Zaseknuti PC

Zpráva

manyak · #1 Příspěvek od **manyak** » 23 led 2013 17:04

Dobry den potreboval bych poradit ohledne problemu co se ted v Pc deje nahodne se mi stane ze se mi sekne Pc a jde pouze restartovat pak to bezi v poradku dal.mam domenku ze se jeden z disku prehriva podle EVERESTU

Seagate ST3160827AS 34 °C (93 °F)

Seagate ST3500630AS 41 °C (106 °F)

nejak takto uz mam doma novy case a chladic na CPU zitra budu instalovat myslite ze to ma nejakou souvislost z teploutou v PC ?

dale se mi zda ze grafika u hry METIN2 problikava ovladace sou v poradku a zapojeny to mam do PCI slotu neni to nahodou tim ? dekuji

#2 Příspěvek od **Rudy** » 23 led 2013 17:58

Zdravím!
Teploty disků jsou v pořádku.

......nejak takto uz mam doma novy case a chladic na CPU zitra budu instalovat....

Jak si tohle mám vyložit? Znamená to, že provozujete CPU bez chladiče? To snad ne.

Nebo je to jen chyba v oddělení vět tečkou?

manyak · #3 Příspěvek od **manyak** » 23 led 2013 18:07

chyba bude zdrejme tim ze neumim oddelovat vety tak se omlouvam. mam doma novy CASE zalman z11+ a novy CPU chladis (Noctua NH-D14) misto toho boxovyho od vyrobce

tak pokud sou teploty v poradku tam me nenapada cim by to mohlo byt

#4 Příspěvek od **Rudy** » 23 led 2013 18:44

Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 .

manyak · #5 Příspěvek od **manyak** » 23 led 2013 19:08

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2013-01-23 19:03:52
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 32 GB (21%) free of 153 GB
Total RAM: 6142 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:36, on 23.1.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Cleaners\PCCleaners.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\trend micro\Radek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={7F ... 2185762EAD}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={7F ... 2185762EAD}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [DeathTaker] "C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABFE75B1-2CFC-4278-BDEB-15B87F0D37A5}: NameServer = 10.255.255.10,10.255.255.20
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8926 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
taskeng.exe {4B4BE0A5-8F7F-4E17-A542-F4136646A44B}
C:\Windows\Explorer.EXE
taskeng.exe {FDD17BDD-FB18-4BCF-91BF-091A6E591E1E}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Windows\RAVCpl64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Users\Radek\Desktop\RSITx64.exe"
WLIDSvcM.exe 2720
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
szndesktop.exe default start
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-13 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-13 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2008-07-03 6430208]
"Skytel"=C:\Windows\Skytel.exe [2008-06-25 1826816]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-12-12 1354736]
"cz.seznam.software.autoupdate"=C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DeathTaker"=C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [2011-10-24 303616]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18 1492264]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"PC Cleaners"=C:\Program Files (x86)\PC Cleaners\PCCleaners.exe [2013-01-02 55130896]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-23 18:50:56 ----D---- C:\rsit
2013-01-23 18:50:56 ----D---- C:\Program Files\trend micro
2013-01-23 18:09:05 ----AD---- C:\ProgramData\TEMP
2013-01-23 18:08:54 ----D---- C:\Program Files (x86)\HDD Regenerator
2013-01-23 15:43:10 ----A---- C:\Q818326_WXP_SP2_x86_CSY_Symbols.exe
2013-01-23 15:43:10 ----A---- C:\Q818326_WXP_SP2_x86_CSY.exe
2013-01-23 15:43:10 ----A---- C:\hotfix.txt
2013-01-23 10:21:55 ----D---- C:\ProgramData\ATI
2013-01-23 10:21:49 ----D---- C:\Program Files (x86)\AMD APP
2013-01-20 23:13:34 ----A---- C:\LOGFILE.TXT
2013-01-19 10:32:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-17 11:08:05 ----SHD---- C:\found.000
2013-01-14 16:17:21 ----D---- C:\ProgramData\SweetIM
2013-01-14 16:17:21 ----D---- C:\Program Files (x86)\SweetIM
2013-01-09 11:33:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 11:33:42 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 11:33:32 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 11:33:31 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 11:33:31 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 11:33:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 11:33:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 11:33:29 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-01-09 11:33:29 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-05 19:05:20 ----ASH---- C:\hiberfil.sys
