blokovanie spustania programov

[jakkal]

Zdravim,
od vcera mi zacal uplne blbnut notebook pri kazdom programe ci uz je to word, excel, bsplayer alebo windows media player atd mi vypise ked sa ich pokusim spustit okienko s cerveny krizikom a hlasenim pri odosielani prikazu do programu sa vyskytli problemy

tu je log z rsitu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2011-11-28 07:13:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (4%) free of 119 GB
Total RAM: 4095 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:13:08, on 28. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
D:\Daemon tools\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\Programs\PCTRAN~2\webie.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\Programs\PCTRAN~2\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Programs\PCTRAN~2\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Programs\PCTRAN~2\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Programs\PCTRAN~2\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Programs\PCTRAN~2\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Programs\PCTRAN~2\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Programs\PCTRAN~2\webie.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 11976 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
winlogon.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\RelevantKnowledge\rlservice.exe" /service
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Xobni\XobniService.exe"
"taskhost.exe"
taskeng.exe {6F40EFB0-A871-43D2-87FA-B98FD5406756}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
Atouch64.exe
"D:\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -boot
raptr_im.exe
"C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe" 4680
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\spool\DRIVERS\x64\3\E_IAMTCLE.EXE /FU "C:\Users\Michal\AppData\Local\Temp\epi4030.tmp"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bfde668c-497e-46ac-bcc0-2adb4c7905be -SystemEventPortName:HostProcess-9200e8c9-65f6-48ad-84d6-bb7c71837ed5 -IoCancelEventPortName:HostProcess-4ad7aa08-e8f1-445b-babf-2d90d245de1c -NonStateChangingEventPortName:HostProcess-82f8736b-9897-430f-ad22-ec1a1e511237 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f83c0cf3-af3d-4fce-8538-a3c5bae1f2d9
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --use-system-ssl --prerender=disabled
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=5372.0116A6E0.2146278055 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Www_Prefix/WarmSocketImpact/warm_socket/ --enable-print-preview --channel=5372.0A57F580.130357787 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\PROGRA~2\Google\Chrome\APPLIC~1\150874~1.121\gcswf32.dll",BrokerMain browser=chrome
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll" --lang=en-US --channel=5372.09AF8380.460772519 --flash-broker=2672 /prefetch:4
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Michal\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m50kxa48.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://my.daemon-search.com/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m50kxa48.default\extensions\
{ba14329e-9550-4989-b3f2-9732e92d17cc}

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m50kxa48.default\searchplugins\
daemon-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - D:\Programs\PCTRAN~2\webie.dll [2004-05-13 319488]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-08-15 16336416]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Facebook Update"=C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 137536]
"DAEMON Tools Lite"=D:\Daemon tools\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2011-11-18 53160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-21 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-11 8114720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2011-11-24 03:47:47 ----D---- C:\Program Files (x86)\RelevantKnowledge
2011-11-22 18:43:34 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2011-11-22 18:43:34 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2011-11-22 18:43:34 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2011-11-22 18:43:34 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-11-22 18:43:34 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-11-22 18:43:34 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-11-22 18:43:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2011-11-22 18:43:33 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-11-22 18:43:32 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-11-22 18:43:32 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-11-22 18:43:31 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2011-11-22 18:43:31 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-11-22 18:43:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2011-11-22 18:43:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-11-22 18:43:25 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2011-11-22 18:43:25 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2011-11-22 18:43:25 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-11-22 18:43:25 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-11-22 18:43:24 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-11-22 18:43:24 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-11-22 18:43:23 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2011-11-22 18:43:23 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-11-22 18:43:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-11-22 18:43:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-11-22 18:43:14 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2011-11-22 18:43:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2011-11-22 18:43:14 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-11-22 18:43:14 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-11-22 18:43:13 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2011-11-22 18:43:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2011-11-22 18:43:13 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-11-22 18:43:13 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-11-22 18:43:12 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2011-11-22 18:43:12 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2011-11-22 18:43:12 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-11-22 18:43:12 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-11-22 18:43:11 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2011-11-22 18:43:11 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-11-22 18:28:34 ----D---- C:\Program Files (x86)\FreeArc
2011-11-09 14:26:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 14:26:50 ----A---- C:\Windows\system32\win32k.sys
2011-11-02 00:51:59 ----D---- C:\ProgramData\Symantec
2011-11-02 00:51:46 ----D---- C:\ProgramData\Norton
2011-11-02 00:51:44 ----D---- C:\ProgramData\NortonInstaller
2011-11-01 22:43:04 ----D---- C:\Windows\SYSWOW64\Adobe

