Prosím o kontrolu logu a pomoc s "navex15" Vyřešeno

[Alan-K]

a ten druhý.

---2---

ComboFix 08-11-20.02 - Alan 2008-11-21 14:38:04.11 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.3182 [GMT 1:00]
Spuštěný z: c:\documents and settings\Alan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Alan\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2008-10-21 do 2008-11-21 )))))))))))))))))))))))))))))))
.

2008-11-21 09:02 . 2008-11-21 09:02 <DIR> d--hs---- C:\found.000
2008-11-21 01:07 . 2008-11-21 01:07 <DIR> d-------- c:\program files\Avira
2008-11-21 01:07 . 2008-11-21 01:07 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Avira
2008-11-21 00:22 . 2008-11-21 00:54 <DIR> d-------- c:\program files\UnHackMe
2008-11-20 21:36 . 2008-11-20 21:36 <DIR> d-------- C:\rsit
2008-11-20 20:01 . 2008-11-20 20:01 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-20 20:01 . 2008-11-20 20:01 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2008-11-20 20:01 . 2008-11-20 20:01 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\Malwarebytes
2008-11-20 20:01 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-20 20:01 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-20 17:29 . 2008-11-20 17:29 <DIR> d-------- c:\documents and settings\Administrator\Data aplikací\Sony Ericsson
2008-11-20 00:25 . 2008-11-20 00:25 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\AltrixSoft
2008-11-20 00:24 . 2008-11-20 00:24 <DIR> d-------- c:\program files\Hard Drive Inspector
2008-11-19 20:50 . 2008-11-19 20:50 <DIR> d-------- c:\program files\RegCleaner
2008-11-19 19:05 . 2008-11-19 19:18 <DIR> d-------- c:\program files\SeaTools Enterprise
2008-11-19 19:05 . 2008-11-19 19:05 0 --a------ c:\windows\PROTOCOL.INI
2008-11-19 17:44 . 2008-11-19 17:44 <DIR> d-------- c:\program files\Common Files\Canopus Shared
2008-11-19 17:44 . 2008-11-19 17:44 <DIR> d-------- c:\program files\Canopus
2008-11-19 15:07 . 2008-11-19 15:07 <DIR> d-------- c:\program files\Trend Micro
2008-11-18 19:49 . 2008-11-19 17:43 <DIR> d-------- c:\program files\FinalUninstaller
2008-11-14 15:08 . 2008-11-19 17:44 <DIR> d-------- c:\program files\Acoustica CD Label Maker
2008-11-14 15:08 . 2008-11-14 15:08 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\Acoustica
2008-11-14 15:04 . 2008-11-19 17:44 <DIR> d-------- c:\program files\KnockOut 2(2)
2008-11-13 13:28 . 2008-11-19 01:28 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\nView_Wallpaper
2008-11-13 13:14 . 2008-11-13 13:14 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Grass Valley
2008-11-13 12:48 . 2008-11-18 18:28 499 --a------ c:\windows\PowerReg.dat
2008-11-13 11:22 . 2008-11-13 11:22 <DIR> d-------- c:\program files\Grass Valley
2008-11-13 11:22 . 2008-11-13 11:22 <DIR> d-------- c:\program files\Common Files\Grass Valley
2008-11-11 20:10 . 2008-11-11 20:10 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\VitySoft
2008-11-06 21:33 . 2006-11-17 05:40 18,804,736 --a------ c:\windows\system32\alsndmgr.cpl
2008-11-06 21:33 . 2006-12-08 15:20 10,528,768 --a------ c:\windows\system32\RTLCPL.exe
2008-11-06 21:33 . 2007-04-25 16:20 4,030,144 --a------ c:\windows\system32\drivers\alcxwdm.sys
2008-11-06 21:33 . 2002-02-05 13:54 141,016 --a------ c:\windows\system32\alsndmgr.wav
2008-11-06 21:33 . 2006-08-01 15:02 49,152 --a------ c:\windows\system32\ChCfg.exe
2008-11-06 21:31 . 2008-11-06 21:31 <DIR> d-------- c:\program files\Realtek AC97
2008-11-06 21:31 . 2007-04-16 15:28 577,536 --a------ c:\windows\SOUNDMAN.EXE
2008-11-06 21:31 . 2006-07-31 11:19 315,392 --a------ c:\windows\alcupd.exe
2008-11-06 21:31 . 2006-07-31 11:27 217,088 --a------ c:\windows\alcrmv.exe
2008-11-06 21:13 . 2008-11-06 21:13 315,392 --a------ c:\windows\HideWin.exe
2008-11-06 02:10 . 2008-11-06 02:11 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\Creative ASR2
