Pomalý chod programů, grafika blbně

[Rudy]

Nález TDSS patří emulátoru mechanik (DaemonTools). Měl by být v pořádku. Soubor nalezený AVG (aceb99ae.sys) v němu patří rovněž.

Nálezy MWAV berte se značnou rezervou, už dávno to není skener na požadované úrovni. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\DUMP8627.tmp
c:\windows\DUMP85d9.tmp
c:\windows\DUMP6810.tmp
c:\windows\DUMP66d8.tmp
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

FCopy::
c:\windows\ERDNT\cache\beep.sys | c:\windows\System32\drivers\beep.sys

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[tomassovak]

Problém je v tom, že CF vymaže soubory, které náleží ATI GK. Jinak který skaner je tedy na požadované úrovni? Mwav požívám ale taky CureIT od Drweba i kombofix má svoje mouchy. Pro změnu mwav hlasí asi dvě chyb v registrech. Pří skenování mwav ale i kav tak to spladlo na tom druhém disku. Dokonce byla i chaba na straně kombofixu to možná byla příčina pádu jak prvního tak druhého systému. Myslíte si že s diskem C nic není? Když se tak podivně chová? Ne funguje tam myš a mizní soubory? Nějak se mi do toho win nechce jít. Ale nákaze z jednoho na druhém jde na vrub bratra, protože nám dal sdílenéí dokumenty, takže svůj problém jsem měl taky na tom svém. Otcův pc má snad veškeré dostupné aktulizace. JAK DOPADNU DÁM VĚDĚT.

[Rudy]

Nic není zcela dokonalé. V současné době považuji za TOP AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 .

[tomassovak]

tak zase to dnes nám doma zablbo. Oba dvs počítače skoro součastně potíže s iE a nezobrazení www stránek. Combofix nic nenašel tedy jenom v tempu. Ale to asi bude součást z mawu. Příkládam log mwav

ReadMBR Kernel Fails! Unable to load the driver...
Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: No Action Taken.


File C:\WINDOWS\system32\ZD_Vn-_w__.dll.mwt infected by "Gen:Variant.Adware.LoudMo.2 (DB)" Virus! Action Taken: No Action Taken.

HKCU\SOFTWARE\Wget
15 IX 2012 22:05:06 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\SOFTWARE\Wget)! Action taken: No Action Taken.

15 IX 2012 22:05:06 - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
15 IX 2012 22:05:06 - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: No Action Taken.

15 IX 2012 22:05:06 - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
15 IX 2012 22:05:06 - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: No Action Taken.

File C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab\AVP9\QB\23ea5f8575050991.klq infected by "Application.Whenu.Weathercast.G[ZP] (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kaspersky Lab\AVP9\QB\47856e4398ada167.klq infected by "Gen:Variant.Adware.LoudMo.1[ZP] (DB)" Virus! Action Taken: No Action Taken.

zbytek zítra!

[Rudy]

Toto:

C:\WINDOWS\system32\ZD_Vn-_w__.dll.mwt

smažte.

Jinak jsou tam jen soubory v karanténě antiviru a to ostatní jsou jen neškodné zbytky po dříve vyléčené infekci.

[tomassovak]

toto je tray tool ati a ten zbytek?
File C:\Documents and Settings\Hans Peter Geerdes\Dokumenty\Downloads\attsetup-[Guru3D.com].exe infected by "Win32/OpenCandy (ES)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Hans Peter Geerdes\Dokumenty\Downloads\Net_Activity_Diagram_(NAD)_v2[1].1.266.zip infected by "Trojan.Generic.7296214[ZP] (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Hans Peter Geerdes\Dokumenty\slick.exe.mwt infected by "Gen:Trojan.Heur.omNfvr2Db!oix (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Hans Peter Geerdes\Local Settings\Temp\9826572\QB\9165127f198572a2.klq infected by "Gen:Variant.Adware.LoudMo.1[ZP] (DB)" Virus! Action Taken: No Action Taken.
File C:\Documents and Settings\Hans Peter Geerdes\Local Settings\Temp\9826572\QB\b912bd5ab3d03bc3.klq infected by "Virtool.28141[ZP] (DB)" Virus! Action Taken: No Action Taken.
File C:\Qoobox\Quarantine\C\WINDOWS\system32\GhKW8aHRRo.exe.mwt.vir infected by "Adware.LoudMo.A[ZP] (DB)" Virus! Action Taken: No Action Taken.

[Rudy]

Všechno smažte. Poslední položka je vir, smazaný ComboFixem a uložený do karantény. Combofix odinstalujte Start>spustit>(napsat) combofix /uninstall>OK.

[tomassovak]

Nějak to funguje ale můj pc má problém v tom nouzovém režimu při výběru. Není známka potížemi s režimem vga? Nebo blbne grafika? Co auktualizece BIOSu? Další potíže je stále pomalá práce, při odstranění to na chvíli vypadalo dobře. Jinak jsem zapomněl podotknout že mi při opravě po nákaze spadl os a vypis dump není zcela jasný.


