Preventivní kontrola

Zpráva

scorpion · #1 Příspěvek od **scorpion** » 22 bře 2013 10:43

Ahoj,
prosím o kontorlu logu. Mockrát děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Smalcovi at 2013-03-22 10:38:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 33 GB (33%) free of 100 GB
Total RAM: 2047 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:38:55, on 22.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVG\AVG Family Safety\BsecTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Users\Smalcovi\Desktop\Download\RSIT.exe
C:\Program Files\trend micro\Smalcovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "D:\Programy\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG Family Safety] C:\Program Files\AVG\AVG Family Safety\BsecTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Smalcovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DEAMON Tools\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider '%programfiles%\avg\avg family safety\inetctrl67.dll' missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVG Family Safety (Bsecure) - Bsecure Technologies, Inc. - C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7269 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274894937-2503929680-794133394-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274894937-2503929680-794133394-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Smalcovi\AppData\Roaming\Mozilla\Firefox\Profiles\cyvvi9eb.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programy\Adobe Reader\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-11 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Programy\MICROS~1\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-11 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-05-18 10979984]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"BCSSync"=D:\Programy\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"AVG Family Safety"=C:\Program Files\AVG\AVG Family Safety\BsecTray.exe [2011-12-07 97096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Smalcovi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-31 116648]
"DAEMON Tools Lite"=D:\Programy\DEAMON Tools\DTLite.exe [2012-04-11 3672384]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Bsecure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-22 10:38:42 ----D---- C:\rsit
2013-03-22 10:38:42 ----D---- C:\Program Files\trend micro
2013-03-21 16:21:42 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-03-21 16:21:42 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-03-21 16:20:57 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-03-21 16:20:53 ----A---- C:\Windows\system32\ncsi.dll
2013-03-21 16:20:53 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\nlasvc.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\nlaapi.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\netevent.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\netcorehc.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-03-21 16:20:18 ----A---- C:\Windows\system32\taskhost.exe
2013-03-21 16:20:16 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-03-21 16:20:16 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-03-20 23:05:23 ----D---- C:\Windows\system32\SPReview
2013-03-20 23:04:05 ----D---- C:\Windows\system32\EventProviders
2013-03-20 21:09:46 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-19 21:37:35 ----D---- C:\Program Files\Mozilla Firefox
2013-03-13 11:56:59 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 11:56:58 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 11:56:57 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 11:56:57 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 11:56:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 11:56:56 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 11:56:51 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 11:56:50 ----A---- C:\Windows\system32\url.dll
2013-03-13 11:56:50 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 11:56:50 ----A---- C:\Windows\system32\ieui.dll
2013-03-04 20:14:47 ----D---- C:\Users\Smalcovi\AppData\Roaming\Leadertech
2013-03-04 20:04:45 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-03-04 20:04:45 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-03-04 20:04:44 ----A---- C:\Windows\system32\xinput1_3.dll
2013-03-04 20:04:44 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-03-04 20:04:43 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-03-04 20:04:41 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-03-04 18:36:38 ----D---- C:\Users\Smalcovi\AppData\Roaming\uTorrent