2008-11-06 01:55 . 2008-11-19 18:32 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\Simply Super Software
2008-11-06 01:55 . 2006-05-25 15:52 162,304 --a------ c:\windows\system32\ztvunrar36.dll
2008-11-06 01:55 . 2003-02-02 20:06 153,088 --a------ c:\windows\system32\unrar3.dll
2008-11-06 01:55 . 2005-08-26 01:50 77,312 --a------ c:\windows\system32\ztvunace26.dll
2008-11-06 01:55 . 2002-03-06 01:00 75,264 --a------ c:\windows\system32\unacev2.dll
2008-11-06 01:55 . 2006-06-19 13:01 69,632 --a------ c:\windows\system32\ztvcabinet.dll
2008-11-06 01:34 . 2008-11-06 21:44 60,416 --a------ c:\windows\ALCFDRTM.VER
2008-11-06 01:34 . 2008-11-06 01:34 60,416 --------- c:\windows\ALCFDRTM.EXE
2008-11-06 01:29 . 2008-11-06 01:29 123 --a------ c:\windows\rootkitno.ini
2008-11-06 00:31 . 2008-11-06 01:10 30,072 --a------ c:\windows\system32\BMXStateBkp-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
2008-11-06 00:31 . 2008-11-06 01:10 30,072 --a------ c:\windows\system32\BMXState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
2008-11-06 00:31 . 2008-11-06 01:10 27,984 --a------ c:\windows\system32\BMXCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
2008-11-06 00:31 . 2008-11-06 01:10 27,984 --a------ c:\windows\system32\BMXBkpCtrlState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
2008-11-06 00:31 . 2008-11-06 01:50 1,080 --a------ c:\windows\system32\settingsbkup.sfm
2008-11-06 00:31 . 2008-11-06 01:50 1,080 --a------ c:\windows\system32\settings.sfm
2008-11-06 00:31 . 2008-11-06 01:10 384 --a------ c:\windows\system32\DVCStateBkp-{00000002-00000000-00000009-00001102-00000004-20011102}.dat
2008-11-06 00:31 . 2008-11-06 01:10 384 --a------ c:\windows\system32\DVCState-{00000002-00000000-00000009-00001102-00000004-20011102}.dat
2008-11-06 00:19 . 2008-11-06 02:13 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\Creative
2008-11-05 23:23 . 2008-11-21 00:23 (2) -rahs-ot- c:\windows\winstart.bat
2008-11-02 20:59 . 2008-11-02 20:59 169 --a------ c:\windows\RtlRack.ini
2008-11-02 20:59 . 2008-11-02 20:59 84 --a------ c:\windows\avrack.ini
2008-11-02 20:58 . 2002-11-21 15:07 765,952 --a------ c:\windows\system\crlds3d.dll
2008-11-02 20:58 . 2003-07-31 21:08 744 --------- c:\windows\system32\drivers\alcxinit.dat
2008-11-02 12:07 . 2003-07-10 11:00 222,293 -ra------ c:\windows\system32\SET3E.tmp
2008-11-02 01:51 . 1999-09-22 23:18 2,167,684 --------- c:\windows\system32\CT2MGM.SF2
2008-11-02 01:51 . 2000-02-25 12:49 1,048,576 --a------ c:\windows\system32\CT1MGM.ROM
2008-11-02 01:51 . 2008-11-02 01:51 184 --a------ c:\windows\system32\e000005.dat
2008-11-02 01:34 . 2008-07-07 10:37 15,896 --------- c:\windows\system32\drivers\PFModNT.sys
2008-11-02 01:10 . 2008-11-06 02:28 11,564 --a------ c:\windows\system32\DVCState-{00000002-00000000-00000009-00001102-00000004-20011102}.rfx
2008-11-02 00:15 . 2008-06-27 19:21 100,888 --a------ c:\windows\system32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTERFXFX.SYS
2008-11-01 23:02 . 2008-11-01 23:02 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\nView_Profiles
2008-11-01 22:45 . 2008-04-14 00:15 49,408 --a------ c:\windows\system32\drivers\stream.sys
2008-11-01 22:45 . 2008-04-14 00:15 49,408 --a--c--- c:\windows\system32\dllcache\stream.sys
2008-11-01 22:25 . 2008-11-01 22:25 <DIR> d--hs---- c:\windows\ftpcache
2008-11-01 22:22 . 2008-11-01 22:22 319 --a------ c:\windows\game.ini
2008-10-30 14:11 . 2008-10-30 14:11 <DIR> d-------- c:\documents and settings\Alan\Data aplikací\HDRsoft
2008-10-29 13:36 . 2008-10-29 13:36 <DIR> d-------- c:\program files\PhotomatixPro3
2008-10-23 16:07 . 2008-10-23 16:07 99,904 --a------ c:\windows\system32\drivers\AnyDVD.sys
2008-10-22 00:38 . 2008-10-22 01:02 <DIR> d-------- C:\ikony pro PC

