VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavlos at 2012-07-09 14:25:52
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 20 GB (13%) free of 153 GB
Total RAM: 2047 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:58, on 9.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Users\Pavlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Pavlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavlos\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pavlos\Downloads\hijackthis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pavlos\Downloads\RSIT.exe
C:\Program Files\trend micro\Pavlos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pavlos\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Pavlos\AppData\Local\Facebook\Messenger\2.1.4554.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 7868 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-85496544-3995945347-609131191-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-85496544-3995945347-609131191-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavlos\AppData\Roaming\Mozilla\Firefox\Profiles\5rlu1nw9.default

prefs.js - "browser.startup.homepage" - "seznam.cz"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2011-05-25 188960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"ASUSGamerOSD"=C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2009-05-13 380928]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"TaskTray"= []
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2010-03-05 2375392]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"PCFix"=C:\Program Files\PCFix\PCFix.exe [2011-06-03 6787312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Sony PC Companion"=C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2012-05-31 445624]
"Facebook Update"=C:\Users\Pavlos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-12 137536]

C:\Users\Pavlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Pavlos\AppData\Local\Facebook\Messenger\2.1.4554.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"vidc.asv2"=asusasv2.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-07-09 14:25:53 ----D---- C:\Program Files\trend micro
2012-07-09 14:25:52 ----D---- C:\rsit
2012-07-07 20:00:36 ----A---- C:\Windows\system32\browserchoice.exe
2012-07-07 19:29:56 ----D---- C:\Users\Pavlos\AppData\Roaming\ImgBurn
2012-07-07 19:23:45 ----D---- C:\Program Files\ImgBurn
2012-07-07 19:12:02 ----D---- C:\ProgramData\DVD Shrink
2012-07-07 19:11:59 ----D---- C:\Program Files\DVD Shrink
2012-07-07 13:44:11 ----A---- C:\Windows\system32\wups2.dll
2012-07-07 13:44:11 ----A---- C:\Windows\system32\wucltux.dll
2012-07-07 13:44:11 ----A---- C:\Windows\system32\wuauclt.exe
2012-07-07 13:44:10 ----A---- C:\Windows\system32\wuaueng.dll
2012-07-07 13:43:52 ----A---- C:\Windows\system32\wups.dll
2012-07-07 13:43:52 ----A---- C:\Windows\system32\wudriver.dll
2012-07-07 13:43:52 ----A---- C:\Windows\system32\wuapi.dll
2012-07-07 13:43:32 ----A---- C:\Windows\system32\wuwebv.dll
2012-07-07 13:43:32 ----A---- C:\Windows\system32\wuapp.exe
2012-06-26 17:54:40 ----D---- C:\Windows\system32\appmgmt
2012-06-17 12:52:37 ----D---- C:\Program Files\Oracle
2012-06-17 12:52:06 ----A---- C:\Windows\system32\javaws.exe
2012-06-17 12:51:37 ----A---- C:\Windows\system32\javaw.exe
2012-06-17 12:51:37 ----A---- C:\Windows\system32\java.exe
2012-06-14 20:01:37 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-14 20:01:36 ----A---- C:\Windows\system32\iertutil.dll
2012-06-14 20:01:35 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-14 20:01:35 ----A---- C:\Windows\system32\ieui.dll
2012-06-14 20:01:34 ----A---- C:\Windows\system32\wininet.dll
2012-06-14 20:01:34 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-14 20:01:33 ----A---- C:\Windows\system32\jscript.dll
2012-06-14 20:01:32 ----A---- C:\Windows\system32\jscript9.dll
2012-06-14 20:01:31 ----A---- C:\Windows\system32\url.dll
2012-06-14 20:01:29 ----A---- C:\Windows\system32\urlmon.dll
2012-06-14 20:01:26 ----A---- C:\Windows\system32\mshtml.dll
2012-06-14 20:01:24 ----A---- C:\Windows\system32\ieframe.dll
2012-06-14 13:47:02 ----A---- C:\Windows\system32\win32k.sys
2012-06-14 13:47:01 ----A---- C:\Windows\system32\msi.dll
2012-06-14 13:46:55 ----A---- C:\Windows\system32\crypt32.dll
2012-06-14 13:46:54 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-14 13:46:54 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-14 13:46:46 ----A---- C:\Windows\system32\profsvc.dll
2012-06-14 13:46:45 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-14 13:46:45 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-14 13:46:45 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-14 13:46:41 ----A---- C:\Windows\system32\rdpcorets.dll
2012-06-14 13:46:41 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-12 20:50:49 ----D---- C:\Program Files\Digital Photo Software
2012-06-12 20:50:08 ----D---- C:\Windows\Downloaded Installations
2012-06-12 20:35:34 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-06-12 20:16:03 ----D---- C:\Program Files\Adobe Media Player
2012-06-12 20:14:16 ----D---- C:\Program Files\Common Files\Adobe AIR

