zpomaleny pocitac - prosim o kontrolu logu

[motji]

Ten disk je prostě vadný, může Vám klidně fungovat dalších pár let, nebo taky zítra prostě odejít nadobro..to Vám nikdo nepoví. Máte dva disky, asi bych si důležitá data dávala na ten druhý disk.

[tovyx]

Ten disk je prostě vadný, může Vám klidně fungovat dalších pár let, nebo taky zítra prostě odejít nadobro..

Samozrejme to budu muset nejak vyresit, ale v nejblizsi dobe mi to skola a dalsi povinnosti bohuzel nedovoli...

Máte dva disky, asi bych si důležitá data dávala na ten druhý disk.

Vicemene to tak delam.


Podivame se jeste na ty procesy pri startu?

[motji]

Tak raději více než méně

Já se omlouvám za prodlevy mezi radami, ale u pc se ted moc nevyskytuji.

Spybota doporučuji odinstalovat, už máte windows defender.

:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript

Kód: Vybrat vše

:processes
explorer.exe
 
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1174011171-2297701796-382527344-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1174011171-2297701796-382527344-1000UA.job
C:\Users\Radek\AppData\Local\Bthece32.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Password.lnk
C:\Windows\temp\Password.exe

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{338B4DFE-2E2C-4338-9E41-E176D497299E}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=-
"Adobe_ID0EYTHM"=-
"Acrobat Assistant 7.0"=-
"QuickTime Task"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"TrayServer"=-
"AdobeCS4ServiceManager"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"AdobeBridge"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

[tovyx]

Já se omlouvám za prodlevy mezi radami, ale u pc se ted moc nevyskytuji.

Dobry den, prodlevy vubec nevadi, vlastne mi to takhle vyhovuje

Spybota doporučuji odinstalovat, už máte windows defender.

Defendera jsem nepouzival; ted jsem ho zapnul a Spybot odinstaloval.

OTM.exe

Program jsem spustil a skript vlozil a dal Moveit!, ale po chvili se to seklo, tak jsem dal Exit a po Ctrl+ALt+Del restart. Bohuzel jsem si neuvedomil, ze jsem mel vlozit skript z druheho okna...


Log ze slozky OTM:

Files moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[motji]

Poprosím o nový log ze rsitu. Co počítač?

[tovyx]

Co počítač?

Momentalne to vypada dobre.