======List of files/folders modified in the last 1 month======

2011-11-28 07:13:08 ----D---- C:\Windows\temp
2011-11-28 07:13:06 ----D---- C:\Program Files\trend micro
2011-11-28 07:05:20 ----D---- C:\Windows\system32\config
2011-11-28 06:59:29 ----D---- C:\Windows\System32
2011-11-28 06:59:29 ----D---- C:\Windows\inf
2011-11-28 06:59:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-28 06:56:14 ----D---- C:\Users\Michal\AppData\Roaming\Raptr
2011-11-28 06:55:40 ----D---- C:\Windows\system32\catroot2
2011-11-28 06:55:29 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-28 03:13:44 ----D---- C:\Windows\system32\NDF
2011-11-27 19:00:27 ----SHD---- C:\System Volume Information
2011-11-24 16:31:22 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-11-24 03:47:47 ----RD---- C:\Program Files (x86)
2011-11-24 03:46:51 ----D---- C:\Windows\SysWOW64
2011-11-23 12:44:09 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-11-23 04:18:13 ----D---- C:\Users\Michal\AppData\Roaming\Azureus
2011-11-23 03:01:44 ----SHD---- C:\Windows\Installer
2011-11-22 20:07:52 ----RSD---- C:\Windows\assembly
2011-11-22 18:42:20 ----D---- C:\Windows
2011-11-22 14:57:21 ----D---- C:\Program Files (x86)\Raptr
2011-11-22 14:55:08 ----D---- C:\Program Files (x86)\Vuze
2011-11-22 14:54:35 ----D---- C:\Program Files (x86)\Vuze_Remote
2011-11-22 14:33:50 ----D---- C:\Windows\Prefetch
2011-11-21 04:08:15 ----D---- C:\Program Files (x86)\Google
2011-11-14 15:09:58 ----D---- C:\Users\Michal\AppData\Roaming\ICQ
2011-11-11 16:49:37 ----D---- C:\Windows\system32\catroot
2011-11-11 06:30:42 ----D---- C:\Windows\system32\FxsTmp
2011-11-09 18:28:08 ----D---- C:\Windows\winsxs
2011-11-09 18:26:21 ----D---- C:\Program Files\Common Files\System
2011-11-09 18:26:20 ----D---- C:\Windows\system32\drivers
2011-11-09 17:20:00 ----A---- C:\Windows\system32\MRT.exe
2011-11-05 10:40:11 ----A---- C:\Windows\ATKPF.ini
2011-11-05 10:39:52 ----D---- C:\Users\Michal\AppData\Roaming\EPSON
2011-11-05 10:17:02 ----D---- C:\Windows\system32\Tasks
2011-11-05 10:17:01 ----D---- C:\Windows\Tasks
2011-11-02 00:51:59 ----D---- C:\ProgramData
2011-10-30 13:11:00 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-21 35384]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-07-30 241696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-10-30 526392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-07-03 123784]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-03-24 314016]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-07-03 88288]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-03-24 43680]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-11 2001056]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-05-01 81440]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S3 aocif58v;aocif58v; C:\Windows\system32\drivers\aocif58v.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-15 382496]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-01-16 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-01-16 107832]
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2011-10-12 111632]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 XobniService;XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [2009-10-12 46824]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe []
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27 136176]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-25 1030600]
S3 fsssvc;Bezpečnosť rodiny v službe Windows Live; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1255736]

-----------------EOF-----------------

dakujem

[vyosek]

Zdravim a pekny vecer preji

Havet tam je, to nebudu skryvat

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill SCR:
  http://download.bleepingcomputer.com/grinler/rkill.scr
  
  Rkill PIF:
  http://download.bleepingcomputer.com/grinler/rkill.pif

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[jakkal]

no najprv som sa zlakol lebo po teste mi pri pokuse spustit akykolvek program vypisovalo ze kluce registrov boli zmazane ale po restarte sa to nastastie dala do poriadku

tu je log:


