Prosím o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:51, on 28.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Fighters\sfagent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\MSI\TotalMedia 3.5\TMMonitor.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fighters\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fighters\FighterSuiteService.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Fanda\Plocha\stahovánĂ\driveragent.exe
C:\Documents and Settings\Fanda\Plocha\memtest.exe
C:\Documents and Settings\Fanda\Plocha\stahovánĂ\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\Fanda\Local Settings\Data aplikací\Seznam.cz\core.2.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\MSI\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.6.0.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Update Service (gupdate1c9d56ae29c0458) (gupdate1c9d56ae29c0458) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 12759 bytes
Kontrola logu Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
Odinstaluj:
Spybot - Search & Destroy
ICQ6Toolbar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Problémy?
Spybot - Search & Destroy
ICQ6Toolbar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.6.0.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
29.8.2011 16:23:15
mbam-log-2011-08-29 (16-23-15).txt
Typ: Rychlá kontrola
Kontrolované objekty: 154565
Uplynulý čas: 2 minut, 33 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
29.8.2011 16:23:15
mbam-log-2011-08-29 (16-23-15).txt
Typ: Rychlá kontrola
Kontrolované objekty: 154565
Uplynulý čas: 2 minut, 33 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
Nějaké problémy?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Kontrola logu
Problém popisuji v jiném foru.
Kopie: Při spuštění videa v přehrávačích nebo spuštění TV i odkaz třeba na Facebooku se restartuje PC. Prováděl jsem aktual. ovladačů a od této chvíle co jsem aktualizoval nefungovalo, proto jsem vrátil vše Bodem obnovení. Vše se vrátilo opět do normálu jen ten problém s videm zůstal.
Kopie: Při spuštění videa v přehrávačích nebo spuštění TV i odkaz třeba na Facebooku se restartuje PC. Prováděl jsem aktual. ovladačů a od této chvíle co jsem aktualizoval nefungovalo, proto jsem vrátil vše Bodem obnovení. Vše se vrátilo opět do normálu jen ten problém s videm zůstal.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
--------------------------------------------------------------------------------
Welcome to WhoCrashed HOME EDITION v 3.02
--------------------------------------------------------------------------------
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.
Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
Click here to check if you have the latest version or if an update is available.
Just click the Analyze button for a comprehensible report ...
--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------
computer name: FRANTA
windows version: Windows XP Service Pack 3, 5.1, build: 2600
windows dir: C:\WINDOWS
CPU: GenuineIntel Pentium(R) Dual-Core CPU E5200 @ 2.50GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 2145824768 total
VM: 2147352576, free: 2052657152
--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------
Crash dump directory: C:\WINDOWS\Minidump
Crash dumps are enabled on your computer.
On Mon 29.8.2011 15:05:47 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-04.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB24932CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Mon 29.8.2011 14:53:21 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-03.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB33872CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Mon 29.8.2011 14:34:35 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-02.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB141E2CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Mon 29.8.2011 14:25:10 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-01.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB13DF2CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Sun 28.8.2011 18:20:17 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082811-03.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB09D82CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Sun 28.8.2011 14:19:53 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082811-02.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BEC)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BEC, 0xFFFFFFFFB1104870, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Sun 28.8.2011 14:11:50 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082811-01.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BEC)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BEC, 0xFFFFFFFFB0E20870, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------
7 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation)
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
Welcome to WhoCrashed HOME EDITION v 3.02
--------------------------------------------------------------------------------
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.
Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
Click here to check if you have the latest version or if an update is available.
Just click the Analyze button for a comprehensible report ...
--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------
computer name: FRANTA
windows version: Windows XP Service Pack 3, 5.1, build: 2600
windows dir: C:\WINDOWS
CPU: GenuineIntel Pentium(R) Dual-Core CPU E5200 @ 2.50GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 2145824768 total
VM: 2147352576, free: 2052657152
--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------
Crash dump directory: C:\WINDOWS\Minidump
Crash dumps are enabled on your computer.
