:15 . 2011-03-10 14:43 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2010-01-09 15:38 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-03-10 14:43 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2010-01-09 15:38 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2010-01-09 15:38 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2010-01-09 15:38 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2010-01-09 15:38 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2010-01-09 15:38 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2010-01-09 15:38 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2010-01-09 15:38 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-06 16:29 . 2012-03-06 15:49 87608 ----a-w- c:\documents and settings\--\Data aplikací\inst.exe
2012-03-06 16:29 . 2012-03-06 15:49 47360 ----a-w- c:\documents and settings\--\Data aplikací\pcouffin.sys
2012-03-01 10:59 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-03-01 10:59 . 2004-08-17 13:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-29 14:10 . 2004-08-17 13:49 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-17 13:49 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-17 13:44 385024 ------w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ------w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-04-18 12:49 1869152 ----a-w- c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-04-18 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17151624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-05 61440]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 241664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"HDInspector.exe"="c:\program files\Hard Drive Inspector\HDInspector.exe" [2010-08-10 3145464]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - c:\program files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe [2009-10-31 258048]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Hlavní panel ATI CATALYST.lnk]
backup=c:\windows\pss\Hlavní panel ATI CATALYST.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 06:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
2011-09-23 07:02 11515184 ----a-w- c:\program files\BitComet\BitComet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2012-05-08 12:08 9533848 ----a-w- c:\program files\Innovative Solutions\DriverMax\drivermax.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-30 15:24 68856 ------w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"facemoods"="c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"LogitechQuickCamRibbon"="c:\program files\Labtec\WebCam10\WebCam10.exe" /hide
"vProt"="c:\program files\AVG Secure Search\vprot.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sudden Strike II\\game\\code\\Release\\game_exe.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"17469:TCP"= 17469:TCP:BitComet 17469 TCP
"17469:UDP"= 17469:UDP:BitComet 17469 UDP
"19744:TCP"= 19744:TCP:BitComet 19744 TCP
"19744:UDP"= 19744:UDP:BitComet 19744 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 a347bus;a347bus;c:\windows\system32\DRIVERS\a347bus.sys [x]
R0 a347scsi;a347scsi;c:\windows\System32\Drivers\a347scsi.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-04-09 3063968]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\DRIVERS\Amps2prt.sys [2007-02-10 14336]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service; [x]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-04-14 14336]
R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\Pcouffin.sys [x]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-04-06 11232]
R3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe [2008-04-14 14336]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-28 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 kbfilter;Keyboard Filter Driver; [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2010-11-17 249616]
S2 aswFsBlk;aswFsBlk; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2010-11-25 160448]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-04-18 918880]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2010-11-24 89192]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [2010-07-08 57536]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2010-11-25 124992]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-05-25 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2012-03-04 19:06]
.
2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 18:07]
.
2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 18:07]
.
2012-05-25 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
2012-05-25 c:\windows\Tasks\User_Feed_Synchronization-{51CFA3EA-DC95-4795-8228-1D9C1ADB4157}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-05-25 c:\windows\Tasks\User_Feed_Synchronization-{F657FCBC-15DD-4DF9-B8EA-107EC8644767}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10004
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: Interfaces\{25F1BE69-A1FD-42F9-8646-A9B06370D4E2}: NameServer = 62.129.50.20,62.129.32.100
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} - hxxps://download.seznam.cz/listicka/toolbar2007.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-CTFMON - (no file)
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 10:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1004336348-651377827-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1912)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-05-25 11:03:08
ComboFix-quarantined-files.txt 2012-05-25 09:03
.
Před spuštěním: 9 526 697 984
Po spuštění: 9 955 438 592
.
- - End Of File - - 308FDAD7AEA515E379F61E3C039E1E97

sendy80 · #14 Příspěvek od **sendy80** » 25 kvě 2012 10:52

jinak jsem měla další dva BSOD, jeden před combofix a druhý poté, přikládám

ještě otázečka, když jsem se chtěla podívat do těch minidump-ů, tak se mi otevřeli v poznámkovém bloku, což je asi špatně? protože tam byla jenom nesrozumitelná hatmatilka

poradíte mi, jak je otvírat?

Minidump.rar: (11.44 KiB) Staženo 103 x

#15 Příspěvek od **JaRon** » 25 kvě 2012 11:08

ignoruj rady pk
otestuj RAM ako pisal Rudy s memtestom http://forum.viry.cz/viewtopic.php?f=53&t=106788
+
odinstaluj co najdes s nasledovneho SW
PC Cleaners
PCPro
GridinSoft Trojan Killer
vsetko od AVG

VIRY.CZ

Win XP - m. smrt

Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt

Re: Win XP - m. smrt