2013-01-04 15:44:16 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-01-04 15:44:16 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-01-04 09:57:36 ----A---- C:\Windows\system32\drivers\sptd.sys
2013-01-04 09:55:50 ----D---- C:\Program Files (x86)\LSoft Technologies
2013-01-03 14:44:03 ----D---- C:\Program Files\ATI Technologies 2
2013-01-02 18:10:07 ----D---- C:\Program Files\7-Zip
2013-01-02 17:21:43 ----D---- C:\Program Files (x86)\PC Cleaners
2013-01-02 17:02:53 ----D---- C:\Users\Radek\AppData\Roaming\PC Cleaners
2013-01-02 17:02:50 ----A---- C:\Windows\uninst.exe
2013-01-02 17:02:47 ----D---- C:\Users\Radek\AppData\Roaming\PCPro
2013-01-02 17:02:47 ----D---- C:\ProgramData\PC1Data
2013-01-02 11:48:31 ----D---- C:\Windows\temp
2013-01-02 11:48:29 ----A---- C:\ComboFix.txt
2013-01-02 11:42:46 ----D---- C:\$RECYCLE.BIN
2012-12-31 21:53:48 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-12-31 16:06:50 ----D---- C:\Users\Radek\AppData\Roaming\Publish Providers
2012-12-31 15:55:27 ----D---- C:\ProgramData\Sony
2012-12-31 15:55:27 ----D---- C:\Program Files\Sony
2012-12-31 15:55:27 ----D---- C:\Program Files (x86)\Sony
2012-12-31 15:54:13 ----D---- C:\Users\Radek\AppData\Roaming\Sony
2012-12-31 14:36:49 ----D---- C:\Users\Radek\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-12-31 14:36:48 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2012-12-31 14:17:30 ----D---- C:\Users\Radek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-31 11:50:58 ----D---- C:\Windows\SYSWOW64\dictionaries
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\Skybound.Gecko.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\redit.exe
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plugin-container.exe
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plds4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plc4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssutil3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssdbm3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssckbi.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nss3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nspr4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcm80.dll
2012-12-31 11:50:57 ----D---- C:\Windows\SYSWOW64\profile
2012-12-31 11:50:57 ----D---- C:\Windows\SYSWOW64\plugins
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xul.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xpcshell.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xpcom.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\WinMonitor.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\ssl3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\softokn3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\smime3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozsqlite3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozjs.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozglue.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozalloc.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\libGLESv2.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\libEGL.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\js.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\IA2Marshal.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\gkmedias.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\freebl3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\AccessibleMarshal.dll
2012-12-31 11:50:56 ----A---- C:\Windows\SYSWOW64\libs.exe
2012-12-24 15:23:43 ----D---- C:\Program Files (x86)\Seznam.cz
2012-12-24 15:23:32 ----D---- C:\Users\Radek\AppData\Roaming\Seznam.cz
2012-12-24 14:15:24 ----D---- C:\Program Files (x86)\Trapcode
2012-12-24 13:57:41 ----D---- C:\ProgramData\VideoCopilot
2012-12-24 13:42:56 ----A---- C:\Windows\unvise32.exe
2012-12-24 13:39:51 ----D---- C:\ProgramData\RedGiant
2012-12-24 13:35:30 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-12-24 13:31:30 ----D---- C:\Program Files (x86)\Adobe
2012-12-24 13:31:03 ----D---- C:\Program Files\Adobe
2012-12-24 13:29:54 ----D---- C:\Program Files\Common Files\Adobe
2012-12-24 13:24:54 ----D---- C:\ProgramData\Adobe