On Mon 29.8.2011 15:05:47 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-04.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB24932CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Mon 29.8.2011 14:53:21 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-03.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB33872CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Mon 29.8.2011 14:34:35 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-02.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB141E2CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Mon 29.8.2011 14:25:10 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082911-01.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB13DF2CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Sun 28.8.2011 18:20:17 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082811-03.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BAA)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BAA, 0xFFFFFFFFB09D82CC, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Sun 28.8.2011 14:19:53 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082811-02.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BEC)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BEC, 0xFFFFFFFFB1104870, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Sun 28.8.2011 14:11:50 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini082811-01.dmp
This was probably caused by the following module: nv4_disp.dll (nv4_disp+0x200BEC)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBD212BEC, 0xFFFFFFFFB0E20870, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\nv4_disp.dll
product: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
company: NVIDIA Corporation
description: NVIDIA Compatible Windows 2000 Display driver, Version 185.85
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation).
Google query: nv4_disp.dll NVIDIA Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------
7 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
nv4_disp.dll (NVIDIA Compatible Windows 2000 Display driver, Version 185.85 , NVIDIA Corporation)
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
Re: Kontrola logu
----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2011/08/29 22:57:40
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-4167B
- Sekundární kanál IDE (1)
+ Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- WDC WD6401AALS-00L3B2
+ Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)
-- Disk List ---------------------------------------------------------------
(1) WDC WD6401AALS-00L3B2 : 640.1 GB [0-2-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD6401AALS-00L3B2
----------------------------------------------------------------------------
Model : WDC WD6401AALS-00L3B2
Firmware : 01.03B01
Serial Number : WD-WMASY7162761
Disk Size : 640.1 GB (8.4/137.4/640.1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1250261615
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7875 hod.
Power On Count : 852 krát
Temparature : 46 C (114 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 155 154 _21 000000001471 Čas na roztočení ploten
04 100 100 __0 000000000366 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001EC3 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000354 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000048 Počet vypnutí disku
C1 200 200 __0 000000000366 Počet cyklů načítání/vymazání
C2 101 _96 __0 00000000002E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000006 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 53
020: 59 37 31 36 32 37 36 31 00 00 FF FF 00 32 30 31
030: 2E 30 33 42 30 31 57 44 43 20 57 44 36 34 30 31
040: 41 41 4C 53 2D 30 30 4C 33 42 32 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 20 7F 00 37 00 37 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 7A 6F 4A 85 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E0 AB D5 80 B6
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9D 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3D A5
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2011/08/29 22:57:40
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-4167B
- Sekundární kanál IDE (1)
+ Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- WDC WD6401AALS-00L3B2
+ Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)
-- Disk List ---------------------------------------------------------------
(1) WDC WD6401AALS-00L3B2 : 640.1 GB [0-2-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD6401AALS-00L3B2
----------------------------------------------------------------------------
Model : WDC WD6401AALS-00L3B2
Firmware : 01.03B01
Serial Number : WD-WMASY7162761
Disk Size : 640.1 GB (8.4/137.4/640.1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1250261615
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7875 hod.
Power On Count : 852 krát
Temparature : 46 C (114 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 155 154 _21 000000001471 Čas na roztočení ploten
04 100 100 __0 000000000366 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001EC3 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000354 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000048 Počet vypnutí disku
C1 200 200 __0 000000000366 Počet cyklů načítání/vymazání
C2 101 _96 __0 00000000002E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000006 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 53
020: 59 37 31 36 32 37 36 31 00 00 FF FF 00 32 30 31
030: 2E 30 33 42 30 31 57 44 43 20 57 44 36 34 30 31
040: 41 41 4C 53 2D 30 30 4C 33 42 32 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 20 7F 00 37 00 37 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 7A 6F 4A 85 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E0 AB D5 80 B6
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9D 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3D A5
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
Všechny události BSOD se vztahují k tomuto:
NVIDIA Compatible Windows 2000 Display driver--- nv4_disp.dll
Zkus přeinstalvat ovladače grafiky i doprovodný program. Vzhlederm k tomu , že máš winXP SP3 , pohledej ovladače pro Tvůj systém.
//Disk je OK.
NVIDIA Compatible Windows 2000 Display driver--- nv4_disp.dll
Zkus přeinstalvat ovladače grafiky i doprovodný program. Vzhlederm k tomu , že máš winXP SP3 , pohledej ovladače pro Tvůj systém.