======List of files/folders modified in the last 1 month======

2012-07-09 14:25:58 ----D---- C:\Windows\Temp
2012-07-09 14:25:58 ----D---- C:\Windows\Prefetch
2012-07-09 14:25:53 ----RD---- C:\Program Files
2012-07-09 11:22:07 ----D---- C:\Windows\system32\config
2012-07-09 11:08:46 ----D---- C:\Windows\system32\catroot2
2012-07-07 20:00:46 ----D---- C:\Windows\System32
2012-07-07 20:00:45 ----D---- C:\Windows\winsxs
2012-07-07 20:00:45 ----D---- C:\Windows\system32\catroot
2012-07-07 20:00:27 ----SHD---- C:\System Volume Information
2012-07-07 19:12:02 ----HD---- C:\ProgramData
2012-07-07 15:34:05 ----D---- C:\Windows\rescache
2012-07-07 14:27:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-07 14:20:47 ----D---- C:\Program Files\CDBurnerXP
2012-07-07 14:02:25 ----D---- C:\Windows\system32\cs-CZ
2012-07-07 14:02:21 ----SHD---- C:\Config.Msi
2012-07-07 13:58:34 ----SHD---- C:\Windows\Installer
2012-07-07 13:44:14 ----D---- C:\Windows\system32\Tasks
2012-07-07 13:44:10 ----D---- C:\Windows\Tasks
2012-07-07 13:43:56 ----D---- C:\Windows\system32\drivers
2012-07-07 13:43:02 ----D---- C:\Program Files\SlimDrivers
2012-07-07 13:40:56 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-07 13:37:30 ----D---- C:\Windows\system32\wfp
2012-07-07 13:37:25 ----D---- C:\Windows\system32\wbem
2012-07-07 13:37:25 ----D---- C:\Windows
2012-07-07 13:36:15 ----D---- C:\Windows\system32\DriverStore
2012-07-07 13:36:15 ----D---- C:\Windows\PolicyDefinitions
2012-07-07 13:36:13 ----D---- C:\Windows\inf
2012-07-07 13:36:12 ----D---- C:\Windows\AppCompat
2012-07-07 13:36:12 ----D---- C:\Users\Pavlos\AppData\Roaming\vlc
2012-07-07 13:36:01 ----D---- C:\Windows\registration
2012-06-18 10:17:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-06-17 12:51:33 ----D---- C:\Program Files\Java
2012-06-17 12:39:39 ----D---- C:\Windows\Minidump
2012-06-15 15:43:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-14 20:51:04 ----D---- C:\Windows\Microsoft.NET
2012-06-14 20:51:02 ----RSD---- C:\Windows\assembly
2012-06-14 20:33:49 ----D---- C:\Windows\system32\migration
2012-06-14 20:33:49 ----D---- C:\Program Files\Internet Explorer
2012-06-14 20:09:35 ----A---- C:\Windows\system32\MRT.exe
2012-06-13 12:03:42 ----D---- C:\ProgramData\Adobe
2012-06-12 20:40:27 ----D---- C:\Users\Pavlos\AppData\Roaming\Adobe
2012-06-12 20:18:18 ----D---- C:\Program Files\Adobe
2012-06-12 20:17:32 ----D---- C:\Program Files\Common Files\Adobe
2012-06-12 20:16:58 ----RSD---- C:\Windows\Fonts
2012-06-12 20:14:16 ----D---- C:\Program Files\Common Files
2012-06-10 16:09:22 ----D---- C:\Hry
2012-06-10 16:08:52 ----D---- C:\Program Files\Common Files\InstallShield