======List of files/folders modified in the last 1 month======

2013-01-23 19:07:09 ----D---- C:\Users\Radek\AppData\Roaming\Skype
2013-01-23 19:05:32 ----D---- C:\Program Files (x86)\Steam
2013-01-23 18:50:56 ----RD---- C:\Program Files
2013-01-23 18:48:12 ----D---- C:\Windows\Prefetch
2013-01-23 18:09:05 ----D---- C:\ProgramData
2013-01-23 18:08:57 ----SHD---- C:\Windows\Installer
2013-01-23 18:08:54 ----RD---- C:\Program Files (x86)
2013-01-23 18:08:54 ----D---- C:\Windows\SysWOW64
2013-01-23 18:08:54 ----D---- C:\Windows
2013-01-23 18:08:49 ----SHD---- C:\System Volume Information
2013-01-23 17:31:22 ----D---- C:\Windows\inf
2013-01-23 17:17:49 ----D---- C:\Windows\system32\drivers
2013-01-23 16:23:58 ----D---- C:\Users\Radek\AppData\Roaming\Winamp
2013-01-23 15:23:43 ----D---- C:\Fraps
2013-01-23 15:22:57 ----D---- C:\Windows\System32
2013-01-23 15:13:43 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2013-01-23 10:21:27 ----D---- C:\Program Files\ATI Technologies
2013-01-23 10:20:52 ----D---- C:\ProgramData\AMD
2013-01-23 10:18:46 ----D---- C:\Windows\system32\catroot
2013-01-23 10:09:23 ----D---- C:\Windows\system32\Tasks
2013-01-21 19:24:23 ----D---- C:\Users\Radek\AppData\Roaming\uTorrent
2013-01-20 23:14:30 ----D---- C:\Users\Radek\AppData\Roaming\LangSoft
2013-01-20 11:21:12 ----D---- C:\Users\Radek\AppData\Roaming\dvdcss
2013-01-19 23:49:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-16 13:22:25 ----D---- C:\ProgramData\LangSoft
2013-01-15 10:32:30 ----D---- C:\Windows\system32\catroot2
2013-01-14 16:27:27 ----D---- C:\Windows\Tasks
2013-01-14 16:26:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-14 16:25:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-12 20:36:13 ----RSD---- C:\Windows\Fonts
2013-01-11 10:44:33 ----D---- C:\Windows\Debug
2013-01-10 13:43:47 ----D---- C:\Windows\Microsoft.NET
2013-01-10 13:43:46 ----RSD---- C:\Windows\assembly
2013-01-09 11:42:06 ----D---- C:\Windows\winsxs
2013-01-09 11:40:12 ----A---- C:\Windows\system32\mrt.exe
2013-01-09 11:39:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 11:38:53 ----D---- C:\ProgramData\Microsoft Help
2013-01-08 21:07:16 ----D---- C:\Users\Radek\AppData\Roaming\Adobe
2013-01-05 19:04:40 ----D---- C:\Windows\system32\wbem
2013-01-05 15:21:49 ----D---- C:\Windows\system32\WDI
2013-01-04 15:44:15 ----D---- C:\Program Files (x86)\Realtek
2013-01-03 14:52:22 ----D---- C:\Windows\system32\config
2013-01-03 14:52:10 ----D---- C:\Windows\system32\spool
2013-01-03 14:52:10 ----D---- C:\Windows\system32\Msdtc
2013-01-03 14:52:08 ----D---- C:\Windows\system32\CodeIntegrity
2013-01-03 14:52:08 ----D---- C:\Users\Radek\AppData\Roaming\KYE 9Key
2013-01-03 14:52:08 ----D---- C:\Program Files (x86)\Metin2
2013-01-03 14:52:04 ----D---- C:\Windows\registration
2013-01-03 14:05:20 ----D---- C:\Windows\SoftwareDistribution
2013-01-03 10:11:24 ----SD---- C:\ProgramData\Microsoft
2013-01-02 17:24:02 ----D---- C:\Windows\SYSWOW64\Msdtc
2013-01-02 17:24:02 ----D---- C:\Windows\Panther
2013-01-02 12:11:04 ----D---- C:\Windows\Minidump
2013-01-02 12:11:04 ----D---- C:\Windows\Logs
2013-01-02 11:48:31 ----D---- C:\Qoobox
2013-01-02 11:42:48 ----A---- C:\Windows\system.ini
2013-01-02 11:42:43 ----D---- C:\Windows\system32\drivers\etc
2013-01-02 11:39:04 ----D---- C:\Windows\erdnt
2013-01-02 11:36:10 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-02 11:36:10 ----D---- C:\Windows\AppPatch
2013-01-02 11:36:09 ----D---- C:\Program Files (x86)\Common Files
2012-12-24 13:29:54 ----D---- C:\Program Files\Common Files
2012-12-24 11:04:23 ----D---- C:\Program Files (x86)\Lavalys

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-04 834544]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [2012-02-23 92176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2006-10-03 51200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AmdLLD64;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD64.sys [2007-06-29 39424]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-31 26752]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys []
S3 NTIOLib_1_0_D;NTIOLib_1_0_D; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys []
S3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SetupARService;SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [2012-12-13 24576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-19 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-25 407336]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 23 led 2013 19:09

Nejprve spusťte tuto utilitu:

Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

manyak · #7 Příspěvek od **manyak** » 23 led 2013 19:13

pokud by to pomohlo zakladka MS 7388(k9a2 CF) CPU AMD Phenom II X4 965 Black Edition, AM3, BOX,

VGA ATI Gigabyte HD7850, 1GB DDR5, PCI-e

#8 Příspěvek od **Rudy** » 23 led 2013 19:16

Mne teď zajímá především log z ADWC.

manyak · #9 Příspěvek od **manyak** » 23 led 2013 19:16

# AdwCleaner v2.007 - Logfile created 01/23/2013 at 19:15:32
# Updated 06/11/2012 by Xplode
# Operating system : Windows (TM) Vista Home Basic Service Pack 2 (64 bits)
# User : Radek - RADEK-PC
# Boot Mode : Normal
# Running from : C:\Users\Radek\Desktop\adwcleaner_2.103.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\SweetPacksToolbarData

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKU\S-1-5-21-4150889522-3808884893-35331115-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=6&barid={7F56F9C2-5E5D-11E2-A9B1-002185762EAD}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=6&barid={7F56F9C2-5E5D-11E2-A9B1-002185762EAD}

-\\ Mozilla Firefox v18.0.1 (cs)

Profile name : default
File : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\prefs.js

Found : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={7F56F9C2-5E5D-11E2-A9B1-0021[...]
Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.selectedEngine", "SweetIM Search");
Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={7F56F9C2-5E5D-11E2-A9B1-002185[...]
Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1358862360614");
Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Found : user_pref("sweetim.toolbar.cargo", "3.1010000.00000");
Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.newtab.created", "true");
Found : user_pref("sweetim.toolbar.newtab.enable", "true");
Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Zbo\\u00c5\\u00be\\u00c3\\u00ad[...]
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "chrome://speeddial/content/speeddial[...]
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{7F56F9C2-5E5D-11E2-A9B1-002185762EAD}");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={7F56F9C2-5E5D-11E2-[...]
Found : user_pref("sweetim.toolbar.version", "1.9.0.0");