//Disk je OK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Kontrola logu
ComboFix 11-08-29.03 - Fanda 29.08.2011 23:07:07.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1396 [GMT 2:00]
Spuštěný z: c:\documents and settings\Fanda\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Fanda\Dokumenty\DPE.DUS
c:\documents and settings\Fanda\WINDOWS
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{87e60394-2e62-400d-99c0-c1bea2f9a439}\setup.msi
c:\windows\ehome\medctrro.exe
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-29 )))))))))))))))))))))))))))))))
.
.
2011-08-29 20:53 . 2011-08-29 20:53 -------- d-----w- c:\documents and settings\All Users\Uniblue
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Uniblue
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\program files\Uniblue
2011-08-29 20:52 . 2011-08-29 21:17 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\OpenCandy
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\program files\CrystalDiskInfo
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\OpenCandy
2011-08-29 20:47 . 2011-08-29 20:54 -------- d-----w- c:\program files\WhoCrashed
2011-08-29 14:19 . 2011-08-29 14:19 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Malwarebytes
2011-08-29 14:19 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-29 14:19 . 2011-08-29 14:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-29 14:19 . 2011-08-29 14:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-29 14:19 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-28 19:00 . 2011-08-28 19:00 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\eSupport.com
2011-08-28 19:00 . 2011-08-28 19:00 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-08-28 16:03 . 2011-08-28 16:03 -------- d---a-w- c:\windows\rundll16.exe
2011-08-28 16:03 . 2011-08-28 16:03 -------- d---a-w- c:\windows\logo1_.exe
2011-08-28 14:38 . 2011-08-28 14:38 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Download Manager
2011-08-28 11:50 . 2011-08-28 18:22 11232 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\logo_1.exe
2011-08-27 22:16 . 2011-08-27 22:16 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-27 22:16 . 2011-08-27 22:16 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-27 22:16 . 2011-08-27 22:16 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-27 22:16 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-27 22:16 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-27 22:16 . 2011-08-27 22:16 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-27 22:15 . 2011-08-27 22:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-08-27 19:10 . 2011-08-27 19:10 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-27 17:44 . 2011-08-27 17:44 -------- d-----w- c:\documents and settings\LocalService\Dokumenty
2011-08-27 17:30 . 2011-08-27 17:30 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\HP
2011-08-27 17:16 . 2011-08-27 17:27 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\HP
2011-08-27 17:16 . 2011-08-27 17:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WEBREG
2011-08-27 17:03 . 2011-08-27 19:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2011-08-27 16:53 . 2011-08-27 16:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2011-08-27 16:51 . 2011-08-27 16:51 253464 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-08-27 16:51 . 2011-08-27 16:51 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-08-27 16:51 . 2011-08-27 16:51 253464 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-08-27 16:50 . 2011-08-27 19:09 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-27 16:32 . 2011-08-27 16:32 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\SlimWare Utilities Inc
2011-08-27 16:32 . 2011-08-28 14:08 -------- d-----w- c:\program files\SlimDrivers
2011-08-19 20:05 . 2011-08-27 19:09 -------- d-----w- c:\program files\elektrina
2011-08-10 13:44 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 13:43 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 20:22 . 2011-08-09 20:22 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Canneverbe Limited
2011-08-09 20:10 . 2011-08-09 20:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2011-08-07 14:11 . 2011-08-15 17:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\hps
2011-08-07 14:11 . 2011-08-15 09:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\tmp
2011-08-07 13:53 . 2011-08-07 13:53 -------- d-----w- c:\program files\Schlecker
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-29 21:17 . 2009-04-28 05:29 16608 ----a-w- c:\windows\gdrv.sys
2011-08-27 22:23 . 2011-08-27 22:21 8723187 ----a-w- c:\windows\REGBK00.ZIP
2011-08-27 18:44 . 2009-04-27 22:18 90112 ----a-w- c:\windows\DUMP5a06.tmp
2011-07-25 18:15 . 2011-07-25 18:15 1409 ----a-w- c:\windows\QTFont.for
2011-07-15 13:29 . 2004-08-03 23:15 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-10-25 16:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-04 11:43 . 2010-07-06 06:51 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2009-04-28 11:00 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-04-08 20:31 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2009-04-28 11:00 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2009-04-28 11:00 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2009-04-28 11:00 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2009-04-28 11:00 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2009-04-28 11:00 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2009-04-28 11:00 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2009-04-28 11:00 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-24 14:10 . 2009-04-27 12:30 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:39 . 2004-08-17 15:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:39 . 2004-08-17 15:49 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-06-21 18:39 . 2004-08-17 15:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:39 . 2004-08-17 15:49 17408 ----a-w- c:\windows\system32\corpol.dll
