Prosím o kontrolu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
roman
Level 1.5
Level 1.5
Příspěvky: 146
Registrován: listopad 08
Pohlaví: Nespecifikováno
Stav:
Offline

Prosím o kontrolu

Příspěvekod roman » 15 zář 2009 17:59

Dobrý den ,věřím že i dnes mě pomůžete a předem děkuji .
Občas mě naskočí modrá obrazovka biosu a restartne se PC a některé programy nefungují jak mají .Hlavně antiviry jak AVG mě nechtělo dojet sken PC dokonce tak i u Esetu /zkušební verzi / mě to házelo chyby atd. Díky





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:19, on 15.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - D:\Program Files\Internet Cleaner\ICleaner.exe (HKCU)
O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - D:\Program Files\Internet Cleaner\ICleaner.exe (HKCU)
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 6076 bytes
CPU:Intel Core i5-4670
GPU: MSI N680GTX-PM2D2GD5
MB: MSI Z87-G45 GAMING - Intel Z87
RAM: Crucial Balistix Tactical 4 X 4GB 1600MHz CL8 BLT2C
Zdroj: Corsair AX850
SSD: Kingston HyperX 3K - 240GB
HDD: WD RED 1TB
OS: Windows 10 Home 64bit
Nahoru
Reklama
Top
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod pitimir » 15 zář 2009 21:25

Ahoj. Ake AVG a aky Nod? :)

1) Stiahni SecurityCheck. Spust ho a postupuj podla instrukcii. Nakoniec vyhodi log, ktory skopiruj sem.


2) Stiahni RSIT. Spust, klik na "Continue". Po dokoneceni by se ti mal otvorit textovy subor. Ten skopiruj sem.
Pokial by sa nieco stalo, najdes ho aj na adrese "C:\rsit\log.txt".


3) K tomu BSODu: Skus pouzit tento program, mozno ti da odpoved :)
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Uživatelský avatar
roman
Level 1.5
Level 1.5
Příspěvky: 146
Registrován: listopad 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod roman » 15 zář 2009 23:24

To AVG byla verze 8.0 a ten Eset smart security 4 ale zkušební verze ale řešil sem to i s technickou podporou a vzdali to nemělo to cenu.



Results of screen317's Security Check version 0.98.9
Windows Vista Service Pack 2
``````````````````````````````
Antivirus/Firewall Check:
avast! Antivirus


Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
HijackThis 2.0.2
TuneUp Utilities 2009
CCleaner (remove only)
Internet Cleaner 3.5
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 9.1.3 - Czech
``````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast4 aswUpdSv.exe
Alwil Software Avast4 ashServ.exe
Alwil Software Avast4 ashDisp.exe
Alwil Software Avast4 ashMaiSv.exe
Alwil Software Avast4 ashWebSv.exe


``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````




------------------------------------------------------------------------------------------------------------------------------------------------------------------------
_________________________________________________________________________________________________________________________