EFAULT_BUCKET_ID: DRIVER_FAULT

STACK_TEXT:
GetContextState failed, 0x80070026
Unable to get current machine context, Win32 error 0n38


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: CORRUPT_MODULELIST

Followup: MachineOwner
---------

GetContextState failed, 0x80070026
GetContextState failed, 0x80070026
GetContextState failed, 0x80070026
?: kd> lmvm Unknown_Module
start end module name
GetContextState failed, 0x80070026
GetContextState failed, 0x80070026
GetContextState failed, 0x80070026

Následně se neopravil problém v IE. Nezobrazují se části stránek. Po nákaze se nejprve vypnulo zobrazení obrázků. Nyní se nezobrazuje i třeba ICQ a Skype motivy :S čím by to mohlo mít souvislost?


Druhý má potíže obdobného rázu. Ale pravděpodobně problém v řadiči IDE/ SATA. Pc delší dobu nenabihá. Neraguje bezdrát klavesnice při startu. Je to běžné? Při prohlížení složek na disku na vteřinu obsah zmizne a potom se obětí, je slyšet zvuk mechaniky. Něco podobného když skenuje KIS či KAV boot sektory. K tomu nutno dodat, že i po instalaci na nový sys disk není možné prace v sítí v nouzovém režimu. Pád způsobil soubor v drv/ sys32 - klif.sys právě při spuštění training centre pro garmin. Nebylo možné spusit systém běžným způspbem. Chybujicí aplikace náleží starší verzi antiviru kaspersky. Počítač taky delší dobu je neaktivní a vytěžuje cpu na 100 potom to lehlo. Nákazy odstraněny. Jaké další možné řešení?

[Rudy]

Prověříme disk. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.

[tomassovak]

Můj pc

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.4 Shizuku Edition (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP2 [5.1 Build 2600] (x86)
Date : 2012/09/16 17:17:02

-- Controller Map ----------------------------------------------------------
+ Řadiče úložiště Intel(R) 82801EB v režimu Ultra ATA - 24DB [ATA]
+ Primární kanál IDE (0)
- ST3160812A
+ Sekundární kanál IDE (1)
- ST3160023A
- HL-DT-ST DVD-RAM GSA-H54L
+ Řadiče úložiště Intel(R) 82801EB v režimu Ultra ATA - 24D1 [ATA]
- Primární kanál IDE (0)
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) ST3160812A : 160,0 GB [0/0/0, pd1] - st
(2) ST3160023A : 160,0 GB [1/3/1, pd1] - st
(3) TOSHIBA MK5059GSXP : 500,1 GB [3/X/X, sp1]

----------------------------------------------------------------------------
(1) ST3160812A
----------------------------------------------------------------------------
Model : ST3160812A
Firmware : 3.AAD
Serial Number : 5LS17GYD
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 22459 hod.
Power On Count : 3538 krát
Temparature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 110 _87 __6 000006F58C51 Počet chyb čtení
03 _99 _98 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000B6B Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _89 _60 _30 000036516BFF Počet chybných hledání
09 _75 _75 __0 0000000057BB Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000DD2 Počet cyklů zapnutí zařízení
BB _12 _12 __0 000000000058 Ohlášeno neopravitelných chyb
BD _88 _88 __0 00000000000C Vysoká rychlost zápisu
BE _58 _48 _45 00002A16002A Teplota toku vzduchu
C2 _42 _52 __0 00100000002A Teplota
C3 _57 _45 __0 0000073866C8 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 354C 5331 3747 5944
020: 0000 4000 0004 332E 4141 4420 2020 5354 3331 3630
030: 3831 3241 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 0000 346B 7D01 4023 3469 3C01 4023 043F 0000
090: 0000 FEFE FFFE 604B D000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 02B6 0000 008A 3C06 3C0A
140: 0000 07C6 0100 0800 0F14 1200 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 0C00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B9A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 6E 57 51 8C F5 06 00 00 00 03 03
010: 00 63 62 00 00 00 00 00 00 00 04 32 00 62 62 6B
020: 0B 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 59 3C FF 6B 51 36 00 00 00 09 32
040: 00 4B 4B BB 57 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 61 61 D2 0D 00 00 00
060: 00 00 BB 32 00 0C 0C 58 00 00 00 00 00 00 BD 3A
070: 00 58 58 0C 00 00 00 00 00 00 BE 22 00 3A 30 2A
080: 00 16 2A 00 00 00 C2 22 00 2A 34 2A 00 00 00 10
090: 00 00 C3 1A 00 39 2D C8 66 38 07 00 00 00 C5 12
0A0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 36 02 00 00 00 00 00 00 00 00 00
180: 00 00 04 00 00 00 04 01 01 01 01 01 01 01 01 00
190: 00 00 00 00 00 00 00 01 AA E3 2A 0E 00 00 00 00
1A0: 00 00 A4 9A 64 DF 6F 02 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 AA E3 2A 0E 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 2B D6 58 DB 05 00
1D0: 00 00 89 16 C4 00 00 00 00 00 BB 57 00 00 00 00
1E0: CC 27 0F 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7A