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2012-04-29 12:04:19
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 23 GB (24%) free of 94 GB
Total RAM: 2045 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:31, on 29.4.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\System32\oodtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\avira\antivir desktop\ipmGui.exe
c:\Users\Radek\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Radek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - Startup: Dropbox.lnk = Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} -
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.6.0) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9c1e6b1f8b7d8) (gupdate1c9c1e6b1f8b7d8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Kentico CMS Health Monitor (KenticoCMS) (KenticoCMSHealthMonitorf3b94d2d493d4da2bba024ba5fabb320) - CMS - c:\Inetpub\wwwroot\KenticoCMS\bin\HealthMonitoringService.exe
O23 - Service: Kentico CMS Scheduler (KenticoCMS) (KenticoCMSSchedulerf3b94d2d493d4da2bba024ba5fabb320) - CMS - c:\Inetpub\wwwroot\KenticoCMS\bin\SchedulerService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12909 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-04-04 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-13 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-05-09 159744]
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-08-29 36864]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-06-02 3563520]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-04-16 184320]
"OSSelectorReinstall"=C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2006-04-12 1261475]
"OODefragTray"=C:\Windows\system32\oodtray.exe [2008-09-04 2524416]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-06-27 405504]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-16 13793824]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2009-06-16 92704]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-12-15 258512]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-12 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2011-12-27 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Radek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-02-15 24246216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Radek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.tssoft32"=tssoft32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.divxa32"=divxa32.acm
"msacm.vorbis"=vorbis.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.wmv3"=wmv9vcm.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-04-29 10:47:32 ----D---- C:\_OTM
2012-04-28 21:15:43 ----N---- C:\Windows\system32\MpSigStub.exe
2012-04-27 00:32:09 ----D---- C:\Program Files\HD Tune
2012-04-26 23:16:23 ----D---- C:\Program Files\CrystalDiskInfo
2012-04-26 09:10:37 ----SHD---- C:\$RECYCLE.BIN
2012-04-26 09:10:32 ----D---- C:\Windows\temp
2012-04-26 09:10:30 ----A---- C:\ComboFix.txt
2012-04-26 08:56:29 ----A---- C:\Windows\zip.exe
2012-04-26 08:56:29 ----A---- C:\Windows\SWSC.exe
2012-04-26 08:56:29 ----A---- C:\Windows\SWREG.exe
2012-04-26 08:56:29 ----A---- C:\Windows\sed.exe
2012-04-26 08:56:29 ----A---- C:\Windows\PEV.exe
2012-04-26 08:56:29 ----A---- C:\Windows\NIRCMD.exe
2012-04-26 08:56:29 ----A---- C:\Windows\MBR.exe
2012-04-26 08:56:29 ----A---- C:\Windows\grep.exe
2012-04-26 08:56:21 ----D---- C:\Windows\ERDNT
2012-04-26 08:56:20 ----D---- C:\ComboFix
2012-04-26 08:54:24 ----D---- C:\Qoobox
2012-04-25 12:37:08 ----D---- C:\Users\Radek\AppData\Roaming\Malwarebytes
2012-04-25 12:36:40 ----D---- C:\ProgramData\Malwarebytes
2012-04-25 12:36:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-04-25 12:36:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-04-24 16:12:27 ----D---- C:\rsit
2012-04-24 16:12:27 ----D---- C:\Program Files\trend micro
2012-04-12 11:47:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-12 11:47:07 ----A---- C:\Windows\system32\iertutil.dll
2012-04-12 11:47:06 ----A---- C:\Windows\system32\wininet.dll
2012-04-12 11:47:06 ----A---- C:\Windows\system32\jscript9.dll
2012-04-12 11:47:06 ----A---- C:\Windows\system32\jscript.dll
2012-04-12 11:47:05 ----A---- C:\Windows\system32\url.dll
2012-04-12 11:47:05 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-12 11:47:05 ----A---- C:\Windows\system32\ieui.dll
2012-04-12 11:47:04 ----A---- C:\Windows\system32\urlmon.dll
2012-04-12 11:47:03 ----A---- C:\Windows\system32\ieframe.dll
2012-04-12 11:47:02 ----A---- C:\Windows\system32\mshtml.dll
2012-04-12 11:46:57 ----A---- C:\Windows\system32\wmi.dll
2012-04-12 11:46:57 ----A---- C:\Windows\system32\wintrust.dll
2012-04-12 11:46:57 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-12 11:46:57 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-12 11:46:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-12 11:46:47 ----A---- C:\Windows\system32\ntkrnlpa.exe

