VIRY.CZ

Dobrý den,

při návštěvě internetových stránek avast zahlásil blokaci trojského koně. (nepamatuji se zda psal název) totéž se opakovalo asi třikrát. OD té doby byl zpomalený PC, a hlavně - přestaly mi fungovat programy - zástupci na ploše byli hluší - windows nenašel orig soubory. když jsem spustil total commander - složka program files byla téměř prázdná i přesto že jsem měl zapnuto zobrazení skrytých souborů. Opera prohlížeč měl zablokovaná rozšíření, novou domovskou stránku a po pár minutách ani ten nefungoval.

Začal jsem čistit komp . avast nenašel nic, použil jsem ad ware, spyware terminator, spy boot, každý našel něco trochu, od té doby rychlost pc zdá se normální, nově instalované prgramy zatím fuknční, při instalaci se tváří podivně, jakoby je tam systém viděl a chtěl je jen opravit či upgradeovat. Nakonec jsem použil ComboFix. přikládám jeho log a prosím o kontrolu zda už mám PC čistý.

Rád bych taky věděl váš názor, zda byly soubory z program files opravdu ssmazány, nebo jen nějak skryty a zablokovány k spuštění, popř jak jesli se to dá nějak opravit, nebo prostě reinstall všeho. Taky bych rád věděl, co to byl za sajrajt

Děkuji

>>>>>>>>>>>>>>>>>>>>ZDe LOG<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