ComboFix 11-11-28.02 - Michal . 11. 2011 21:05:41.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4095.2602 [GMT 1:00]
Running from: c:\users\Michal\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\RelevantKnowledge
c:\program files (x86)\RelevantKnowledge\ncncf.dat
c:\program files (x86)\RelevantKnowledge\nscf.dat
c:\program files (x86)\RelevantKnowledge\rlls.dll
c:\program files (x86)\RelevantKnowledge\rlls64.dll
c:\program files (x86)\RelevantKnowledge\rloci.bin
c:\program files (x86)\RelevantKnowledge\rlservice.exe
c:\program files (x86)\RelevantKnowledge\rlvknlg.exe
c:\program files (x86)\RelevantKnowledge\rlvknlg64.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\users\Michal\AppData\Local\Microsoft\Windows\Temporary Internet Files\wdict32.INI
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RelevantKnowledge
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 )))))))))))))))))))))))))))))))
.
.
2011-11-25 14:51 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C56931D-58AE-4410-BFB8-B3B97931B5D7}\mpengine.dll
2011-11-22 17:45 . 2011-11-22 17:45 -------- d-----w- c:\users\Michal\AppData\Local\Skyrim
2011-11-22 17:28 . 2011-11-22 17:29 -------- d-----w- c:\program files (x86)\FreeArc
2011-11-22 13:56 . 2011-11-22 13:56 -------- d-----w- c:\users\Michal\.swt
2011-11-22 13:54 . 2011-11-22 13:54 -------- d-----w- c:\users\Michal\AppData\Local\Conduit
2011-11-09 13:26 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 13:26 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 13:26 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 13:26 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 23:51 . 2011-11-01 23:51 -------- d-----w- c:\programdata\Symantec
2011-11-01 23:51 . 2011-11-05 09:17 -------- d-----w- c:\programdata\Norton
2011-11-01 21:43 . 2011-11-01 21:43 -------- d-----w- c:\windows\SysWow64\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 19:47 . 2010-12-01 11:23 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-01 03:25 . 2011-10-13 10:37 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-13 10:37 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-20 13:33 . 2010-05-08 17:59 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-20 13:33 . 2010-07-14 22:23 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-09-07 21:59 . 2010-06-16 15:28 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-09-07 21:59 . 2010-06-16 15:28 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-06 21:45 . 2011-08-13 13:27 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 21:45 . 2011-08-13 13:27 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 21:45 . 2011-08-13 13:28 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 21:38 . 2011-08-13 13:28 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 21:38 . 2011-08-13 13:28 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 21:36 . 2011-08-13 13:28 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 21:36 . 2011-08-13 13:28 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 21:36 . 2011-08-13 13:28 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 21:36 . 2011-08-13 13:28 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-19 137536]
"DAEMON Tools Lite"="d:\daemon tools\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2011-11-18 53160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-12-21 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-12-21 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-25 1030600]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 136176]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2009-10-12 46824]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000Core.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 16:24]
.
2011-11-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000UA.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 16:24]
.
2011-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 23:24]
.
2011-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-26 23:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-15 16336416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072]
"combofix"="c:\combofix\CF6019.3XE" [2010-11-20 345088]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - d:\programs\PCTRAN~2\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - d:\programs\PCTRAN~2\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - d:\programs\PCTRAN~2\webie.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m50kxa48.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Zumma_deluxe - c:\windows\iun6002.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files (x86)\RelevantKnowledge\rlvknlg.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2537058062-2816962838-3502850543-1000\Software\SecuROM\License information*]
"datasecu"=hex:43,d8,c4,e9,5d,62,b0,ac,ac,67,6a,40,bb,fc,02,61,3d,ef,2e,9e,f8,
a6,f4,97,ff,90,c7,13,f6,2d,84,26,34,c7,51,d1,7f,58,35,f2,81,35,5d,19,d1,d8,\
"rkeysecu"=hex:fb,d8,b9,9e,89,69,92,a6,ee,fe,c8,6c,a7,f0,d9,c0
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
.
**************************************************************************
.
Completion time: 2011-11-28 21:23:02 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-28 20:23
.
Pre-Run: 4 756 271 104 bytes free
Post-Run: 6 391 361 536 bytes free
.
- - End Of File - - 12892F970976ABA40C9E71424A8B6AE2