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 videX32;videX32; C:\Windows\system32\DRIVERS\videX32.sys [2000-01-01 13976]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 44376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-16 232512]
R1 EIO;EIO Driver; C:\Windows\system32\DRIVERS\EIO.sys [2011-08-15 12800]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5586432]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-27 209920]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 15232]
R3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2009-02-17 30976]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2011-07-06 328552]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2000-01-01 43008]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-08-23 103952]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-27 5586432]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-27 176128]
R2 ASDR;ASDR; C:\Windows\System32\ASDR.exe [2007-03-20 61440]
R2 ATKFUSService;ATK Fast User Switch Service; C:\Windows\system32\ATKFUSService.exe [2009-05-06 60928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2008-09-24 52888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1343400]

-----------------EOF-----------------

mel jsem tu 2 tak davam oba

info.txt logfile of random's system information tool 1.09 2012-07-09 14:26:03

======Uninstall list======

Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader X (10.1.3) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
AMD DnD V1.0.16-->MsiExec.exe /I{87BB78C4-F36D-4D93-A7C7-F80F18219848}
Assassin's Creed II-->"C:\Program Files\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0005 -removeonly
ASUS Gamer OSD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}\setup.exe" -l0x9 -removeonly
ASUS Smart Doctor-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{809D7E6D-915D-4EAD-821F-E13D93F37161} /l1033
ASUS VideoSecurity Online-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7A529246-912F-4C40-A82A-E608DB702FD7}
ATI AVIVO Codecs-->MsiExec.exe /I{2EE6972B-6DE0-0DF9-2D45-5FCA0110BB35}
ATI Catalyst Install Manager-->msiexec /q/x{6C5C273A-258F-9023-5859-21915335F208} REBOOT=ReallySuppress
ATI Problem Report Wizard-->MsiExec.exe /X{5EAC9508-9B4C-84B4-A7B8-62734E8EC4BF}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{87323561-58BA-4D5B-BADA-A791B69D1705}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Codec Pack - All In 1 6.0.3.0-->C:\Windows\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Facebook Messenger 2.1.4554.0-->MsiExec.exe /X{A8AF728F-2EE8-4322-96B3-656CAD1F7805}
FotoMix Free Edition-->MsiExec.exe /I{38A193BE-8A8C-4EC9-8E1C-CA5006B17FD6}
Gothic-->C:\Windows\IsUn0405.exe -f"C:\Hry\Piranha Bytes\Gothic\Uninst.isu"
HydraVision-->MsiExec.exe /X{CE8C262E-5DB4-C8AC-7DA2-DC88767653A1}
ICQ7.5-->"C:\Program Files\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
Java(TM) 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217004FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF}
Microsoft Office 2007 Recent Documents Gadget-->MsiExec.exe /X{90120000-008A-0409-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Misa - Nanuky1-->"C:\Windows\Misa - Nanuky1 Uninstaller\unins000.exe"
Misa - Nanuky2-->"C:\Windows\Misa - Nanuky2 Uninstaller\unins000.exe"
Mozilla Firefox 10.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
PCFix-->"C:\Program Files\PCFix\unins000.exe"
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Readon TV Movie Radio Player 7.3.0.0-->MsiExec.exe /I{BCDA7B81-D35B-4D72-8266-6BAB9383CF2B}
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd.exe -k -m -nrg2709
Realtek PCI Fast Ethernet Controller Driver For Vista and Win7-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)-->"C:\Program Files\Seznam.cz\postak-uninstall.exe" /AllUsers
SlimDrivers-->MsiExec.exe /X{934F0468-3ECE-4CAD-98B4-BD0BCD8D71B2}
Sniper Elite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}\setup.exe"
Sony PC Companion 2.10.079-->"C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Speeditup Free 4.91-->"C:\Windows\Speeditup Free\uninstall.exe" "/U:C:\Program Files\Speeditup Free\irunin.xml"
SpeeditupFree-->"C:\Windows\Speeditup Free\uninstall.exe" "/U:C:\Program Files\SpeedItup Free\irunin.xml"
Super Ovladač-->"C:\Program Files\Driver-Soft\SuperOvladac\unins000.exe"
TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
VIA Platforma Ovladače zařízení-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Warhammer 40k Space Marine version 1.0-->"C:\Hry\MyProg\warhammer\unins000.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinRAR 4.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
XviD MPEG-4 Video Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\Windows\INF\xvid.inf