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26

----------------------------------------------------------------------------
(2) ST3160023A
----------------------------------------------------------------------------
Model : ST3160023A
Firmware : 8.01
Serial Number : 3LJ27H3T
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : Ultra DMA/100
Power On Hours : 4575 hod.
Power On Count : 1438 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _62 _59 __6 00000CAC6173 Počet chyb čtení
03 _97 _96 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000003 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _84 _60 _30 000010D10E79 Počet chybných hledání
09 _95 _95 __0 0000000011DF Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 00000000059E Počet cyklů zapnutí zařízení
C2 _43 _62 __0 00000000002B Teplota
C3 _62 _58 __0 00000CAC6173 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 193 __0 000000000007 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 334C 4A32 3748 3354 2020 2020 2020 2020 2020 2020
020: 0000 4000 0004 382E 3031 2020 2020 5354 3331 3630
030: 3032 3341 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 001B 346B 7D01 5823 3469 3C01 4023 043F 0000
090: 0000 FEFE FFFE 6B00 8000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 42B6 0000 008A 3C06 3C0A
140: 0000 07C6 0100 0800 10F0 1000 0002 0030 0000 0000
150: 0000 FE06 0000 FE02 0000 0000 0000 0000 0023 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 02A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 3E 3B 73 61 AC 0C 00 00 00 03 03
010: 00 61 60 00 00 00 00 00 00 00 04 32 00 64 64 03
020: 00 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 54 3C 79 0E D1 10 00 00 00 09 32
040: 00 5F 5F DF 11 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 9E 05 00 00 00
060: 00 00 C2 22 00 2B 3E 2B 00 00 00 00 00 00 C3 1A
070: 00 3E 3A 73 61 AC 0C 00 00 00 C5 12 00 64 64 00
080: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
090: 00 00 C7 3E 00 C8 C1 07 00 00 00 00 00 00 C8 00
0A0: 00 64 FD 00 00 00 00 00 00 00 CA 32 00 64 FD 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 6F 00 00 00 00 00 00 00 00 00 00
180: 00 00 46 C7 07 00 07 04 04 04 00 04 04 04 04 00
190: 00 00 00 00 00 00 00 01 97 67 34 0C 00 00 00 00
1A0: 00 00 07 AA 6E 9D BE 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 97 67 34 0C 00 00 FF FF 00 00 00 00
1C0: 00 00 01 00 00 00 07 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
070: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
080: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0A0: 00 00 00 00 00 00 00 00 00 00 CA 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

----------------------------------------------------------------------------
(3) TOSHIBA MK5059GSXP
----------------------------------------------------------------------------
Model : TOSHIBA MK5059GSXP
Firmware : GN001U
Serial Number : 41G5P3O5T
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 81 hod.
Power On Count : 30 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 000000000C94 Čas na roztočení ploten
04 100 100 __0 000000000037 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000000051 Hodin v činnosti
0A 101 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000001E Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000003 Počet vypnutí disku
C1 100 100 __0 000000000373 Počet cyklů načítání/vymazání
C2 100 100 __0 002800130023 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000062 Posunutí disku vůči ose
DE 100 100 __0 000000000015 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 000000000145 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2034 3147 3550 334F 3554
020: 0000 4000 0000 474E 3030 3155 2020 544F 5348 4942
030: 4120 4D4B 3530 3539 4753 5850 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0002 004C 0040
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 203F 004B
090: 004B 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 0393
110: 3238 5C9A 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 62A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 94
020: 0C 00 00 00 00 00 04 32 00 64 64 37 00 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 64 64 51 00 00 00 00
060: 00 00 0A 33 00 65 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 1E 00 00 00 00 00 00 BF 32 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 03 00 00 00 00
090: 00 00 C1 32 00 64 64 73 03 00 00 00 00 00 C2 22
0A0: 00 64 64 23 00 13 00 28 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 62
0E0: 00 00 00 00 00 00 DE 32 00 64 64 15 00 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 45
110: 01 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B
170: 03 00 01 00 02 9F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36

[tomassovak]

otcův pc:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.4 Shizuku Edition (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2012/09/16 17:21:44

-- Controller Map ----------------------------------------------------------
+ NVIDIA nForce3 250 Parallel ATA Controller [ATA]
- ST380011A
- WDC WD400EB-00CPF0
+ NVIDIA nForce3 250 Serial ATA Controller [ATA]
- TSSTcorp CDDVDW SH-S203B
- NVIDIA nForce3 250 Serial ATA Controller [ATA]

-- Disk List ---------------------------------------------------------------
(1) ST380011A : 80,0 GB [0/0/0, pd1] - st
(2) WDC WD400EB-00CPF0 : 40,0 GB [1/0/1, pd1]