Logfile of random's system information tool 1.06 (written by random/random)
Run by ROMAN at 2009-09-15 23:06:33
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 171 GB (72%) free of 238 GB
Total RAM: 2046 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:06:40, on 15.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
D:\Program Files\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\ROMAN\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\ROMAN.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - D:\Program Files\Internet Cleaner\ICleaner.exe (HKCU)
O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - D:\Program Files\Internet Cleaner\ICleaner.exe (HKCU)
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 6283 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-05-26 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - D:\Program Files\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2009-06-03 131072]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
"ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2009-06-03 237568]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"ISUSPM Startup"=c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideClock"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoResolveTrack"=
"NoViewContextMenu"=
"NoFileAssociate"=
"NoFind"=
"NoRun"=
"NoClose"=
"StartMenuLogoff"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-09-15 23:06:33 ----D---- C:\rsit
2009-09-15 22:14:23 ----D---- C:\Users\ROMAN\AppData\Roaming\Ubisoft
2009-09-15 22:07:04 ----D---- C:\Program Files\Ubisoft
2009-09-15 21:21:25 ----D---- C:\Program Files\Eagle Dynamics
2009-09-15 17:48:03 ----D---- C:\Program Files\Trend Micro
2009-09-11 17:10:13 ----A---- C:\Windows\ntbtlog.txt
2009-09-10 20:05:01 ----D---- C:\Program Files\Microsoft Office
2009-09-10 20:04:30 ----D---- C:\Program Files\MSECache
2009-09-10 07:28:39 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-10 07:28:39 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-10 07:28:39 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-10 07:28:39 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-10 07:28:39 ----A---- C:\Windows\system32\netevent.dll
2009-09-10 07:28:39 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-10 07:28:39 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-10 07:28:39 ----A---- C:\Windows\system32\finger.exe
2009-09-10 07:28:39 ----A---- C:\Windows\system32\ARP.EXE
2009-09-10 07:28:28 ----A---- C:\Windows\system32\wlansec.dll
2009-09-10 07:28:28 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-10 07:28:28 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-10 07:28:28 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-10 07:28:27 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-10 07:28:25 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-10 07:28:25 ----A---- C:\Windows\system32\mf.dll
2009-09-10 07:28:23 ----A---- C:\Windows\system32\jscript.dll
2009-09-05 03:00:34 ----D---- C:\Program Files\MSXML 4.0
2009-09-04 18:50:21 ----D---- C:\Users\ROMAN\AppData\Roaming\Internet Cleaner
2009-09-04 17:12:10 ----D---- C:\Aplikace MB
2009-09-04 16:20:24 ----D---- C:\Program Files\ZA office
2009-09-04 16:20:24 ----D---- C:\Program Files\Borland
2009-09-04 16:20:12 ----A---- C:\Windows\uninst.exe
2009-09-04 16:01:17 ----D---- C:\ProgramData\HPSSUPPLY
2009-09-04 15:49:31 ----D---- C:\ProgramData\WEBREG
2009-09-04 15:49:08 ----D---- C:\Users\ROMAN\AppData\Roaming\HP
2009-09-04 15:45:24 ----D---- C:\ProgramData\HP Product Assistant
2009-09-04 15:44:53 ----D---- C:\Program Files\Common Files\HP
2009-09-04 15:44:49 ----D---- C:\Program Files\Hewlett-Packard
2009-09-04 15:44:46 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-09-04 15:44:00 ----D---- C:\ProgramData\Hewlett-Packard
2009-09-04 15:39:32 ----A---- C:\Windows\system32\hpzids01.dll
2009-09-04 15:39:21 ----A---- C:\Windows\system32\hpz3l5mu.dll
2009-09-04 15:39:16 ----A---- C:\Windows\system32\hppldcoi.dll
2009-09-04 15:39:16 ----A---- C:\Windows\system32\hpowiax7.dll
2009-09-04 15:39:16 ----A---- C:\Windows\system32\hpovst15.dll
2009-09-04 15:39:16 ----A---- C:\Windows\system32\hpotscl6.dll
2009-09-04 15:38:42 ----HD---- C:\Config.Msi
2009-09-04 15:34:58 ----D---- C:\Program Files\HP
2009-09-04 15:33:24 ----D---- C:\ProgramData\HP
2009-09-04 13:53:52 ----A---- C:\Windows\NeoUninstall.exe
2009-09-04 13:53:52 ----A---- C:\Windows\NeoSetup.INI
2009-09-04 13:53:48 ----D---- C:\Program Files\Neoact
2009-09-02 23:29:38 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-02 23:29:37 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-31 10:18:58 ----D---- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2009-08-31 10:18:38 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-08-31 10:18:38 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-08-31 10:18:38 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-08-31 10:18:38 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-08-31 10:18:37 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-08-27 19:09:50 ----D---- C:\My Media
2009-08-27 19:07:25 ----N---- C:\Windows\Setup1.exe
2009-08-27 19:07:23 ----A---- C:\Windows\ST6UNST.EXE
2009-08-26 17:59:01 ----A---- C:\Windows\system32\tzres.dll
2009-08-25 19:25:35 ----D---- C:\Users\ROMAN\AppData\Roaming\FUEL
2009-08-24 20:09:11 ----A---- C:\Windows\system32\Iyvu9_32.dll
2009-08-24 20:09:11 ----A---- C:\Windows\system32\Iacenc.dll
2009-08-24 20:08:31 ----D---- C:\Program Files\Sierra On-Line
2009-08-24 20:02:31 ----A---- C:\Windows\SIERRA.INI
2009-08-21 15:44:11 ----D---- C:\Program Files\Paint.NET
2009-08-16 18:18:18 ----D---- C:\Users\ROMAN\AppData\Roaming\DAEMON Tools Pro

======List of files/folders modified in the last 1 months======

2009-09-15 23:06:40 ----D---- C:\Windows\Prefetch
2009-09-15 23:06:37 ----D---- C:\Windows\Temp
2009-09-15 23:00:02 ----D---- C:\Users\ROMAN\AppData\Roaming\uTorrent
2009-09-15 22:11:02 ----SHD---- C:\Windows\Installer
2009-09-15 22:07:36 ----D---- C:\Users\ROMAN\AppData\Roaming\esmska
2009-09-15 22:07:04 ----RD---- C:\Program Files
2009-09-15 22:06:48 ----RSD---- C:\Windows\assembly
2009-09-15 22:05:52 ----SHD---- C:\System Volume Information
2009-09-13 18:53:01 ----D---- C:\Program Files\SweetIM
2009-09-13 14:35:55 ----D---- C:\Windows
2009-09-13 14:35:54 ----D---- C:\Windows\System32
2009-09-13 14:35:27 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-11 19:16:33 ----D---- C:\Windows\inf
2009-09-11 19:16:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-10 21:43:04 ----D---- C:\Windows\Debug
2009-09-10 20:05:03 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-10 11:57:46 ----D---- C:\Windows\rescache
2009-09-10 11:53:31 ----D---- C:\Windows\winsxs
2009-09-10 11:40:30 ----D---- C:\Windows\system32\cs-CZ
2009-09-10 11:40:29 ----D---- C:\Windows\system32\drivers
2009-09-10 11:28:21 ----D---- C:\Windows\system32\catroot2
2009-09-10 11:28:21 ----D---- C:\Windows\system32\catroot
2009-09-10 11:28:16 ----D---- C:\Program Files\Windows Mail
2009-09-10 11:27:56 ----D---- C:\Windows\ehome
2009-09-10 08:15:41 ----D---- C:\Users\ROMAN\AppData\Roaming\ICQ
2009-09-09 20:02:46 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-07 20:58:19 ----D---- C:\Windows\system32\config
2009-09-07 18:16:24 ----D---- C:\Windows\Logs
2009-09-04 18:35:48 ----D---- C:\Windows\system32\FxsTmp
2009-09-04 17:12:34 ----SD---- C:\Users\ROMAN\AppData\Roaming\Microsoft
2009-09-04 17:08:31 ----D---- C:\Windows\system32\Tasks
2009-09-04 16:23:41 ----D---- C:\Windows\twain_32
2009-09-04 16:23:35 ----D---- C:\Users\ROMAN\AppData\Roaming\XnView
2009-09-04 16:01:17 ----HD---- C:\ProgramData
2009-09-04 15:48:47 ----A---- C:\Windows\win.ini
2009-09-04 15:44:53 ----D---- C:\Program Files\Common Files
2009-09-03 10:54:03 ----D---- C:\Windows\Tasks
2009-09-03 03:06:11 ----D---- C:\Windows\AppPatch
2009-09-02 12:52:04 ----SHD---- C:\$Recycle.Bin
2009-09-02 12:47:05 ----D---- C:\Users\ROMAN\AppData\Roaming\Thinstall
2009-08-31 19:41:08 ----D---- C:\Program Files\Adobe
2009-08-31 11:55:29 ----SD---- C:\Windows\Downloaded Program Files
2009-08-28 23:38:20 ----A---- C:\Windows\system32\mrt.exe
2009-08-24 20:24:03 ----D---- C:\Users\ROMAN\AppData\Roaming\Skype
2009-08-24 20:09:10 ----D---- C:\Program Files\Intel
2009-08-24 19:31:47 ----D---- C:\Users\ROMAN\AppData\Roaming\skypePM
2009-08-20 07:17:46 ----D---- C:\Program Files\DAEMON Tools Lite
2009-08-17 18:10:20 ----A---- C:\Windows\system32\aswBoot.exe
2009-08-16 11:35:19 ----D---- C:\Program Files\OpenAL