======System event log======

Computer Name: Pavlos-PC
Event Code: 62464
Message: UVD Information
Record Number: 162404
Source Name: amdkmdag
Time Written: 20120428183851.955078-000
Event Type: Informace
User:

Computer Name: Pavlos-PC
Event Code: 62464
Message: UVD Information
Record Number: 162403
Source Name: amdkmdag
Time Written: 20120428183851.955078-000
Event Type: Informace
User:

Computer Name: Pavlos-PC
Event Code: 62464
Message: UVD Information
Record Number: 162402
Source Name: amdkmdag
Time Written: 20120428183851.955078-000
Event Type: Informace
User:

Computer Name: Pavlos-PC
Event Code: 62464
Message: UVD Information
Record Number: 162401
Source Name: amdkmdag
Time Written: 20120428183851.955078-000
Event Type: Informace
User:

Computer Name: Pavlos-PC
Event Code: 62464
Message: UVD Information
Record Number: 162400
Source Name: amdkmdag
Time Written: 20120428183849.573242-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247F27-08
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: PCI\VEN_105A&DEV_3373&SUBSYS_80F51043&REV_02
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI3917.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_1d542de887de3456a23c2ec843a26ca4d1c1b48_cab_03523a5f

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: b3ecc574-c767-11e0-b87e-dbc6b9a285a8
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20110815175504.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-08
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110815175400.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-08
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110815175355.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-08
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110815175350.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-08
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110815175350.515625-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Pavlos-PC
Event Code: 4733
Message: Byl odebrán člen zabezpečené místní skupiny.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-91QJ627S4K7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Člen:
ID zabezpečení: S-1-5-21-85496544-3995945347-609131191-1001
Název účtu: -

Skupina:
ID zabezpečení: S-1-5-32-545
Název skupiny: Users
Doména skupiny: Builtin

Další informace:
Oprávnění: -
Record Number: 128
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110815180017.327375-000
Event Type: Úspěšný audit
User:

Computer Name: Pavlos-PC
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-91QJ627S4K7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: {35029DA9-69A9-4D67-97FC-984D36E134AC}
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 127
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110815180017.139875-000
Event Type: Úspěšný audit
User:

Computer Name: Pavlos-PC
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-91QJ627S4K7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: {35029DA9-69A9-4D67-97FC-984D36E134AC}
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\Keys\13dba65e75a6c4fb0d2037296db132c1_43e26e34-8a24-4810-ad9b-52b470c2bbaa
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 126
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110815180017.139875-000
Event Type: Úspěšný audit
User:

Computer Name: Pavlos-PC
Event Code: 4732
Message: Byl přidán člen zabezpečené místní skupiny.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-91QJ627S4K7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Člen:
ID zabezpečení: S-1-5-21-85496544-3995945347-609131191-500
Název účtu: -

