Dlouhý start PC, pomalé, seká se

[Kaminek]

Logfile of random's system information tool 1.09 (written by random/random)
Run by K a T at 2012-02-28 12:19:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 93 GB (37%) free of 251 GB
Total RAM: 3071 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:01, on 28.2.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\K a T.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8368 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1780
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUI.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c975c34b-a738-4445-b197-1f807f15cf20 -SystemEventPortName:HostProcess-6c8f0315-674a-40c3-95dd-b7543731be0c -IoCancelEventPortName:HostProcess-355ff9b9-c42b-4ecd-ae9c-214aefc568c5 -NonStateChangingEventPortName:HostProcess-8f0fa23b-aa0e-4fd1-8a24-5fb38078539d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8c406f82-6c0b-4ac4-bcd7-7109e04c5976
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=928.deb9a70.2096770017 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 928 "\\.\pipe\gecko-crash-server-pipe.928" plugin
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\K a T\Desktop\RSITx64(3).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job

=========Mozilla firefox=========

ProfilePath - C:\Users\K a T\AppData\Roaming\Mozilla\Firefox\Profiles\jstez9l7.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =827316&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.0.0]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.0.0]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13]
"Description"=15.0.1.13
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\K a T\AppData\Roaming\Mozilla\Firefox\Profiles\jstez9l7.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\K a T\AppData\Roaming\Mozilla\Firefox\Profiles\jstez9l7.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-28 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll [2011-07-13 419768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll [2011-07-13 419768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-11-02 8312352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Hotkey Utility"=C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [2010-03-26 563744]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-02-28 12:16:21 ----D---- C:\rsit
2012-02-25 16:14:33 ----A---- C:\Windows\Jablko.ini
2012-02-16 06:52:49 ----D---- C:\Program Files (x86)\pdfforge Toolbar
2012-02-16 06:52:49 ----D---- C:\Program Files (x86)\Application Updater
2012-02-15 11:52:05 ----A---- C:\Windows\system32\shell32.dll
2012-02-15 11:52:04 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-02-15 11:52:03 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2012-02-15 11:52:03 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-15 11:52:01 ----A---- C:\Windows\system32\win32k.sys
2012-02-15 11:52:00 ----A---- C:\Windows\system32\drivers\afd.sys
2012-02-15 11:51:56 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-15 11:51:55 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-02-15 11:51:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-02-15 11:51:50 ----A---- C:\Windows\system32\mshtml.dll
2012-02-15 11:51:48 ----A---- C:\Windows\system32\ieframe.dll
2012-02-15 11:51:46 ----A---- C:\Windows\system32\urlmon.dll
2012-02-15 11:51:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-02-15 11:51:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-02-15 11:51:44 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-02-15 11:51:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-02-15 11:51:44 ----A---- C:\Windows\system32\wininet.dll
2012-02-15 11:51:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-02-15 11:51:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-02-15 11:51:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-02-15 11:51:43 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-15 11:51:43 ----A---- C:\Windows\system32\msfeeds.dll
2012-02-15 11:51:43 ----A---- C:\Windows\system32\ieui.dll
2012-02-15 11:51:43 ----A---- C:\Windows\system32\iertutil.dll
2012-02-15 11:51:42 ----A---- C:\Windows\SYSWOW64\url.dll
2012-02-15 11:51:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-02-15 11:51:42 ----A---- C:\Windows\system32\url.dll
2012-02-15 11:51:42 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-08 09:31:26 ----HD---- C:\Windows\AxInstSV