----------------------------------------------------------------------------
(1) ST380011A
----------------------------------------------------------------------------
Model : ST380011A
Firmware : 3.06
Serial Number : 5JV94ZST
Disk Size : 80,0 GB (8,4/80,0/80,0)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : Ultra DMA/100
Power On Hours : 20750 hod.
Power On Count : 4983 krát
Temparature : 39 C (102 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _55 _49 __6 00000DFBFF87 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000CC3 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _90 _60 _30 00003A79D9B4 Počet chybných hledání
09 _77 _77 __0 00000000510E Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 000000001377 Počet cyklů zapnutí zařízení
C2 _39 _57 __0 000000000027 Teplota
C3 _55 _49 __0 00000DFBFF87 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 164 __0 00000000002E Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 354A 5639 345A 5354 2020 2020 2020 2020 2020 2020
020: 0000 1000 0004 332E 3036 2020 2020 5354 3338 3030
030: 3131 4120 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 0000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 001B 346B 7D01 4003 3468 3C01 4003 203F 0000
090: 0000 FEFE 0000 607B 8000 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0001 F8B0
130: 0950 F8B0 0950 2020 0002 42B6 0000 8A00 3C06 3C0A
140: FFFF 07C6 0100 0800 09D0 0400 0002 0030 0000 0000
150: 0000 FE06 0000 0002 0000 0000 0000 0000 0021 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 54A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 37 31 87 FF FB 0D 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 61 61 C3
020: 0C 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 5A 3C B4 D9 79 3A 00 00 00 09 32
040: 00 4D 4D 0E 51 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 60 60 77 13 00 00 00
060: 00 00 C2 22 00 27 39 27 00 00 00 00 00 00 C3 1A
070: 00 37 31 87 FF FB 0D 00 00 00 C5 12 00 64 64 00
080: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
090: 00 00 C7 3E 00 C8 A4 2E 00 00 00 00 00 00 C8 00
0A0: 00 64 FD 00 00 00 00 00 00 00 CA 32 00 64 FD 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 3A 00 00 00 00 00 00 00 00 00 00
180: 00 00 E3 95 2F 00 01 02 02 03 02 03 03 02 02 00
190: 00 00 00 00 00 00 00 01 94 F9 35 03 00 00 00 00
1A0: 00 00 E2 8E 1D 93 60 03 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 94 F9 35 03 00 00 FF FF 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
070: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
080: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0A0: 00 00 00 00 00 00 00 00 00 00 CA 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

----------------------------------------------------------------------------
(2) WDC WD400EB-00CPF0
----------------------------------------------------------------------------
Model : WDC WD400EB-00CPF0
Firmware : 06.04G06
Serial Number : WD-WCAAT1091159
Disk Size : 40,0 GB (8,4/40,0/----)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78165360
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 6920 hod.
Power On Count : 2388 krát
Temparature : Neznámy údaj
Health Status : Dobrý
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 _94 _91 _21 000000000A7B Čas na roztočení ploten
04 _98 _98 _40 00000000095B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _91 _91 __0 000000001B08 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000954 Počet cyklů zapnutí zařízení
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF 0000 0010 E100 0258 003F 0010 0000 000E
010: 5744 2D57 4341 4154 3130 3931 3135 3900 0000 0000
020: 0003 1000 0028 3036 2E30 3447 3036 5744 4320 5744
030: 3430 3045 422D 3030 4350 4630 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0280 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: B570 04A8 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 003E 0000 346B 4B01 4003 3468 0801 4003 203F 0000
090: 0000 0000 0000 6B00 80FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0001 0000
130: 0000 0000 0000 0033 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 001B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 59A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 C8 C8 00 00 00 00 00 00 00 03 07
010: 00 5E 5B 7B 0A 00 00 00 00 00 04 32 00 62 62 5B
020: 09 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0B 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5B 5B 08 1B 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 13 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 54 09 00 00 00 00 00 C4 32
070: 00 C8 C8 00 00 00 00 00 00 00 C5 12 00 C8 C8 00
080: 00 00 00 00 00 00 C6 12 00 C8 C8 00 00 00 00 00
090: 00 00 C7 0A 00 C8 FD 00 00 00 00 00 00 00 C8 09
0A0: 00 C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 DA 06 01 3B
170: 03 00 01 00 02 1E 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1D

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 28 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C4 00
070: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
080: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 33
0A0: C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5C

[Rudy]

Všechny disky jsou OK. Dělal jste sken CF pomocí skriptu. Pokud ano, dejte log.