======List of files/folders modified in the last 1 month======

2012-04-29 12:03:06 ----D---- C:\Users\Radek\AppData\Roaming\Dropbox
2012-04-29 10:59:11 ----D---- C:\Windows\System32
2012-04-29 10:59:11 ----D---- C:\Windows\inf
2012-04-29 10:59:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-29 10:57:06 ----D---- C:\Windows\Tasks
2012-04-29 10:55:23 ----D---- C:\Windows\Prefetch
2012-04-29 10:47:55 ----SHD---- C:\Windows\Installer
2012-04-29 10:40:14 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-04-29 10:38:14 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-04-29 09:53:13 ----D---- C:\Windows\system32\LogFiles
2012-04-28 19:16:09 ----D---- C:\Windows\tracing
2012-04-28 19:09:43 ----D---- C:\Windows
2012-04-28 17:30:55 ----D---- C:\filmy
2012-04-28 14:20:58 ----D---- C:\Downloads
2012-04-27 23:06:33 ----A---- C:\Windows\NeroDigital.ini
2012-04-27 21:08:08 ----D---- C:\Users\Radek\AppData\Roaming\Skype
2012-04-27 00:32:09 ----RD---- C:\Program Files
2012-04-26 09:07:47 ----A---- C:\Windows\system.ini
2012-04-26 09:07:38 ----D---- C:\Windows\system32\drivers\etc
2012-04-26 09:07:03 ----D---- C:\Program Files\HyperCam Toolbar
2012-04-26 09:04:01 ----D---- C:\Windows\system32\drivers
2012-04-26 09:04:00 ----D---- C:\Windows\AppPatch
2012-04-26 09:03:59 ----D---- C:\Program Files\Common Files
2012-04-26 08:44:57 ----D---- C:\Config.Msi
2012-04-26 08:44:54 ----D---- C:\Program Files\ABBYY FineReader 9.0
2012-04-26 08:04:44 ----D---- C:\Windows\addins
2012-04-26 08:01:36 ----D---- C:\ProgramData
2012-04-24 00:48:14 ----D---- C:\Windows\system32\catroot2
2012-04-19 18:49:12 ----D---- C:\Program Files\Steam
2012-04-14 16:23:44 ----D---- C:\Windows\SoftwareDistribution
2012-04-12 16:03:22 ----D---- C:\Windows\Debug
2012-04-12 14:40:41 ----D---- C:\Windows\system32\migration
2012-04-12 14:40:40 ----D---- C:\Program Files\Internet Explorer
2012-04-12 13:31:19 ----RSD---- C:\Windows\assembly
2012-04-12 13:31:19 ----D---- C:\Windows\Microsoft.NET
2012-04-12 11:47:18 ----D---- C:\Windows\winsxs
2012-04-12 11:47:15 ----D---- C:\Windows\system32\catroot
2012-04-12 11:39:40 ----A---- C:\Windows\system32\mrt.exe
2012-04-12 11:39:16 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-05-11 277784]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2008-01-08 99776]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-02-15 137416]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-12-15 36000]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-12-15 74640]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-04-29 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-04-25 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-04-25 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-04-25 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-04-29 8192]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-05-09 157184]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-06-02 18424]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-06-02 1207288]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2007-04-25 45568]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-29 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-29 206848]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-06-16 9768640]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-08-29 235520]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-29 7424]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-06-27 326656]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-29 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 78128]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 80176]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 16560]
S3 catchme;catchme; \??\C:\Users\Radek\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2; C:\Windows\system32\DRIVERS\aabed2.sys [2008-03-20 23040]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2010-07-15 8456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\dell support center\pcdsrvc.pkms []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usb2vcom;USB Data Cable; C:\Windows\system32\DRIVERS\usb2vcom.sys [2005-08-05 28704]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-01-08 685816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-12-15 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-01-09 79360]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 MsDepSvc;Web Deployment Agent Service; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-16 211488]
R2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe [2008-09-04 1295616]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-06-02 24064]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-04-29 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9c1e6b1f8b7d8;Služba Google Update (gupdate1c9c1e6b1f8b7d8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-20 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-13 194104]
S2 KenticoCMSHealthMonitorf3b94d2d493d4da2bba024ba5fabb320;Kentico CMS Health Monitor (KenticoCMS); c:\Inetpub\wwwroot\KenticoCMS\bin\HealthMonitoringService.exe [2011-10-07 16216]
S2 KenticoCMSSchedulerf3b94d2d493d4da2bba024ba5fabb320;Kentico CMS Scheduler (KenticoCMS); c:\Inetpub\wwwroot\KenticoCMS\bin\SchedulerService.exe [2011-10-07 13656]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter []
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-03-21 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-20 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [2008-01-10 78536]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[motji]

Co počítač?

[tovyx]

Co počítač?

Momentalne vypada vse v poradku.