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-08-17 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-08-17 53328]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-04 278728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-07-04 25416]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\atl01v32.sys [2007-03-15 48128]
R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-10-25 170520]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-10-25 521496]
R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-10-25 1323544]
R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-10-25 72728]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-10-25 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-10-25 157208]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-10-25 92696]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2007-10-25 1163800]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\Windows\system32\drivers\LVPrcMon.sys [2005-12-09 16768]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-12-06 39424]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-10-25 127000]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-12-06 287360]
R3 SaiK0CEA;SaiK0CEA; C:\Windows\system32\DRIVERS\SaiK0CEA.sys [2008-04-04 104960]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2009-06-10 14080]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2009-06-10 36992]
R3 SaiU0CEA;SaiU0CEA; C:\Windows\system32\DRIVERS\SaiU0CEA.sys [2008-04-04 28544]
S3 ar8fz4y9;ar8fz4y9; C:\Windows\system32\drivers\ar8fz4y9.sys []
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-10-25 98328]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-10-25 511000]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-10-25 551960]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-10-25 346856]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-10-25 174104]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-10-25 286232]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-10-25 134680]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-10-25 329240]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-10-25 100888]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-10-25 566296]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2007-03-20 16384]
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2007-03-13 9856]
S3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys [2008-01-18 14336]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-01-18 13312]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\Windows\system32\drivers\Lvckap.sys [2005-12-09 2174464]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\Windows\system32\drivers\lvmvdrv.sys [2005-12-09 2400256]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-06-27 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [2009-06-26 79360]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-05-06 2785582]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-06-27 360192]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------


______________________________________________________________________________
______________________________________________________________________________


Ten programek WhoCrashed mě vyhodil toto:

Crash dump adresáře: C: \ Windows \ Minidump

Crash skládky jsou vypnuté pro váš počítač.
No crash skládky byly nalezeny na vašem počítači

Crash skládky nejsou povoleny na tomto počítači. To je důvod, proč nejsou žádné havárii skládky k dispozici.
Navrhuje se, aby si havárie skládky na vašem počítači. Použijte applet Systém v Ovládacích panelech.
Klepněte na kartu Upřesnit, klepněte na tlačítko Spuštění a zotavení systému.
Vyberte jednu z možností drop-dole barevný pruh v okně Zapsat ladící informace.

Ale nevím co je to ten applet system ...

Díky
CPU:Intel Core i5-4670
GPU: MSI N680GTX-PM2D2GD5
MB: MSI Z87-G45 GAMING - Intel Z87
RAM: Crucial Balistix Tactical 4 X 4GB 1600MHz CL8 BLT2C
Zdroj: Corsair AX850
SSD: Kingston HyperX 3K - 240GB
HDD: WD RED 1TB
OS: Windows 10 Home 64bit
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod pitimir » 16 zář 2009 17:21

No s tym BSOD ti neporadim, ja sa na tieto veci nezameriavam. Ten program bola mensia pomocka, inak sa to da vycitat jedine z tych Minidump suborov.

Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Uživatelský avatar
roman
Level 1.5
Level 1.5
Příspěvky: 146
Registrován: listopad 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod roman » 16 zář 2009 18:09

Tak sem zjistil díky Combo fix že tam mám aktivní Firewal ještě z Eset smart security 4 ač už ho tam nemám aspon 3 měsíce a to sem ho odinstalovaval jejich programem. Nedalo by se to nějak smáznout Combofixem vůbec nevím kde to schovaný .Díky





ComboFix 09-09-14.02 - ROMAN 16.09.2009 17:55.1.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1250.420.1029.18.2046.1250 [GMT 2:00]
Spuštěný z: c:\users\ROMAN\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-51003140-4199384537-3980697693-500
c:\users\ROMAN\AppData\Roaming\Microsoft\Installer\{43757761-174D-4835-AB38-0422F5F050C6}\NationRed.exe_43757761174D4835AB380422F5F050C6.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-16 do 2009-09-16 )))))))))))))))))))))))))))))))
.