[tomassovak]

ComboFix 12-09-15.02 - Administrator 16.09.2012 16:13:54.7.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3582.3170 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: / unistall
AV: Kaspersky Internet Security *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: Kaspersky Internet Security *Enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-16 do 2012-09-16 )))))))))))))))))))))))))))))))
.
.
2012-09-15 21:50 . 2012-09-15 21:50 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Identities
2012-09-15 20:03 . 2012-09-15 20:03 -------- d---a-w- c:\windows\rundll16.exe
2012-09-15 20:03 . 2012-09-15 20:03 -------- d---a-w- c:\windows\logo1_.exe
2012-09-15 19:57 . 2012-09-15 19:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2012-09-11 17:06 . 2012-09-11 17:06 -------- d-----w- c:\program files\Ray Adams
2012-09-10 20:13 . 2012-09-10 20:13 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2012-09-10 19:19 . 2004-08-17 13:49 137216 ----a-w- c:\windows\system32\TASKMGR.COM
2012-09-10 18:13 . 2012-09-10 18:18 1558 ----a-w- c:\windows\system32\tmp.reg
2012-09-10 18:13 . 2008-12-12 00:57 78336 ----a-w- c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\VCCLSID.exe
2012-09-10 18:12 . 2006-04-27 14:49 288417 ----a-w- c:\windows\system32\SrchSTS.exe
2012-09-10 18:12 . 2004-07-31 15:50 51200 ----a-w- c:\windows\system32\dumphive.exe
2012-09-10 18:12 . 2003-06-05 18:13 53248 ----a-w- c:\windows\system32\Process.exe
2012-09-10 16:49 . 2012-09-10 16:49 -------- d-----w- c:\windows\ERUNT
2012-09-10 16:48 . 2012-09-10 18:10 -------- d-----w- C:\SDFix
2012-09-10 16:46 . 2012-09-10 16:46 -------- d-----w- C:\!KillBox
2012-09-10 15:43 . 2006-10-05 17:26 24072 ----a-w- c:\windows\system32\uxtuneup.dll
2012-09-10 15:42 . 2012-09-10 15:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\TuneUp Software
2012-09-10 15:27 . 2012-09-10 15:27 -------- d-----w- c:\program files\VS Revo Group
2012-09-08 19:16 . 2012-09-08 19:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Temp
2012-09-07 19:24 . 2012-09-07 19:27 -------- d-----w- c:\program files\trend micro
2012-09-07 19:24 . 2012-09-07 19:27 -------- d-----w- C:\rsit
2012-09-07 11:37 . 2004-08-17 13:49 46592 -c--a-w- c:\windows\system32\dllcache\svcext51.dll
2012-09-07 11:36 . 2004-08-17 13:49 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe
2012-09-07 11:35 . 2004-08-17 13:49 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe
2012-09-07 11:34 . 2004-08-17 13:49 46592 -c--a-w- c:\windows\system32\dllcache\coadmin.dll
2012-09-07 11:34 . 2003-03-24 13:52 188480 -c--a-w- c:\windows\system32\dllcache\cfgwiz.exe
2012-09-07 11:34 . 2003-03-24 13:52 16439 -c--a-w- c:\windows\system32\dllcache\author.exe
2012-09-07 11:34 . 2004-08-17 13:49 43520 -c--a-w- c:\windows\system32\dllcache\admwprox.dll
2012-09-07 11:34 . 2004-08-17 13:49 290816 -c--a-w- c:\windows\system32\dllcache\adsiis51.dll
2012-09-07 11:34 . 2003-03-24 13:52 20540 -c--a-w- c:\windows\system32\dllcache\author.dll
2012-09-07 11:34 . 2003-03-24 13:52 20540 -c--a-w- c:\windows\system32\dllcache\admin.dll
2012-09-07 11:34 . 2003-03-24 13:52 16439 -c--a-w- c:\windows\system32\dllcache\admin.exe
2012-09-07 11:32 . 2001-10-25 14:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2012-09-07 11:32 . 2001-10-25 14:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2012-09-07 11:07 . 2001-10-25 14:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2012-09-07 11:07 . 2001-10-25 14:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2012-09-07 11:07 . 2001-10-25 14:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2012-09-07 11:07 . 2001-10-25 14:00 13312 ----a-w- c:\windows\system32\irclass.dll
2012-09-07 11:07 . 2004-08-17 14:50 1014483 ----a-r- c:\windows\SET46.tmp
2012-09-06 18:14 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2012-09-06 17:04 . 2012-09-06 17:04 -------- d-----w- C:\0a109e3b06f8f61f6c914b
2012-09-06 16:58 . 2012-09-06 17:09 -------- d-----w- C:\6c98aff78ab5def6d47d037bf3
2012-09-06 16:46 . 2012-09-06 16:47 -------- d-----w- C:\4ce403cfa0aa6609d6c34047ba
2012-09-04 16:55 . 1999-09-01 13:45 9612 ----a-w- c:\windows\system32\drivers\ctlface.sys
2012-09-04 16:27 . 2004-08-17 14:50 1014483 ----a-r- c:\windows\SET5E.tmp
2012-09-04 15:56 . 2012-09-10 10:05 -------- d-----w- c:\program files\Driver Sweeper