======List of files/folders modified in the last 1 month======

2012-02-28 12:19:01 ----D---- C:\Program Files\trend micro
2012-02-28 12:16:24 ----D---- C:\Windows\temp
2012-02-28 12:15:09 ----D---- C:\Windows\system32\config
2012-02-28 12:14:14 ----D---- C:\Windows
2012-02-28 12:12:25 ----SHD---- C:\System Volume Information
2012-02-28 12:12:12 ----D---- C:\Windows\tracing
2012-02-28 11:49:52 ----D---- C:\Users\K a T\AppData\Roaming\Vso
2012-02-28 11:47:16 ----SH---- C:\Windows\SCC2E117E.tmp
2012-02-28 11:44:43 ----D---- C:\Users\K a T\AppData\Roaming\ICQ
2012-02-28 11:21:05 ----D---- C:\Windows\SysWOW64
2012-02-28 11:20:29 ----D---- C:\Windows\system32\drivers\etc
2012-02-28 11:20:10 ----D---- C:\Program Files (x86)\Common Files
2012-02-28 11:20:09 ----D---- C:\Windows\Tasks
2012-02-28 07:36:44 ----D---- C:\Windows\Prefetch
2012-02-27 21:32:28 ----D---- C:\Windows\System32
2012-02-27 21:32:28 ----D---- C:\Windows\inf
2012-02-27 21:32:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-27 21:04:11 ----D---- C:\Users\K a T\AppData\Roaming\Skype
2012-02-27 20:29:56 ----A---- C:\Windows\NeroDigital.ini
2012-02-23 22:19:40 ----AD---- C:\ProgramData\Temp
2012-02-21 23:06:15 ----SHD---- C:\Windows\Installer
2012-02-21 23:05:25 ----D---- C:\ProgramData\Microsoft Help
2012-02-21 23:05:22 ----RSD---- C:\Windows\assembly
2012-02-21 23:02:53 ----A---- C:\Windows\win.ini
2012-02-20 13:04:41 ----D---- C:\Windows\debug
2012-02-17 13:10:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-02-16 20:01:09 ----D---- C:\Windows\Microsoft.NET
2012-02-16 06:52:49 ----D---- C:\Program Files (x86)
2012-02-16 06:47:47 ----D---- C:\Windows\winsxs
2012-02-16 06:45:44 ----D---- C:\Windows\system32\drivers
2012-02-16 06:45:43 ----D---- C:\Windows\SYSWOW64\migration
2012-02-16 06:45:43 ----D---- C:\Windows\system32\migration
2012-02-16 06:45:43 ----D---- C:\Program Files\Internet Explorer
2012-02-16 06:45:43 ----D---- C:\Program Files (x86)\Internet Explorer
2012-02-15 22:12:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-15 22:09:37 ----A---- C:\Windows\system32\MRT.exe
2012-02-15 11:51:28 ----D---- C:\Windows\system32\catroot
2012-02-15 11:51:27 ----D---- C:\Windows\system32\catroot2
2012-02-13 15:07:36 ----D---- C:\Windows\system32\Tasks
2012-02-08 19:11:04 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-02-08 09:31:59 ----D---- C:\Windows\Downloaded Program Files
2012-02-04 13:37:33 ----D---- C:\Program Files (x86)\Google
2012-02-04 13:26:20 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-04 13:19:29 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-02-04 13:19:25 ----D---- C:\Windows\Minidump
2012-02-04 13:15:54 ----D---- C:\Windows\system32\DriverStore
2012-02-04 13:09:16 ----D---- C:\Program Files (x86)\Seznam.cz
2012-02-04 13:08:24 ----D---- C:\Program Files (x86)\Lingea
2012-02-04 13:08:02 ----DC---- C:\Windows\system32\DRVSTORE
2012-02-04 13:06:10 ----D---- C:\Program Files (x86)\Adobe
2012-02-04 13:05:21 ----D---- C:\Program Files\Adobe
2012-02-04 10:15:24 ----D---- C:\Windows\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2009-11-05 433200]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2011-12-01 1157240]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2012-02-04 482936]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 32712]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20120225.003\IDSvia64.sys [2011-12-16 488568]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [2010-04-22 32304]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 14032]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 138360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-11-02 2022304]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20120227.034\ENG64.SYS [2011-08-04 117880]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20120227.034\EX64.SYS [2011-08-04 2048632]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-11-12 84584]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-11-05 291328]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2011-01-08 34032]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [2010-04-22 505392]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2010-12-27 173104]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-01-08 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-01-08 27176]
S3 iaStor;iaStor; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-09 537624]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-01-04 82816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 Greg_Service;GRegService; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-11-24 383592]
R2 Updater Service;Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2010-01-29 243232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2011-07-19 31424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-18 655624]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-04 1255736]

-----------------EOF-----------------

[Márty84]

To, ze zmizelo OTC i OTM je v poradku. Ta RAMka je taky celkem v normalu.
Pokracujte dalsimi kroky, vcetne te defragmentace.
Pak se uvidi

Co se tech cracku tyka, samozrejme byste je nemeli pouzivat. Casto se stava, ze diky nim sice program funguje, ale zaroven dela i neco navic.

Podivame se, jestli vam tam nekde neco nelezi
Udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte jeho log. Predem nic nemazte!

[Kaminek]

Můžem si tykat, jestli to neva, na vykání si moc nepotrpím... díky moc
Udělala jsem všechno, kromě té defregmentace, zatím. Já ji pustím až večer. PC je nové, máme ho rok. tak tam snad extra bordel není. Čistila jsem Cleanerem, ale když otevřu firefox, stále mi tam některé adresy zůstaly. JInak pravidelně používám Spybot, CCleaner, ATF Cleaner, Malwarebytes Anti-Malware a ochranu NortonSymantec.