2009-09-16 16:00 . 2009-09-16 16:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-15 21:10 . 2009-09-15 21:10 -------- d-----w- c:\program files\WhoCrashed
2009-09-15 21:06 . 2009-09-15 21:06 -------- d-----w- C:\rsit
2009-09-15 20:14 . 2009-09-15 20:14 -------- d-----w- c:\users\ROMAN\AppData\Roaming\Ubisoft
2009-09-15 20:07 . 2009-09-15 20:07 -------- d-----w- c:\program files\Ubisoft
2009-09-15 19:21 . 2009-09-15 19:31 -------- d-----w- c:\program files\Eagle Dynamics
2009-09-15 15:48 . 2009-09-15 15:48 -------- d-----w- c:\program files\Trend Micro
2009-09-10 18:04 . 2009-09-10 18:04 -------- d-----w- c:\program files\MSECache
2009-09-05 01:00 . 2009-09-05 01:00 -------- d-----w- c:\program files\MSXML 4.0
2009-09-04 16:50 . 2009-09-10 05:31 -------- d-----w- c:\users\ROMAN\AppData\Roaming\Internet Cleaner
2009-09-04 15:12 . 2009-09-04 15:12 -------- d-----w- C:\Aplikace MB
2009-09-04 14:20 . 2009-09-04 14:20 -------- d-----w- c:\program files\ZA office
2009-09-04 14:20 . 2009-09-04 14:20 -------- d-----w- c:\program files\Borland
2009-09-04 14:20 . 1996-01-09 08:38 283648 ----a-w- c:\windows\uninst.exe
2009-09-04 14:01 . 2009-09-04 14:01 -------- d-----w- c:\programdata\HPSSUPPLY
2009-09-04 14:00 . 2009-09-04 14:00 -------- d-----w- c:\users\ROMAN\AppData\Local\HP
2009-09-04 13:49 . 2009-09-04 13:49 -------- d-----w- c:\programdata\WEBREG
2009-09-04 13:49 . 2009-09-04 14:11 -------- d-----w- c:\users\ROMAN\AppData\Roaming\HP
2009-09-04 13:45 . 2009-09-04 13:45 -------- d-----w- c:\programdata\HP Product Assistant
2009-09-04 13:44 . 2009-09-04 13:44 -------- d-----w- c:\program files\Common Files\HP
2009-09-04 13:44 . 2009-09-04 13:44 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-04 13:44 . 2009-09-04 13:44 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-09-04 13:44 . 2009-09-04 13:44 -------- d-----w- c:\programdata\Hewlett-Packard
2009-09-04 13:39 . 2008-01-24 21:23 271704 ----a-w- c:\windows\system32\hpzids01.dll
2009-09-04 13:39 . 2007-10-20 16:25 118272 ----a-w- c:\windows\system32\hpz3l5mu.dll
2009-09-04 13:39 . 2008-01-24 21:22 729088 ----a-w- c:\windows\system32\hpowiax7.dll
2009-09-04 13:39 . 2008-01-24 21:22 303104 ----a-w- c:\windows\system32\hpovst15.dll
2009-09-04 13:39 . 2008-01-24 21:22 581632 ----a-w- c:\windows\system32\hpotscl6.dll
2009-09-04 13:39 . 2008-01-24 21:22 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2009-09-04 13:34 . 2009-09-04 13:47 -------- d-----w- c:\program files\HP
2009-09-04 13:33 . 2009-09-04 13:49 186385 ----a-w- c:\windows\hpoins28.dat
2009-09-04 13:33 . 2009-09-04 14:10 -------- d-----w- c:\programdata\HP
2009-09-04 11:53 . 2009-01-05 16:32 139264 ----a-w- c:\windows\NeoUninstall.exe
2009-09-04 11:53 . 2009-09-04 11:53 -------- d-----w- c:\program files\Neoact
2009-09-02 21:29 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 21:29 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-02 10:54 . 2009-09-02 10:54 7680 ----a-w- c:\users\ROMAN\AppData\Roaming\Thinstall\Ashampoo WinOptimizer 6.24\4000006900003i\DfsdkS.exe
2009-09-02 10:48 . 2009-09-02 10:48 7680 ----a-w- c:\users\ROMAN\AppData\Roaming\Thinstall\Ashampoo WinOptimizer 6.24\10000006e00002i\SearchIndexer.exe
2009-09-02 10:48 . 2009-09-02 10:48 7680 ----a-w- c:\users\ROMAN\AppData\Roaming\Thinstall\Ashampoo WinOptimizer 6.24\10000006500002i\REGEDIT.exe
2009-09-02 10:47 . 2009-09-02 10:47 7680 ----a-w- c:\users\ROMAN\AppData\Roaming\Thinstall\Ashampoo WinOptimizer 6.24\4000008000002i\Splash Screen.exe
2009-08-31 08:18 . 2009-08-31 08:18 -------- d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2009-08-31 08:18 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-08-31 08:18 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-08-31 08:18 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-08-31 08:18 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-08-31 08:18 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-08-27 17:09 . 2009-08-27 17:09 -------- d-----w- C:\My Media
2009-08-27 17:07 . 2009-08-27 17:07 245760 ------w- c:\windows\Setup1.exe
2009-08-27 17:07 . 2009-08-27 17:07 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-08-26 15:59 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-25 17:25 . 2009-08-25 17:25 -------- d-----w- c:\users\ROMAN\AppData\Roaming\FUEL
2009-08-24 18:09 . 1998-11-18 13:33 144384 ----a-w- c:\windows\system32\Iacenc.dll
2009-08-24 18:09 . 1997-06-13 05:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2009-08-24 18:08 . 2009-08-24 18:08 -------- d-----w- c:\program files\Sierra On-Line
2009-08-21 13:44 . 2009-08-21 13:44 -------- d-----w- c:\program files\Paint.NET
2009-08-21 13:44 . 2009-08-21 13:44 -------- d-----w- c:\users\ROMAN\AppData\Local\Paint.NET
2009-08-20 16:05 . 2009-08-20 16:05 -------- d-----w- c:\users\ROMAN\AppData\Local\id Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-15 22:49 . 2009-06-27 10:11 -------- d-----w- c:\users\ROMAN\AppData\Roaming\uTorrent
2009-09-15 20:07 . 2009-06-27 05:57 -------- d-----w- c:\users\ROMAN\AppData\Roaming\esmska
2009-09-13 16:53 . 2009-07-29 19:13 -------- d-----w- c:\program files\SweetIM