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{ba14329e-9550-4989-b3f2-9732e92d17cc}"=-
  [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
  "{ba14329e-9550-4989-b3f2-9732e92d17cc}"=-
  [-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "ISUSPM Startup"=-
  "Facebook Update"=-
  "DAEMON Tools Lite"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "FirewallOverride"=dword:00000000
  "DisableThumbnailCache"=dword:00000000
  
  File::
  C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000Core.job
  C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000UA.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
  
  Folder::
  c:\users\Michal\AppData\Local\Facebook\Update
  
  Driver::
  gupdate
  gupdatem
  
  Firefox::
  FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m50kxa48.default\
  FF - prefs.js: browser.search.selectedEngine - DAEMON Search
  FF - prefs.js: browser.startup.homepage - hxxp://my.daemon-search.com/
  FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
  
  RegNull::
  [HKEY_USERS\S-1-5-21-2537058062-2816962838-3502850543-1000\Software\SecuROM\License information*]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[jakkal]

zdravim tu je novy log:

ComboFix 11-11-28.02 - Michal . 11. 2011 3:07.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4095.2632 [GMT 1:00]
Running from: c:\users\Michal\Desktop\ComboFix.exe
Command switches used :: c:\users\Michal\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Vuze_Remote\prxtbVuze.dll"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000UA.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Vuze_Remote\prxtbVuze.dll
c:\users\Michal\AppData\Local\Facebook\Update
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\FacebookCrashHandler.exe
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdate.exe
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdateHelper.msi
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ar.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bg.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bn.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ca.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_cs.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_da.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_de.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_el.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en-GB.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es-419.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_et.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fa.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fi.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fil.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_gu.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hi.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hu.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_id.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_is.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_it.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_iw.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ja.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_kn.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ko.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lt.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lv.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ml.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_mr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ms.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_nl.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_no.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_or.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pl.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-BR.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-PT.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ro.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ru.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sk.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sl.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sv.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ta.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_te.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_th.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_tr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_uk.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ur.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_vi.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-CN.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-TW.dll
c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000Core.job
c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2537058062-2816962838-3502850543-1000UA.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-29 )))))))))))))))))))))))))))))))
.
.
2011-11-29 04:26 . 2011-11-29 04:26 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C56931D-58AE-4410-BFB8-B3B97931B5D7}\offreg.dll
2011-11-29 04:23 . 2011-11-29 04:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-11-29 04:23 . 2011-11-29 04:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-29 04:23 . 2011-11-29 04:23 -------- d-----w- c:\users\AppData\AppData\Local\temp
2011-11-25 14:51 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C56931D-58AE-4410-BFB8-B3B97931B5D7}\mpengine.dll
2011-11-22 17:45 . 2011-11-22 17:45 -------- d-----w- c:\users\Michal\AppData\Local\Skyrim
2011-11-22 17:28 . 2011-11-22 17:29 -------- d-----w- c:\program files (x86)\FreeArc
2011-11-22 13:56 . 2011-11-22 13:56 -------- d-----w- c:\users\Michal\.swt
2011-11-22 13:54 . 2011-11-22 13:54 -------- d-----w- c:\users\Michal\AppData\Local\Conduit
2011-11-09 13:26 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 13:26 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 13:26 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 13:26 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 23:51 . 2011-11-01 23:51 -------- d-----w- c:\programdata\Symantec
2011-11-01 23:51 . 2011-11-05 09:17 -------- d-----w- c:\programdata\Norton
2011-11-01 21:43 . 2011-11-01 21:43 -------- d-----w- c:\windows\SysWow64\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-29 06:04 . 2010-12-01 11:23 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-01 03:25 . 2011-10-13 10:37 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-13 10:37 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-20 13:33 . 2010-05-08 17:59 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-20 13:33 . 2010-07-14 22:23 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-09-07 21:59 . 2010-06-16 15:28 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-09-07 21:59 . 2010-06-16 15:28 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-06 21:45 . 2011-08-13 13:27 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 21:45 . 2011-08-13 13:27 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 21:45 . 2011-08-13 13:28 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 21:38 . 2011-08-13 13:28 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 21:38 . 2011-08-13 13:28 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 21:36 . 2011-08-13 13:28 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 21:36 . 2011-08-13 13:28 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 21:36 . 2011-08-13 13:28 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 21:36 . 2011-08-13 13:28 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-28_20.17.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-11-28 20:17 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-29 04:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-29 04:25 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-28 20:17 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-28 20:17 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-29 04:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-21 21:19 . 2011-11-28 20:27 59710 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-12-21 21:19 . 2011-11-28 15:00 59710 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-28 20:27 47000 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-11-28 20:17 47000 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-12 14:03 . 2011-11-28 20:27 22958 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2537058062-2816962838-3502850543-1000_UserData.bin
- 2010-01-13 05:54 . 2011-11-28 20:15 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-13 05:54 . 2011-11-29 04:24 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-01 21:41 . 2011-11-28 20:15 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-01 21:41 . 2011-11-29 04:24 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-29 04:24 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-28 20:15 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-12 14:25 . 2011-11-28 19:49 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-12 14:25 . 2011-11-29 04:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-12 14:25 . 2011-11-28 19:49 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-12 14:25 . 2011-11-29 04:26 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-12 14:25 . 2011-11-29 04:26 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-12 14:25 . 2011-11-28 19:49 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-12 14:25 . 2011-11-28 20:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-12 14:25 . 2011-11-29 06:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-12 14:25 . 2011-11-29 06:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-12 14:25 . 2011-11-28 20:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-11-28 20:15 . 2011-11-28 20:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-29 04:24 . 2011-11-29 04:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-28 20:15 . 2011-11-28 20:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-11-29 04:24 . 2011-11-29 04:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-12 19:07 . 2011-11-29 06:03 564196 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2010-01-18 02:08 . 2011-11-28 16:24 899520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-01-18 02:08 . 2011-11-29 04:23 899520 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2011-11-29 04:23 442580 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-11-28 20:14 442580 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2011-11-18 53160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-12-21 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-12-21 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-25 1030600]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2009-10-12 46824]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 21:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-15 16336416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072]
"combofix"="c:\combofix\CF11676.3XE" [2010-11-20 345088]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - d:\programs\PCTRAN~2\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - d:\programs\PCTRAN~2\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - d:\programs\PCTRAN~2\webie.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\m50kxa48.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
.
**************************************************************************
.
Completion time: 2011-11-29 07:08:34 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-29 06:08
ComboFix2.txt 2011-11-28 20:23
.
Pre-Run: 6 910 996 480 bytes free
Post-Run: 6 845 722 624 bytes free
.
- - End Of File - - 9D2612A6DEB0EB1BFFE272259CEA081A