*************************

AdwCleaner[R1].txt - [11284 octets] - [23/01/2013 19:15:32]

########## EOF - C:\AdwCleaner[R1].txt - [11345 octets] ##########

#10 Příspěvek od **Rudy** » 23 led 2013 19:17

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

manyak · #11 Příspěvek od **manyak** » 23 led 2013 19:32

# AdwCleaner v2.007 - Logfile created 01/23/2013 at 19:17:56
# Updated 06/11/2012 by Xplode
# Operating system : Windows (TM) Vista Home Basic Service Pack 2 (64 bits)
# User : Radek - RADEK-PC
# Boot Mode : Normal
# Running from : C:\Users\Radek\Desktop\adwcleaner_2.103.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\SweetIM
Deleted on reboot : C:\ProgramData\boost_interprocess
Deleted on reboot : C:\ProgramData\SweetIM
Deleted on reboot : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\SweetPacksToolbarData
File Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\searchplugins\SweetIm.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=6&barid={7F56F9C2-5E5D-11E2-A9B1-002185762EAD} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=6&barid={7F56F9C2-5E5D-11E2-A9B1-002185762EAD} --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (cs)

Profile name : default
File : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\b0shysl1.default\prefs.js

Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={7F56F9C2-5E5D-11E2-A9B1-0021[...]
Deleted : user_pref("browser.search.defaultenginename", "SweetIM Search");
Deleted : user_pref("browser.search.selectedEngine", "SweetIM Search");
Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={7F56F9C2-5E5D-11E2-A9B1-002185[...]
Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1358862360614");
Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.00000");
Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.newtab.created", "true");
Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Zbo\\u00c5\\u00be\\u00c3\\u00ad[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "chrome://speeddial/content/speeddial[...]
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{7F56F9C2-5E5D-11E2-A9B1-002185762EAD}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={7F56F9C2-5E5D-11E2-[...]
Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");

*************************

AdwCleaner[R1].txt - [11405 octets] - [23/01/2013 19:15:32]
AdwCleaner[R2].txt - [11466 octets] - [23/01/2013 19:17:50]
AdwCleaner[S1].txt - [11187 octets] - [23/01/2013 19:17:56]

########## EOF - C:\AdwCleaner[S1].txt - [11248 octets] ##########

#12 Příspěvek od **Rudy** » 23 led 2013 20:07

Dejte nový log RSIT.