2009-09-13 12:35 . 2009-06-26 17:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-11 17:16 . 2007-01-08 21:15 598600 ----a-w- c:\windows\system32\perfh005.dat
2009-09-11 17:16 . 2007-01-08 21:15 114808 ----a-w- c:\windows\system32\perfc005.dat
2009-09-10 09:28 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-10 06:15 . 2009-06-26 19:46 -------- d-----w- c:\users\ROMAN\AppData\Roaming\ICQ
2009-09-09 18:02 . 2009-06-27 08:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-04 14:23 . 2009-07-06 19:36 -------- d-----w- c:\users\ROMAN\AppData\Roaming\XnView
2009-09-02 10:47 . 2009-07-06 12:44 -------- d-----w- c:\users\ROMAN\AppData\Roaming\Thinstall
2009-08-24 18:24 . 2009-06-27 12:51 -------- d-----w- c:\users\ROMAN\AppData\Roaming\Skype
2009-08-24 18:09 . 2009-06-26 17:36 -------- d-----w- c:\program files\Intel
2009-08-24 17:31 . 2009-06-27 12:53 -------- d-----w- c:\users\ROMAN\AppData\Roaming\skypePM
2009-08-20 05:17 . 2009-06-27 05:54 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-17 16:10 . 2009-06-30 18:03 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:05 . 2009-06-30 18:03 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2009-06-30 18:03 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:05 . 2009-06-30 18:03 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-17 16:04 . 2009-06-30 18:03 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2009-06-30 18:03 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:02 . 2009-06-30 18:03 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-16 16:18 . 2009-08-16 16:18 -------- d-----w- c:\users\ROMAN\AppData\Roaming\DAEMON Tools Pro
2009-08-16 09:35 . 2009-06-26 18:15 -------- d-----w- c:\program files\OpenAL
2009-08-14 16:27 . 2009-09-10 05:28 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 05:28 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 05:28 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 05:28 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 05:28 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 05:28 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 05:28 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 05:28 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 05:28 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 05:28 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 05:28 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-11 15:04 . 2009-06-27 05:57 -------- d-----w- c:\program files\Java
2009-08-08 08:58 . 2009-08-08 08:55 -------- d-----w- c:\users\ROMAN\AppData\Roaming\NationRed
2009-08-08 08:54 . 2009-06-26 18:15 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-08-08 08:54 . 2009-06-26 18:15 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-08-08 08:53 . 2009-08-08 08:53 270398 ----a-r- c:\users\ROMAN\AppData\Roaming\Microsoft\Installer\{43757761-174D-4835-AB38-0422F5F050C6}\Manual.rtf_43757761174D4835AB380422F5F050C6.exe
2009-08-08 08:53 . 2009-08-08 08:53 270398 ----a-r- c:\users\ROMAN\AppData\Roaming\Microsoft\Installer\{43757761-174D-4835-AB38-0422F5F050C6}\ARPPRODUCTICON.exe
2009-08-07 17:51 . 2009-08-07 17:51 15308424 ----a-w- c:\windows\system32\xlive.dll
2009-08-07 17:51 . 2009-08-07 17:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-07-29 19:13 . 2009-07-29 19:13 -------- d-----w- c:\programdata\SweetIM
2009-07-29 04:29 . 2009-07-29 04:29 -------- d-----w- c:\users\ROMAN\AppData\Roaming\Summer Athletics 2009
2009-07-25 03:23 . 2009-06-27 05:57 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-24 19:32 . 2009-07-24 19:32 -------- d-----w- c:\users\ROMAN\AppData\Roaming\Media Player Classic
2009-07-20 18:57 . 2009-07-20 18:57 -------- d-----w- c:\programdata\BC
2009-07-18 16:01 . 2009-07-29 15:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 11:35 . 2009-07-29 15:45 828416 ----a-w- c:\windows\system32\wininet.dll
2009-07-17 13:54 . 2009-08-12 15:20 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-12 15:20 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-12 15:20 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-12 15:20 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-12 15:20 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-11 19:01 . 2009-09-10 05:28 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-07-11 19:01 . 2009-09-10 05:28 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-07-11 19:01 . 2009-09-10 05:28 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-07-11 19:01 . 2009-09-10 05:28 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-07-11 17:03 . 2009-09-10 05:28 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-07-04 06:46 . 2009-07-04 06:46 278728 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-07-04 06:46 . 2009-07-04 06:46 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-06-28 20:02 . 2009-06-28 20:02 522 ----a-w- c:\windows\eReg.dat