[tovyx]

Dobry den,
tak vcerejsi a dnesni starty byly opet pomalejsi...

[motji]

Pomalejší znamená co?

[tovyx]

Pouzil jsem Prohlížeč událostí (eventvwr.exe), »Protokoly aplikací a služeb / Microsoft / Windows / DiagnosticsPerformance / Operational« a vyfiltroval chyby:

spusteni dnes:
Systém Windows byl spuštěn:
Dobra trvání spouštění : 76775ms
IsDegradation : false
Čas události (UTC) : 2.5.2012 12:21:55


System

- Provider

[ Name] Microsoft-Windows-Diagnostics-Performance
[ Guid] {cfc18ec0-96b1-4eba-961b-622caee05b0a}

EventID 100

Version 1

Level 2

Task 4002

Opcode 34

Keywords 0x8000000000010000

- TimeCreated

[ SystemTime] 2012-05-02T12:24:49.051Z

EventRecordID 34286

- Correlation

[ ActivityID] {00000000-76C8-0000-0F92-D0295E28CD01}

- Execution

[ ProcessID] 556
[ ThreadID] 2300

Channel Microsoft-Windows-Diagnostics-Performance/Operational

Computer Radek-PC

- Security

[ UserID] S-1-5-19


EventData

BootTsVersion 2
BootStartTime 2012-05-02T12:21:55.718Z
BootEndTime 2012-05-02T12:24:43.372Z
SystemBootInstance 555
UserBootInstance 3294
BootTime 76775
MainPathBootTime 60575
BootKernelInitTime 23
BootDriverInitTime 7040
BootDevicesInitTime 16449
BootPrefetchInitTime 0
BootPrefetchBytes 0
BootAutoChkTime 0
BootSmssInitTime 12166
BootCriticalServicesInitTime 1759
BootUserProfileProcessingTime 1379
BootMachineProfileProcessingTime 5
BootExplorerInitTime 11088
BootNumStartupApps 17
BootPostBootTime 16200
BootIsRebootAfterInstall false
BootRootCauseStepImprovementBits 0
BootRootCauseGradualImprovementBits 0
BootRootCauseStepDegradationBits 0
BootRootCauseGradualDegradationBits 0
BootIsDegradation false
BootIsStepDegradation false
BootIsGradualDegradation false
BootImprovementDelta 0
BootDegradationDelta 0
BootIsRootCauseIdentified false



spusteni vcera:
Systém Windows byl spuštěn:
Dobra trvání spouštění : 145584ms
IsDegradation : true
Čas události (UTC) : 1.5.2012 14:31:17


System

- Provider

[ Name] Microsoft-Windows-Diagnostics-Performance
[ Guid] {cfc18ec0-96b1-4eba-961b-622caee05b0a}

EventID 100

Version 1

Level 2

Task 4002

Opcode 34

Keywords 0x8000000000010000

- TimeCreated

[ SystemTime] 2012-05-01T14:34:56.728Z

EventRecordID 34271

- Correlation

[ ActivityID] {00000000-9B8C-0001-7873-FF11A727CD01}

- Execution

[ ProcessID] 564
[ ThreadID] 2280

Channel Microsoft-Windows-Diagnostics-Performance/Operational

Computer Radek-PC

- Security

[ UserID] S-1-5-19


EventData

BootTsVersion 2
BootStartTime 2012-05-01T14:31:17.858Z
BootEndTime 2012-05-01T14:34:49.787Z
SystemBootInstance 553
UserBootInstance 3292
BootTime 145584
MainPathBootTime 87216
BootKernelInitTime 41
BootDriverInitTime 9659
BootDevicesInitTime 15910
BootPrefetchInitTime 0
BootPrefetchBytes 0
BootAutoChkTime 0
BootSmssInitTime 11167
BootCriticalServicesInitTime 1996
BootUserProfileProcessingTime 1483
BootMachineProfileProcessingTime 1
BootExplorerInitTime 36159
BootNumStartupApps 17
BootPostBootTime 58368
BootIsRebootAfterInstall false
BootRootCauseStepImprovementBits 0
BootRootCauseGradualImprovementBits 0
BootRootCauseStepDegradationBits 0
BootRootCauseGradualDegradationBits 1048576
BootIsDegradation true
BootIsStepDegradation false
BootIsGradualDegradation true
BootImprovementDelta 0
BootDegradationDelta 49560
BootIsRootCauseIdentified false