ComboFix 12-01-21.02 - Karel 22.01.2012 21:17:54.1.1 - x86
Microsoft Windows 7 Home Basic 6.1.7600.0.1250.420.1033.18.1792.896 [GMT 1:00]
Spuštěný z: c:\users\Karel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\spool\prtprocs\w32x86\pnproc2.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-22 do 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 20:28 . 2012-01-22 20:28 -------- d-----w- c:\users\Karel\AppData\Local\temp
2012-01-22 20:28 . 2012-01-22 20:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 17:57 . 2012-01-22 17:57 -------- d-----w- c:\program files\Ulead Systems
2012-01-22 17:57 . 2012-01-22 17:57 -------- d-----w- c:\program files\Common Files\Ulead Systems
2012-01-22 17:54 . 2012-01-22 17:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-01-22 17:54 . 2012-01-22 17:57 -------- d-----w- c:\program files\Common Files\InstallShield
2012-01-22 16:27 . 2012-01-22 16:27 -------- d-----w- c:\program files\IrfanView
2012-01-22 02:00 . 2011-11-03 22:40 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-01-21 23:28 . 2012-01-22 09:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-01-21 23:28 . 2012-01-21 23:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-01-21 22:44 . 2011-11-17 05:41 1288984 ----a-w- c:\windows\system32\ntdll.dll
2012-01-21 22:44 . 2011-11-24 04:23 2340352 ----a-w- c:\windows\system32\win32k.sys
2012-01-21 22:44 . 2011-11-05 04:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-21 22:43 . 2011-11-19 14:06 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-21 22:43 . 2011-10-15 05:48 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-01-21 22:43 . 2011-10-26 04:25 38912 ----a-w- c:\windows\system32\csrsrv.dll
2012-01-21 22:43 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\system32\quartz.dll
2012-01-21 22:43 . 2011-10-26 04:28 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-21 22:43 . 2011-10-26 04:42 3901808 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-01-21 22:42 . 2011-10-26 04:42 3957104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-01-21 18:13 . 2012-01-21 20:19 102400 ----a-w- c:\windows\RegBootClean.exe
2012-01-21 15:20 . 2012-01-21 15:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-01-21 15:17 . 2012-01-22 20:06 -------- dc----w- c:\windows\system32\DRVSTORE
2012-01-21 15:16 . 2012-01-22 20:06 -------- d-----w- c:\programdata\Lavasoft
2012-01-21 13:26 . 2012-01-21 22:23 -------- d-----w- C:\Sysclean
2012-01-21 13:02 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-01-21 13:02 . 2012-01-21 15:22 -------- d-----w- c:\programdata\Spyware Terminator
2012-01-21 13:02 . 2012-01-21 13:02 -------- d-----w- c:\users\Karel\AppData\Roaming\Spyware Terminator
2012-01-21 13:02 . 2012-01-21 13:02 -------- d-----w- c:\program files\Spyware Terminator
2012-01-21 12:17 . 2012-01-17 03:39 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B1A2DA3F-655B-4590-B896-CFBBE04CDBDB}\mpengine.dll
2012-01-21 09:58 . 2012-01-21 09:58 -------- d-----w- c:\users\Karel\AppData\Local\Ilivid Player
2012-01-21 00:47 . 2012-01-21 00:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-01-21 00:47 . 2012-01-21 00:47 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-01-21 00:46 . 2012-01-21 10:02 -------- d-----w- c:\program files\Real
2012-01-21 00:17 . 2012-01-21 10:02 -------- dc----w- c:\programdata\{B49A644A-1076-4A3D-B124-DAA7862F2318}
2012-01-21 00:13 . 2012-01-21 10:00 -------- d-----w- c:\program files\Windows iLivid Toolbar
2012-01-21 00:11 . 2012-01-21 00:11 -------- d-----w- c:\users\Karel\AppData\Local\PackageAware
2012-01-13 00:13 . 2012-01-13 00:13 -------- d-----w- c:\users\Karel\AppData\Roaming\Apple Computer
2012-01-12 14:45 . 2012-01-12 14:45 -------- d-----w- c:\users\Karel\AppData\Local\Apple
2012-01-06 16:36 . 2012-01-06 16:36 -------- d-----w- c:\users\Karel\.iGridd
2012-01-06 16:34 . 2012-01-06 16:34 -------- d-----w- c:\windows\Sun
2012-01-06 16:34 . 2012-01-06 16:34 -------- d-----w- c:\program files\Common Files\Java
2012-01-06 16:33 . 2012-01-06 16:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-04 11:17 . 2001-12-19 14:47 49152 ------w- c:\windows\system32\TempDel.EXE
2011-12-31 19:39 . 2011-12-31 19:39 -------- d-----w- c:\program files\WinFast
2011-12-31 19:32 . 2011-12-31 19:32 -------- d-----w- c:\users\Karel\AppData\Roaming\FDRLab
2011-12-31 19:22 . 2009-10-21 17:30 433920 ----a-w- c:\windows\system32\drivers\wfeaglxt.sys
2011-12-31 19:22 . 2011-12-31 19:22 -------- d-----w- c:\users\Karel\AppData\Roaming\InstallShield
2011-12-31 19:16 . 2001-06-15 11:30 61440 ----a-r- c:\windows\system32\NUVYUV.DLL
2011-12-31 19:16 . 2001-06-15 11:30 49664 ----a-r- c:\windows\system32\Nuvision.ax
2011-12-31 19:13 . 2012-01-04 11:17 -------- d-----w- c:\windows\system32\WinFast
2011-12-31 19:13 . 2011-12-31 19:13 -------- d-----w- c:\windows\system32\WinFox
2011-12-31 19:13 . 2003-09-26 10:57 9469 ----a-w- c:\windows\system32\drivers\WINFOXIO.sys
2011-12-31 19:13 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2011-12-31 18:47 . 2012-01-04 21:53 -------- d-----w- c:\users\Karel\AppData\Roaming\ICQ
2011-12-30 16:42 . 2012-01-12 14:44 -------- d-----w- c:\windows\system32\Adobe
