prosím o kontrolu logu - Win32/Patched.EE trojský kůň Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň

Příspěvekod Sandra74 » 02 úno 2013 12:16

ComboFix 13-02-01.04 - SandraD 02.02.2013 11:55:17.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2471 [GMT 1:00]
Spuštěný z: c:\documents and settings\SandraD\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\SandraD\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.124\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.124\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.124\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.124\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.124\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.124\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.124\goopdate.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.124\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.124\psmachine.dll
c:\program files\Google\Update\1.3.21.124\psuser.dll
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57\24.0.1312.57_24.0.1312.56_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-02 do 2013-02-02 )))))))))))))))))))))))))))))))
.
.
2013-01-29 16:54 . 2013-01-29 16:54 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\Malwarebytes
2013-01-29 16:53 . 2013-01-29 16:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-01-28 21:03 . 2013-01-28 21:03 388096 ----a-r- c:\documents and settings\SandraD\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-28 21:03 . 2013-01-28 21:03 -------- d-----w- c:\program files\Trend Micro
2013-01-27 22:10 . 2013-01-27 22:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\COMODO
2013-01-27 22:09 . 2013-01-27 22:09 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-01-27 22:06 . 2013-01-27 22:06 -------- d-s---w- c:\documents and settings\All Users\Data aplikací\Shared Space
2013-01-27 22:04 . 2013-01-27 22:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\COMODO
2013-01-27 22:04 . 2013-01-27 22:04 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\GeekBuddyRSP
2013-01-27 22:04 . 2013-01-27 22:09 -------- d-----w- c:\documents and settings\SandraD\Local Settings\Data aplikací\COMODO
2013-01-27 22:04 . 2013-01-28 16:35 -------- d-----w- c:\program files\Comodo
2013-01-27 22:04 . 2013-01-27 22:04 1060864 ----a-w- c:\windows\system32\mfc71.dll
2013-01-27 22:04 . 2013-01-27 22:04 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-01-27 22:04 . 2013-01-27 22:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo Downloader
2013-01-27 19:01 . 2013-01-27 19:01 -------- d-----w- c:\program files\Common Files\Skype
2013-01-25 22:09 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-25 21:37 . 2013-01-25 22:00 -------- d-----w- c:\documents and settings\SandraD\Local Settings\Data aplikací\Darksiders
2013-01-10 20:41 . 2013-01-10 21:02 -------- d-----w- c:\program files\Games
2013-01-06 22:08 . 2013-01-06 22:08 -------- d-----w- c:\program files\Blobby Volley 2 Version 1.0RC1
2013-01-04 21:09 . 2013-01-04 21:09 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2013-01-04 21:09 . 2013-01-04 21:09 -------- d-----w- c:\program files\Common Files\Steam
2013-01-04 21:09 . 2013-01-19 23:16 -------- d-----w- c:\program files\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 22:16 . 2012-11-07 18:41 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 22:16 . 2012-11-07 18:41 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-14 19:45 . 2012-12-14 19:45 98904 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-12-14 19:45 . 2012-12-14 19:45 32976 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-12-14 19:45 . 2012-12-14 19:45 583912 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-12-14 19:45 . 2012-12-14 19:45 18688 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-12-14 19:45 . 2012-12-14 19:45 35640 ----a-w- c:\windows\system32\cmdcsr.dll
2012-12-14 19:45 . 2012-12-14 19:45 350272 ----a-w- c:\windows\system32\guard32.dll
2012-12-14 19:45 . 2012-12-14 19:45 260304 ----a-w- c:\windows\system32\cmdvrt32.dll
2012-12-03 15:40 . 2012-12-30 19:47 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-03 15:40 . 2012-12-30 19:47 5955584 ----a-w- c:\windows\system32\nvopencl.dll
2012-12-03 15:40 . 2012-12-30 19:47 889192 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-12-03 15:40 . 2012-12-30 19:47 7606272 ----a-w- c:\windows\system32\nvcuda.dll
2012-12-03 15:40 . 2012-12-30 19:47 2611560 ----a-w- c:\windows\system32\nvcuvid.dll