======List of files/folders modified in the last 1 month======

2013-03-22 10:38:55 ----D---- C:\Windows\Prefetch
2013-03-22 10:38:42 ----RD---- C:\Program Files
2013-03-22 10:38:41 ----D---- C:\Windows\Temp
2013-03-22 10:38:14 ----D---- C:\Windows\System32
2013-03-22 10:38:14 ----D---- C:\Windows\inf
2013-03-22 10:38:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-22 10:38:12 ----RSD---- C:\Windows\assembly
2013-03-22 10:38:12 ----D---- C:\Windows\Microsoft.NET
2013-03-22 10:31:19 ----D---- C:\Windows\system32\config
2013-03-22 10:29:51 ----D---- C:\Windows\winsxs
2013-03-22 10:28:02 ----D---- C:\Windows\system32\drivers
2013-03-22 10:27:59 ----D---- C:\Windows\system32\cs-CZ
2013-03-22 10:27:59 ----D---- C:\Windows\PolicyDefinitions
2013-03-22 10:27:58 ----D---- C:\Windows\system32\migration
2013-03-21 20:04:11 ----D---- C:\Windows\AppPatch
2013-03-21 20:03:50 ----SHD---- C:\System Volume Information
2013-03-21 19:48:07 ----D---- C:\Users\Smalcovi\AppData\Roaming\Skype
2013-03-21 17:15:46 ----D---- C:\Windows\rescache
2013-03-21 16:20:05 ----D---- C:\Windows\system32\catroot2
2013-03-21 16:20:05 ----D---- C:\Windows\system32\catroot
2013-03-21 15:48:03 ----D---- C:\Windows\system32\DriverStore
2013-03-21 15:45:39 ----SHD---- C:\Boot
2013-03-21 15:44:44 ----D---- C:\Windows
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Sidebar
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Portable Devices
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Media Player
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Mail
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Journal
2013-03-21 15:40:08 ----D---- C:\Program Files\Internet Explorer
2013-03-21 15:40:08 ----D---- C:\Program Files\DVD Maker
2013-03-21 15:40:07 ----D---- C:\Program Files\Common Files\System
2013-03-21 15:40:05 ----D---- C:\Windows\servicing
2013-03-21 15:40:05 ----D---- C:\Windows\ehome
2013-03-21 15:40:05 ----D---- C:\Program Files\Windows Defender
2013-03-21 15:39:59 ----D---- C:\Windows\system32\en-US
2013-03-21 15:39:59 ----D---- C:\Windows\system32\da-DK
2013-03-21 15:39:58 ----D---- C:\Windows\system32\sysprep
2013-03-21 15:39:58 ----D---- C:\Windows\system32\Setup
2013-03-21 15:39:58 ----D---- C:\Windows\system32\oobe
2013-03-21 15:39:58 ----D---- C:\Windows\system32\cs
2013-03-21 15:39:58 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-21 15:39:52 ----D---- C:\Windows\system32\sppui
2013-03-21 15:39:52 ----D---- C:\Windows\system32\manifeststore
2013-03-21 15:39:52 ----D---- C:\Windows\system32\es-ES
2013-03-21 15:39:51 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-21 15:39:50 ----D---- C:\Windows\system32\wbem
2013-03-21 15:39:49 ----D---- C:\Windows\system32\migwiz
2013-03-21 15:39:49 ----D---- C:\Windows\system32\Dism
2013-03-21 15:39:15 ----RSD---- C:\Windows\Fonts
2013-03-21 15:39:02 ----D---- C:\Windows\system32\Boot
2013-03-21 15:35:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-20 23:17:34 ----A---- C:\Windows\system32\msclmd.dll
2013-03-17 21:10:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-17 21:10:20 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2013-03-13 11:58:38 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 11:58:34 ----SHD---- C:\Windows\Installer
2013-03-13 11:58:34 ----D---- C:\ProgramData\Microsoft Help
2013-02-24 11:47:11 ----D---- C:\Users\Smalcovi\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-10 242240]
R1 MpKsl9aa320aa;MpKsl9aa320aa; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A281599-C172-4AAB-AE11-F499E692FD9E}\MpKsl9aa320aa.sys [2013-03-22 29904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 8758784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 296448]
R3 BSecACFltr;BSecACFltr; C:\Windows\system32\DRIVERS\BSecACFltr.sys [2011-06-14 21624]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-05-22 3226960]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2011-12-02 199528]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 217600]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 291840]
R2 Bsecure;AVG Family Safety; C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe [2011-12-07 66376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-17 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-09-05 655624]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-19 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01 1343400]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 22 bře 2013 19:06

Zdravim

Na logu se pracuje, bude to nejakou dobu trvat.

#3 Příspěvek od **Márty84** » 22 bře 2013 19:15

Najdete tento soubor C:\Program Files\trend micro\Smalcovi.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BCSSync] "D:\Programy\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Smalcovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DEAMON Tools\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

Kliknete na nápis Fix checked a potvrdte

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
AdobeARMservice
SkypeUpdate
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274894937-2503929680-794133394-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274894937-2503929680-794133394-1001UA.job

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

scorpion · #4 Příspěvek od **scorpion** » 22 bře 2013 20:50

Udělal jsem popsané kroky, tady je log z OTM:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Smalcovi
->Temp folder emptied: 357962173 bytes
->Temporary Internet Files folder emptied: 78507368 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 464958918 bytes
->Google Chrome cache emptied: 299558441 bytes
->Flash cache emptied: 29861 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 126783337 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 22913703 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 288,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Smalcovi
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274894937-2503929680-794133394-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2274894937-2503929680-794133394-1001UA.job moved successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 03222013_204358