manyak · #13 Příspěvek od **manyak** » 23 led 2013 20:09

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2013-01-23 20:09:04
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 31 GB (21%) free of 153 GB
Total RAM: 6142 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:09:05, on 23.1.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PC Cleaners\PCCleaners.exe
C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Program Files\trend micro\Radek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DeathTaker] "C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABFE75B1-2CFC-4278-BDEB-15B87F0D37A5}: NameServer = 10.255.255.10,10.255.255.20
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8375 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {39E6BA7E-4777-4E6E-960C-6D7F1484AA62}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3347C98C-87D9-4CB8-BC3B-C048BFB1A6BE}
C:\Windows\system32\conime.exe
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\RAVCpl64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
"C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
WLIDSvcM.exe 2768
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
szndesktop.exe default start
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2992.a5a0600.30442204 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2992 "\\.\pipe\gecko-crash-server-pipe.2992" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe" --proxy-stub-channel=Flash3388.6F48FFC0.41 --host-broker-channel=Flash3388.6F48FFC0.18467 --host-pid=3388 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe" --channel=2252.005CF65C.1081002430 --proxy-stub-channel=Flash3388.6F48FFC0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 656 660 668 65536 664
"C:\Users\Radek\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-13 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-13 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2008-07-03 6430208]
"Skytel"=C:\Windows\Skytel.exe [2008-06-25 1826816]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-12-12 1354736]
"cz.seznam.software.autoupdate"=C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DeathTaker"=C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [2011-10-24 303616]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18 1492264]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"PC Cleaners"=C:\Program Files (x86)\PC Cleaners\PCCleaners.exe [2013-01-02 55130896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-23 19:17:56 ----A---- C:\AdwCleaner[S1].txt
2013-01-23 19:17:50 ----A---- C:\AdwCleaner[R2].txt
2013-01-23 19:15:32 ----A---- C:\AdwCleaner[R1].txt
2013-01-23 18:50:56 ----D---- C:\rsit
2013-01-23 18:50:56 ----D---- C:\Program Files\trend micro
2013-01-23 18:09:05 ----AD---- C:\ProgramData\TEMP
2013-01-23 18:08:54 ----D---- C:\Program Files (x86)\HDD Regenerator
2013-01-23 15:43:10 ----A---- C:\Q818326_WXP_SP2_x86_CSY_Symbols.exe
2013-01-23 15:43:10 ----A---- C:\Q818326_WXP_SP2_x86_CSY.exe
2013-01-23 15:43:10 ----A---- C:\hotfix.txt
2013-01-23 10:21:55 ----D---- C:\ProgramData\ATI
2013-01-23 10:21:49 ----D---- C:\Program Files (x86)\AMD APP
2013-01-20 23:13:34 ----A---- C:\LOGFILE.TXT
2013-01-19 10:32:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-17 11:08:05 ----SHD---- C:\found.000
2013-01-09 11:33:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 11:33:42 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 11:33:32 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 11:33:31 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 11:33:31 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 11:33:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 11:33:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 11:33:29 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-01-09 11:33:29 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-05 19:05:20 ----ASH---- C:\hiberfil.sys
2013-01-04 15:44:16 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-01-04 15:44:16 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-01-04 09:57:36 ----A---- C:\Windows\system32\drivers\sptd.sys
2013-01-04 09:55:50 ----D---- C:\Program Files (x86)\LSoft Technologies
2013-01-03 14:44:03 ----D---- C:\Program Files\ATI Technologies 2
2013-01-02 18:10:07 ----D---- C:\Program Files\7-Zip
2013-01-02 17:21:43 ----D---- C:\Program Files (x86)\PC Cleaners
2013-01-02 17:02:53 ----D---- C:\Users\Radek\AppData\Roaming\PC Cleaners
2013-01-02 17:02:50 ----A---- C:\Windows\uninst.exe
2013-01-02 17:02:47 ----D---- C:\Users\Radek\AppData\Roaming\PCPro
2013-01-02 17:02:47 ----D---- C:\ProgramData\PC1Data
2013-01-02 11:48:31 ----D---- C:\Windows\temp
2013-01-02 11:48:29 ----A---- C:\ComboFix.txt
2013-01-02 11:42:46 ----D---- C:\$RECYCLE.BIN
2012-12-31 21:53:48 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-12-31 16:06:50 ----D---- C:\Users\Radek\AppData\Roaming\Publish Providers
2012-12-31 15:55:27 ----D---- C:\ProgramData\Sony
2012-12-31 15:55:27 ----D---- C:\Program Files\Sony
2012-12-31 15:55:27 ----D---- C:\Program Files (x86)\Sony
2012-12-31 15:54:13 ----D---- C:\Users\Radek\AppData\Roaming\Sony
2012-12-31 14:36:49 ----D---- C:\Users\Radek\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-12-31 14:36:48 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2012-12-31 14:17:30 ----D---- C:\Users\Radek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-31 11:50:58 ----D---- C:\Windows\SYSWOW64\dictionaries
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\Skybound.Gecko.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\redit.exe
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plugin-container.exe
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plds4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plc4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssutil3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssdbm3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssckbi.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nss3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nspr4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcm80.dll
2012-12-31 11:50:57 ----D---- C:\Windows\SYSWOW64\profile
2012-12-31 11:50:57 ----D---- C:\Windows\SYSWOW64\plugins
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xul.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xpcshell.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xpcom.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\WinMonitor.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\ssl3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\softokn3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\smime3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozsqlite3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozjs.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozglue.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozalloc.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\libGLESv2.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\libEGL.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\js.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\IA2Marshal.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\gkmedias.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\freebl3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\AccessibleMarshal.dll
2012-12-31 11:50:56 ----A---- C:\Windows\SYSWOW64\libs.exe
2012-12-24 15:23:43 ----D---- C:\Program Files (x86)\Seznam.cz
2012-12-24 15:23:32 ----D---- C:\Users\Radek\AppData\Roaming\Seznam.cz
2012-12-24 14:15:24 ----D---- C:\Program Files (x86)\Trapcode
2012-12-24 13:57:41 ----D---- C:\ProgramData\VideoCopilot
2012-12-24 13:42:56 ----A---- C:\Windows\unvise32.exe
2012-12-24 13:39:51 ----D---- C:\ProgramData\RedGiant
2012-12-24 13:35:30 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-12-24 13:31:30 ----D---- C:\Program Files (x86)\Adobe
2012-12-24 13:31:03 ----D---- C:\Program Files\Adobe
2012-12-24 13:29:54 ----D---- C:\Program Files\Common Files\Adobe
2012-12-24 13:24:54 ----D---- C:\ProgramData\Adobe