2009-06-27 12:53 . 2009-06-27 12:53 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-06-27 07:58 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-06-27 07:58 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-06-27 06:50 . 2009-06-27 06:50 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-06-27 06:50 . 2009-06-27 06:50 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-27 05:33 . 2009-06-27 05:33 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-26 21:53 . 2009-06-26 21:53 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-06-26 21:13 . 2009-06-26 21:13 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-26 21:08 . 2009-06-26 21:08 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2009-06-26 21:05 . 2009-06-26 21:05 37888 ----a-w- c:\windows\system32\printcom.dll
2009-06-26 21:05 . 2009-06-26 21:05 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-06-26 20:41 . 2009-06-26 20:41 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-06-26 20:41 . 2009-06-26 20:41 272896 ----a-w- c:\windows\system32\polstore.dll
2009-06-26 20:35 . 2009-06-26 20:35 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-26 20:26 . 2009-06-26 20:26 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-06-26 19:47 . 2009-06-26 19:47 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-06-26 19:35 . 2009-06-26 19:35 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-06-26 19:34 . 2009-06-26 19:34 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-26 19:32 . 2009-06-26 19:32 72704 ----a-w- c:\windows\system32\admparse.dll
2009-06-26 19:32 . 2009-06-26 19:32 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-06-26 19:30 . 2009-06-26 19:30 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-06-26 17:52 . 2009-06-26 17:52 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-06-26 17:52 . 2009-06-26 17:52 43544 ----a-w- c:\windows\system32\wups2.dll
2009-06-26 17:52 . 2009-06-26 17:52 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-06-26 17:52 . 2009-06-26 17:52 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-06-26 17:52 . 2009-06-26 17:52 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-06-26 17:52 . 2009-06-26 17:52 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-06-26 17:52 . 2009-06-26 17:52 34328 ----a-w- c:\windows\system32\wups.dll
2009-06-26 17:52 . 2009-06-26 17:52 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-06-26 17:52 . 2009-06-26 17:52 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-06-26 17:49 . 2009-06-26 17:12 680 ----a-w- c:\users\ROMAN\AppData\Local\d3d9caps.dat
2009-06-26 17:12 . 2009-06-26 17:12 48600 ----a-w- c:\users\ROMAN\AppData\Local\GDIPFONTCACHEV1.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2009-06-03 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2009-06-03 237568]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CtxfiReg"="CTXFIREG.exe" - c:\windows\System32\CTXFIREG.EXE [2007-10-25 43520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"AshSnap"=d:\program files\Ashampoo\Ashampoo Magical Snap 2\ashsnap.exe
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"CTxfiHlp"=CTXFIHLP.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):c1,ff,af,05,d7,fb,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{B031AAD4-3FBB-42FD-A84A-2ECC0490E4CC}c:\\program files\\icq6.5\\icq.exe"= UDP:c:\program files\icq6.5\icq.exe:ICQ
"UDP Query User{5C30E9F0-EBDF-4655-9CC6-E72CC7D064A7}c:\\program files\\icq6.5\\icq.exe"= TCP:c:\program files\icq6.5\icq.exe:ICQ
"{F30B05B0-CC17-4263-8AB5-EB8E16066528}"= UDP:d:\program files hry\Codemasters\Overlord II\Overlord2.exe:Overlord II
"{AD534CC6-FAF3-4096-B9F3-4F2A85978A47}"= TCP:d:\program files hry\Codemasters\Overlord II\Overlord2.exe:Overlord II
"{E035A114-2386-468D-A185-BB6380B00A6A}"= UDP:d:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{EF11024F-540E-4CBF-BFE9-CA8BAB46448D}"= TCP:d:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{86FB7916-B46F-43FE-B2F5-3E4BF1CE0715}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{5E760E4C-8ED3-4C1E-AB87-2CB522B7D2DE}"= UDP:d:\program files hry\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:Call of Juarez - Bound in Blood
"{5163039E-85F0-4864-9742-6386B71EBA9B}"= TCP:d:\program files hry\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe:Call of Juarez - Bound in Blood
"{48E18CAB-8000-4230-A875-FBF64278240A}"= UDP:d:\program files hry\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe:STREET FIGHTER IV
"{E7682628-7FD2-4C5D-AB1E-E1268539DF82}"= TCP:d:\program files hry\CAPCOM\STREETFIGHTERIV\StreetFighterIV.exe:STREET FIGHTER IV
"TCP Query User{93FB52B0-DC5D-4390-B3E3-ECD7CA0B8E98}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"UDP Query User{FD68EEF7-FBC3-4883-8333-8BAFD7335DDB}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:Windows Sidebar
"TCP Query User{E200CB64-F7E3-47DC-8F55-16A609CE0C1A}d:\\program files hry\\emote\\launcher\\launcher.exe"= UDP:d:\program files hry\emote\launcher\launcher.exe:launcher
"UDP Query User{CE6B9850-DE93-45A3-AC0D-3A6968A62B14}d:\\program files hry\\emote\\launcher\\launcher.exe"= TCP:d:\program files hry\emote\launcher\launcher.exe:launcher
"{305CF377-F9E7-4024-85E5-8F6D96BA9C4B}"= UDP:d:\program files hry\CAPCOM\Bionic Commando\Bionic Commando\bionic_commando.exe:Bionic Commando
"{8BCD7EA3-617D-46AA-BDFE-6652D9C92A72}"= TCP:d:\program files hry\CAPCOM\Bionic Commando\Bionic Commando\bionic_commando.exe:Bionic Commando
