BSOD prosím o kontrolu logu Vyřešeno

[jaro3]

c:\users\Jirka\AppData\Roaming\QuickScan
nepatří to k BitDefenderu? , Najdi a odinstaluj!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\GameMon.des

Driver::
npggsvc

Folder::
c:\users\Jirka\AppData\Local\{FC397EBB-8A04-448E-B395-1598DCB3DC6C}
c:\users\Jirka\AppData\Local\{2C6CADD0-8A6B-4E84-886A-A4DB59FDBCEE}
c:\users\Jirka\AppData\Local\{518D243B-9568-4348-AD81-3C237D3A3B8D}
c:\users\Jirka\AppData\Local\{7B21506B-012B-41CC-8561-E3BEDE122519}
c:\users\Jirka\AppData\Local\{3C8E0DC9-1A8B-40C9-8011-DE2461F9A355}
c:\users\Jirka\AppData\Local\{06927ED7-21EB-4A79-A294-375B687758F1}
c:\users\Jirka\AppData\Local\{CF536FB2-7122-4735-A9BE-EAC93C9EDBA7}
c:\users\Jirka\AppData\Local\{01E1E605-5326-4447-9845-C39024F9F97A}
c:\users\Jirka\AppData\Local\{8C3B1485-45E6-4C4A-873D-B3379BADF072}
c:\users\Jirka\AppData\Local\{082318A3-2CD3-492C-987C-7CD5DDD3DC15}
c:\users\Jirka\AppData\Local\{0619A608-7721-4507-AFAB-95209A65A05F}
c:\users\Jirka\AppData\Local\{5A63FDC0-7885-4D98-8869-AA1EA51485C3}
c:\users\Jirka\AppData\Local\{1CE8AFD2-D55C-4249-AF68-C9564251A91E}
c:\users\Jirka\AppData\Local\{916B910B-18E1-48CD-856D-656DE69AE7EE}
c:\users\Jirka\AppData\Local\{E4C6152F-F4FF-4E4B-80D3-D84ED39E4F23}
c:\users\Jirka\AppData\Local\{21D0DF5C-5675-4D51-9651-0C5133E1C7D6}
c:\users\Jirka\AppData\Local\{2BDBDC53-1596-46CF-B2BD-9E080915737A}
c:\users\Jirka\AppData\Local\{48BA8AC7-E8AC-440B-A200-6866B1E30597}
c:\users\Jirka\AppData\Local\{39D04950-3216-4511-A5F2-E7A60502993D}
c:\users\Jirka\AppData\Local\{5ECAD526-D656-47B9-A6E6-DB464F837FAF}
c:\users\Jirka\AppData\Local\{D58B71CE-F22E-454B-A6DE-668E6BF5F05C}
c:\users\Jirka\AppData\Local\{35261CA9-331F-4069-8ABB-78AE27B5A592}
c:\users\Jirka\AppData\Local\{84E003A1-E793-4BB6-B770-EA75DDC906E7}

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\npggsvc]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Někam mi uploadni celý obsah složky minidump , to musí jít zkopírovat.

[Reklama]

[Petison]