======List of files/folders modified in the last 1 month======

2013-01-23 20:04:56 ----D---- C:\Users\Radek\AppData\Roaming\Skype
2013-01-23 19:22:47 ----D---- C:\Program Files (x86)\Steam
2013-01-23 19:20:07 ----RD---- C:\Program Files (x86)
2013-01-23 19:20:07 ----D---- C:\Windows
2013-01-23 19:20:06 ----D---- C:\ProgramData
2013-01-23 18:50:56 ----RD---- C:\Program Files
2013-01-23 18:48:12 ----D---- C:\Windows\Prefetch
2013-01-23 18:08:57 ----SHD---- C:\Windows\Installer
2013-01-23 18:08:54 ----D---- C:\Windows\SysWOW64
2013-01-23 18:08:49 ----SHD---- C:\System Volume Information
2013-01-23 17:31:22 ----D---- C:\Windows\inf
2013-01-23 17:17:49 ----D---- C:\Windows\system32\drivers
2013-01-23 16:23:58 ----D---- C:\Users\Radek\AppData\Roaming\Winamp
2013-01-23 15:23:43 ----D---- C:\Fraps
2013-01-23 15:22:57 ----D---- C:\Windows\System32
2013-01-23 15:13:43 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2013-01-23 10:21:27 ----D---- C:\Program Files\ATI Technologies
2013-01-23 10:20:52 ----D---- C:\ProgramData\AMD
2013-01-23 10:18:46 ----D---- C:\Windows\system32\catroot
2013-01-23 10:09:23 ----D---- C:\Windows\system32\Tasks
2013-01-21 19:24:23 ----D---- C:\Users\Radek\AppData\Roaming\uTorrent
2013-01-20 23:14:30 ----D---- C:\Users\Radek\AppData\Roaming\LangSoft
2013-01-20 11:21:12 ----D---- C:\Users\Radek\AppData\Roaming\dvdcss
2013-01-19 23:49:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-16 13:22:25 ----D---- C:\ProgramData\LangSoft
2013-01-15 10:32:30 ----D---- C:\Windows\system32\catroot2
2013-01-14 16:27:27 ----D---- C:\Windows\Tasks
2013-01-14 16:26:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-14 16:25:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-12 20:36:13 ----RSD---- C:\Windows\Fonts
2013-01-11 10:44:33 ----D---- C:\Windows\Debug
2013-01-10 13:43:47 ----D---- C:\Windows\Microsoft.NET
2013-01-10 13:43:46 ----RSD---- C:\Windows\assembly
2013-01-09 11:42:06 ----D---- C:\Windows\winsxs
2013-01-09 11:40:12 ----A---- C:\Windows\system32\mrt.exe
2013-01-09 11:39:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 11:38:53 ----D---- C:\ProgramData\Microsoft Help
2013-01-08 21:07:16 ----D---- C:\Users\Radek\AppData\Roaming\Adobe
2013-01-05 19:04:40 ----D---- C:\Windows\system32\wbem
2013-01-05 15:21:49 ----D---- C:\Windows\system32\WDI
2013-01-04 15:44:15 ----D---- C:\Program Files (x86)\Realtek
2013-01-03 14:52:22 ----D---- C:\Windows\system32\config
2013-01-03 14:52:10 ----D---- C:\Windows\system32\spool
2013-01-03 14:52:10 ----D---- C:\Windows\system32\Msdtc
2013-01-03 14:52:08 ----D---- C:\Windows\system32\CodeIntegrity
2013-01-03 14:52:08 ----D---- C:\Users\Radek\AppData\Roaming\KYE 9Key
2013-01-03 14:52:08 ----D---- C:\Program Files (x86)\Metin2
2013-01-03 14:52:04 ----D---- C:\Windows\registration
2013-01-03 14:05:20 ----D---- C:\Windows\SoftwareDistribution
2013-01-03 10:11:24 ----SD---- C:\ProgramData\Microsoft
2013-01-02 17:24:02 ----D---- C:\Windows\SYSWOW64\Msdtc
2013-01-02 17:24:02 ----D---- C:\Windows\Panther
2013-01-02 12:11:04 ----D---- C:\Windows\Minidump
2013-01-02 12:11:04 ----D---- C:\Windows\Logs
2013-01-02 11:48:31 ----D---- C:\Qoobox
2013-01-02 11:42:48 ----A---- C:\Windows\system.ini
2013-01-02 11:42:43 ----D---- C:\Windows\system32\drivers\etc
2013-01-02 11:39:04 ----D---- C:\Windows\erdnt
2013-01-02 11:36:10 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-02 11:36:10 ----D---- C:\Windows\AppPatch
2013-01-02 11:36:09 ----D---- C:\Program Files (x86)\Common Files
2012-12-24 13:29:54 ----D---- C:\Program Files\Common Files
2012-12-24 11:04:23 ----D---- C:\Program Files (x86)\Lavalys

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-04 834544]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [2012-02-23 92176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2006-10-03 51200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AmdLLD64;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD64.sys [2007-06-29 39424]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-31 26752]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys []
S3 NTIOLib_1_0_D;NTIOLib_1_0_D; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys []
S3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SetupARService;SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [2012-12-13 24576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-19 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-25 407336]

-----------------EOF-----------------

#14 Příspěvek od **Rudy** » 23 led 2013 20:21

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Q818326_WXP_SP2_x86_CSY_Symbols.exe
C:\Q818326_WXP_SP2_x86_CSY.exe