"{B025B891-25FF-4FE4-A0A3-D1C2AF8D7A12}"= UDP:d:\program files hry\CAPCOM\Bionic Commando\Bionic Commando\Support\CAP1-0101.exe:Bionic Commando
"{AEC3266B-AC3C-40B4-8A35-830A5EE91070}"= TCP:d:\program files hry\CAPCOM\Bionic Commando\Bionic Commando\Support\CAP1-0101.exe:Bionic Commando
"{459370E2-5FD0-40B5-8BD5-2CDC2371BEC9}"= UDP:d:\program files hry\Codemasters\FUEL\FUEL.exe:FUEL
"{86F72116-23C3-4F7A-AF7C-1C3EF94958C9}"= TCP:d:\program files hry\Codemasters\FUEL\FUEL.exe:FUEL
"{B5B581AA-86B8-4487-8AF3-A55B72303C00}"= UDP:d:\program files hry\Activision\Wolfenstein\MP\Wolf2MP.exe:Wolfenstein(TM)
"{91CE615C-7E21-4F77-ABEE-31F9E3F7113A}"= TCP:d:\program files hry\Activision\Wolfenstein\MP\Wolf2MP.exe:Wolfenstein(TM)
"{782E21AA-2B03-4015-BAAC-A8C04B52E16B}"= UDP:d:\program files hry\Activision\Wolfenstein\MP\Wolf2MPLite.exe:Wolfenstein(TM)
"{A61D7880-0F69-4BF8-971A-9DC2C2BA4D14}"= TCP:d:\program files hry\Activision\Wolfenstein\MP\Wolf2MPLite.exe:Wolfenstein(TM)
"{B2B70F93-EEFA-4BD1-B011-A367347A5F42}"= d:\program files\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{A188FD7B-A1F5-42B2-AFCA-C7D77EC3AFA5}"= d:\program files\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{303AE37E-8666-4506-B78F-6DA0936AE7DB}"= d:\program files\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{AA48CEA8-E5A6-45BC-8DCE-13EE182B854B}"= d:\program files\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{B1DDD020-4A9C-4D70-8F09-2B061FA80CFF}"= d:\program files\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{0156E264-D6FD-4B81-85BF-84F299301012}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{40EFF54B-BD39-4801-9199-EC4FA64877FC}"= d:\program files\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{E020DA34-A17C-4B4E-921E-12D8561B67D0}"= d:\program files\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{1FA0F74E-76C5-4B68-9B22-69777DC084E8}"= d:\program files\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{18FD71A2-7F1C-4837-A094-D01E8D472D7D}"= d:\program files\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{96CFC5D0-BE87-4885-B0F4-31547C2C94B1}"= d:\program files\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"{73B4A06F-A99F-41CD-877A-ACCC8799CDB6}"= UDP:d:\program files hry\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:Batman: Arkham Asylum
"{B7487AF4-939A-4DDA-BB10-A4B2B336D4D8}"= TCP:d:\program files hry\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:Batman: Arkham Asylum
"TCP Query User{11B43998-BFE0-4B55-A081-C492092490D5}d:\\program files hry\\southpeak games\\section 8\\binaries\\s8game-f.exe"= UDP:d:\program files hry\southpeak games\section 8\binaries\s8game-f.exe:Section 8
"UDP Query User{BEEA7FCB-7198-495B-BE2F-145563F46DE1}d:\\program files hry\\southpeak games\\section 8\\binaries\\s8game-f.exe"= TCP:d:\program files hry\southpeak games\section 8\binaries\s8game-f.exe:Section 8
"{40D4357C-1613-4F3C-87DD-2792CCF0311B}"= UDP:d:\program files hry\Volition Inc\Red Faction Guerrilla\rfg.exe:Red Faction: Guerrilla
"{A09B5B88-3C9A-4DC1-A9AC-96225F366D29}"= TCP:d:\program files hry\Volition Inc\Red Faction Guerrilla\rfg.exe:Red Faction: Guerrilla
"{120A12ED-484A-4349-A6AC-D5902B6D2F4A}"= UDP:d:\program files hry\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:RESIDENT EVIL 5 (DX9)
"{7AB639F6-8D0F-4012-9456-F20292D58069}"= TCP:d:\program files hry\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE:RESIDENT EVIL 5 (DX9)
"{06BA0A47-1CAA-4BBA-8E0B-AC59FD9BFAF7}"= UDP:d:\program files hry\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:RESIDENT EVIL 5 (DX10)
"{C331E916-731B-4F8E-B148-4DB89A7D684F}"= TCP:d:\program files hry\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE:RESIDENT EVIL 5 (DX10)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [30.6.2009 20:03 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [30.6.2009 20:03 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [30.6.2009 20:03 53328]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [27.6.2009 8:50 603904]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\atl01v32.sys [26.6.2009 19:45 48128]
R3 SaiK0CEA;SaiK0CEA;c:\windows\System32\drivers\SaiK0CEA.sys [4.4.2008 17:21 104960]
R3 SaiU0CEA;SaiU0CEA;c:\windows\System32\drivers\SaiU0CEA.sys [4.4.2008 17:21 28544]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [26.6.2009 20:19 79360]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\System32\drivers\gHidPnp.sys [26.6.2009 20:38 16384]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\System32\drivers\gMouUsb.sys [26.6.2009 20:38 9856]
S3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [26.6.2009 20:28 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [26.6.2009 20:28 13312]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2009-09-16 c:\windows\Tasks\1-Click Maintenance.job
- d:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2009-09-16 c:\windows\Tasks\Úklid 1 kliknutím.job
- d:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-{C3B6AEB1-390C-4792-8677-CD87F8B2C959} - d:\program files\Digital Imaging\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}\setup\hpzscr01.exe -datfile hposcr28.dat