spusteni predevcirem:
Systém Windows byl spuštěn:
Dobra trvání spouštění : 111447ms
IsDegradation : false
Čas události (UTC) : 30.4.2012 20:52:39

System

- Provider

[ Name] Microsoft-Windows-Diagnostics-Performance
[ Guid] {cfc18ec0-96b1-4eba-961b-622caee05b0a}

EventID 100

Version 1

Level 2

Task 4002

Opcode 34

Keywords 0x8000000000010000

- TimeCreated

[ SystemTime] 2012-04-30T20:55:43.187Z

EventRecordID 34258

- Correlation

[ ActivityID] {00000000-9B8C-0001-0F64-3C2E1327CD01}

- Execution

[ ProcessID] 620
[ ThreadID] 2300

Channel Microsoft-Windows-Diagnostics-Performance/Operational

Computer Radek-PC

- Security

[ UserID] S-1-5-19


EventData

BootTsVersion 2
BootStartTime 2012-04-30T20:52:39.718Z
BootEndTime 2012-04-30T20:55:35.210Z
SystemBootInstance 549
UserBootInstance 3288
BootTime 111447
MainPathBootTime 65047
BootKernelInitTime 23
BootDriverInitTime 7971
BootDevicesInitTime 21433
BootPrefetchInitTime 0
BootPrefetchBytes 0
BootAutoChkTime 0
BootSmssInitTime 11589
BootCriticalServicesInitTime 2960
BootUserProfileProcessingTime 2401
BootMachineProfileProcessingTime 346
BootExplorerInitTime 8081
BootNumStartupApps 17
BootPostBootTime 46400
BootIsRebootAfterInstall false
BootRootCauseStepImprovementBits 0
BootRootCauseGradualImprovementBits 0
BootRootCauseStepDegradationBits 0
BootRootCauseGradualDegradationBits 0
BootIsDegradation false
BootIsStepDegradation false
BootIsGradualDegradation false
BootImprovementDelta 0
BootDegradationDelta 0
BootIsRootCauseIdentified false



mimo to jsem tam nasel jeste jednu udalost ze dneska, nejaky cas po spusteni:
Informace o události sledování výkonu prostředí:
Scénář : Rychlost reakce systému
Výsledek analýzy : Analýza nenašla žádné základní příčiny.
Čas události (UTC) : 2.5.2012 13:20:03


System

- Provider

[ Name] Microsoft-Windows-Diagnostics-Performance
[ Guid] {cfc18ec0-96b1-4eba-961b-622caee05b0a}

EventID 400

Version 1

Level 2

Task 4005

Opcode 37

Keywords 0x8000000000010000

- TimeCreated

[ SystemTime] 2012-05-02T13:20:16.147Z

EventRecordID 34288

- Correlation

[ ActivityID] {00000000-9B8C-0001-1092-D0295E28CD01}

- Execution

[ ProcessID] 556
[ ThreadID] 2680

Channel Microsoft-Windows-Diagnostics-Performance/Operational

Computer Radek-PC

- Security

[ UserID] S-1-5-19


EventData

ShellScenarioStartTime 2012-05-02T13:20:03.643Z
ShellScenarioEndTime 2012-05-02T13:20:08.643Z
ShellSubScenario 1
ShellScenarioDuration 5000
ShellRootCauseBits 0
ShellAnalysisResult 1
ShellDegradationType 1
ShellTsVersion 1
ShellMachineUpTimeHours 0
ShellMachineSleepPattern 0


edit: k tomu prvnimu spusteni (tedy dnesnimu) - tech 76 vterin se mi zda neodpovidajicich, subjektivne dnesni start trval prinejmensim stejne jako ten vcerejsi, u ktereho to ukazuje dvojnasobny cas...