Skupina:
ID zabezpečení: S-1-5-21-85496544-3995945347-609131191-1000
Název skupiny: HomeUsers
Doména skupiny: Pavlos-PC

Další informace:
Oprávnění: -
Record Number: 125
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110815180017.030500-000
Event Type: Úspěšný audit
User:

Computer Name: Pavlos-PC
Event Code: 5059
Message: Operace migrace klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-91QJ627S4K7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: {35029DA9-69A9-4D67-97FC-984D36E134AC}
Typ klíče: Klíč počítače

Další informace:
Operace: Export trvalého kryptografického klíče
Návratový kód: 0x0
Record Number: 124
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110815180016.624250-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=2f00
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Seznam.cz\toolbar\
C:\Users\Pavlos\AppData\Local\Facebook\Update
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-85496544-3995945347-609131191-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-85496544-3995945347-609131191-1001UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC.

stale zadna zmena

All processes killed
========== FILES ==========
C:\Program Files\Seznam.cz\toolbar folder moved successfully.
C:\Users\Pavlos\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\Pavlos\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\Pavlos\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\Pavlos\AppData\Local\Facebook\Update\1.2.203.0 folder moved successfully.
C:\Users\Pavlos\AppData\Local\Facebook\Update folder moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-85496544-3995945347-609131191-1001Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-85496544-3995945347-609131191-1001UA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Pavlos
->Temp folder emptied: 59760295 bytes
->Temporary Internet Files folder emptied: 168659314 bytes
->Java cache emptied: 5387527 bytes
->FireFox cache emptied: 128210295 bytes
->Google Chrome cache emptied: 296327584 bytes
->Flash cache emptied: 31603 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 46214237 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1957250 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 4552644637 bytes

Total Files Cleaned = 5 016,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Pavlos
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 07102012_075202

Files moved on Reboot...

Registry entries deleted on Reboot...

Vše smazáno. Jaká změna?

Prave ze vubec zadna pise to ze program prestal pracovat, taky se obcas samo zobrazi ze centrum monitoring nebo tak nejak prestal pracovat. nejde spustit treba vypalovaci program ani po reinstalu ci facebook neco jako icq a jine.

Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x86)
Date : 2012/07/11 12:10:53

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD600JB-00CRA1 ATA Device
- ST3160023A ATA Device
+ ATA Channel 1 (1) [ATA]
- HL-DT-ST DVDRAM GSA-H10N ATA Device
+ VIA Bus Master IDE Controller - 0571 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič VIA VT8237 diskového pole RAID [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD600JB-00CRA1 : 60,0 GB [0/0/0, pd1]
(2) ST3160023A : 160,0 GB [1/0/1, pd1] - st

----------------------------------------------------------------------------
(1) WDC WD600JB-00CRA1
----------------------------------------------------------------------------
Model : WDC WD600JB-00CRA1
Firmware : 17.07W17
Serial Number : WD-WMA8F2575200
Disk Size : 60,0 GB (8,4/60,0/----)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 117231408
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 13535 hod.
Power On Count : 2318 krát
Temparature : Neznámy údaj
Health Status : Pozor
Features : S.M.A.R.T., AAM
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 199 _51 000000000000 Počet chyb čtení
03 _98 _95 _21 00000000103E Čas na roztočení ploten
04 _97 _97 _40 000000000EB3 Počet spuštění/zastavení
05 198 198 140 000000000015 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _82 _82 __0 0000000034DF Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 00000000090E Počet cyklů zapnutí zařízení
C4 198 198 __0 000000000002 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000039 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF 0000 0010 E100 003F 003F 0010 0000 000E
010: 5744 2D57 4D41 3846 3235 3230 3230 3000 0000 0000
020: 0003 4000 0028 3137 2E30 3137 3137 5744 4320 5744
030: 3630 304A 422D 3030 4352 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0280 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: CF30 06FC 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 003E 0000 346B 4B01 4003 0801 0801 4003 203F 0000
090: 0000 0000 0000 603D 80FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 002D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0001 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 001E
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B6A5