2011-12-29 19:25 . 2011-12-29 19:26 -------- d-----w- c:\users\Karel\AppData\Roaming\Canon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 17:08 . 2011-12-08 17:09 737280 ----a-w- c:\windows\iun6002.exe
2011-12-05 17:41 . 2011-12-05 17:41 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-05 17:41 . 2011-12-05 17:41 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-05 17:41 . 2011-12-05 17:41 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-05 17:41 . 2011-12-05 17:41 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-05 17:41 . 2011-12-05 17:41 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-05 17:41 . 2011-12-05 17:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-05 17:41 . 2011-12-05 17:41 367104 ----a-w- c:\windows\system32\html.iec
2011-12-05 17:41 . 2011-12-05 17:41 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-05 17:41 . 2011-12-05 17:41 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-05 17:41 . 2011-12-05 17:41 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-05 17:41 . 2011-12-05 17:41 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-05 17:41 . 2011-12-05 17:41 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-05 17:41 . 2011-12-05 17:41 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-05 17:41 . 2011-12-05 17:41 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-05 17:41 . 2011-12-05 17:41 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-05 17:41 . 2011-12-05 17:41 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-05 17:41 . 2011-12-05 17:41 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-05 17:40 . 2011-12-05 17:40 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-12-05 17:40 . 2011-12-05 17:40 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-12-05 17:40 . 2011-12-05 17:40 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-12-05 17:40 . 2011-12-05 17:40 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-12-05 17:40 . 2011-12-05 17:40 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-12-05 17:40 . 2011-12-05 17:40 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-12-05 17:40 . 2011-12-05 17:40 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-12-05 17:40 . 2011-12-05 17:40 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-12-05 17:40 . 2011-12-05 17:40 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-12-05 17:40 . 2011-12-05 17:40 3181568 ----a-w- c:\windows\system32\mf.dll
2011-12-05 17:40 . 2011-12-05 17:40 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-12-05 17:40 . 2011-12-05 17:40 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-12-05 17:40 . 2011-12-05 17:40 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-12-05 17:40 . 2011-12-05 17:40 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-12-05 17:40 . 2011-12-05 17:40 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-12-05 17:40 . 2011-12-05 17:40 107520 ----a-w- c:\windows\system32\cdd.dll
2011-12-04 14:01 . 2011-12-04 08:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-04 00:24 . 2011-12-04 00:24 319488 ----a-w- c:\windows\HideWin.exe
2011-11-28 18:01 . 2011-12-04 08:42 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-12-04 08:42 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-12-04 08:42 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-12-04 08:42 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-12-04 08:42 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-12-04 08:42 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-12-04 08:42 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-12-04 08:42 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-15 13:29 . 2011-12-04 08:48 222080 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ------w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"SmartSoft PDF Printer Agent"="c:\program files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe" [2010-07-22 62864]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2003-12-09 159744]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-01-21 296056]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-01-10 2779824]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-01-10 3621040]
.
c:\users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-9-19 993280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R3 SI3114;SI3114;c:\windows\system32\DRIVERS\SI3114.sys [2008-04-14 73768]
S0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys [2003-05-09 89749]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [2012-01-10 482992]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [2003-09-10 9510]
S3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 212.71.186.249 212.71.186.252
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\uTorrentBar\prxtbuTo0.dll
BHO-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\uTorrentBar\prxtbuTo0.dll
Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\uTorrentBar\prxtbuTo0.dll
Toolbar-10 - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - c:\program files\uTorrentBar\prxtbuTo0.dll
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-22 21:35:15
ComboFix-quarantined-files.txt 2012-01-22 20:35
.
Před spuštěním: 3 193 491 456 bytes free
Po spuštění: 3 507 486 720 bytes free
.
- - End Of File - - 480745F2498F538D99BF15A2E107D6CC

mohol by si mat aj krycie meno Samo Cistic
odinstaluj STerminator + SpyBot
vycisti CClenerom
prescanuj s MBAM - log vloz + log RSIT
a hlavne nabuduce ak sa objavi problem, tak sa objav s nim a nie az po pokusoch a omyloch

Omluva za vstup
Pamatujete se, na jakých stránkách jste byl? Pokud ano, pošlete mi prosím link do sz. Děkuji

Ahoj,
udělal jsem jak jsi řekl,
MBAM log:
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
http://www.malwarebytes.org

Database version: v2012.01.23.02

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Karel :: TURBOPC7 [administrator]

Protection: Enabled

23.1.2012 11:33:28
mbam-log-2012-01-23 (11-33-28).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 300329
Time elapsed: 1 hour(s), 13 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
D:\Rodokmen\Rodokmen Pro installed\rodokmen.pro.v2.1.1.czech-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
D:\Rodokmen\Rodokmen Pro installed\Rodokmen_Pro_2.1.1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

(end)


<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
RSIT log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Karel at 2012-01-23 14:12:06
Microsoft Windows 7 Home Basic
System drive C: has 3 GB (15%) free of 20 GB
Total RAM: 1792 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:13:10, on 23.1.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Karel\Downloads\RSIT.exe
C:\Program Files\trend micro\Karel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - (no file)
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SmartSoft PDF Printer Agent] C:\Program Files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (file missing)
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

--
End of file - 4925 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-15 604704]
"SmartSoft PDF Printer Agent"=C:\Program Files\Smart PDF Converter Pro\SmartSoft PDF Printer Agent.exe [2010-07-22 62864]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2003-12-09 159744]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-01-21 296056]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-12-24 460872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-12-05 203776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=nuvyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.NTN1"=NUVision.ax
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-01-23 14:12:07 ----D---- C:\Program Files\trend micro
2012-01-23 14:12:06 ----D---- C:\rsit
2012-01-23 11:26:38 ----D---- C:\Users\Karel\AppData\Roaming\Malwarebytes
2012-01-23 11:26:30 ----D---- C:\ProgramData\Malwarebytes
2012-01-23 11:26:28 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-01-23 11:26:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-22 23:18:15 ----D---- C:\Program Files\Conduit
2012-01-22 23:18:08 ----D---- C:\Program Files\uTorrentBar
2012-01-22 23:17:56 ----D---- C:\Program Files\uTorrent
2012-01-22 23:06:50 ----D---- C:\Windows\temp
2012-01-22 22:34:26 ----A---- C:\Windows\system32\drivers\utm3mtq3.sys
2012-01-22 22:21:16 ----D---- C:\ProgramData\Kaspersky Lab
2012-01-22 22:19:47 ----A---- C:\Windows\system32\drivers\1625316drv.sys
2012-01-22 22:19:46 ----A---- C:\Windows\system32\drivers\77088781.sys
2012-01-22 22:09:50 ----D---- C:\Program Files\CCleaner
2012-01-22 21:35:28 ----SHD---- C:\$RECYCLE.BIN
2012-01-22 21:35:17 ----A---- C:\ComboFix.txt
2012-01-22 21:16:11 ----A---- C:\Windows\zip.exe
2012-01-22 21:16:11 ----A---- C:\Windows\SWSC.exe
2012-01-22 21:16:11 ----A---- C:\Windows\SWREG.exe
2012-01-22 21:16:11 ----A---- C:\Windows\sed.exe
2012-01-22 21:16:11 ----A---- C:\Windows\PEV.exe
2012-01-22 21:16:11 ----A---- C:\Windows\NIRCMD.exe
2012-01-22 21:16:11 ----A---- C:\Windows\MBR.exe
2012-01-22 21:16:11 ----A---- C:\Windows\grep.exe
2012-01-22 21:16:03 ----D---- C:\Windows\ERDNT
2012-01-22 21:15:54 ----D---- C:\ComboFix
2012-01-22 21:13:46 ----D---- C:\Qoobox
2012-01-22 18:57:40 ----D---- C:\Program Files\Ulead Systems
2012-01-22 18:57:37 ----D---- C:\Program Files\Common Files\Ulead Systems
2012-01-22 18:54:52 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-22 18:54:03 ----D---- C:\Program Files\Common Files\InstallShield
2012-01-22 17:27:25 ----D---- C:\Program Files\IrfanView
2012-01-22 03:01:16 ----A---- C:\Windows\system32\mshtmled.dll
2012-01-22 03:01:14 ----A---- C:\Windows\system32\iertutil.dll
2012-01-22 03:01:12 ----A---- C:\Windows\system32\jscript.dll
2012-01-22 03:01:11 ----A---- C:\Windows\system32\jscript9.dll
2012-01-22 03:01:09 ----A---- C:\Windows\system32\jsproxy.dll
2012-01-22 03:01:07 ----A---- C:\Windows\system32\wininet.dll
2012-01-22 03:01:06 ----A---- C:\Windows\system32\url.dll
2012-01-22 03:01:06 ----A---- C:\Windows\system32\ieui.dll
2012-01-22 03:01:02 ----A---- C:\Windows\system32\urlmon.dll
2012-01-22 03:01:01 ----A---- C:\Windows\system32\mshtml.dll
2012-01-22 03:00:57 ----A---- C:\Windows\system32\ieframe.dll
2012-01-22 00:28:46 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-01-22 00:28:46 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-01-21 23:44:29 ----A---- C:\Windows\system32\ntdll.dll
2012-01-21 23:44:20 ----A---- C:\Windows\system32\win32k.sys
2012-01-21 23:44:04 ----A---- C:\Windows\system32\tzres.dll
2012-01-21 23:43:42 ----A---- C:\Windows\system32\packager.dll
2012-01-21 23:43:19 ----A---- C:\Windows\system32\EncDec.dll
2012-01-21 23:43:17 ----A---- C:\Windows\system32\csrsrv.dll
2012-01-21 23:43:13 ----A---- C:\Windows\system32\quartz.dll
2012-01-21 23:43:11 ----A---- C:\Windows\system32\qdvd.dll
2012-01-21 23:43:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-01-21 23:42:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-01-21 19:13:27 ----A---- C:\Windows\RegBootClean.exe
2012-01-21 16:20:43 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2012-01-21 16:17:07 ----DC---- C:\Windows\system32\DRVSTORE
2012-01-21 16:16:57 ----D---- C:\ProgramData\Lavasoft
2012-01-21 14:26:32 ----D---- C:\Sysclean
2012-01-21 14:02:34 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2012-01-21 14:02:26 ----D---- C:\Program Files\Spyware Terminator
2012-01-21 10:11:34 ----D---- C:\Users\Karel\AppData\Roaming\RealNetworks
2012-01-21 01:47:47 ----A---- C:\Windows\system32\rmoc3260.dll
2012-01-21 01:47:21 ----A---- C:\Windows\system32\pndx5032.dll
2012-01-21 01:47:21 ----A---- C:\Windows\system32\pndx5016.dll
2012-01-21 01:47:14 ----A---- C:\Windows\system32\pncrt.dll
2012-01-21 01:47:09 ----A---- C:\Windows\system32\msvcr71.dll
2012-01-21 01:47:09 ----A---- C:\Windows\system32\msvcp71.dll
2012-01-21 01:46:39 ----D---- C:\Program Files\Real
2012-01-21 01:46:17 ----D---- C:\Users\Karel\AppData\Roaming\Real
2012-01-21 01:17:00 ----DC---- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
2012-01-21 01:13:38 ----D---- C:\Program Files\Windows iLivid Toolbar
2012-01-18 16:41:17 ----A---- C:\Windows\mscpt.dat
2012-01-13 01:13:00 ----D---- C:\Users\Karel\AppData\Roaming\Apple Computer
2012-01-06 17:34:14 ----D---- C:\Windows\Sun
2012-01-06 17:34:01 ----D---- C:\Program Files\Common Files\Java
2012-01-06 17:33:48 ----A---- C:\Windows\system32\javaws.exe
2012-01-06 17:33:48 ----A---- C:\Windows\system32\javaw.exe
2012-01-06 17:33:48 ----A---- C:\Windows\system32\java.exe
2012-01-06 17:33:48 ----A---- C:\Windows\system32\deployJava1.dll
2012-01-04 12:17:44 ----N---- C:\Windows\system32\TempDel.EXE
2011-12-31 20:39:17 ----D---- C:\Program Files\WinFast
2011-12-31 20:32:42 ----D---- C:\Users\Karel\AppData\Roaming\FDRLab
2011-12-31 20:22:02 ----A---- C:\Windows\system32\drivers\wfeaglxt.sys
2011-12-31 20:22:00 ----D---- C:\Users\Karel\AppData\Roaming\InstallShield
2011-12-31 20:16:03 ----RA---- C:\Windows\system32\NUVYUV.DLL
2011-12-31 20:13:17 ----D---- C:\Windows\system32\WinFox
2011-12-31 20:13:17 ----D---- C:\Windows\system32\WinFast
2011-12-31 20:13:17 ----A---- C:\Windows\system32\drivers\WINFOXIO.sys
2011-12-31 20:13:10 ----A---- C:\Windows\IsUninst.exe
2011-12-31 20:13:00 ----RASH---- C:\MSDOS.SYS
2011-12-31 20:13:00 ----RASH---- C:\IO.SYS
2011-12-31 19:47:25 ----D---- C:\Users\Karel\AppData\Roaming\ICQ
2011-12-30 17:42:20 ----D---- C:\Windows\system32\Adobe
2011-12-29 20:25:29 ----D---- C:\Users\Karel\AppData\Roaming\Canon
2011-12-27 22:31:26 ----A---- C:\error.txt

======List of files/folders modified in the last 1 month======

2012-01-23 14:13:10 ----D---- C:\Windows\system32\config
2012-01-23 14:12:25 ----D---- C:\Windows\Prefetch
2012-01-23 14:12:07 ----RD---- C:\Program Files
2012-01-23 14:11:42 ----D---- C:\Windows\system32\drivers
2012-01-23 14:08:36 ----D---- C:\Windows
2012-01-23 14:08:21 ----D---- C:\Windows\AppPatch
2012-01-23 13:37:50 ----SHD---- C:\System Volume Information
2012-01-23 11:26:30 ----D---- C:\ProgramData
2012-01-23 11:14:40 ----D---- C:\Windows\System32
2012-01-23 11:14:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-23 11:14:39 ----D---- C:\Windows\inf
2012-01-23 02:55:12 ----D---- C:\Users\Karel\AppData\Roaming\uTorrent
2012-01-22 22:11:35 ----D---- C:\Windows\debug
2012-01-22 21:31:48 ----D---- C:\Windows\Tasks
2012-01-22 21:28:32 ----A---- C:\Windows\system.ini
2012-01-22 21:28:20 ----D---- C:\Windows\system32\drivers\etc
2012-01-22 21:23:00 ----D---- C:\Program Files\Common Files
2012-01-22 21:15:08 ----D---- C:\Windows\winsxs
2012-01-22 21:06:27 ----SHD---- C:\Windows\Installer
2012-01-22 18:57:08 ----RSD---- C:\Windows\Fonts
2012-01-22 17:27:26 ----D---- C:\Users\Karel\AppData\Roaming\IrfanView
2012-01-22 17:23:16 ----D---- C:\Program Files\Opera
2012-01-22 04:00:33 ----D---- C:\Windows\rescache
2012-01-22 03:32:54 ----D---- C:\Windows\Microsoft.NET
2012-01-22 03:32:47 ----RSD---- C:\Windows\assembly
2012-01-22 03:20:39 ----D---- C:\Windows\system32\migration
2012-01-22 03:20:39 ----D---- C:\Windows\system32\en-US
2012-01-22 03:20:39 ----D---- C:\Program Files\Internet Explorer
2012-01-22 03:20:37 ----D---- C:\Windows\system32\DriverStore
2012-01-22 03:02:57 ----D---- C:\Windows\system32\catroot
2012-01-22 03:01:30 ----D---- C:\Windows\system32\catroot2
2012-01-21 16:49:56 ----D---- C:\Windows\Panther
2012-01-21 16:49:55 ----D---- C:\Windows\Logs
2012-01-21 16:21:31 ----D---- C:\Windows\system32\Tasks
2012-01-21 16:17:27 ----SD---- C:\ProgramData\Microsoft
2012-01-21 11:02:19 ----D---- C:\Program Files\Common Files\Adobe
2012-01-21 11:02:11 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-21 11:02:11 ----D---- C:\Program Files\Adobe
2012-01-21 11:02:10 ----D---- C:\Program Files\Windows Sidebar
2012-01-21 11:02:02 ----D---- C:\Program Files\Smart PDF Converter Pro
2012-01-21 11:02:02 ----D---- C:\Program Files\Microsoft Games
2012-01-21 11:01:46 ----D---- C:\Program Files\Windows Media Player
2012-01-21 11:01:41 ----D---- C:\Program Files\ATI Technologies
2012-01-18 19:30:46 ----D---- C:\Windows\system32\Macromed
2012-01-04 17:15:16 ----A---- C:\Windows\system32\MRT.exe
2012-01-01 15:21:04 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2011-12-29 20:25:11 ----RSD---- C:\Windows\Media
2011-12-27 21:04:40 ----D---- C:\totalcmd
2011-12-26 18:47:48 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 77088781;77088781; C:\Windows\system32\DRIVERS\77088781.sys [2012-01-23 133208]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller; C:\Windows\system32\DRIVERS\SI3112r.sys [2003-05-09 89749]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-04-14 19240]
R1 1625316drv;1625316drv; C:\Windows\system32\DRIVERS\1625316drv.sys [2012-01-23 489048]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-19 4172832]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 20464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2009-07-13 429056]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2003-09-10 9510]
R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3); C:\Windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Karel\AppData\Local\Temp\catchme.sys []
S3 SI3114;SI3114; C:\Windows\system32\DRIVERS\SI3114.sys [2008-04-14 73768]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 utm3mtq3;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\utm3mtq3.sys [2012-01-22 7168]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]

-----------------EOF-----------------


ještě poznámka, občas (2x-3x za týden) se mi roztočí disk, vrčí a pak se systém kousne, nutný tvrdý restart. Pak vše oK. Tohle se projevuje zrhuba od té doby co jsem instaloval na komp win 7 (2 měsíce zpátky) Před chvíli se to hryzlo zase, věděli byste co s tím? Díky za váš čas a ochotu!

over disk programom HDTune http://forum.viry.cz/viewtopic.php?f=46&t=79325 cast 8

disk je v pořádku i po scanu HD tune.
mě spíš příjde že je to nějaká softwarová anomálie, jak říkám u XPček to nedělalo. Jinak ten log vypadá dobře?

Dělal jste u HD tune error scan?

ano dělal,
všechny zelené

Pc se jen kousne, a nezpozoroval jste u jaké činnosti?

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

kousne se když mám spuštěnou operu po startu PC, asi 2 min pracuji a pak se rozjede disk, vrčí, a pak se kousne Opera a s ní i celý systém. Nutný reset.

Váš softík jsem nezkoušel, vím že disk je opravdu OK.

Místo toho jsem se pustil do toho co asi bylo potřeba, format C: a instal nového systému win 7 professional.

A pomohlo to?

Určitě! tohle pomáhá vždycky
no teď vážně, vše zatím funguje parádně, dokonce i adobe reader šel nainstalovat což po tom bordelu co jsem tam měl po těch virech jaksi nešlo, kousalo se to v půlce a celkově to nepůsobilo stabilně ten systém. Nyní vše náadherně v pořádku a rychlé. Zaseknutí po vrčení disku zatím nepozorováno a myslím že nebude ani v budoucnu. Díky za spolupráci
já si jdu užívat aero .... bože to je nádhera!!! win+tab a taky ty poloprůhledné okna, ojojoj... to homa basic verze neměla, ojojoj )))

btw: když nad tím tak přemýšlím, vždycky jsem záviděl ostatním aero a doplňky, které basic verze nemá. Takže se mi takhle splnilo přání,

Aspon k něčemu Vám ten reinstal pomohl