#5 Příspěvek od **Márty84** » 22 bře 2013 21:27

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

scorpion · #6 Příspěvek od **scorpion** » 22 bře 2013 23:07

Tady je zpráva z MBAMu:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.22.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Smalcovi :: SMALCOVI-PC [administrátor]

Ochrana: Povolena

22.3.2013 21:37:28
mbam-log-2013-03-22 (21-37-28).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 380735
Uplynulý čas: 1 hodin, 13 minut, 10 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#7 Příspěvek od **Márty84** » 23 bře 2013 00:16

MBAM zase odinstalujte.

Je s pc nejaky problem, nebo jde ciste o prevenci?

Dejte novy log z RSIT.

scorpion · #8 Příspěvek od **scorpion** » 23 bře 2013 11:10

PC je zpomalené, takže jsem chtěl vyloučit možnost breberek. Spíše jde o preventivní kontrolu.
Tady je log z RSITu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Smalcovi at 2013-03-23 11:08:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 33 GB (33%) free of 100 GB
Total RAM: 2047 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:09:26, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVG\AVG Family Safety\BsecTray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Smalcovi\Desktop\Download\RSIT.exe
C:\Program Files\trend micro\Smalcovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG Family Safety] C:\Program Files\AVG\AVG Family Safety\BsecTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider '%programfiles%\avg\avg family safety\inetctrl67.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVG Family Safety (Bsecure) - Bsecure Technologies, Inc. - C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 4899 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Smalcovi\AppData\Roaming\Mozilla\Firefox\Profiles\cyvvi9eb.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\Programy\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programy\Adobe Reader\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-11 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-11 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-05-18 10979984]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"AVG Family Safety"=C:\Program Files\AVG\AVG Family Safety\BsecTray.exe [2011-12-07 97096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Bsecure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-22 23:13:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-22 23:13:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-22 23:13:43 ----A---- C:\Windows\system32\elshyph.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\wininet.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\wextract.exe
2013-03-22 23:13:42 ----A---- C:\Windows\system32\vbscript.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\urlmon.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\msrating.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\msls31.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\mshtml.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\inseng.dll
2013-03-22 23:13:42 ----A---- C:\Windows\system32\iexpress.exe
2013-03-22 23:13:42 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-22 23:13:42 ----A---- C:\Windows\system32\iertutil.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-22 23:13:41 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\occache.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\mshta.exe
2013-03-22 23:13:41 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-22 23:13:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\jscript9.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\jscript.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\imgutil.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\ieui.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\iepeers.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\ieframe.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-22 23:13:41 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\webcheck.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\url.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\iesetup.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\iernonce.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-22 23:13:40 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-22 23:13:40 ----A---- C:\Windows\system32\icardie.dll
2013-03-22 23:13:40 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-22 23:12:21 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\FntCache.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\DWrite.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\d3d11.dll
2013-03-22 23:12:21 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\dxgi.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\d3d10.dll
2013-03-22 23:12:20 ----A---- C:\Windows\system32\d2d1.dll
2013-03-22 21:36:16 ----D---- C:\Users\Smalcovi\AppData\Roaming\Malwarebytes
2013-03-22 21:36:01 ----D---- C:\ProgramData\Malwarebytes
2013-03-22 20:43:58 ----D---- C:\_OTM
2013-03-22 10:38:42 ----D---- C:\rsit
2013-03-22 10:38:42 ----D---- C:\Program Files\trend micro
2013-03-21 16:21:42 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-03-21 16:21:42 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-03-21 16:20:57 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-03-21 16:20:53 ----A---- C:\Windows\system32\ncsi.dll
2013-03-21 16:20:53 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\nlasvc.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\nlaapi.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\netevent.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\netcorehc.dll
2013-03-21 16:20:52 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-03-21 16:20:18 ----A---- C:\Windows\system32\taskhost.exe
2013-03-21 16:20:16 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-03-21 16:20:16 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-03-20 23:05:23 ----D---- C:\Windows\system32\SPReview
2013-03-20 23:04:05 ----D---- C:\Windows\system32\EventProviders
2013-03-20 21:09:46 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-19 21:37:35 ----D---- C:\Program Files\Mozilla Firefox
2013-03-04 20:14:47 ----D---- C:\Users\Smalcovi\AppData\Roaming\Leadertech
2013-03-04 20:04:45 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-03-04 20:04:45 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-03-04 20:04:44 ----A---- C:\Windows\system32\xinput1_3.dll
2013-03-04 20:04:44 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-03-04 20:04:43 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-03-04 20:04:41 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-03-04 18:36:38 ----D---- C:\Users\Smalcovi\AppData\Roaming\uTorrent