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

manyak · #15 Příspěvek od **manyak** » 23 led 2013 20:36

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2013-01-23 20:36:39
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 32 GB (21%) free of 153 GB
Total RAM: 6142 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:40, on 23.1.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\PC Cleaners\PCCleaners.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Radek.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DeathTaker] "C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABFE75B1-2CFC-4278-BDEB-15B87F0D37A5}: NameServer = 10.255.255.10,10.255.255.20
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8140 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
taskeng.exe {611539E1-DDA3-45B8-AF86-93D0214367F8}
C:\Windows\Explorer.EXE
taskeng.exe {D588CFAC-E695-49B1-AA70-8A7328B2E067}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\RAVCpl64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
szndesktop.exe default start
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2316
"C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 656 660 668 65536 664
"C:\Users\Radek\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-13 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-13 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2008-07-03 6430208]
"Skytel"=C:\Windows\Skytel.exe [2008-06-25 1826816]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-12-12 1354736]
"cz.seznam.software.autoupdate"=C:\Users\Radek\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"cz.seznam.software.szndesktop"=C:\Users\Radek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DeathTaker"=C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [2011-10-24 303616]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18 1492264]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"PC Cleaners"=C:\Program Files (x86)\PC Cleaners\PCCleaners.exe [2013-01-02 55130896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-23 20:22:56 ----D---- C:\_OTM
2013-01-23 19:17:56 ----A---- C:\AdwCleaner[S1].txt
2013-01-23 19:17:50 ----A---- C:\AdwCleaner[R2].txt
2013-01-23 19:15:32 ----A---- C:\AdwCleaner[R1].txt
2013-01-23 18:50:56 ----D---- C:\rsit
2013-01-23 18:50:56 ----D---- C:\Program Files\trend micro
2013-01-23 18:09:05 ----AD---- C:\ProgramData\TEMP
2013-01-23 18:08:54 ----D---- C:\Program Files (x86)\HDD Regenerator
2013-01-23 15:43:10 ----A---- C:\hotfix.txt
2013-01-23 10:21:55 ----D---- C:\ProgramData\ATI
2013-01-23 10:21:49 ----D---- C:\Program Files (x86)\AMD APP
2013-01-20 23:13:34 ----A---- C:\LOGFILE.TXT
2013-01-19 10:32:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-17 11:08:05 ----SHD---- C:\found.000
2013-01-09 11:33:42 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 11:33:42 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 11:33:32 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 11:33:31 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 11:33:31 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 11:33:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 11:33:30 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 11:33:29 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-01-09 11:33:29 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-05 19:05:20 ----ASH---- C:\hiberfil.sys
2013-01-04 15:44:16 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-01-04 15:44:16 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-01-04 09:57:36 ----A---- C:\Windows\system32\drivers\sptd.sys
2013-01-04 09:55:50 ----D---- C:\Program Files (x86)\LSoft Technologies
2013-01-03 14:44:03 ----D---- C:\Program Files\ATI Technologies 2
2013-01-02 18:10:07 ----D---- C:\Program Files\7-Zip
2013-01-02 17:21:43 ----D---- C:\Program Files (x86)\PC Cleaners
2013-01-02 17:02:53 ----D---- C:\Users\Radek\AppData\Roaming\PC Cleaners
2013-01-02 17:02:50 ----A---- C:\Windows\uninst.exe
2013-01-02 17:02:47 ----D---- C:\Users\Radek\AppData\Roaming\PCPro
2013-01-02 17:02:47 ----D---- C:\ProgramData\PC1Data
2013-01-02 11:48:31 ----D---- C:\Windows\temp
2013-01-02 11:48:29 ----A---- C:\ComboFix.txt
2013-01-02 11:42:46 ----D---- C:\$RECYCLE.BIN
2012-12-31 21:53:48 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-12-31 16:06:50 ----D---- C:\Users\Radek\AppData\Roaming\Publish Providers
2012-12-31 15:55:27 ----D---- C:\ProgramData\Sony
2012-12-31 15:55:27 ----D---- C:\Program Files\Sony
2012-12-31 15:55:27 ----D---- C:\Program Files (x86)\Sony
2012-12-31 15:54:13 ----D---- C:\Users\Radek\AppData\Roaming\Sony
2012-12-31 14:36:49 ----D---- C:\Users\Radek\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-12-31 14:36:48 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2012-12-31 14:17:30 ----D---- C:\Users\Radek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-12-31 11:50:58 ----D---- C:\Windows\SYSWOW64\dictionaries
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\Skybound.Gecko.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\redit.exe
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plugin-container.exe
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plds4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\plc4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssutil3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssdbm3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nssckbi.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nss3.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\nspr4.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2012-12-31 11:50:58 ----A---- C:\Windows\SYSWOW64\msvcm80.dll
2012-12-31 11:50:57 ----D---- C:\Windows\SYSWOW64\profile
2012-12-31 11:50:57 ----D---- C:\Windows\SYSWOW64\plugins
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xul.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xpcshell.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\xpcom.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\WinMonitor.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\ssl3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\softokn3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\smime3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozsqlite3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozjs.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozglue.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\mozalloc.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\libGLESv2.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\libEGL.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\js.exe
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\IA2Marshal.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\gkmedias.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\freebl3.dll
2012-12-31 11:50:57 ----A---- C:\Windows\SYSWOW64\AccessibleMarshal.dll
2012-12-31 11:50:56 ----A---- C:\Windows\SYSWOW64\libs.exe
2012-12-24 15:23:43 ----D---- C:\Program Files (x86)\Seznam.cz
2012-12-24 15:23:32 ----D---- C:\Users\Radek\AppData\Roaming\Seznam.cz
2012-12-24 14:15:24 ----D---- C:\Program Files (x86)\Trapcode
2012-12-24 13:57:41 ----D---- C:\ProgramData\VideoCopilot
2012-12-24 13:42:56 ----A---- C:\Windows\unvise32.exe
2012-12-24 13:39:51 ----D---- C:\ProgramData\RedGiant
2012-12-24 13:35:30 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-12-24 13:31:30 ----D---- C:\Program Files (x86)\Adobe
2012-12-24 13:31:03 ----D---- C:\Program Files\Adobe
2012-12-24 13:29:54 ----D---- C:\Program Files\Common Files\Adobe
2012-12-24 13:24:54 ----D---- C:\ProgramData\Adobe