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-16 18:00
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2703083259-3871098306-1978884415-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e1,ce,d4,08,c1,1f,57,44,32,60,23,95,f8,44,dc,40,11,b6,c9,7f,64,
7b,a9,86,61,cb,24,38,96,f7,9b,16,7b,a0,93,59,6d,7e,ac,80,8f,47,06,51,05,64,\
"rkeysecu"=hex:ab,cd,9c,3e,18,78,00,21,7f,53,7d,bf,a7,19,b2,ca
.
Celkový čas: 2009-09-16 18:01
ComboFix-quarantined-files.txt 2009-09-16 16:01

Před spuštěním: Volných bajtů: 178 108 690 432
Po spuštění: Volných bajtů: 177 547 005 952

319 --- E O F --- 2009-09-11 15:37
CPU:Intel Core i5-4670
GPU: MSI N680GTX-PM2D2GD5
MB: MSI Z87-G45 GAMING - Intel Z87
RAM: Crucial Balistix Tactical 4 X 4GB 1600MHz CL8 BLT2C
Zdroj: Corsair AX850
SSD: Kingston HyperX 3K - 240GB
HDD: WD RED 1TB
OS: Windows 10 Home 64bit
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod pitimir » 16 zář 2009 18:56

Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Uživatelský avatar
roman
Level 1.5
Level 1.5
Příspěvky: 146
Registrován: listopad 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod roman » 16 zář 2009 20:28

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2812
Windows 6.0.6002 Service Pack 2

16.9.2009 20:28:16
mbam-log-2009-09-16 (20-28-16).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 83239
Uplynulý čas: 2 minute(s), 20 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
CPU:Intel Core i5-4670
GPU: MSI N680GTX-PM2D2GD5
MB: MSI Z87-G45 GAMING - Intel Z87
RAM: Crucial Balistix Tactical 4 X 4GB 1600MHz CL8 BLT2C
Zdroj: Corsair AX850
SSD: Kingston HyperX 3K - 240GB
HDD: WD RED 1TB
OS: Windows 10 Home 64bit
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod pitimir » 17 zář 2009 18:19

pitimir píše:...Potom spravis kompletny scan...


Pojdes sem a das si spravit scan. Tu je navod (by sundavis):
Obrázek
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Uživatelský avatar
roman
Level 1.5
Level 1.5
Příspěvky: 146
Registrován: listopad 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod roman » 17 zář 2009 19:49

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2812
Windows 6.0.6002 Service Pack 2

17.9.2009 19:48:18
mbam-log-2009-09-17 (19-48-18).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 265159
Uplynulý čas: 50 minute(s), 46 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
CPU:Intel Core i5-4670
GPU: MSI N680GTX-PM2D2GD5
MB: MSI Z87-G45 GAMING - Intel Z87
RAM: Crucial Balistix Tactical 4 X 4GB 1600MHz CL8 BLT2C
Zdroj: Corsair AX850
SSD: Kingston HyperX 3K - 240GB
HDD: WD RED 1TB
OS: Windows 10 Home 64bit
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod pitimir » 17 zář 2009 20:11

OK, super. Este ten Kaspersky.
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Uživatelský avatar
roman
Level 1.5
Level 1.5
Příspěvky: 146
Registrován: listopad 08
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod roman » 18 zář 2009 06:15

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, September 18, 2009
Operating system: Microsoft Windows Vista Ultimate Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, September 17, 2009 19:05:19
Records in database: 2845411
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
G:\

Scan statistics:
Objects scanned: 176919
Threats found: 2
Infected objects found: 2
Suspicious objects found: 0
Scan duration: 06:41:46


File name / Threat / Threats count
D:\HRY\MINI HRY\Mini Golf Championship\Mini.Golf.Championship.v1.0.Cracked-F4CG.by.WoodoX.of.UCU\setup.exe Infected: Trojan.Win32.VB.uiu 1
D:\INSTALACE\Ukonceni programu\KillProcessSetup.exe Infected: not-a-virus:RiskTool.Win32.PsKill.af 1

Selected area has been scanned.
CPU:Intel Core i5-4670
GPU: MSI N680GTX-PM2D2GD5
MB: MSI Z87-G45 GAMING - Intel Z87
RAM: Crucial Balistix Tactical 4 X 4GB 1600MHz CL8 BLT2C
Zdroj: Corsair AX850
SSD: Kingston HyperX 3K - 240GB
HDD: WD RED 1TB
OS: Windows 10 Home 64bit
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu

Příspěvekod pitimir » 18 zář 2009 17:02

PC by tym padom mal byt cisty...ale mozme sa este pozriet na rootkity ak chces.
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 104 hostů