2012-09-03 18:06 . 2012-09-03 18:06 -------- d-----w- C:\Samsung
2012-09-03 17:05 . 2012-09-11 17:09 -------- d-----w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2012-09-02 19:08 . 2012-09-12 14:19 -------- d-----w- c:\program files\SpeedFan
2012-09-01 18:11 . 2012-09-01 18:11 -------- d-----w- c:\program files\AMD APP
2012-09-01 17:34 . 2012-09-01 17:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\ATI
2012-09-01 17:17 . 2012-07-04 04:38 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-09-01 17:17 . 2012-07-04 04:35 19603456 ----a-w- c:\windows\system32\atioglxx.dll
2012-09-01 17:17 . 2012-07-04 04:36 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2012-09-01 17:15 . 2012-09-01 17:15 -------- d-----w- c:\program files\ATI
2012-09-01 17:14 . 2012-09-01 18:03 -------- d-----w- c:\program files\ATI Technologies
2012-09-01 17:09 . 2012-09-01 17:09 -------- d-----w- C:\AMD
2012-09-01 11:27 . 2012-08-31 20:28 519912 ----a-w- c:\windows\system32\d3dx10d_33.dll
2012-09-01 11:27 . 2008-02-21 22:10 25037 ----a-w- c:\windows\system32\Nucleus.dll
2012-09-01 11:27 . 2008-02-21 21:18 494557 ----a-w- c:\windows\system32\dxgi.dll
2012-09-01 11:23 . 2012-09-01 13:09 -------- d-----w- c:\windows\system32\zálohadx
2012-09-01 11:22 . 2008-02-21 21:18 566624 ----a-w- c:\windows\system32\d3d10.dll
2012-09-01 11:22 . 2008-02-21 21:18 519912 ----a-w- c:\windows\system32\d3dx10.dll
2012-08-31 20:16 . 2012-08-31 20:16 111960 ----a-w- c:\windows\dxsdkuninst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-27 19:52 . 2012-04-04 11:34 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-27 19:52 . 2011-05-20 08:58 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-12 13:11 . 2012-08-12 13:34 16432 ----a-w- c:\windows\system32\lsdelete.exe
2012-08-11 19:38 . 2012-08-11 19:38 7312422 ----a-w- c:\windows\REGBK14.ZIP
2012-08-09 17:16 . 2012-08-07 09:33 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2012-08-05 16:28 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2012-08-05 16:28 . 2009-08-18 09:24 19720 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-21 07:11 . 2012-07-21 07:11 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-07-04 06:54 . 2012-07-26 19:43 7874560 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2012-07-04 04:37 . 2006-11-22 03:25 306176 ----a-w- c:\windows\system32\ati2dvag.dll
2012-07-04 04:32 . 2006-11-22 03:12 5335616 ----a-w- c:\windows\system32\ati3duag.dll
2012-07-04 04:22 . 2012-07-26 19:43 938368 ----a-w- c:\windows\system32\ativvamv.dll
2012-07-04 04:12 . 2012-07-26 19:43 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2012-07-04 04:12 . 2012-07-26 19:43 163840 ----a-w- c:\windows\system32\Oemdspif.dll
2012-07-04 04:12 . 2012-07-26 19:43 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2012-07-04 04:12 . 2012-07-26 19:43 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-04 04:12 . 2012-07-26 19:43 192512 ----a-w- c:\windows\system32\ati2evxx.dll
2012-07-04 04:10 . 2012-07-26 19:43 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2012-07-04 04:09 . 2012-07-26 19:43 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2012-07-04 04:08 . 2006-11-22 03:08 3586816 ----a-w- c:\windows\system32\ativvaxx.dll
2012-07-04 04:05 . 2012-07-26 19:43 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-04 04:01 . 2012-07-26 19:43 835584 ----a-w- c:\windows\system32\atikvmag.dll
2012-07-04 03:56 . 2012-07-26 19:43 634880 ----a-w- c:\windows\system32\atiok3x2.dll
2012-07-04 03:56 . 2012-07-26 19:43 233472 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-04 03:56 . 2012-07-26 19:43 17408 ----a-w- c:\windows\system32\atitvo32.dll
2012-07-04 03:50 . 2006-11-22 02:51 909312 ----a-w- c:\windows\system32\ati2cqag.dll
2012-07-04 03:48 . 2012-07-26 19:43 65024 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-04 03:48 . 2012-07-26 19:43 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-04 03:47 . 2012-07-26 19:43 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-21 20:36 . 2003-08-06 10:24 130048 ----a-w- c:\program files\DDScv.exe
2011-12-21 20:36 . 2002-01-05 04:37 344064 ----a-w- c:\program files\msvcr70.dll
2011-12-21 20:36 . 2002-07-19 15:06 27648 ----a-w- c:\program files\ilu.dll