[motji]

Startem máš na mysli co? Až po naběhnutí ikon na ploše? Mě to trvá asi 3minuty a další minutu než se dá na pc pracovat.
Jinak je pc stejně rychlý, až na ten start?

Stáhněte Gold memory
http://www.goldmemory.cz/gm692.zip
- rozbalíte a musíte vypálit v ISU (Nerem či podobným programem, který to umí).
-pak z něj nabootujete a necháte aspoň 3 cykly testovat

[tovyx]

Startem máš na mysli co? Až po naběhnutí ikon na ploše? Mě to trvá asi 3minuty a další minutu než se dá na pc pracovat.
Jinak je pc stejně rychlý, až na ten start?

Ano, dobu nabehnuti systemu - nez je mozne zacit skutecne neco delat. Mohli by to byt zhruba ty tri minuty (subjektivne). To se mi zdalo pomale. O vikendu to bylo rychlejsi (rekl bych zhruba minutu).
Potom uz pocitac bezi normalne.
Jen vcera jsem zaznamenal narust vyuziti pameti procesem svchost.exe (asi na 400MB) zhruba hodinu po startu. Po chvili bylo vse zase ok.
edit: momentalne to pozoruji znovu.

[motji]

Spustte znovu combofix.

[tovyx]

ComboFix 12-05-03.03 - Radek 04.05.2012 9:05.5.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.2045.845 [GMT 2:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-04 do 2012-05-04 )))))))))))))))))))))))))))))))
.
.
2012-05-04 07:16 . 2012-05-04 07:16 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-05-04 07:16 . 2012-05-04 07:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-02 12:33 . 2012-04-18 01:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BC15740-E995-4BEF-8978-B782342C8320}\mpengine.dll
2012-04-29 08:47 . 2012-04-29 08:47 -------- d-----w- C:\_OTM
2012-04-28 19:15 . 2012-02-23 08:18 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-04-26 22:32 . 2012-04-26 22:32 -------- d-----w- c:\program files\HD Tune
2012-04-26 21:16 . 2012-04-26 21:16 -------- d-----w- c:\program files\CrystalDiskInfo
2012-04-26 07:10 . 2012-05-04 07:16 -------- d-----w- c:\users\Radek\AppData\Local\temp
2012-04-25 10:37 . 2012-04-25 10:37 -------- d-----w- c:\users\Radek\AppData\Roaming\Malwarebytes
2012-04-25 10:36 . 2012-04-25 10:36 -------- d-----w- c:\programdata\Malwarebytes
2012-04-25 10:36 . 2012-04-25 10:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-25 10:36 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-24 14:12 . 2012-04-29 10:04 -------- d-----w- c:\program files\trend micro
2012-04-24 14:12 . 2012-04-24 14:13 -------- d-----w- C:\rsit
2012-04-12 09:46 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 09:46 . 2012-02-29 15:11 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 09:46 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 09:46 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 09:46 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 09:46 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-12 09:37 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-15 17:42 . 2012-02-15 17:28 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-14 15:45 . 2012-03-14 16:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 16:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 16:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 16:46 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 16:46 1068544 ----a-w- c:\windows\system32\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-05-09 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-29 36864]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-06-02 3563520]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2006-04-12 1261475]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-06-27 405504]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Radek\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2008-6-10 25214]