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-20 23:53 --------- d-----w c:\program files\Java
2008-11-20 23:52 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-20 23:33 --------- d-----w c:\program files\Quick GPS Connection Data Download Manager
2008-11-20 23:21 --------- d-----w c:\documents and settings\Alan\Data aplikací\ZoomBrowser EX
2008-11-19 22:15 --------- d-----w c:\program files\Ulead Systems
2008-11-19 22:08 --------- d-----w c:\documents and settings\All Users\Data aplikací\Symantec
2008-11-19 20:48 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-19 20:24 --------- d-----w c:\program files\particleIllusion_3
2008-11-19 17:44 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2008-11-19 17:35 --------- d-----w c:\program files\Common Files\Ulead Systems
2008-11-19 16:44 --------- d-----w c:\program files\AKVIS
2008-11-19 16:43 --------- d-----w c:\program files\QuickTime
2008-11-19 16:43 --------- d-----w c:\documents and settings\All Users\Data aplikací\Canopus
2008-11-19 16:43 --------- d-----w c:\documents and settings\All Users\Data aplikací\Apple Computer
2008-11-19 16:42 --------- d-----w c:\program files\Ashampoo
2008-11-19 12:53 --------- d---a-w c:\documents and settings\All Users\Data aplikací\TEMP
2008-11-18 20:51 --------- d-----w c:\program files\Microsoft IntelliType Pro
2008-11-18 19:03 --------- d-----w c:\documents and settings\All Users\Data aplikací\ZoomBrowser
2008-11-18 17:33 --------- d-----w c:\documents and settings\Alan\Data aplikací\Vso
2008-11-17 16:09 --------- d-----w c:\program files\EPSON Print CD
2008-11-17 11:31 --------- d-----w c:\documents and settings\Alan\Data aplikací\Canopus
2008-11-13 13:04 --------- d-----w c:\program files\Common Files\Adobe
2008-11-05 22:55 --------- d-----w c:\program files\Zoner
2008-11-05 22:26 --------- d-----w c:\program files\Spb Wallet
2008-11-05 21:58 --------- d-----w c:\program files\HeroCraft
2008-11-01 23:15 444,952 ----a-w c:\windows\system32\wrap_oal.dll
2008-10-30 12:23 --------- d-----w c:\documents and settings\Alan\Data aplikací\Lasersoft Imaging
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 13:09 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-19 19:05 3,452 --sha-w c:\documents and settings\All Users\Data aplikací\KGyGaAvL.sys
2008-10-11 13:53 --------- d-----w c:\documents and settings\Alan\Data aplikací\Canon
2008-10-06 19:26 499,712 ----a-w c:\windows\system32\msvcp71.dll
2008-10-06 19:26 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-10-06 19:26 --------- d-----w c:\program files\Common Files\xing shared
2008-10-06 19:26 --------- d-----w c:\program files\Common Files\Real
2008-10-06 17:03 --------- d-----w c:\program files\FrameShow
2008-10-04 11:40 --------- d-----w c:\program files\Codec Pack - All In 1
2008-10-04 11:38 737,280 ----a-w c:\windows\iun6002.exe
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-29 15:43 84,936 ----a-w c:\windows\system32\ElbyVCD.dll
2008-09-27 00:32 --------- d-----w c:\program files\CoreCodec
2008-09-26 23:43 --------- d-----w c:\documents and settings\Alan\Data aplikací\CoreCodec
2008-09-26 23:04 --------- d-----w c:\program files\Sony
2008-09-26 22:10 --------- d-----w c:\program files\FLAC
2008-09-26 21:29 --------- d-----w c:\program files\SystemRequirementsLab
2008-09-24 10:29 29,184 ----a-w c:\windows\system32\drivers\VClone.sys
2008-09-22 23:37 --------- d-----w c:\program files\DVD-RB PRO
2008-09-22 23:31 --------- d-----w c:\program files\Sony Setup
2008-09-22 23:27 --------- d-----w c:\documents and settings\All Users\Data aplikací\Sony
2008-09-22 15:58 --------- d-----w c:\program files\Imagineer Systems Ltd
2008-09-22 14:21 --------- d-----w c:\program files\FOX Video Converter
2008-09-22 14:20 81,920 ----a-w c:\documents and settings\Alan\Data aplikací\ezpinst.exe
2008-09-22 14:20 47,360 ----a-w c:\documents and settings\Alan\Data aplikací\pcouffin.sys
2008-09-22 13:45 --------- d-----w c:\program files\VSO
2008-09-21 23:00 817,664 ---h--w c:\windows\system32\wodfamoh.dll