2011-06-21 14:11 . 2011-06-21 14:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-21 11:47 . 2004-08-17 15:44 389120 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-17 15:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2004-08-17 15:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-12 03:15 . 2011-05-04 17:15 126976 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2011-05-16 338296]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 77824]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"nwiz"="nwiz.exe" [2009-04-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-03-06 2615688]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-03-06 910744]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-03-06 140568]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Fanda\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TMMonitor.lnk - c:\program files\MSI\TotalMedia 3.5\TMMonitor.exe [2010-10-12 258048]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\SYS\\totalcmdr\\TOTALCMD.EXE"=
"c:\\Program Files\\Hry\\Oil Tycoon\\ot.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8.4.2011 22:31 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.4.2009 13:00 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.4.2009 13:00 19544]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [28.4.2009 7:30 80392]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21.10.2010 14:44 189064]
R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [21.10.2010 14:44 1130120]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 13:31 92008]
R3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [12.10.2010 17:31 13824]
S2 gupdate1c9d56ae29c0458;Google Update Service (gupdate1c9d56ae29c0458);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2009 16:38 133104]
S3 azvusb;Virtual USB Hub;c:\windows\system32\drivers\azvusb.sys [24.8.2009 9:14 44544]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [28.8.2011 21:00 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2009 16:38 133104]
S3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\system32\drivers\Ltn_stk7070P.sys [12.10.2010 17:40 466048]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [17.8.2004 17:49 14336]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [28.8.2011 13:50 11232]
S3 TridDev;USB Hybrid TV Device (TM6000);c:\windows\system32\drivers\Triddev.sys [18.5.2006 11:51 3584]
S3 TridVid;USB Hybrid TV Receiver (TM6000);c:\windows\system32\drivers\TridVid.sys [18.5.2006 11:51 169600]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-29 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-08-29 09:22]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 14:38]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 14:38]
.
2011-08-29 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-823518204-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-08-29 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-823518204-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-08-28 c:\windows\Tasks\SlimDrivers Scan.job
- c:\program files\SlimDrivers\SlimDrivers.exe [2011-08-15 06:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Fanda\Data aplikací\Mozilla\Firefox\Profiles\7jh3r0m9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.1&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{AB67580-257C-45FF-B8F4-C8C30682091A}_is1 - i:\siw\SIW\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-29 23:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-854245398-823518204-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DC9F0E17-DF2C-2024-93FC-FE478F6FE0F2}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"palpojogakigodkmnjjffbgoglbgiiif"=hex:61,62,69,6f,65,66,63,6e,68,62,63,68,62,
63,61,68,69,6b,6a,63,63,6e,67,67,6f,64,6d,6f,70,6a,66,63,6a,62,00,00
"palafndffocbbnookmjijjhnbcilhoie"=hex:61,61,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1560)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
c:\program files\Microsoft Office\Office12\1029\GrooveIntlResource.dll
c:\program files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
c:\program files\Hewlett-Packard\HP Share-to-Web\S2WNSRES.DLL
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\Audiodev.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Uniblue\DriverScanner\driverscanner.exe
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
.
**************************************************************************
.
Celkový čas: 2011-08-29 23:25:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-29 21:25
.
Před spuštěním: Volných bajtů: 302 395 535 360
Po spuštění: Volných bajtů: 302 285 152 256
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - B32C3C363B1453B39547555FAE064840
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1396 [GMT 2:00]
Spuštěný z: c:\documents and settings\Fanda\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Fanda\Dokumenty\DPE.DUS
c:\documents and settings\Fanda\WINDOWS
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{87e60394-2e62-400d-99c0-c1bea2f9a439}\setup.msi
c:\windows\ehome\medctrro.exe
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-29 )))))))))))))))))))))))))))))))
.
.
2011-08-29 20:53 . 2011-08-29 20:53 -------- d-----w- c:\documents and settings\All Users\Uniblue
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Uniblue
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\program files\Uniblue
2011-08-29 20:52 . 2011-08-29 21:17 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\OpenCandy
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\program files\CrystalDiskInfo
2011-08-29 20:52 . 2011-08-29 20:52 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\OpenCandy
2011-08-29 20:47 . 2011-08-29 20:54 -------- d-----w- c:\program files\WhoCrashed
2011-08-29 14:19 . 2011-08-29 14:19 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Malwarebytes
2011-08-29 14:19 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-29 14:19 . 2011-08-29 14:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-29 14:19 . 2011-08-29 14:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-29 14:19 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-28 19:00 . 2011-08-28 19:00 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\eSupport.com
2011-08-28 19:00 . 2011-08-28 19:00 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-08-28 16:03 . 2011-08-28 16:03 -------- d---a-w- c:\windows\rundll16.exe
2011-08-28 16:03 . 2011-08-28 16:03 -------- d---a-w- c:\windows\logo1_.exe
2011-08-28 14:38 . 2011-08-28 14:38 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Download Manager
2011-08-28 11:50 . 2011-08-28 18:22 11232 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-27 22:21 . 2011-08-27 22:21 -------- d---a-w- c:\windows\logo_1.exe
2011-08-27 22:16 . 2011-08-27 22:16 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-27 22:16 . 2011-08-27 22:16 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-27 22:16 . 2011-08-27 22:16 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-27 22:16 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-27 22:16 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-27 22:16 . 2011-08-27 22:16 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-27 22:15 . 2011-08-27 22:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-08-27 19:10 . 2011-08-27 19:10 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-27 17:44 . 2011-08-27 17:44 -------- d-----w- c:\documents and settings\LocalService\Dokumenty
2011-08-27 17:30 . 2011-08-27 17:30 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\HP
2011-08-27 17:16 . 2011-08-27 17:27 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\HP
2011-08-27 17:16 . 2011-08-27 17:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WEBREG
2011-08-27 17:03 . 2011-08-27 19:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2011-08-27 16:53 . 2011-08-27 16:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2011-08-27 16:51 . 2011-08-27 16:51 253464 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-08-27 16:51 . 2011-08-27 16:51 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-08-27 16:51 . 2011-08-27 16:51 253464 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-08-27 16:50 . 2011-08-27 19:09 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-27 16:32 . 2011-08-27 16:32 -------- d-----w- c:\documents and settings\Fanda\Local Settings\Data aplikací\SlimWare Utilities Inc
2011-08-27 16:32 . 2011-08-28 14:08 -------- d-----w- c:\program files\SlimDrivers
2011-08-19 20:05 . 2011-08-27 19:09 -------- d-----w- c:\program files\elektrina
2011-08-10 13:44 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 13:43 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 20:22 . 2011-08-09 20:22 -------- d-----w- c:\documents and settings\Fanda\Data aplikací\Canneverbe Limited
2011-08-09 20:10 . 2011-08-09 20:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canneverbe Limited
2011-08-07 14:11 . 2011-08-15 17:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\hps
2011-08-07 14:11 . 2011-08-15 09:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\tmp
2011-08-07 13:53 . 2011-08-07 13:53 -------- d-----w- c:\program files\Schlecker
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-29 21:17 . 2009-04-28 05:29 16608 ----a-w- c:\windows\gdrv.sys
2011-08-27 22:23 . 2011-08-27 22:21 8723187 ----a-w- c:\windows\REGBK00.ZIP
2011-08-27 18:44 . 2009-04-27 22:18 90112 ----a-w- c:\windows\DUMP5a06.tmp
2011-07-25 18:15 . 2011-07-25 18:15 1409 ----a-w- c:\windows\QTFont.for
2011-07-15 13:29 . 2004-08-03 23:15 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-10-25 16:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-04 11:43 . 2010-07-06 06:51 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2009-04-28 11:00 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-04-08 20:31 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2009-04-28 11:00 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2009-04-28 11:00 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2009-04-28 11:00 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2009-04-28 11:00 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2009-04-28 11:00 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2009-04-28 11:00 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2009-04-28 11:00 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-24 14:10 . 2009-04-27 12:30 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:39 . 2004-08-17 15:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:39 . 2004-08-17 15:49 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-06-21 18:39 . 2004-08-17 15:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:39 . 2004-08-17 15:49 17408 ----a-w- c:\windows\system32\corpol.dll
2011-06-21 14:11 . 2011-06-21 14:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-21 11:47 . 2004-08-17 15:44 389120 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-17 15:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2004-08-17 15:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-12 03:15 . 2011-05-04 17:15 126976 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2011-05-16 338296]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"SoundMan"="SOUNDMAN.EXE" [2008-06-18 77824]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"nwiz"="nwiz.exe" [2009-04-30 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-03-06 2615688]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-03-06 910744]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-03-06 140568]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Fanda\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TMMonitor.lnk - c:\program files\MSI\TotalMedia 3.5\TMMonitor.exe [2010-10-12 258048]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\SYS\\totalcmdr\\TOTALCMD.EXE"=
"c:\\Program Files\\Hry\\Oil Tycoon\\ot.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8.4.2011 22:31 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.4.2009 13:00 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.4.2009 13:00 19544]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [28.4.2009 7:30 80392]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21.10.2010 14:44 189064]
R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [21.10.2010 14:44 1130120]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 13:31 92008]
R3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\drivers\modrc.sys [12.10.2010 17:31 13824]
S2 gupdate1c9d56ae29c0458;Google Update Service (gupdate1c9d56ae29c0458);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2009 16:38 133104]
S3 azvusb;Virtual USB Hub;c:\windows\system32\drivers\azvusb.sys [24.8.2009 9:14 44544]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [28.8.2011 21:00 23456]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2009 16:38 133104]
S3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\system32\drivers\Ltn_stk7070P.sys [12.10.2010 17:40 466048]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [17.8.2004 17:49 14336]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [28.8.2011 13:50 11232]
S3 TridDev;USB Hybrid TV Device (TM6000);c:\windows\system32\drivers\Triddev.sys [18.5.2006 11:51 3584]
S3 TridVid;USB Hybrid TV Receiver (TM6000);c:\windows\system32\drivers\TridVid.sys [18.5.2006 11:51 169600]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-29 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-08-29 09:22]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 14:38]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-15 14:38]
.
2011-08-29 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-823518204-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-08-29 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-823518204-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2011-08-28 c:\windows\Tasks\SlimDrivers Scan.job
- c:\program files\SlimDrivers\SlimDrivers.exe [2011-08-15 06:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Fanda\Data aplikací\Mozilla\Firefox\Profiles\7jh3r0m9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.1&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{AB67580-257C-45FF-B8F4-C8C30682091A}_is1 - i:\siw\SIW\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-29 23:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-854245398-823518204-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DC9F0E17-DF2C-2024-93FC-FE478F6FE0F2}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"palpojogakigodkmnjjffbgoglbgiiif"=hex:61,62,69,6f,65,66,63,6e,68,62,63,68,62,
63,61,68,69,6b,6a,63,63,6e,67,67,6f,64,6d,6f,70,6a,66,63,6a,62,00,00
"palafndffocbbnookmjijjhnbcilhoie"=hex:61,61,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1560)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
c:\program files\Microsoft Office\Office12\1029\GrooveIntlResource.dll
c:\program files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
c:\program files\Hewlett-Packard\HP Share-to-Web\S2WNSRES.DLL
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\Audiodev.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Uniblue\DriverScanner\driverscanner.exe
c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
.
**************************************************************************
.
Celkový čas: 2011-08-29 23:25:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-29 21:25
.
Před spuštěním: Volných bajtů: 302 395 535 360
Po spuštění: Volných bajtů: 302 285 152 256
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - B32C3C363B1453B39547555FAE064840
Re: Kontrola logu
Přehrávače po přeinstalaci ovladačů grafiky fungují! Snad nebudu mít problém ještě někde jinde.Díky za pomoc
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Pak doporučuji odinstalovat Avast5 a nainstalovat novější verzi Avast6.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\REGBK00.ZIP
c:\windows\DUMP5a06.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-854245398-823518204-839522115-1003.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-854245398-823518204-839522115-1003.job
Driver::
WFIOCTL
Firefox::
FF - ProfilePath - c:\documents and settings\Fanda\Data aplikací\Mozilla\Firefox\Profiles\7jh3r0m9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.1&q=
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Pak doporučuji odinstalovat Avast5 a nainstalovat novější verzi Avast6.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 66 hostů