----------------------------------------------------------------------------
(2) ST3160023A
----------------------------------------------------------------------------
Model : ST3160023A
Firmware : 8.01
Serial Number : 5JS3P8GF
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : Ultra DMA/100
Power On Hours : 26166 hod.
Power On Count : 3616 krát
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _62 _56 __6 000001661232 Počet chyb čtení
03 _96 _96 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000080 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _78 _60 _30 000004D8F66E Počet chybných hledání
09 _71 _71 __0 000000006636 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000E20 Počet cyklů zapnutí zařízení
C2 _38 _61 __0 000000000026 Teplota
C3 _62 _55 __0 000001661232 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 _67 __0 0000000001FC Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 354A 5333 5038 4746 2020 2020 2020 2020 2020 2020
020: 0000 4000 0004 382E 3031 2020 2020 5354 3331 3630
030: 3032 3341 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 007E 001B 346B 7D01 5823 3C01 3C01 4023 203F 0000
090: 0000 FEFE FFFE 6D00 8000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 0000 0000 008A 3C06 3C0A
140: 0000 07C6 0100 0800 10F0 0002 0002 0030 0000 0000
150: 0000 FE06 0000 FE02 0000 0000 0000 0000 0023 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CBA5

Oba disky mají chybu v kontrolním součtu DMA a první navíc realokované soubory. Který z nich je systémový?

ten 160gb, druhy slouzi jen jako uloziste vse intalovano na 160gb

OK. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Disk by neměl způsobovat tento problém.