======List of files/folders modified in the last 1 month======

2013-03-23 11:09:08 ----D---- C:\Windows\Temp
2013-03-23 11:08:59 ----D---- C:\Windows\Prefetch
2013-03-23 11:08:32 ----D---- C:\Windows\system32\config
2013-03-23 11:03:46 ----D---- C:\Windows\system32\drivers
2013-03-23 10:48:33 ----D---- C:\Windows\winsxs
2013-03-23 10:47:16 ----D---- C:\Windows\system32\cs-CZ
2013-03-23 10:47:16 ----D---- C:\Program Files\Internet Explorer
2013-03-23 10:47:14 ----D---- C:\Windows\system32\migration
2013-03-23 10:47:14 ----D---- C:\Windows\PolicyDefinitions
2013-03-23 10:47:14 ----D---- C:\Windows\inf
2013-03-23 10:47:13 ----D---- C:\Windows\system32\en-US
2013-03-23 10:47:12 ----D---- C:\Windows\System32
2013-03-23 10:47:11 ----D---- C:\Windows\system32\zh-TW
2013-03-23 10:47:11 ----D---- C:\Windows\system32\zh-HK
2013-03-23 10:47:11 ----D---- C:\Windows\system32\tr-TR
2013-03-23 10:47:11 ----D---- C:\Windows\system32\sv-SE
2013-03-23 10:47:11 ----D---- C:\Windows\system32\pt-PT
2013-03-23 10:47:11 ----D---- C:\Windows\system32\pt-BR
2013-03-23 10:47:11 ----D---- C:\Windows\system32\pl-PL
2013-03-23 10:47:11 ----D---- C:\Windows\system32\nl-NL
2013-03-23 10:47:11 ----D---- C:\Windows\system32\ko-KR
2013-03-23 10:47:11 ----D---- C:\Windows\system32\it-IT
2013-03-23 10:47:11 ----D---- C:\Windows\system32\hu-HU
2013-03-23 10:47:11 ----D---- C:\Windows\system32\fr-FR
2013-03-23 10:47:11 ----D---- C:\Windows\system32\fi-FI
2013-03-23 10:47:11 ----D---- C:\Windows\system32\es-ES
2013-03-23 10:47:11 ----D---- C:\Windows\system32\el-GR
2013-03-23 10:47:11 ----D---- C:\Windows\system32\de-DE
2013-03-23 10:47:10 ----D---- C:\Windows\system32\zh-CN
2013-03-23 10:47:10 ----D---- C:\Windows\system32\ru-RU
2013-03-23 10:47:10 ----D---- C:\Windows\system32\nb-NO
2013-03-23 10:47:10 ----D---- C:\Windows\system32\ja-JP
2013-03-23 10:47:10 ----D---- C:\Windows\system32\da-DK
2013-03-22 23:16:20 ----D---- C:\Windows\Logs
2013-03-22 23:16:00 ----D---- C:\Windows\system32\catroot
2013-03-22 23:15:28 ----D---- C:\Windows\system32\catroot2
2013-03-22 23:10:08 ----D---- C:\Windows
2013-03-22 23:09:50 ----SHD---- C:\System Volume Information
2013-03-22 21:37:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-22 21:36:01 ----HD---- C:\ProgramData
2013-03-22 20:46:07 ----D---- C:\Windows\Tasks
2013-03-22 20:45:57 ----D---- C:\Windows\system32\drivers\etc
2013-03-22 11:53:27 ----D---- C:\Windows\rescache
2013-03-22 11:04:32 ----D---- C:\Windows\Microsoft.NET
2013-03-22 11:03:50 ----RSD---- C:\Windows\assembly
2013-03-22 10:38:42 ----RD---- C:\Program Files
2013-03-21 20:04:11 ----D---- C:\Windows\AppPatch
2013-03-21 19:48:07 ----D---- C:\Users\Smalcovi\AppData\Roaming\Skype
2013-03-21 15:48:03 ----D---- C:\Windows\system32\DriverStore
2013-03-21 15:45:39 ----SHD---- C:\Boot
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Sidebar
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Portable Devices
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Photo Viewer
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Media Player
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Mail
2013-03-21 15:40:08 ----D---- C:\Program Files\Windows Journal
2013-03-21 15:40:08 ----D---- C:\Program Files\DVD Maker
2013-03-21 15:40:07 ----D---- C:\Program Files\Common Files\System
2013-03-21 15:40:05 ----D---- C:\Windows\servicing
2013-03-21 15:40:05 ----D---- C:\Windows\ehome
2013-03-21 15:40:05 ----D---- C:\Program Files\Windows Defender
2013-03-21 15:39:58 ----D---- C:\Windows\system32\sysprep
2013-03-21 15:39:58 ----D---- C:\Windows\system32\Setup
2013-03-21 15:39:58 ----D---- C:\Windows\system32\oobe
2013-03-21 15:39:58 ----D---- C:\Windows\system32\cs
2013-03-21 15:39:58 ----D---- C:\Windows\system32\AdvancedInstallers
2013-03-21 15:39:52 ----D---- C:\Windows\system32\sppui
2013-03-21 15:39:52 ----D---- C:\Windows\system32\manifeststore
2013-03-21 15:39:51 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-03-21 15:39:50 ----D---- C:\Windows\system32\wbem
2013-03-21 15:39:49 ----D---- C:\Windows\system32\migwiz
2013-03-21 15:39:49 ----D---- C:\Windows\system32\Dism
2013-03-21 15:39:15 ----RSD---- C:\Windows\Fonts
2013-03-21 15:39:02 ----D---- C:\Windows\system32\Boot
2013-03-21 15:35:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-20 23:17:34 ----A---- C:\Windows\system32\msclmd.dll
2013-03-17 21:10:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-17 21:10:20 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2013-03-13 11:58:38 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 11:58:34 ----SHD---- C:\Windows\Installer
2013-03-13 11:58:34 ----D---- C:\ProgramData\Microsoft Help
2013-02-24 11:47:11 ----D---- C:\Users\Smalcovi\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-10 242240]
R1 MpKsl4b292f98;MpKsl4b292f98; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{860086EE-4CC7-45CC-9C96-E703FC10F097}\MpKsl4b292f98.sys [2013-03-23 29904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 8758784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 296448]
R3 BSecACFltr;BSecACFltr; C:\Windows\system32\DRIVERS\BSecACFltr.sys [2011-06-14 21624]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-05-22 3226960]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2011-12-02 199528]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 217600]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 291840]
R2 Bsecure;AVG Family Safety; C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe [2011-12-07 66376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-09-05 655624]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-19 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01 1343400]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#9 Příspěvek od **Márty84** » 23 bře 2013 12:22