Patřilo kBitDefenderu on-line scaneru.Odinstalováno

ComboFix 11-07-07.06 - Jirka 08.07.2011 22:22:26.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3072.1986 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\GameMon.des"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jirka\AppData\Local\{01E1E605-5326-4447-9845-C39024F9F97A}
c:\users\Jirka\AppData\Local\{0619A608-7721-4507-AFAB-95209A65A05F}
c:\users\Jirka\AppData\Local\{06927ED7-21EB-4A79-A294-375B687758F1}
c:\users\Jirka\AppData\Local\{082318A3-2CD3-492C-987C-7CD5DDD3DC15}
c:\users\Jirka\AppData\Local\{1CE8AFD2-D55C-4249-AF68-C9564251A91E}
c:\users\Jirka\AppData\Local\{21D0DF5C-5675-4D51-9651-0C5133E1C7D6}
c:\users\Jirka\AppData\Local\{2BDBDC53-1596-46CF-B2BD-9E080915737A}
c:\users\Jirka\AppData\Local\{2C6CADD0-8A6B-4E84-886A-A4DB59FDBCEE}
c:\users\Jirka\AppData\Local\{35261CA9-331F-4069-8ABB-78AE27B5A592}
c:\users\Jirka\AppData\Local\{39D04950-3216-4511-A5F2-E7A60502993D}
c:\users\Jirka\AppData\Local\{3C8E0DC9-1A8B-40C9-8011-DE2461F9A355}
c:\users\Jirka\AppData\Local\{48BA8AC7-E8AC-440B-A200-6866B1E30597}
c:\users\Jirka\AppData\Local\{518D243B-9568-4348-AD81-3C237D3A3B8D}
c:\users\Jirka\AppData\Local\{5A63FDC0-7885-4D98-8869-AA1EA51485C3}
c:\users\Jirka\AppData\Local\{5ECAD526-D656-47B9-A6E6-DB464F837FAF}
c:\users\Jirka\AppData\Local\{7B21506B-012B-41CC-8561-E3BEDE122519}
c:\users\Jirka\AppData\Local\{84E003A1-E793-4BB6-B770-EA75DDC906E7}
c:\users\Jirka\AppData\Local\{8C3B1485-45E6-4C4A-873D-B3379BADF072}
c:\users\Jirka\AppData\Local\{916B910B-18E1-48CD-856D-656DE69AE7EE}
c:\users\Jirka\AppData\Local\{CF536FB2-7122-4735-A9BE-EAC93C9EDBA7}
c:\users\Jirka\AppData\Local\{D58B71CE-F22E-454B-A6DE-668E6BF5F05C}
c:\users\Jirka\AppData\Local\{E4C6152F-F4FF-4E4B-80D3-D84ED39E4F23}
c:\users\Jirka\AppData\Local\{FC397EBB-8A04-448E-B395-1598DCB3DC6C}
c:\windows\system32\GameMon.des
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_npggsvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-08 do 2011-07-08 )))))))))))))))))))))))))))))))
.
.
2011-07-08 20:28 . 2011-07-08 20:30 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2011-07-08 12:26 . 2011-07-08 12:26 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-07-07 18:20 . 2011-07-08 12:29 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2011-07-07 13:47 . 2011-07-07 13:47 -------- d-----w- c:\users\Jirka\AppData\Local\{820F5B53-E13F-4230-8C38-85A079FF139D}
2011-07-06 15:06 . 2011-07-06 15:17 -------- d-----w- C:\PDF 4
2011-07-06 11:09 . 2011-07-06 11:11 -------- d-----w- C:\Egypt
2011-07-05 14:50 . 2011-07-05 14:57 -------- d-----w- c:\users\Jirka\AppData\Roaming\wargaming.net
2011-07-05 14:38 . 2011-07-05 14:38 -------- d-----w- C:\Games
2011-07-04 12:05 . 2011-07-04 12:05 -------- d-----w- c:\program files\Trend Micro
2011-07-03 14:52 . 2009-09-02 11:44 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-07-03 14:52 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-07-03 14:52 . 2011-07-03 14:52 -------- d-----w- c:\program files\VSO
2011-07-02 12:36 . 2011-07-04 17:38 -------- d-----w- c:\users\Jirka\AppData\Roaming\WinAVI
2011-07-02 12:34 . 2011-07-02 12:34 -------- d-----w- c:\users\Jirka\AppData\Local\WinAVI
2011-07-02 12:34 . 2011-07-02 12:34 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2011-07-02 11:48 . 2011-07-02 12:30 -------- d-----w- C:\videa p
2011-07-02 11:08 . 2011-07-02 11:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\ProgSense
2011-07-02 11:08 . 2011-07-02 11:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\GrabPro
2011-07-02 11:08 . 2011-07-02 18:06 -------- d-----w- c:\users\Jirka\AppData\Roaming\Orbit
2011-07-02 10:32 . 2011-07-02 10:32 -------- d-----w- c:\program files\BinaryMark
2011-07-01 13:46 . 2011-07-01 13:46 -------- d-----w- c:\program files\Activision
2011-06-29 13:41 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 13:41 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 13:41 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 13:41 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 13:41 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 13:41 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 13:41 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 13:41 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 13:41 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 13:41 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-28 14:40 . 2011-06-28 14:40 -------- d-----w- c:\program files\PJsoft
2011-06-26 11:58 . 2011-06-26 11:58 -------- d-----w- c:\program files\Valve
2011-06-26 09:41 . 2011-06-26 11:07 -------- d-----w- c:\program files\Common Files\Steam
2011-06-26 09:41 . 2011-07-02 12:50 -------- d-----w- c:\program files\Steam
2011-06-24 19:31 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-06-21 18:27 . 2011-06-22 15:25 -------- d-----w- c:\programdata\LightScribe
2011-06-21 18:15 . 2011-06-21 18:15 -------- d-----w- c:\users\Jirka\AppData\Roaming\Acoustica
2011-06-19 11:39 . 2011-06-19 11:39 -------- d-----w- c:\users\Jirka\AppData\Local\Microsoft Games
2011-06-19 07:24 . 2011-06-19 10:44 -------- d-----w- C:\Turecko 2011