[vyosek]

Aplikujte exeHelper by Raktor

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/exeHelper.com
  • SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
• Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

Napiste co PC

[jakkal]

zdravim tu je log z helperu:


exeHelper by Raktor
Build 20100414
Run at 14:33:59 on 12/01/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

chybova hlaska sa prestala zobrazovat pri otvarani textovych dokumentov a programov ale pri otvarani videi sa stale zobrazuje a pri vypinani pc sa zobrazuje hlaska o nejakych chybnych programoch ktora sa pri kazdom vypnuti znasobuje na vecsi a vecsi pocet

[vyosek]

Dejte mi sem prosim fotku toho hlaseni at se mame od ceho odpichnout

[jakkal]

tu je obrazok toho hlasenia

[vyosek]

Zkuste program vuze downloads preinstalovat

[jakkal]

no musel to asi robit bs player lebo po jeho reinstalacii to zmizlo, dakujem za pomoc a chcel by som sa este spytam, sem tam sa mi na obrazovke vytvori take tyrkysovomodre zdvojenie obrazu, niekedy to trva len kratko ale niekedy aj viac nez hodinu, navyze niekedy je take aktivne ze ked si zapnem textovy editor namiesto bielej plochy mam pred sebou zrnitu tyrkysovo modru, neviete posudit ci to je hardvarova chyba alebo to bude ovladacmi?

dakujem

[vyosek]

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[jakkal]

Zdravim, pouzil som vsetky programy co ste pisali ale na obrazovke sa mi stale zobrazuje to zdvojenie, posielam screen obrazovky, je tam vidno za normalnou plochou taky tyrkysovy tien, neviete ci to moze sposobovat daky virus alebo bude nieco s grafikou?
dakujem

[vyosek]

Zkuste jeste projit nastaveni plochy, pozadi, prizpusobeni atd jestli tam neco neni...jinak to vidim ale na vadu grafiky