2012-12-03 15:40 . 2012-12-30 19:47 1874280 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-12-03 15:40 . 2012-12-30 19:47 1011048 ----a-w- c:\windows\system32\nvdispco32.dll
2012-12-03 15:40 . 2012-12-30 19:47 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-12-03 15:40 . 2007-04-12 15:44 2441728 ----a-w- c:\windows\system32\nvapi.dll
2012-12-03 15:40 . 2007-04-12 15:44 19460096 ----a-w- c:\windows\system32\nvoglnt.dll
2012-12-03 15:40 . 2002-09-20 17:04 4153600 ----a-w- c:\windows\system32\nv4_disp.dll
2012-12-03 15:40 . 2002-08-28 22:16 11053992 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-12-01 04:53 . 2007-04-12 15:44 15524712 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-01 04:53 . 2007-04-12 15:44 164712 ----a-w- c:\windows\system32\nvsvc32.exe
2012-12-01 04:53 . 2007-04-12 15:44 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-12-01 04:53 . 2007-04-12 15:44 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-01 04:52 . 2007-04-12 15:44 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-11-15 17:13 . 2012-11-15 17:04 21840 ----atw- c:\windows\system32\SIntfNT.dll
2012-11-15 17:13 . 2012-11-15 17:04 17212 ----atw- c:\windows\system32\SIntf32.dll
2012-11-15 17:13 . 2012-11-15 17:04 12067 ----atw- c:\windows\system32\SIntf16.dll
2012-11-15 16:09 . 2012-11-15 16:09 2829 ----a-w- c:\windows\DIIUnin.pif
2012-11-15 16:09 . 2012-11-15 16:09 94208 ----a-w- c:\windows\DIIUnin.exe
2012-11-12 19:13 . 2012-11-12 19:14 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-12 19:13 . 2012-11-12 19:14 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-07 19:08 . 2012-11-07 19:08 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-07 19:04 . 2012-11-07 19:04 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-01-18 22:32 . 2013-01-18 22:32 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-12-01 15524712]
"NvMediaCenter"="NvMCTray.dll" [2012-12-01 108392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-03 1982312]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2012-12-14 1426640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-12-14 22:30 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-01-04 21:10 1354736 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.11.2012 19:39 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.11.2012 19:39 361032]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [14.12.2012 20:45 18688]
R1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\drivers\cmdGuard.sys [14.12.2012 20:45 583912]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [14.12.2012 20:45 32976]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [7.11.2012 20:08 242240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.11.2012 19:39 21256]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [24.1.2013 12:52 2074256]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\Comodo\COMODO Internet Security\cmdvirth.exe [14.12.2012 20:45 127184]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 16:30 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-07 22:16]
.
2012-12-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2013-02-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-11-07 22:50]
.
2013-02-02 c:\windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
- c:\program files\COMODO\COMODO Internet Security\cfpconfg.exe [2012-12-14 19:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{8D841087-C9ED-49B8-BE64-B7E1A7C54EAB}: NameServer = 81.19.5.10,81.19.5.11
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\SandraD\Data aplikací\Mozilla\Firefox\Profiles\6n5bjbda.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-02 12:10
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1040)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
.
- - - - - - - > 'explorer.exe'(4032)
c:\windows\system32\guard32.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
.
- - - - - - - > 'csrss.exe'(952)
c:\windows\system32\cmdcsr.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\wdfmgr.exe
c:\program files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\system32\wscntfy.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\program files\COMODO\COMODO Internet Security\cis.exe
.
**************************************************************************
.
Celkový čas: 2013-02-02 12:13:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-02 11:13
ComboFix2.txt 2013-02-01 23:56
.
Před spuštěním: Volných bajtů: 66 231 787 520
Po spuštění: Volných bajtů: 66 154 905 600
.
- - End Of File - - 90B7F5659E57821F988BC1846852954C
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home