2011-06-18 18:31 . 2011-06-18 18:31 -------- d-----r- c:\program files\Skype
2011-06-18 06:58 . 2011-06-18 06:58 -------- d-----w- c:\program files\BurnAware Free
2011-06-18 06:22 . 2011-06-18 06:22 -------- d-----w- c:\programdata\ATI
2011-06-18 06:22 . 2011-06-18 06:22 -------- d-----w- c:\program files\AMD APP
2011-06-18 05:23 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-06-18 05:22 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-18 05:22 . 2011-06-18 05:26 -------- d-----w- C:\_AcroTemp
2011-06-18 05:15 . 2011-06-18 05:15 -------- d-----w- c:\users\Jirka\AppData\Local\SKIDROW
2011-06-17 19:13 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-17 19:13 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 19:13 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-17 19:09 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-17 19:09 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-17 19:09 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-17 19:09 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-17 19:09 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-17 19:09 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-17 19:09 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-17 19:09 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-17 19:09 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-17 19:09 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-09 15:14 . 2011-06-25 12:36 -------- d-----w- c:\users\Jirka\AppData\Roaming\EssentialPIM
2011-06-09 15:14 . 2011-06-09 15:14 -------- d-----w- c:\program files\EssentialPIM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 17:09 . 2011-01-01 21:41 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-08 17:09 . 2011-01-01 21:44 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-08 17:09 . 2011-01-01 21:40 270240 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-08 16:26 . 2011-01-01 21:40 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-03 18:24 . 2011-01-01 21:40 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-07-02 10:46 . 2011-05-19 15:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-01 13:57 . 2011-01-01 21:41 22328 ----a-w- c:\users\Jirka\AppData\Roaming\PnkBstrK.sys
2011-05-29 07:11 . 2010-11-12 14:53 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-11-12 14:53 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-25 04:25 . 2011-05-25 04:25 7800832 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2010-03-03 04:16 688128 ----a-w- c:\windows\system32\aticfx32.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:03 . 2011-05-25 03:03 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-05-25 02:58 . 2010-03-03 04:06 4219904 ----a-w- c:\windows\system32\atidxx32.dll
2011-05-25 02:50 . 2010-03-03 03:24 4017152 ----a-w- c:\windows\system32\atiumdva.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 02:39 . 2010-03-03 03:46 4330496 ----a-w- c:\windows\system32\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 245760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2010-03-03 03:06 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-05-25 02:24 . 2010-03-03 03:06 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:18 . 2010-03-03 03:23 52736 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-24 18:28 . 2011-05-24 18:28 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-24 18:28 . 2011-05-24 18:28 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-13 16:31 . 2009-10-09 13:31 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2011-05-13 16:31 . 2009-10-09 13:31 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-05-13 16:31 . 2011-05-13 16:31 129248 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-05-13 16:31 . 2009-10-09 13:31 368736 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2011-05-12 11:06 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-11 15:06 . 2011-02-14 15:22 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-22 19:14 . 2011-05-25 14:59 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-04-29 17:53 . 2011-03-22 15:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 163944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110701.001\BHDrvx86.sys [2011-05-19 810616]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2010-09-29 20088]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110707.031\IDSvix86.sys [2011-07-07 367736]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS [2011-03-22 296568]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 294400]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 105592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\iefzglfm.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=FF_5&q=
FF - prefs.js: network.proxy.type - 2
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Photodex\ProShowProducer\ScsiAccess.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-08 22:34:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-08 20:34
ComboFix2.txt 2011-07-08 15:15
.
Před spuštěním: Volných bajtů: 65 732 182 016
Po spuštění: Volných bajtů: 65 426 214 912
.
- - End Of File - - 7CA3567478F79ED446D27A445A65A3B2