[Márty84]

Tykat si klidne muzem
Ale navody mam vetsinou uz predepsane a to ve vykani

Ono zalezi, jak se na tom pc pracuje. Za rok se toho da stihnout hodne, takze tu defragmentaci urcite udelejte, tedy vlastne udelej Ale bacha, muze trvat dlouho, tak jestli pc na noc vypinas, zapni to radeji o neco drive

Kterou vezi CCleaneru mas? Ono taky zalezi na nastaveni. Kdyz ho spustis, hned vedle funkce Cistic, je mensi napis windows a pod tim ty ctverecky a zatrzitka. No a vedle toho napisku windows je napis aplikace. Kdyz na nej kliknes, mela by tam byt i mozilla. A pak zalezi, co vsechno tam mas zatrzene.

No a pak se to da nastavit i primo v nastaveni mozilly, zda si ma neco pamatovat, nebo ne.


Spybota odinstaluj. Ten program ma sva nejlepsi leta davno pryc a ted uz je spis jen na okrasu.
Jestli tedy pouzivas MBAM a delala jsi sken, melo by to byt v poradku. Ale jestli si nejsi jista nejakym souborem, otestuj ho na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846

Urcite mi tam ale testni tenhle soubor C:\Windows\SCC2E117E.tmp , ktery jsi podle logu do pc dostala dneska kolem poledne

2012-02-28 11:47:16 ----SH---- C:\Windows\SCC2E117E.tmp

No a pokud to bude i po te defragmentaci zase pomale, podivame se na to poradne. Par skeneru jeste je

[Kaminek]

jj, díky. Antimlwre běží, u CCleaneru zůstávalo nastavení bezezměn, ta historie tam zbyla najednou z ničeho nic, jsou to jen některé www, ne všechny. Verze je poslední aktualizovaná, (myslím) je to 3.01.1327 (64bit). Mám zaškrtnutý at to maže "všechno" koš, historii, cookies... atd. Taky mě napadá, že když dám pc spát, tak se samo zapne. a začne "škvrčet", jako když pracuje. Většinou mám puštěný outlook - je možný že by to z toho spánku zapnul? Ale neměl by, ne?
Ono pc není pomalé při práci, ale jen při zapínání. A pak taky, když kliknu na firefox, třeba 5sec trvá, než to začne něco dělat, kliknu a nic. Ani přesýpací hodiny, nic. Kolikrát ani nevím, jestli jsem na nej klikla nebo ne, a kliknu dvakrát a on se po tý době najednou otevře. dvakrát... to mě dere...

https://www.virustotal.com/file/e3b0c44 ... 330440077/

[Márty84]

Zkus se mrknout do toho nastaveni primo v mozille - Klikni na Nastroje - Moznosti - Soukromi a tam je nastaveni o pamatovani historie.
Nejsem si jisty, jestli to muze outlok zapnout. Ono taky zalezi, co vsechno ti spi To se da taky nastavit. Ale z hlavy ti nereknu kde, nemam windows7.

[Márty84]

Ono pc není pomalé při práci, ale jen při zapínání. A pak taky, když kliknu na firefox, třeba 5sec trvá, než to začne něco dělat, kliknu a nic. Ani přesýpací hodiny, nic. Kolikrát ani nevím, jestli jsem na nej klikla nebo ne, a kliknu dvakrát a on se po tý době najednou otevře. dvakrát... to mě dere...

A jak dlouho to tedy trva, nez se zapne? Nejvetsi brzdy jsme vypli a moc uz tam toho nezbylo. Je to o hodne pomalejsi nez to byvalo? Uvidime po te defragmentaci a dvou trech restartech.

Pouzivas i jiny prohlizec nez mozillu? Ono to prvni spusteni chvili trva, ale dalsi okna uz jsou hned, aspon tedy u me

[Kaminek]

Mám jen firefox, jiný ne. Po tom, co jsme všechno smazali to vypadá, že to při startu je rychlejší. Ale jak běží antimlwre, tak to znovu nebudu vypínat, abych to zkusila, až pak.. No nevím , dyž chci otevřít další nový firefox, stejně to tak 6sc zabere.

[Márty84]

Tak ted je to tim testem, ten to brzdi. Jestli to po te defragmentaci bude delat i bez beziciho testu, jeste se na to podivame.

A ten start systemu taky zkousej az po te defragmentaci

Ale ten Internet Explorer bys stejne pak mela aktualizovat

[Kaminek]

Já internet aktualizuju dycky, dyž přijde nová aktualizace, stahuju přes něj banku, je to určo poslední verze.
Tak já to nechám všechno projet a ozvu se. Díky a zatím hoj hoj

[Márty84]

V logu se pise
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Ale uz davno je verze 9 http://windows.microsoft.com/cs-CZ/inte ... ts/ie/home

Nevim, jestli se jeste dnes dostanu k pc, takze mozna odpovim az zitra dopoledne

A nemas vubec zac. Zatim ahoj