Reklama
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň

Příspěvekod Žbeky » 02 úno 2013 20:29

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC na plochu, spusť jej a klikni na Clean up!

+ Nový log z HJT

Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň

Příspěvekod Sandra74 » 03 úno 2013 17:00

Nevím, jestli mi ten OTC funguje tak, jak má - když ho spustím, po chvilce napíše, že je potřeba restartovat pc, ale když to potvrdím, nic se nestane, pc se nerestartuje a vypadá to, že ani OTC už nic nedělá....

Avast ani ESET už nehlásí žádný vir.

Nicméně počítač se mi zdá (již několik měsíců, od formátu někdy na podzim) celkově pomalejší, než býval - pomaleji se načítají stránky webu, sekají se hry na FB, sekají se filmy (vždy jen na chvilku, potom to zase povolí a film běží dál), když něco stahuju, počítač je strašně pomalý, že skoro není možné dělat něco jiného, pomalu se otevírají i soubory (např. pdf)..... Může se třeba přehřívat?

Děkuji za tvůj čas a pomoc.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:05, on 3.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [RoccatKova+] "C:\Program Files\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1960408961-1177238915-725345543-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D841087-C9ED-49B8-BE64-B7E1A7C54EAB}: NameServer = 81.19.5.10,81.19.5.11
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6740 bytes
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň

Příspěvekod memphisto » 03 úno 2013 20:20

fixni:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Dej sem log z CrystalDiskInfo
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň

Příspěvekod Sandra74 » 03 úno 2013 20:44

----------------------------------------------------------------------------
CrystalDiskInfo 5.3.1 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2013/02/03 20:43:41

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- TEAC DW-552G
- TEAC DV-W516E
- Sekundární kanál IDE (1)
+ NVIDIA nForce 590/570/550 Serial ATA Controller [ATA]
- WDC WD2500YS-01SHB1
- WDC WD5001AALS-00L3B2
- NVIDIA nForce 590/570/550 Serial ATA Controller [ATA]
- NVIDIA nForce 590/570/550 Serial ATA Controller [ATA]
- Silicon Image SiI 3132 SATALink Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD2500YS-01SHB1 : 251,0 GB [0/3/0, pd1] - wd
(2) WDC WD5001AALS-00L3B2 : 500,1 GB [1/3/2, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD2500YS-01SHB1
----------------------------------------------------------------------------
Model : WDC WD2500YS-01SHB1
Firmware : 20.06C06
Serial Number : WD-WCANY3435047
Disk Size : 251,0 GB (8,4/137,4/251,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 490234752
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/150
Power On Hours : 11110 hod.
Power On Count : 2438 krát
Temparature : 31 C (87 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 166 _21 00000000156B Čas na roztočení ploten
04 _98 _98 __0 000000000998 Počet spuštění/zastavení
05 196 196 140 00000000001A Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _85 _85 __0 000000002B66 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000986 Počet cyklů zapnutí zařízení
C2 119 100 __0 00000000001F Teplota
C4 198 198 __0 000000000002 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 414E 5933 3433 3530 3437
020: 0000 8000 0032 3230 2E30 3643 3036 5744 4320 5744
030: 3235 3030 5953 2D30 3153 4842 3120 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 0044 0040
080: 00FE 0000 746B 7F61 4163 7468 3C41 4163 407F 0027
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6380 1D38 0000 0000 0000 0000 0000 0000 5001 4EE1
110: AAF8 C7D6 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 167C 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 92A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 BE A6 6B 15 00 00 00 00 00 04 32 00 62 62 98
020: 09 00 00 00 00 00 05 33 00 C4 C4 1A 00 00 00 00
030: 00 00 07 0F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 55 55 66 2B 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 13 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 86 09 00 00 00 00 00 C2 22
070: 00 77 64 1F 00 00 00 00 00 00 C4 32 00 C6 C6 02
080: 00 00 00 00 00 00 C5 12 00 C8 C8 00 00 00 00 00
090: 00 00 C6 10 00 C8 C8 00 00 00 00 00 00 00 C7 3E
0A0: 00 C8 C8 01 00 00 00 00 00 00 C8 09 00 C8 C8 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 78 1E 01 7B
170: 03 00 01 00 02 5C 06 00 00 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 C8 C8 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C2 00
070: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
080: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
090: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0A0: 00 00 00 00 00 00 00 00 00 00 C8 33 C8 C8 C8 C8
0B0: C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 62

----------------------------------------------------------------------------
(2) WDC WD5001AALS-00L3B2
----------------------------------------------------------------------------
Model : WDC WD5001AALS-00L3B2
Firmware : 01.03B01
Serial Number : WD-WMASZ0023381
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7421 hod.
Power On Count : 1792 krát
Temparature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 160 159 _21 000000001388 Čas na roztočení ploten
04 _99 _99 __0 000000000703 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001CFD Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000700 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000005F Počet vypnutí disku
C1 200 200 __0 000000000703 Počet cyklů načítání/vymazání
C2 114 _99 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4153 5A30 3032 3333 3831
020: 0000 FFFF 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3530 3031 4141 4C53 2D30 304C 3342 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7468 BC41 4123 407F 002A
090: 002A 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 010F 6A4D 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FDA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A0 9F 88 13 00 00 00 00 00 04 32 00 63 63 03
020: 07 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 5A 5A FD 1C 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 00 07 00 00 00 00 00 C0 32
070: 00 C8 C8 5F 00 00 00 00 00 00 C1 32 00 C8 C8 03
080: 07 00 00 00 00 00 C2 22 00 72 63 21 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 D0 20 01 7B
170: 03 00 01 00 02 64 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 03 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 85

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E1
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň

Příspěvekod Žbeky » 03 úno 2013 22:23

Ten 250GB už má přemapované sektory a za jeho stav nelze ručit. Nic důležitého na něj nedávej

Viry tam nemáš
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: prosím o kontrolu logu - Win32/Patched.EE trojský kůň  Vyřešeno

Příspěvekod Sandra74 » 04 úno 2013 19:34

Vyřešeno. Vir je pryč, HDD koupím nový.

Moc děkuji uživatelům Damned, memphisto a Žbeky za skvělou pomoc, jako vždy! ;)
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 109 hostů