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\users\Jirka\AppData\Local\{820F5B53-E13F-4230-8C38-85A079FF139D}

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Petison]

ComboFix 11-07-07.06 - Jirka 09.07.2011 9:39.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3072.2056 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jirka\AppData\Local\{820F5B53-E13F-4230-8C38-85A079FF139D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-09 do 2011-07-09 )))))))))))))))))))))))))))))))
.
.
2011-07-09 07:46 . 2011-07-09 07:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-08 20:28 . 2011-07-09 07:46 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2011-07-08 12:26 . 2011-07-08 12:26 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-07-07 18:20 . 2011-07-08 12:29 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2011-07-06 15:06 . 2011-07-06 15:17 -------- d-----w- C:\PDF 4
2011-07-06 11:09 . 2011-07-06 11:11 -------- d-----w- C:\Egypt
2011-07-05 14:50 . 2011-07-05 14:57 -------- d-----w- c:\users\Jirka\AppData\Roaming\wargaming.net
2011-07-05 14:38 . 2011-07-05 14:38 -------- d-----w- C:\Games
2011-07-04 12:05 . 2011-07-04 12:05 -------- d-----w- c:\program files\Trend Micro
2011-07-03 14:52 . 2009-09-02 11:44 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-07-03 14:52 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-07-03 14:52 . 2011-07-03 14:52 -------- d-----w- c:\program files\VSO
2011-07-02 12:36 . 2011-07-04 17:38 -------- d-----w- c:\users\Jirka\AppData\Roaming\WinAVI
2011-07-02 12:34 . 2011-07-02 12:34 -------- d-----w- c:\users\Jirka\AppData\Local\WinAVI
2011-07-02 12:34 . 2011-07-02 12:34 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2011-07-02 11:48 . 2011-07-02 12:30 -------- d-----w- C:\videa p
2011-07-02 11:08 . 2011-07-02 11:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\ProgSense
2011-07-02 11:08 . 2011-07-02 11:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\GrabPro
2011-07-02 11:08 . 2011-07-02 18:06 -------- d-----w- c:\users\Jirka\AppData\Roaming\Orbit
2011-07-02 10:32 . 2011-07-02 10:32 -------- d-----w- c:\program files\BinaryMark
2011-07-01 13:46 . 2011-07-01 13:46 -------- d-----w- c:\program files\Activision
2011-06-29 13:41 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 13:41 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 13:41 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 13:41 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 13:41 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 13:41 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 13:41 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 13:41 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 13:41 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 13:41 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-28 14:40 . 2011-06-28 14:40 -------- d-----w- c:\program files\PJsoft
2011-06-26 11:58 . 2011-06-26 11:58 -------- d-----w- c:\program files\Valve
2011-06-26 09:41 . 2011-06-26 11:07 -------- d-----w- c:\program files\Common Files\Steam
2011-06-26 09:41 . 2011-07-02 12:50 -------- d-----w- c:\program files\Steam
2011-06-24 19:31 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-06-21 18:27 . 2011-06-22 15:25 -------- d-----w- c:\programdata\LightScribe
2011-06-21 18:15 . 2011-06-21 18:15 -------- d-----w- c:\users\Jirka\AppData\Roaming\Acoustica
2011-06-19 11:39 . 2011-06-19 11:39 -------- d-----w- c:\users\Jirka\AppData\Local\Microsoft Games
2011-06-19 07:24 . 2011-06-19 10:44 -------- d-----w- C:\Turecko 2011
2011-06-18 18:31 . 2011-06-18 18:31 -------- d-----r- c:\program files\Skype
2011-06-18 06:58 . 2011-06-18 06:58 -------- d-----w- c:\program files\BurnAware Free
2011-06-18 06:22 . 2011-06-18 06:22 -------- d-----w- c:\programdata\ATI
2011-06-18 06:22 . 2011-06-18 06:22 -------- d-----w- c:\program files\AMD APP
2011-06-18 05:23 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-06-18 05:22 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-18 05:22 . 2011-06-18 05:26 -------- d-----w- C:\_AcroTemp
2011-06-18 05:15 . 2011-06-18 05:15 -------- d-----w- c:\users\Jirka\AppData\Local\SKIDROW
2011-06-17 19:13 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-17 19:13 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 19:13 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-17 19:09 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-17 19:09 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-17 19:09 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-17 19:09 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-17 19:09 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-17 19:09 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-17 19:09 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-17 19:09 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-17 19:09 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-17 19:09 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-09 15:14 . 2011-06-25 12:36 -------- d-----w- c:\users\Jirka\AppData\Roaming\EssentialPIM
2011-06-09 15:14 . 2011-06-09 15:14 -------- d-----w- c:\program files\EssentialPIM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 17:09 . 2011-01-01 21:41 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-08 17:09 . 2011-01-01 21:44 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-08 17:09 . 2011-01-01 21:40 270240 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-08 16:26 . 2011-01-01 21:40 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-03 18:24 . 2011-01-01 21:40 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-07-02 10:46 . 2011-05-19 15:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-01 13:57 . 2011-01-01 21:41 22328 ----a-w- c:\users\Jirka\AppData\Roaming\PnkBstrK.sys
2011-05-29 07:11 . 2010-11-12 14:53 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-11-12 14:53 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-25 04:25 . 2011-05-25 04:25 7800832 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2010-03-03 04:16 688128 ----a-w- c:\windows\system32\aticfx32.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:03 . 2011-05-25 03:03 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-05-25 02:58 . 2010-03-03 04:06 4219904 ----a-w- c:\windows\system32\atidxx32.dll
2011-05-25 02:50 . 2010-03-03 03:24 4017152 ----a-w- c:\windows\system32\atiumdva.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 02:39 . 2010-03-03 03:46 4330496 ----a-w- c:\windows\system32\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 245760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2010-03-03 03:06 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-05-25 02:24 . 2010-03-03 03:06 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:18 . 2010-03-03 03:23 52736 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-24 18:28 . 2011-05-24 18:28 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-24 18:28 . 2011-05-24 18:28 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-13 16:31 . 2009-10-09 13:31 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2011-05-13 16:31 . 2009-10-09 13:31 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-05-13 16:31 . 2011-05-13 16:31 129248 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-05-13 16:31 . 2009-10-09 13:31 368736 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2011-05-12 11:06 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-11 15:06 . 2011-02-14 15:22 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-22 19:14 . 2011-05-25 14:59 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-04-29 17:53 . 2011-03-22 15:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 163944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110701.001\BHDrvx86.sys [2011-05-19 810616]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2010-09-29 20088]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110707.031\IDSvix86.sys [2011-07-07 367736]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS [2011-03-22 296568]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 294400]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 105592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\iefzglfm.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=FF_5&q=
FF - prefs.js: network.proxy.type - 2
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
Celkový čas: 2011-07-09 09:48:27
ComboFix-quarantined-files.txt 2011-07-09 07:48
ComboFix2.txt 2011-07-08 20:34
ComboFix3.txt 2011-07-08 15:15
.
Před spuštěním: Volných bajtů: 65 497 690 112
Po spuštění: Volných bajtů: 65 196 171 264
.
- - End Of File - - 1F87B050E41B795AD4C6849B031D89B0

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner

http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Vlož nový log z HJT+ info o problémech.

[Petison]

Problémy se zatím neobjevují.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:44:19, on 9.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\taskeng.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 4892 bytes

[bledulka]

Log je v pořádku. Kdyby se opět objevila BSOD, zkus vylovit minidump odtud C:\Windows\minidump a někde mi ho upni.

[Petison]

Díky moc.počkám zda se objeví BSOD .Momentálně je to v pořádku.

[bledulka]

Fajn, pak dej vědět.

[Petison]

Tak se znovu objevilo BSOD při nečinném PC.

[bledulka]

Zkus vylovit minidump odtud C:\Windows\minidump a někde mi ho upni.

[jaro3]

a ještě tohle:

Stáhni si a nainstaluj WhoCrashed

otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.