2008-09-15 15:27 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:16 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-07 11:12 203,776 ----a-w c:\windows\system32\clrviddc.dll
2008-09-07 08:34 34,308 ----a-w c:\windows\system32\Chip.dll
2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 08:27 826,368 ----a-w c:\windows\system32\wininet.dll
2008-05-23 20:50 0 -c--a-w c:\documents and settings\All Users\Data aplikací\PKP_DLbz.DAT
2008-04-25 14:54 8 --sh--r c:\documents and settings\All Users\Data aplikací\92FE4C067B.sys
2008-03-19 19:16 624 ----a-w c:\program files\MyMobiler.lnk
2004-06-21 12:23 1,319,424 ----a-w c:\program files\MysticalTTC.exe
2003-12-04 16:01 1,419,264 ----a-w c:\program files\Mystical_PlugIn_TTC.8bf
2001-07-17 15:15 66,680 ----a-w c:\program files\ARDS1.ttf
2006-04-22 10:14 56 --sha-r c:\windows\system32\040D52D172.sys
2007-04-28 12:20 88 --sha-r c:\windows\system32\92FE4C067B.sys
2007-06-06 18:52 8,036 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-11-20_16.34.18,81 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-20 13:50:44 827,392 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\ntuser.dat
+ 2008-11-20 18:32:08 1,069,056 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\ntuser.dat
- 2008-11-20 13:50:44 8,192 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-11-20 18:32:08 8,192 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-05-09 12:15:51 45,376 ----a-w c:\windows\system32\drivers\avgntdd.sys
+ 2008-01-21 17:11:28 22,336 ----a-w c:\windows\system32\drivers\avgntmgr.sys
+ 2008-11-21 00:08:58 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:22 28,352 ----a-w c:\windows\system32\drivers\ssmdrv.sys
- 2008-11-20 15:19:11 12,372 ----a-w c:\windows\system32\Tablet.dat
+ 2008-11-21 13:35:02 12,372 ----a-w c:\windows\system32\Tablet.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UMonit"="c:\windows\system32\umonit.exe" [2006-07-26 53248]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 52168]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 c:\windows\system32\ptipbmf.dll]
"nwiz"="nwiz.exe" [2008-05-03 c:\windows\system32\nwiz.exe]
"CTHelper"="CTHELPER.EXE" [2008-06-27 c:\windows\system32\CtHelper.exe]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]
"SetDefaultMIDI"="MIDIDEF.EXE" [2002-12-03 c:\windows\MIDIDEF.EXE]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-08-24 110592]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 241664]
Monitor.lnk - c:\program files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2008-09-07 114688]
TabUserW.exe.lnk - c:\windows\system32\Wtablet\TabUserW.exe [2003-12-04 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.DVSD"= pdvcodec.dll
"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"msacm.avis"= ff_acm.acm
"vidc.CDVC"= cdvccodc.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Expression\\Media Reader 1.0\\MediaReader.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;"c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe" [2008-11-21 68865]
R2 PfDetNT;PfDetNT;\??\c:\windows\system32\drivers\PfModNT.sys [2008-11-02 15896]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2008-04-14 69120]
S2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate;"c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []
S3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\system32\ASNDIS5.SYS []
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys []
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\Drivers\COH_Mon.sys [2007-05-29 23888]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [2008-09-07 6016]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-21 14:41:20
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
UMonit = c:\windows\system32\umonit.exe?USB\V?W??146&?V??\???8????????V??8????V??B\RO????8???????????????????????????h?????6~?V???????????b@?????????????????@$?|?????$?|??7~??@???:~????????????????????@???????????????t??????????????|`$?|?????$?|U$?|??????????????@

