VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-07-18 18:30:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 659 GB (69%) free of 954 GB
Total RAM: 3326 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:57, on 18.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\ntvdm.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IEPro\MiniDM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
F:\PROGRAM FILES\Hijackthis\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Nástroj WD Quick View] C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3551886561-2034735683-3825333376-1010\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3551886561-2034735683-3825333376-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\MS Office XP\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra 'Tools' menuitem: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

--
End of file - 8611 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551886561-2034735683-3825333376-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551886561-2034735683-3825333376-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2010-06-02 777392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99A7C4DD-B2E6-4CA0-BB6E-737A61364155}]
CHelper Class - C:\PROGRA~1\EUROTR~1\e2003i.dll [2010-11-19 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\IEPro\IEProRecorder.dll [2010-06-02 662736]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Nástroj WD Quick View"=C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [2012-04-30 5235608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-14 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-04-28 1406248]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\MS Office XP\Office10\OSA.EXE

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-18 18:14:31 ----D---- C:\rsit
2012-07-18 18:14:31 ----D---- C:\Program Files\trend micro
2012-07-11 15:30:34 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 15:29:01 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 15:29:01 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 15:29:01 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 15:28:59 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 15:28:59 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 15:28:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 15:28:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 15:28:59 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 15:28:57 ----A---- C:\Windows\system32\cdosys.dll
2012-07-11 15:28:27 ----A---- C:\Windows\system32\shell32.dll
2012-07-03 12:07:27 ----D---- C:\Western Digital
2012-06-19 18:41:02 ----D---- C:\Windows\cs
2012-06-19 18:38:15 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-06-19 15:54:37 ----D---- C:\ZÁLOHA POŠTY
2012-06-19 14:26:05 ----A---- C:\Windows\system32\wups2.dll
2012-06-19 14:26:05 ----A---- C:\Windows\system32\wucltux.dll
2012-06-19 14:26:05 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-19 14:26:05 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-19 14:25:23 ----A---- C:\Windows\system32\wups.dll
2012-06-19 14:25:23 ----A---- C:\Windows\system32\wudriver.dll
2012-06-19 14:25:23 ----A---- C:\Windows\system32\wuapi.dll
2012-06-19 14:25:02 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-19 14:25:02 ----A---- C:\Windows\system32\wuapp.exe

======List of files/folders modified in the last 1 month======

2012-07-18 18:30:54 ----D---- C:\Windows\Temp
2012-07-18 18:30:26 ----SHD---- C:\System Volume Information
2012-07-18 18:14:31 ----RD---- C:\Program Files
2012-07-18 17:56:57 ----D---- C:\ALFIS12J
2012-07-18 17:56:46 ----D---- C:\ProgramData\MFAData
2012-07-18 17:56:15 ----D---- C:\Windows\System32
2012-07-18 17:56:15 ----D---- C:\Windows\inf
2012-07-18 17:56:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-18 17:55:49 ----D---- C:\Program Files\Dialog MIS
2012-07-18 17:49:20 ----SHD---- C:\Windows\Installer
2012-07-18 17:49:15 ----SHD---- C:\Config.Msi
2012-07-18 15:58:12 ----D---- C:\Windows\system32\config
2012-07-18 13:43:31 ----D---- C:\Windows\system32\drivers\AVG
2012-07-17 22:10:55 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2012-07-17 22:06:29 ----HD---- C:\ProgramData
2012-07-17 22:05:22 ----D---- C:\S W
2012-07-17 22:02:02 ----D---- C:\downloads
2012-07-17 13:27:24 ----RSD---- C:\Windows\assembly
2012-07-17 13:27:24 ----D---- C:\Windows\Microsoft.NET
2012-07-16 20:31:29 ----AD---- C:\ProgramData\TEMP
2012-07-16 17:46:32 ----D---- C:\Windows
2012-07-16 14:20:19 ----D---- C:\Windows\Prefetch
2012-07-14 14:22:35 ----D---- C:\Windows\system32\catroot
2012-07-14 14:21:57 ----D---- C:\Program Files\FreeRapid-0.86
2012-07-14 14:21:24 ----D---- C:\MP3
2012-07-14 14:21:14 ----D---- C:\Windows\system32\DriverStore
2012-07-14 14:21:02 ----D---- C:\Program Files\Western Digital
2012-07-14 14:21:01 ----D---- C:\ProgramData\Western Digital
2012-07-14 14:17:28 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2012-07-14 13:18:02 ----D---- C:\Users\Admin\AppData\Roaming\Audacity
2012-07-14 11:12:51 ----D---- C:\Users\Admin\AppData\Roaming\dvdcss
2012-07-12 17:25:01 ----D---- C:\Windows\debug
2012-07-12 09:01:20 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-11 15:35:12 ----D---- C:\Windows\winsxs
2012-07-11 15:33:06 ----D---- C:\Windows\system32\drivers
2012-07-11 15:32:36 ----D---- C:\ProgramData\Microsoft Help
2012-07-11 15:31:00 ----A---- C:\Windows\system32\MRT.exe
2012-07-11 15:28:53 ----D---- C:\Windows\system32\catroot2
2012-07-09 22:25:35 ----D---- C:\Program Files\IDOS
2012-07-05 14:25:53 ----D---- C:\Program Files\Domaci ucetnictvi
2012-07-03 15:17:12 ----D---- C:\BATCH
2012-06-25 14:37:13 ----D---- C:\Program Files\Windows Live
2012-06-25 14:35:56 ----D---- C:\Windows\Logs
2012-06-25 14:10:00 ----D---- C:\Users\Admin\AppData\Roaming\Vso
2012-06-25 14:09:59 ----D---- C:\Windows\Panther
2012-06-22 14:37:21 ----D---- C:\VYPAL
2012-06-19 20:02:28 ----D---- C:\Windows\rescache
2012-06-19 18:36:45 ----SD---- C:\ProgramData\Microsoft
2012-06-19 18:35:12 ----D---- C:\Program Files\Common Files\microsoft shared
2012-06-19 18:31:43 ----D---- C:\Program Files\Common Files\Windows Live
2012-06-19 16:33:01 ----D---- C:\Windows\system32\cs-CZ
2012-06-19 11:33:04 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-11-25 47360]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 appliandMP;appliandMP; C:\Windows\system32\DRIVERS\appliand.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 10752]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-03-10 25112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
R2 WDBackup;WD Backup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-04-24 1150368]
R2 WDDriveService;WD Drive Manager; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [2012-04-11 247704]
R2 WDRulesService;WD Rules; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-04-11 1177496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-17 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Zdravim

Na logu se pracuje, bude to nejakou dobu trvat.

Aktualizujte Internet Explorer

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
AdobeARMservice
NAUpdate
SeaPort
AdobeFlashPlayerUpdateSvc
BBSvc
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files\Ask.com
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551886561-2034735683-3825333376-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551886561-2034735683-3825333376-1001UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

Dobrý den a zatím děkuji z jiného PC; již jsem byl zarmoucen, že zůstávám se svým trápením osamoceně.
Jakmile dorazím domů, hned se vrhnu do doporučené činnosti, vše provedu a dám vědět. Hezký den přeji, mraz233

No jo, nekdy to chvili trva, nez se vas nekdo ujme. Jsme tu ve svem volnem case a zadarmo, takze tu nemuzem byt nonstop

Je treba si i nejak vydelat na chleba

Dneska mam nocni, takze tady budu nakukovat v prubehu celeho dne, asi do 19:00

Vam take hezky den

Ježíši, to jsem nechtěl, aby to takhle vyznělo. Prosím, přijměte moji omluvu za nešťasně formulovaný výrok.

tak jsem vykonal žádané a zde je výsledek. Ještě chci dodat, že jsem opakovaně zkoušel AVG Internet security, Eset on line, Windows safety scanner, opakovaně defragmentoval, čili že jsem se opravdu snažil dle mých sil a znalostí a proto jsem se dostal i na toto forum a tetelím se, že možná svítá jiskérka naděje.
Jenom s tou aktualizací IE váhám. Poslední verzi mám na NTB a vůbec, ale vůbec mi strohost nevyhovuje. Pokud, tak pracuji s Google chrome. Ale v případě nezbytí ovšemže vyhovím

Log:
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 207862607 bytes
->Temporary Internet Files folder emptied: 43975539 bytes
->Java cache emptied: 166250 bytes
->Google Chrome cache emptied: 6362056 bytes
->Flash cache emptied: 1746 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33212 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33198 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2882462347 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 17855149 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 741 bytes
RecycleBin emptied: 682232368 bytes

Total Files Cleaned = 3 663,00 mb

[EMPTYFLASH]

User: Admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service NAUpdate stopped successfully!
Service NAUpdate deleted successfully!
Service SeaPort stopped successfully!
Service SeaPort deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Program Files\Ask.com folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551886561-2034735683-3825333376-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551886561-2034735683-3825333376-1001UA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 07192012_154824

Files moved on Reboot...

Registry entries deleted on Reboot...

mraz233 píše:Ježíši, to jsem nechtěl, aby to takhle vyznělo. Prosím, přijměte moji omluvu za nešťasně formulovaný výrok.

V poradku, neni treba se omlouvat

Nevyznelo to nejak spatne, jen jsem chtel vysvetlit, jak to tu chodi

OTM provedlo co melo. Nastala nejaka zmena?

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte

Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

IE by mel byt aktualni. Je vlastne soucast systemu a zbytecne se tim oteviraji vratka pripadne haveti. A je jedno, jestli se pouziva nebo nikoliv. Ale nutit vas nebudu, zas tak zivotne dulezite to neni

Dobrý den.
Nepozoruji změny, ba spíše naopak...prodlevy v načítání odkazů. Připojuji parciální výsledek a ihned poté se pustím do MBAM
Výsledek Crystaldiskinfo:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2012/07/19 17:22:12

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HL-DT-ST DVDRAM GSA-H10N ATA Device
- ATA Channel 1 (1) [ATA]
+ Řadič úložiště Intel(R) 82801GB/GR/GH (řada ICH7) s rozhraním Serial ATA - 27C0 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Řadiče úložiště Intel(R) 82801G (řada ICH7) v režimu Ultra ATA - 27DF [ATA]
+ ATA Channel 0 (0)
- ST31000520AS ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7240S ATA Device

-- Disk List ---------------------------------------------------------------
(1) ST31000520AS : 1000,2 GB [0/2/0, pd1] - st

----------------------------------------------------------------------------
(1) ST31000520AS
----------------------------------------------------------------------------
Model : ST31000520AS
Firmware : CC32
Serial Number : 5VX01XZQ
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953523055
Rotation Rate : 5900 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 2364 hod.
Power On Count : 1246 krát
Host Reads : 673 GB
Host Writes : 1383 GB
Temparature : 40 C (104 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000C59A15F Počet chyb čtení
03 _95 _95 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 0000000009BC Počet spuštění/zastavení
05 _98 _98 _36 000000000078 Počet přemapovaných sektorů
07 _79 _60 _30 000005A40D87 Počet chybných hledání
09 _98 _98 __0 00000000093C Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000004DE Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD _94 _94 __0 000000000006 Vysoká rychlost zápisu
BE _60 _59 _45 000028170028 Teplota toku vzduchu
C2 _40 _41 __0 001100000028 Teplota
C3 _47 _33 __0 00000C59A15F Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 B6DE00001630 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000ACEA6ABF Total LBAs Written
F2 100 253 __0 00005433FFBD Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3556 3556 5830 3158 5A51
020: 0000 0000 0004 4343 3332 2020 2020 5354 3331 3030
030: 3035 3230 4153 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7F61 4163 BE01 BE01 4163 207F 005E
090: 005E 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 656F 7470 0000 0000 0000 0000 0000 0000 5000 C500
110: 15F9 EDAE 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 004F 004F 0280 0000 0000
150: 000A 0000 0000 0000 0000 0000 0000 0000 4000 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 170C 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DBA5

Disk na tom neni nejlepe, vykazuje chyby cteni

Uvidime, jestli pomuze vycisteni od pripadne haveti a uklid. Jisty si tim teda nejsem

a nyní doběhl MBAM s tímto nálezem:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.19.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Admin :: ADMIN-PC [administrátor]

Ochrana: Povolena

19.7.2012 17:34:40
mbam-log-2012-07-19 (19-12-40).txt

Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 377682
Uplynulý čas: 1 hodin, 24 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Users\Admin\AppData\Local\Thinstall\Cache\Stubs\c0946239351e639c656ab903cda420939dba\dvdcloner.exe (Trojan.Backdoor) -> Žádná instrukce nebyla provedena.
C:\Program Files\Any Video Converter Professional v3.1.5 CZ Portable\Stubs\9aac5e273dd68ea31fd8621b479b8ceb421e\mp4creator.exe (Trojan.Backdoor) -> Žádná instrukce nebyla provedena.
C:\Program Files\Any Video Converter Professional v3.1.5 CZ Portable\Stubs\b1a15b1c70b8ad4fe7fe8af8d3e17dcc91977ec\mplayer.exe (Trojan.Backdoor) -> Žádná instrukce nebyla provedena.
C:\Program Files\Any Video Converter Professional v3.1.5 CZ Portable\Stubs\ce6c3d76f9da90165585a3c6f946063afe5e352\mencoder.exe (Trojan.Backdoor) -> Žádná instrukce nebyla provedena.

(konec)

Dobrý den,
včera večer jsem ještě nechal proběhnout scan disk s opravou chyb a po několika hodinách jsem si oddechl, že snad soubory jsou v pořádku. Nicméně disk vyměním.
Napjatě čekám, co s těmi trojany, soudě dle popisu lokalisace v logu bych i věřil v jejich reálnost

Děkuji, Mraz

Zdravicko

Driv jsem se tu nedostal.

Ja bych ty soubory nejdrive otestoval na virustotal, pripadne jotti, at mame jistotu http://forum.viry.cz/viewtopic.php?f=29&t=5846

Vítám Vás, děkuji za radu a opět doma vykonám. Ivo Mráz

Dik za privitani

Jasne, budu tady zase tak do 19:00, pak jdu opet na nocni

VIRY.CZ

zvýšený přístup na HDD (několik dní), prosím o kontrolu

zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu

Re: zvýšený přístup na HDD (několik dní), prosím o kontrolu