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ OODBS\0autocheck autochk *
.
[HKLM\~\startupfolder\C:^Users^Radek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Radek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-12 10:34 1414144 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-12-27 17:33 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1174011171-2297701796-382527344-1000]
"EnableNotificationsRef"=dword:00000002
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-20 06:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Download with Xilisoft Download YouTube Video - c:\program files\Xilisoft\Download YouTube Video\upod_link.HTM
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044}
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-04 09:16
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="F91C2081DC456D91C4B446BE18984483D6CA815BF02E8DBF45F519E60841C82D8B9FA7840B701EDA81B97E482E5C7D0251C518DBB10FDFD38A2297F77442149A43B6E02DA0E1102D3F6933FD61EDE329B457E3C223A6318997F79CE8EE88B6057977ACF3D31666BDF8F0EEDC56FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808A2D97226D213B555A2D97226D213B5553DADED9085B9226B11BA4552A09E4885001DF783BC210EE9E424743A6C8C76D79FE3ED10457BA9F8DD4E8E9210BA47573D606FC1CF3B13E33356F41E9494EC8E4C7FE248A01917EBB511D72DDCF250691D1507C79E613D9ADADFC96D386E9E84EFA284AA64CBDB11D0FDCFB571AC59FA83AF7FEA4EC0A55A8BCEEEDBDB30EA3A271322EB8FB23BB95832BA8169ACAC4DC74833C13AE7BB7AEA52EE623652843304BA9E06D750D0BD6DF2F0A9182068A7B79A8DA6F14D42CF1241EB3DB232F4780DA86FB5250B06F3A2255A8E03157D5411868EB835C84FB68D129BEBF09197183C8C9EFB152D1EBCFC557950E100B12289114CDCFC154F8FDE644632C4969BA1803DCB9D77E4AC76F9B0E0D524B89EE448DFECB772D4FE3E7B76CA99B54985A9B836A72550C49B8A080C36496A79B2716941AD37750B72A84BAF19ED00172D493E92795F59C3A5DF09DC36998BE1AF23FDA2DE089721903CAB97B63E90D2BC9DDA171B5CFD3B5E64D43F30F70F742BD8881AE41E1F6293676E5B3DDF0E30B5C54A287AF160E9A70BB6F087DAB39A0EF302DD373108000B1FD7CB5AEACE4A6BE6404E9BB852733C49ED55B27CE91F98DD564B623C7E0ED75AA0DDCDB9DC9C852A623A920F5E5DA7972DF2BC5AD8B1597F64E188FDE705B294762A6EEE7A0B00BC4B3C0B15C090CBF49A75C5B75964B8460345DAF8D7C1254C7AED266D99D7A94E88CAC230E9DDDCE251AA0199F82FEE27773DA3F61B838F87410AEF5E612FA7149B7F8C8A7EF6E4E46286B5CAF8ED0B18FEB53F7FAE6F22CCD4835D2C2E9DF0C5FA184D8FD6703E08CE9F3F59CE60EC13493F1D65460FE6A7300495888F14D121117600717F479A570EB10C982428CB16FA8C413948CC3628C5565066C868E9673B213425395880E50C99211CD6CD31A62A7645524E7A3F617BECDBFE5153AC5BCC418AE3F7E64648A6DB14BFF7BD7B48667854CCA74B856B28DC984DD47362C58A25BA2AE3989A18319F9022CCC65B88ACB3AF88D6D8DF629ADEFC92B1C8A6F4AE3F0E3A5B79FCF4F3AE55A3509AD673F1E92A26121FF7E4144E1153FDB968B8E6A462186D7543FE2877B76CADD2C89C9E04AC8F447DCC97472E7256FE0FEC65568F2B0EDF60145B7D0F9CE5C9E9DD9A8D0F356D0C3A32A05FA25329B0F74A54925D6D"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5412)
c:\users\Radek\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2012-05-04 09:23:11
ComboFix-quarantined-files.txt 2012-05-04 07:23
ComboFix2.txt 2012-04-26 07:10
.
Před spuštěním: Volných bajtů: 24 282 918 912
Po spuštění: Volných bajtů: 24 267 681 792
.
- - End Of File - - B659BBB888850EDC71ECF76FFCBC0B62