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2008-11-21 14:42:44
ComboFix-quarantined-files.txt 2008-11-21 13:42:23
ComboFix2.txt 2008-11-21 13:03:56
ComboFix3.txt 2008-11-20 18:11:18
ComboFix4.txt 2008-11-20 15:35:05

Před spuštěním: Volných bajtů: 19,015,835,648
Po spuštění: Volných bajtů: 18,995,257,344

275 --- E O F --- 2008-11-19 18:22:19

[Reklama]

[jaro3]

Stahni si Avanger
do něj podle navodu:
zadej prikaz z kodu:

Kód: Vybrat vše

Files to delete:
c:\windows\system32\wodfamoh.dll
c:\windows\system32\wodfamod.dll
c:\windows\system32\SET3E.tmp


po restartu novy log z avengeru.

[Alan-K]

...tak nevim, jestli je to ono, protože, alespoň mě se zdá, že to nějak "spadlo", a tady to pak vylezlo, což by znamenalo, že je to smázlý, ani to tam neni (tedy v C:/windows/system32/)..., máš ještě chuť se mnou komunikovat????
Už jsem se byl podívat co stojí nový HDD a jsem smířený s výměnou HDDa novou instalací OS...teď jsem plně ve Tvých rukou...Ó PANE


Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "c:\windows\system32\wodfamoh.dll" deleted successfully.
File "c:\windows\system32\wodfamod.dll" deleted successfully.
File "c:\windows\system32\SET3E.tmp" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

[jaro3]

Jasně...Máš tam nějaké data, snad. Koupě nového HDD je dobrý nápad.
Takže vše je smazané..
Vlož sem nový log z HJT, ať to můžeme dodělat.