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

scorpion · #10 Příspěvek od **scorpion** » 23 bře 2013 16:21

Výsledek z crystal disk:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x86)
Date : 2013/03/23 16:20:21

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- ST3250310AS ATA Device
- HL-DT-ST DVDRAM GSA-4167B ATA Device
- WDC WD800BB-00CAA1 ATA Device
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) ST3250310AS : 250,0 GB [0/2/0, pd1] - st
(2) WDC WD800BB-00CAA1 : 80,0 GB [1/0/0, pd1]

----------------------------------------------------------------------------
(1) ST3250310AS
----------------------------------------------------------------------------
Model : ST3250310AS
Firmware : 3.AAF
Serial Number : 6RYBZRFA
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488395055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/150
Power On Hours : 11190 hod.
Power On Count : 3445 krát
Temparature : 43 C (109 F)
Health Status : Pozor
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _98 _98 __0 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000F78 Počet spuštění/zastavení
05 100 100 _36 000000000002 Počet přemapovaných sektorů
07 _84 _60 _30 00001212B197 Počet chybných hledání
09 _88 _88 __0 000000002BB6 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000D75 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _57 _45 _45 0000370C002B Teplota toku vzduchu
C2 _43 _55 __0 000C0000002B Teplota
C3 _68 _61 __0 00000CBA986A Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3652 3652 5942 5A52 4641
020: 0000 4000 0004 332E 4141 2020 2020 5354 3332 3530
030: 3331 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0502 0502 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 BC01 BC01 4023 407F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 512F 1D1C 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0009 5970
130: 1D1C 5970 1D1C 2020 0002 0002 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 0082 0202 0000 0404 0000 0000 0000 0000 1D00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0001 0001 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 61A5