2011-12-21 20:36 . 2002-07-19 15:05 269312 ----a-w- c:\program files\devil.dll
2011-01-18 17:02 . 2011-01-18 17:21 904544 ----a-w- c:\program files\GPU-Z.0.4.9.exe
2009-03-08 14:38 . 2009-05-10 10:47 373760 ----a-w- c:\program files\rF_AIW_CAM_362.exe
2006-07-27 00:30 . 2009-05-10 10:47 24576 ----a-w- c:\program files\MTS_UNLOCKAR.exe
2004-05-08 23:28 . 2009-05-10 10:47 1870336 ----a-w- c:\program files\F1AIW-program-40.exe
2002-10-27 19:25 . 2009-05-10 10:47 1559040 ----a-w- c:\program files\xb.dll
2012-02-20 16:34 . 2011-06-24 10:26 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-10_18.35.13 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2012-09-07 11:47 94582 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2012-09-15 18:43 94582 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2012-09-15 18:43 527122 c:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2012-09-07 11:47 527122 c:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2012-09-15 18:43 521872 c:\windows\system32\perfh005.dat
- 2001-10-25 14:00 . 2012-09-07 11:47 521872 c:\windows\system32\perfh005.dat
+ 2001-10-25 14:00 . 2012-09-15 18:43 108360 c:\windows\system32\perfc005.dat
- 2001-10-25 14:00 . 2012-09-07 11:47 108360 c:\windows\system32\perfc005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"WINDVDPatch"="CTHELPER.EXE" [2002-02-07 40960]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"Jet Detection"="c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-10-03 28672]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 98304]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-12 417792]
"RivaTunerStartupDaemon"="c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner.exe" [2009-08-22 2781184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avp]
2012-03-08 11:18 340520 ----a-w- c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\PC Oscilloscope\\pcscope.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29.1.2008 17:29 36880]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12.8.2012 14:25 64512]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [8.11.2009 15:22 5248]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [16.4.2011 18:07 28552]
S0 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [8.11.2009 15:22 159616]
S1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [15.8.2011 13:59 20512]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [26.5.2009 10:05 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [26.5.2009 10:05 72944]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [18.1.2011 21:03 20328]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4.4.2012 13:34 250568]
S3 ctlsb16;Creative SB16/AWE32/AWE64 Driver (WDM);c:\windows\system32\drivers\ctlsb16.sys [30.10.2009 19:56 96256]
S3 gupdate1ca6c77910a2670;Google Update Service (gupdate1ca6c77910a2670);c:\program files\Google\Update\GoogleUpdate.exe [10.5.2009 23:07 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10.5.2009 23:07 133104]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13.3.2008 18:02 26640]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13.5.2009 18:46 32272]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2.10.2009 19:39 19472]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [26.5.2009 10:05 7408]
S4 Apache2.2;Apache2.2;c:\program files\xampp\apache\bin\httpd.exe [2.7.2010 19:53 29416]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;e:\lavasoft\Ad-Aware\AAWService.exe [28.10.2011 19:35 2152720]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
TCP: Interfaces\{255349B3-9540-411C-94D9-1CDEDD200EED}: NameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Hans Peter Geerdes\Data aplikací\Mozilla\Firefox\Profiles\7lrfbsbf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.arccosine.com/
pref('extensions.autoDisableScopes',0);
pref('extensions.shownSelectionUI',true);
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-16 16:25
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2012-09-16 16:27:10
ComboFix-quarantined-files.txt 2012-09-16 14:27
ComboFix2.txt 2012-09-15 19:54
ComboFix3.txt 2012-09-10 19:43
ComboFix4.txt 2012-09-10 18:48
ComboFix5.txt 2012-09-16 14:12
.
Před spuštěním: Volných bajtů: 44 236 603 392
Po spuštění: Volných bajtů: 44 266 094 592
.
- - End Of File - - D35317208C066CBEC7D98B98CAC07BFC

[tomassovak]

a otcův:


ComboFix 12-09-15.02 - Administrator 16.09.2012 10:22:08.2.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1799 [GMT 2:00]
Spuštěný z: d:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Administrator\Plocha\CFScript.txt
AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
FILE ::
"c:\windows\DUMP66d8.tmp"
"c:\windows\DUMP6810.tmp"
"c:\windows\DUMP85d9.tmp"
"c:\windows\DUMP8627.tmp"
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\ERDNT\cache\beep.sys --> c:\windows\System32\drivers\beep.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-16 do 2012-09-16 )))))))))))))))))))))))))))))))
.
.
2012-09-15 11:15 . 2012-09-15 11:15 39483256 ----a-w- D:\QuickTimeInstaller.exe
2012-09-15 11:13 . 2012-09-15 11:14 20816132 ----a-w- D:\K-Lite_Codec_Pack_920_Full.exe
2012-09-15 11:11 . 2012-09-15 11:11 12754672 ----a-w- D:\MP10Setup.exe
2012-09-15 11:10 . 2012-09-15 11:10 10050902 ----a-w- D:\Codecs6030_allin1.exe
2012-09-15 08:56 . 2012-09-15 08:56 172057640 ----a-w- D:\WindowsXP-KB936929-SP3-x86-symbols-update-ENU.exe
2012-09-15 08:42 . 2012-09-15 08:43 509264 ----a-w- D:\winsdk_web.exe
2012-09-14 21:26 . 2012-09-14 21:27 19169392 ----a-w- D:\CommunicatorPlugin_403.exe
2012-09-14 18:41 . 2010-10-30 11:30 8397352 ----a-w- D:\Firefox Setup 3.6.12.exe
2012-09-14 18:40 . 2011-12-30 13:59 5015416 ----a-w- D:\WindowsXP-KB982381-x86-CSY.exe
2012-09-14 18:40 . 2011-11-19 13:11 599452800 ----a-w- D:\DXSDK_Jun10.exe
2012-09-14 18:39 . 2009-02-03 18:48 2585872 ----a-w- D:\WindowsInstaller-KB893803-v2-x86.exe
2012-09-14 18:36 . 2011-04-16 17:53 568840 ----a-w- D:\googleupdatesetup.exe
2012-09-14 18:36 . 2011-12-19 12:55 6950552 ----a-w- D:\Silverlight.exe
2012-09-14 18:36 . 2011-05-29 20:57 654848 ----a-w- D:\MicrosoftFixit50351.msi
2012-09-14 18:36 . 2011-06-26 14:03 100271992 ----a-w- D:\directx_Jun2010_redist.exe
2012-09-14 18:36 . 2011-01-10 16:27 10001544 ----a-w- D:\WMEncoder.exe
2012-09-14 18:33 . 2011-11-19 13:50 50449456 ----a-w- D:\dotNetFx40_Full_x86_x64.exe
2012-09-14 18:32 . 2011-12-31 19:19 347920 ----a-w- D:\MicrosoftFixit.IEAddon.Run.exe
2012-09-14 18:32 . 2011-12-31 18:28 5010296 ----a-w- D:\WindowsXP-KB978207-x86-CSY.exe
2012-09-14 18:32 . 2011-12-31 13:38 656896 ----a-w- D:\MicrosoftFixit50366.msi
2012-09-14 18:32 . 2011-11-19 12:59 292184 ----a-w- D:\dxwebsetup.exe
2012-09-14 18:29 . 2012-09-13 21:11 3040128 ----a-w- D:\WindowsXP-KB2286198-x86-CSY.exe
2012-09-14 18:29 . 2012-09-13 20:19 506736 ----a-w- D:\WindowsXP-KB973346-x86-CSY.exe
2012-09-14 18:29 . 2012-09-13 19:47 809856 ----a-w- D:\WindowsXP-KB2503658-x86-CSY.exe
2012-09-14 18:29 . 2012-08-12 09:12 12038144 ----a-w- D:\Ad-Aware96Install.msi
2012-09-14 18:29 . 2012-09-13 20:59 655872 ----a-w- D:\MicrosoftFixit50365.msi
2012-09-14 18:29 . 2012-09-13 20:37 650752 ----a-w- D:\MicrosoftFixit50257.msi
2012-09-14 18:29 . 2012-09-13 20:15 649216 ----a-w- D:\MicrosoftFixit50256.msi
2012-09-14 18:29 . 2012-09-04 18:43 322523176 ----a-w- D:\windowsxp-kb936929-sp3-x86-csy_7af606916b887dba9dd38ae282505ce2c2b81b08.exe
2012-09-14 18:29 . 2012-08-27 20:02 15428440 ----a-w- D:\AdobeAIRInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-03-24 77824]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - d:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 klbg;Kaspersky Lab Boot Guard Driver;d:\windows\system32\drivers\klbg.sys [14.10.2009 20:18 36880]
S2 gupdate;Google Update Service (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [15.9.2012 11:40 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14.9.2012 22:09 250568]
S3 gupdatem;Služba Google Update (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [15.9.2012 11:40 136176]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows\system32\drivers\klim5.sys [14.9.2009 13:42 32272]
S3 klmouflt;Kaspersky Lab KLMOUFLT;d:\windows\system32\drivers\klmouflt.sys [2.10.2009 18:39 19472]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-16 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 20:09]
.
2012-09-16 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2012-09-15 09:40]
.
2012-09-16 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2012-09-15 09:40]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-16 10:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1960408961-1532298954-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1d,9f,b1,45,dd,33,20,4f,bd,c7,b5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1d,9f,b1,45,dd,33,20,4f,bd,c7,b5,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(224)
d:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1388)
d:\windows\system32\ieframe.dll
.
Celkový čas: 2012-09-16 10:37:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-16 08:37
ComboFix2.txt 2012-09-16 08:03
.
Před spuštěním: Volných bajtů: 17 823 272 960
Po spuštění: Volných bajtů: 17 812 004 864
.
- - End Of File - - E8D336AEC3EE51DCC352220F804D60E4

[Rudy]

Pro "váš" PC:

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\SET46.tmp

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.



Pro "otcův" PC:

KillAll::

File::
d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
d:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_USERS\S-1-5-21-1960408961-1532298954-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt . Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.