[Alan-K]

...tak tady je log...když bude počítač v pohodě, tak dám ještě vědet...koukni prosím na ten log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:41, on 21.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\umonit.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\system32\umonit.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1145281062
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1693144468
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://tw.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11735 bytes

[jaro3]

Odinstaluj toto: AskBar Toolbar
Následně fix v HJT:

Kód: Vybrat vše

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš
Aktualizuj javu:
Java SE Runtime Environment 6u10

Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u10-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Zkus otestovat HDD utilitou od výrobce a provést Test RAM Memtestem ( aspoň dvě hodiny).
Případné opravy ve win jsou možné ( do jisté míry).

[Alan-K]

Ahoj, tak to asi vzdávám, provedl jsem vše jak si mi napsal....
...a zase krásný modrý okýnko, tentokrát:
PAGE_FAULT_IN_NONPAGED_AREA
a jednou byla za příčinu selhání označena složka -win32k.sys
a podruhé, kryž to padlo tak -ntfs.sys
nestačil jsem otestovat ty HDD a RAM, potom vyčištění a instalaci javy jsem restartoval a zase to začalo padat.

[memphisto]

omlouvám se za skok do tématu.

jaro s tebou vyčistil viry, ale ty chyby vypadají na poškozený disk. asi se koupi nového HDD nevyhneš. zazálohuj si co budeš potřebovat kdyby náhodou to padlo celé a napiš ježíškovi o nový disk .je poškozený systémový soubor ntfs a to je špatně. napřed bych ale asi vyzkoušel po záloze přeinstalovat Windows a pak by se vidělo.může být poškozen nějaký nevhodným zásahem ten systémový soubor a nebo je poškozen disk a bude ho poškozovat neustále dál

[Alan-K]

...já děkuju všem za Vaši účast, Ježíšek mi poslal mail zpátky, že jsou důležitější věci..... tak si ten HDD koupím sám!

Asi ale ještě udělám ten reinstal...

MÁM SI NA NĚCO DÁT POZOR, NEBO MŮŽU "NORMÁLNĚ-STANDARTNĚ"PO VLOŽENÍ CD-ROMu NAFORMÁTOVAT A INSTALOVAT???

[memphisto]

klidně formátuj a instaluj. pokud máš SATA disk, tak budeš muset zavádět ovladače, ale to určitě víš. napřed si ale zálohuj ty data. pak zkus chvíli na té čisté instalaci fungovat a uvidíš. třeba se to spraví a třeba to poškozený disk opět poškodí a budeš muset koupit jiný. pak po nové instalaci projeď ten disk utilitou od výrobce a ty paměti memtestem a hned bude jasno, kde byl zakopaný pes. poškození toho disku by se mělo objevit při té kontrole čisté instalace a nebo už při instalaci OS. to uvidíš sám. každopádně kdyby byl problém, tak víš,kam se obrátit
jinak za všechny zúčastněné není zač (doufám, že s tímto souhlasí i jaro, ten s tím bojoval nejdýl )

[Alan-K]

Takže zítra na to jdu a budu se i nadále řídit Vašemi radami...........označím to jako vyřešené, protože se k tomu už nemusíme vracet.
Jaro3, Tobě velký dík za trpělivost!!! Ty i Memphisto si zasloužíte můj dík, a až někdy budete v Karlových Varech (ne virech), tak se zastavte na drink....

[Alan-K]

...takže jen pro vyjasnění, i když to MemTest neukázal....tak špatný je z největší pravděpodobností jeden z modulů RAM, protože jsem je "vyškub" a jako správný amatér vylosoval jednu RAMku a tu tam dal na zkoušku....výsledek je, že komp běží celej den a úplně bez chyby..teď už jen zjistit, který z těch tří zbývajících je špatný???