----------------------------------------------------------------------------
(2) WDC WD800BB-00CAA1
----------------------------------------------------------------------------
Model : WDC WD800BB-00CAA1
Firmware : 17.07W17
Serial Number : WD-WCADS1038930
Disk Size : 80,0 GB (8,4/80,0/----)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 156299375
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 16373 hod.
Power On Count : 6721 krát
Temparature : Neznámy údaj
Health Status : Dobrý
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 199 _51 000000000000 Počet chyb čtení
03 _92 _89 _21 00000000116A Čas na roztočení ploten
04 _93 _93 _40 000000001C6F Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _78 _78 __0 000000003FF5 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _94 _94 __0 000000001A41 Počet cyklů zapnutí zařízení
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF 0000 0010 E100 003F 003F 0010 0000 000E
010: 5744 2D57 4341 4453 3130 3933 3933 3000 0000 0000
020: 0003 1000 0028 3137 2E30 3137 3137 5744 4320 5744
030: 3830 3042 422D 3030 4341 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0280 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: F06F 0950 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 003E 0000 346B 4B01 4003 0801 0801 4003 203F 0000
090: 0000 0000 0000 603B 80FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 002D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0001 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 001F
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 35A5

scorpion · #11 Příspěvek od **scorpion** » 23 bře 2013 16:27

Zpráva z Rogue killera:

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Smalcovi [Práva správce]
Mód : Kontrola -- Datum : 03/23/2013 16:24:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] DiskInfo.exe -- C:\Users\Smalcovi\Desktop\Download\CrystalDiskInfo5_0_0\DiskInfo.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] aa7cabc78bfc3ab3341077d9f3a50a18
[BSP] a46fcfe842d251120b29c80a7d54ea75 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 204797952 | Size: 138475 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD800BB-00CAA1 ATA Device +++++
--- User ---
[MBR] 1d9802d71ec8a5727fb40cafdd364645
[BSP] 5f83892531b1546d1d09af6e00a346d2 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76216 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03232013_02d1624.txt >>
RKreport[1]_S_03232013_02d1624.txt

#12 Příspěvek od **Márty84** » 23 bře 2013 16:32

Tento disk hlasi spoustu chyb. I to muze delat problemy.

(1) ST3250310AS : 250,0 GB [0/2/0, pd1] - st
05 100 100 _36 000000000002 Počet přemapovaných sektorů
07 _84 _60 _30 00001212B197 Počet chybných hledání
C3 _68 _61 __0 00000CBA986A Počet oprav chybného čtení

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

scorpion · #13 Příspěvek od **scorpion** » 23 bře 2013 16:36

Log po smazání:

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Smalcovi [Práva správce]
Mód : Odebrat -- Datum : 03/23/2013 16:35:51
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] DiskInfo.exe -- C:\Users\Smalcovi\Desktop\Download\CrystalDiskInfo5_0_0\DiskInfo.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] aa7cabc78bfc3ab3341077d9f3a50a18
[BSP] a46fcfe842d251120b29c80a7d54ea75 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 204797952 | Size: 138475 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD800BB-00CAA1 ATA Device +++++
--- User ---
[MBR] 1d9802d71ec8a5727fb40cafdd364645
[BSP] 5f83892531b1546d1d09af6e00a346d2 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76216 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_03232013_02d1635.txt >>
RKreport[1]_S_03232013_02d1624.txt ; RKreport[2]_D_03232013_02d1635.txt

scorpion · #14 Příspěvek od **scorpion** » 23 bře 2013 16:38

Zpráva po oprava host:

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Smalcovi [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/23/2013 16:36:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] DiskInfo.exe -- C:\Users\Smalcovi\Desktop\Download\CrystalDiskInfo5_0_0\DiskInfo.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[3]_H_03232013_02d1636.txt >>
RKreport[1]_S_03232013_02d1624.txt ; RKreport[2]_D_03232013_02d1635.txt ; RKreport[3]_H_03232013_02d1636.txt

#15 Příspěvek od **Márty84** » 23 bře 2013 16:46

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola