Prosím o kontrolu - modrá smrt při vypnutí PC = restart Vyřešeno

[tomikzlesa]

Tak jsem se tím prokousal :-)
zde je odkaz https://www.virustotal.com/file/02240bb627767a95432ae60e9e26c49b9efe8802b593d0478d32f6edf53ace89/analysis/1354293648/

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:37:26, on 30.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
C:\Download\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-21-1233362422-2132673313-2214222441-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1233362422-2132673313-2214222441-1001\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun (User 'UpdatusUser')
O4 - Global Startup: Easy Wireless Net.lnk = C:\Program Files (x86)\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{52EB7F55-65FB-4D2F-A09D-A0B68BD6EFB4}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{675DA55C-CF9B-447B-8BDF-C7B8BA3B9EA6}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FC1770C-3A85-4356-9DA8-23D7513444D6}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5373C0F-ACD8-4441-B153-92D593275B89}: NameServer = 160.218.161.60 160.218.167.5
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (file missing)
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8373 bytes



aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-30 17:35:08
-----------------------------
17:35:08.290 OS Version: Windows x64 6.1.7601 Service Pack 1
17:35:08.290 Number of processors: 4 586 0x403
17:35:08.305 ComputerName: SHIT UserName: Tom
17:35:08.555 Initialize success
17:36:12.344 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:36:12.344 Disk 0 Vendor: Size: 0MB BusType: 0
17:36:12.344 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-7
17:36:12.360 Disk 1 Vendor: Size: 0MB BusType: 0
17:36:12.360 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-5
17:36:12.376 Disk 2 Vendor: Size: 0MB BusType: 0
17:36:12.376 Disk 0 MBR read successfully
17:36:12.376 Disk 0 MBR scan
17:36:12.391 Disk 0 Windows 7 default MBR code
17:36:12.391 Disk 0 MBR hidden
17:36:12.391 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
17:36:12.391 Disk 0 scanning C:\Windows\system32\drivers
17:36:13.405 Service scanning
17:36:16.073 Modules scanning
17:36:16.088 Disk 0 trace - called modules:
17:36:16.104 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80039b02c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:36:16.104 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004245060]
17:36:16.104 3 CLASSPNP.SYS[fffff88001b9143f] -> nt!IofCallDriver -> [0xfffffa8003aec520]
17:36:16.104 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8003d30680]
17:36:16.120 \Driver\atapi[0xfffffa8003ad08e0] -> IRP_MJ_CREATE -> 0xfffffa80039b02c0
17:36:16.120 Scan finished successfully
17:36:35.354 Disk 0 MBR has been saved successfully to "C:\Users\Tom\Desktop\MBR.dat"
17:36:35.354 The log file has been saved successfully to "C:\Users\Tom\Desktop\aswMBR.txt"

[Reklama]

[tomikzlesa]

ComboFix 12-11-26.02 - Tom 30.11.2012 17:30:51.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4092.3030 [GMT 1:00]
Spuštěný z: c:\download\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tom\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-28 do 2012-11-30 )))))))))))))))))))))))))))))))
.
.
2012-11-25 00:37 . 2012-11-25 00:37 -------- d-----w- c:\users\Tom\AppData\Local\Adobe
2012-11-24 17:21 . 2012-11-24 17:21 -------- d-----w- c:\users\Tom\AppData\Roaming\Malwarebytes
2012-11-24 17:21 . 2012-11-24 17:21 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-24 17:21 . 2012-11-24 17:21 -------- d-----w- c:\programdata\Malwarebytes
2012-11-24 17:21 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-24 10:48 . 2012-11-24 10:48 -------- d-----w- c:\program files\WhoCrashed
2012-11-23 23:21 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-23 23:21 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-23 23:21 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-23 23:21 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-23 23:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-23 23:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-23 23:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-23 23:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-23 23:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-23 23:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-23 23:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-23 23:18 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B26BE1AF-C366-496C-9E4A-7D480A048C98}\mpengine.dll
2012-11-23 15:26 . 2012-11-23 15:26 -------- d-----w- c:\users\Tom\AppData\Roaming\Theta
2012-11-22 16:51 . 2012-11-22 16:51 -------- d-sh--w- c:\users\Tom\msdata
2012-11-22 16:51 . 2012-11-24 17:35 -------- d-sh--w- c:\users\Tom\Drivers
2012-11-22 15:53 . 2012-11-22 17:19 -------- d-----w- c:\users\Tom\AppData\Local\Ubisoft Game Launcher
2012-11-22 15:41 . 2012-11-22 16:21 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-22 15:41 . 2012-11-22 16:21 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-11-18 10:02 . 2012-11-18 10:02 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-11-18 10:01 . 2012-11-18 10:01 -------- d-----w- c:\program files (x86)\NVIDIA 3D Vision driver
2012-11-18 09:43 . 2012-11-18 09:43 -------- d-----w- c:\program files\Nexus Mod Manager
2012-11-17 20:34 . 2012-11-18 09:29 -------- d-----w- c:\users\Tom\AppData\Local\Skyrim
2012-11-10 10:05 . 2012-11-10 10:05 -------- d-----w- c:\users\Tom\AppData\Roaming\Behaviour Interactive
2012-11-09 03:22 . 2012-11-09 03:22 438632 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-11-06 20:03 . 2012-11-06 20:03 -------- d-----w- c:\users\Tom\kbpki
2012-11-06 20:03 . 2012-11-06 20:03 -------- d-----w- c:\windows\Sun
2012-11-02 20:00 . 2012-11-02 20:00 -------- d-----w- c:\users\Tom\.objectdb
2012-11-02 20:00 . 2012-11-02 20:00 -------- d-----w- c:\program files (x86)\FreeRapid-0.9
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-23 23:19 . 2012-08-08 18:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-16 19:28 . 2012-08-08 18:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-16 19:28 . 2012-08-08 18:58 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-09 16:46 . 2012-08-18 16:41 1504104 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-11-09 16:46 . 2012-08-08 17:32 984448 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-11-09 16:46 . 2012-08-08 17:32 2816824 ----a-w- c:\windows\system32\nvapi64.dll
2012-11-09 16:46 . 2012-08-08 17:32 1805672 ----a-w- c:\windows\system32\nvdispco64.dll
2012-11-09 16:46 . 2012-08-08 17:32 14953408 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-11-09 11:44 . 2012-08-08 17:32 3598764 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-09 11:44 . 2012-08-08 17:32 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-09 11:44 . 2012-08-18 16:42 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-09 11:44 . 2012-08-08 17:32 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-09 11:44 . 2012-08-08 17:32 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-09 11:43 . 2012-08-08 17:32 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-09 11:42 . 2012-08-08 17:32 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-01 16:32 . 2012-10-31 16:28 16896 ----a-r- c:\users\Tom\AppData\Roaming\Microsoft\Installer\{96443F45-13E2-11D6-AC87-00D0B7A9E540}\Icon96443F453.exe
2012-09-24 21:16 . 2012-09-03 16:49 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-14 19:19 . 2012-10-15 15:06 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-15 15:06 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-03 16:49 . 2012-08-08 19:31 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-03 16:49 . 2012-08-08 19:31 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Easy Wireless Net.lnk - c:\program files (x86)\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe [2007-3-8 3317760]
Logitech SetPoint.lnk - c:\program files (x86)\Logitech\SetPoint\SetPoint.exe [2012-8-8 1207312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-08 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-09 283200]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-09 382824]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 140160]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
S3 WinRing0_1_2_0;WinRing0_1_2_0;e:\instal\OpenHardwareMonitor\WinRing0x64.sys [2008-07-26 14544]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-08 19:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
TCP: Interfaces\{52EB7F55-65FB-4D2F-A09D-A0B68BD6EFB4}: NameServer = 160.218.161.60 160.218.167.5
TCP: Interfaces\{675DA55C-CF9B-447B-8BDF-C7B8BA3B9EA6}: NameServer = 160.218.161.60 160.218.167.5
TCP: Interfaces\{8FC1770C-3A85-4356-9DA8-23D7513444D6}: NameServer = 160.218.161.60 160.218.167.5
TCP: Interfaces\{C5373C0F-ACD8-4441-B153-92D593275B89}: NameServer = 160.218.161.60 160.218.167.5
FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-AtmosFear 3_is1 - c:\games\S.T.A.L.K.E.R. - Call of Pripyat\atmo\unins000.exe
AddRemove-DAEMON Tools Lite - c:\program files (x86)\DAEMON Tools Lite\uninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Celkový čas: 2012-11-30 17:34:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-30 16:34
ComboFix2.txt 2012-11-28 16:27
ComboFix3.txt 2012-11-26 16:06
ComboFix4.txt 2011-06-17 13:51
.
Před spuštěním: Volných bajtů: 27 297 046 528
Po spuštění: Volných bajtů: 27 039 694 848
.
- - End Of File - - 768116578957494BA0FE4CF0F70EC9AC

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Spusť znovu aswMBR , dej sken a poté klikni na „Fix“
Zavři program , restartuj PC , po restartu

Po restartu vypni obnovení systému na všech discích.
http://support.microsoft.com/kb/310405/cs
Podívej se sem:
C:\System Volume Information\Microsoft--- pokud tam je tato složka (Microsoft) , tak jí smaž.
Nakonec si znovu zapni obnovu systému.
znovu spusť aswMBR a dej sken , klikni na „Save log“
Obsah logu sem znovu vlož.

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

[tomikzlesa]

Abych se přiznal tak už nevím co a proč dělám

log z aswMBR mám. ale WhoCrashed mi pri Analyze vyhodí hlašku abych si naroloval okno dolu k přečtení reportu, tot vse
Poličko FIX v aswMBR mám šedivé nelze ho zmačknout


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-04 17:30:37
-----------------------------
17:30:37.039 OS Version: Windows x64 6.1.7601 Service Pack 1
17:30:37.039 Number of processors: 4 586 0x403
17:30:37.039 ComputerName: SHIT UserName: Tom
17:30:37.179 Initialize success
17:30:39.628 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:30:39.628 Disk 0 Vendor: Size: 0MB BusType: 0
17:30:39.628 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-7
17:30:39.644 Disk 1 Vendor: Size: 0MB BusType: 0
17:30:39.644 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-5
17:30:39.644 Disk 2 Vendor: Size: 0MB BusType: 0
17:30:39.644 Disk 0 MBR read successfully
17:30:39.644 Disk 0 MBR scan
17:30:39.644 Disk 0 Windows 7 default MBR code
17:30:39.660 Disk 0 MBR hidden
17:30:39.660 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
17:30:39.660 Disk 0 scanning C:\Windows\system32\drivers
17:30:40.580 Service scanning
17:30:43.154 Modules scanning
17:30:43.170 Disk 0 trace - called modules:
17:30:43.185 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80039ae2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:30:43.185 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800423f060]
17:30:43.185 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8003c2b150]
17:30:43.185 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8003c331f0]
17:30:43.201 \Driver\atapi[0xfffffa8003ad1e70] -> IRP_MJ_CREATE -> 0xfffffa80039ae2c0
17:30:43.201 Scan finished successfully
17:30:53.419 Disk 0 MBR has been saved successfully to "C:\Users\Tom\Desktop\MBR.dat"
17:30:53.419 The log file has been saved successfully to "C:\Users\Tom\Desktop\aswMBR.txt"

[jaro3]

Klikni na MBR fix..pak log.

Dej sem , co píše Whocrashed..

[tomikzlesa]

log po FIXu

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-04 19:38:11
-----------------------------
19:38:11.934 OS Version: Windows x64 6.1.7601 Service Pack 1
19:38:11.934 Number of processors: 4 586 0x403
19:38:11.934 ComputerName: SHIT UserName: Tom
19:38:12.064 Initialize success
19:38:15.034 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
19:38:15.034 Disk 0 Vendor: Size: 0MB BusType: 0
19:38:15.044 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-7
19:38:15.044 Disk 1 Vendor: Size: 0MB BusType: 0
19:38:15.054 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-5
19:38:15.064 Disk 2 Vendor: Size: 0MB BusType: 0
19:38:15.064 Disk 0 MBR read successfully
19:38:15.074 Disk 0 MBR scan
19:38:15.084 Disk 0 Windows 7 default MBR code
19:38:15.084 Disk 0 MBR hidden
19:38:15.084 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
19:38:15.094 Disk 0 scanning C:\Windows\system32\drivers
19:38:15.994 Service scanning
19:38:18.514 Modules scanning
19:38:18.524 Disk 0 trace - called modules:
19:38:18.534 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80039b02c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:38:18.544 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004235060]
19:38:18.544 3 CLASSPNP.SYS[fffff8800185a43f] -> nt!IofCallDriver -> [0xfffffa8003af37b0]
19:38:18.544 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa8003ae0060]
19:38:18.554 \Driver\atapi[0xfffffa8003ad0060] -> IRP_MJ_CREATE -> 0xfffffa80039b02c0
19:38:18.554 Scan finished successfully
19:38:23.074 Verifying
19:38:33.084 Disk 0 Windows 601 MBR fixed successfully
19:38:34.724 Verifying
19:38:44.734 Disk 0 Windows 601 MBR fixed successfully
19:38:59.404 Disk 0 MBR has been saved successfully to "C:\Users\Tom\Desktop\MBR.dat"
19:38:59.404 The log file has been saved successfully to "C:\Users\Tom\Desktop\aswMBR.txt"


chyba z WhoCrashed

[jaro3]

Zkopíruj sem myší celý log , sjížděj dolů , musí být celý. Pak ho sem vlož , text.

[tomikzlesa]

pokud si myslel tenhle log...


--------------------------------------------------------------------------------
Welcome to WhoCrashed (HOME EDITION) v 4.01
--------------------------------------------------------------------------------

This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.

Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.

This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.

To obtain technical support visit www.resplendence.com/support

Click here to check if you have the latest version or if an update is available.

Just click the Analyze button for a comprehensible report ...



--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------

This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.

Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.


--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------

computer name: SHIT
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: AuthenticAMD AMD Phenom(tm) II X4 955 Processor AMD586, level: 16
4 logical processors, active mask: 15
RAM: 4290936832 total
VM: 2147352576, free: 1940197376




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

No valid crash dumps have been found on your computer

--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[jaro3]

žádný záznam o BSOD tam nemáš. Co píše ta modrá smrt?

[tomikzlesa]

Snad ted nedošlo k nedorozumění, ale ta modrá smrt už je minulosti, pomohlo to co mi poradil Žbeky
PC už je ted v pořádku.

[memphisto]

Jsou dále nějaké problémy?

[tomikzlesa]

nene vše v pořádku