provedeno ale stale zadna zmena

ComboFix 12-07-11.03 - Pavlos 12.07.2012 12:14:25.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1251 [GMT 2:00]
Spuštěný z: c:\users\Pavlos\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\PCFix
c:\program files\PCFix\AssistPCFix.exe
c:\program files\PCFix\backup\20111125_2005.dat
c:\program files\PCFix\backup\20120502_1254.dat
c:\program files\PCFix\Loading.gif
c:\program files\PCFix\PCFix.exe
c:\program files\PCFix\rebooter.exe
c:\program files\PCFix\unins000.dat
c:\program files\PCFix\unins000.exe
c:\program files\PCFix\unins000.msg
c:\programdata\Microsoft\Internet Explorer\Quick Launch\PC Fix 2011.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
c:\programdata\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner\PC Fix 2011.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner\Uninstall PC Fix 2011.lnk
c:\programdata\PCFix
c:\users\Pavlos\AppData\Roaming\PCFix
c:\users\Pavlos\AppData\Roaming\PCFix\log.dat
c:\users\Pavlos\AppData\Roaming\PCFix\unresolvederrors.dat
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\system32\DEBUG.log
.
Nakažená kopie c:\windows\System32\osk.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy9_!Windows!System32!osk.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-12 do 2012-07-12 )))))))))))))))))))))))))))))))
.
.
2012-07-12 10:47 . 2012-07-12 10:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-12 09:14 . 2012-07-12 09:14 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CAB683A6-D175-4A54-B627-BA3E0EFDBA5D}\offreg.dll
2012-07-12 08:39 . 2012-06-18 01:14 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CAB683A6-D175-4A54-B627-BA3E0EFDBA5D}\mpengine.dll
2012-07-11 18:02 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 10:09 . 2012-07-11 10:10 -------- d-----w- c:\program files\CrystalDiskInfo
2012-07-10 05:52 . 2012-07-10 05:52 -------- d-----w- C:\_OTM
2012-07-09 12:25 . 2012-07-09 12:25 -------- d-----w- c:\program files\trend micro
2012-07-09 12:25 . 2012-07-09 12:26 -------- d-----w- C:\rsit
2012-07-07 18:00 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-07 17:29 . 2012-07-07 17:33 -------- d-----w- c:\users\Pavlos\AppData\Roaming\ImgBurn
2012-07-07 17:23 . 2012-07-07 17:23 -------- d-----w- c:\program files\ImgBurn
2012-07-07 17:12 . 2012-07-07 17:12 -------- d-----w- c:\programdata\DVD Shrink
2012-07-07 17:11 . 2012-07-07 17:12 -------- d-----w- c:\program files\DVD Shrink
2012-07-07 11:44 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-07-07 11:44 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-07-07 11:44 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-07-07 11:44 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-07 11:43 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-07-07 11:43 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-07-07 11:43 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-07-07 11:43 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-07 11:43 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 10:52 . 2012-06-17 10:52 -------- d-----w- c:\program files\Oracle
2012-06-14 11:47 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-14 11:46 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-14 11:46 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-14 11:46 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-14 11:46 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-14 11:46 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-14 11:46 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-14 11:46 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-14 11:46 . 2012-04-28 04:41 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-06-14 11:46 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-12 18:50 . 2012-06-12 18:50 53248 ----a-r- c:\users\Pavlos\AppData\Roaming\Microsoft\Installer\{38A193BE-8A8C-4EC9-8E1C-CA5006B17FD6}\NewShortcut2_38A193BE8A8C4EC98E1CCA5006B17FD6.exe
2012-06-12 18:50 . 2012-06-12 18:50 53248 ----a-r- c:\users\Pavlos\AppData\Roaming\Microsoft\Installer\{38A193BE-8A8C-4EC9-8E1C-CA5006B17FD6}\NewShortcut1_38A193BE8A8C4EC98E1CCA5006B17FD6.exe
2012-06-12 18:50 . 2012-06-12 18:50 -------- d-----w- c:\program files\Digital Photo Software
2012-06-12 18:50 . 2012-06-12 18:50 -------- d-----w- c:\windows\Downloaded Installations
2012-06-12 18:35 . 2012-06-12 18:48 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-06-12 18:16 . 2012-06-12 18:16 -------- d-----w- c:\program files\Adobe Media Player
2012-06-12 18:14 . 2012-06-12 18:14 -------- d-----w- c:\program files\Common Files\Adobe AIR
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 18:27 . 2012-05-11 10:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-11 18:27 . 2011-08-15 18:30 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 04:40 . 2012-07-11 08:53 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2011-08-15 18:38 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-04 17:29 . 2012-01-13 16:11 772504 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-04 17:29 . 2011-08-22 19:06 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-02 14:55 . 2011-08-16 19:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2009-05-13 380928]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"VIARaidUtl"="c:\program files\VIA\RAID\raid_tool.exe" [2010-03-05 2375392]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
c:\users\Pavlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Pavlos\AppData\Local\Facebook\Messenger\2.1.4570.0\FacebookMessenger.exe [2012-7-6 217536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 VRAID Log Service;VRAID Log Service;c:\program files\VIA\RAID\vialogsv.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 18:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Pavlos\AppData\Roaming\Mozilla\Firefox\Profiles\5rlu1nw9.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TaskTray - (no file)
HKLM-Run-PCFix - c:\program files\PCFix\PCFix.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Gothic - c:\windows\IsUn0405.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ATKFUSService.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\ASUS\GamerOSD\ATKFastUserSwitching.exe
c:\windows\System32\ASDR.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\conhost.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\program files\DAEMON Tools Lite\DTShellHlp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-07-12 12:55:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-12 10:55
.
Před spuštěním: Volných bajtů: 25 463 095 296
Po spuštění: Volných bajtů: 25 367 314 432
.
- - End Of File - - 5BE8D317EAC0ED32448ACB1FE8DB7F6D

navic nektere programi pribyli ktere nejdou. treba seznam postak

Něco CF smazal. Zkuste programy, které jsou nefunkční, přeinstalovat. Obávám se ale, že je poškozen systém.

VIRY.CZ

Prosim o kontrolu logu jiz snad spravny scan

Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan

Re: Prosim o kontrolu logu jiz snad spravny scan