======List of files/folders modified in the last 1 month======

2013-01-23 20:34:23 ----D---- C:\Users\Radek\AppData\Roaming\Skype
2013-01-23 20:24:55 ----D---- C:\Program Files (x86)\Steam
2013-01-23 19:20:07 ----RD---- C:\Program Files (x86)
2013-01-23 19:20:07 ----D---- C:\Windows
2013-01-23 19:20:06 ----D---- C:\ProgramData
2013-01-23 18:50:56 ----RD---- C:\Program Files
2013-01-23 18:48:12 ----D---- C:\Windows\Prefetch
2013-01-23 18:08:57 ----SHD---- C:\Windows\Installer
2013-01-23 18:08:54 ----D---- C:\Windows\SysWOW64
2013-01-23 18:08:49 ----SHD---- C:\System Volume Information
2013-01-23 17:31:22 ----D---- C:\Windows\inf
2013-01-23 17:17:49 ----D---- C:\Windows\system32\drivers
2013-01-23 16:23:58 ----D---- C:\Users\Radek\AppData\Roaming\Winamp
2013-01-23 15:23:43 ----D---- C:\Fraps
2013-01-23 15:22:57 ----D---- C:\Windows\System32
2013-01-23 15:13:43 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2013-01-23 10:21:27 ----D---- C:\Program Files\ATI Technologies
2013-01-23 10:20:52 ----D---- C:\ProgramData\AMD
2013-01-23 10:18:46 ----D---- C:\Windows\system32\catroot
2013-01-23 10:09:23 ----D---- C:\Windows\system32\Tasks
2013-01-21 19:24:23 ----D---- C:\Users\Radek\AppData\Roaming\uTorrent
2013-01-20 23:14:30 ----D---- C:\Users\Radek\AppData\Roaming\LangSoft
2013-01-20 11:21:12 ----D---- C:\Users\Radek\AppData\Roaming\dvdcss
2013-01-19 23:49:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-16 13:22:25 ----D---- C:\ProgramData\LangSoft
2013-01-15 10:32:30 ----D---- C:\Windows\system32\catroot2
2013-01-14 16:27:27 ----D---- C:\Windows\Tasks
2013-01-14 16:26:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-14 16:25:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-12 20:36:13 ----RSD---- C:\Windows\Fonts
2013-01-11 10:44:33 ----D---- C:\Windows\Debug
2013-01-10 13:43:47 ----D---- C:\Windows\Microsoft.NET
2013-01-10 13:43:46 ----RSD---- C:\Windows\assembly
2013-01-09 11:42:06 ----D---- C:\Windows\winsxs
2013-01-09 11:40:12 ----A---- C:\Windows\system32\mrt.exe
2013-01-09 11:39:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 11:38:53 ----D---- C:\ProgramData\Microsoft Help
2013-01-08 21:07:16 ----D---- C:\Users\Radek\AppData\Roaming\Adobe
2013-01-05 19:04:40 ----D---- C:\Windows\system32\wbem
2013-01-05 15:21:49 ----D---- C:\Windows\system32\WDI
2013-01-04 15:44:15 ----D---- C:\Program Files (x86)\Realtek
2013-01-03 14:52:22 ----D---- C:\Windows\system32\config
2013-01-03 14:52:10 ----D---- C:\Windows\system32\spool
2013-01-03 14:52:10 ----D---- C:\Windows\system32\Msdtc
2013-01-03 14:52:08 ----D---- C:\Windows\system32\CodeIntegrity
2013-01-03 14:52:08 ----D---- C:\Users\Radek\AppData\Roaming\KYE 9Key
2013-01-03 14:52:08 ----D---- C:\Program Files (x86)\Metin2
2013-01-03 14:52:04 ----D---- C:\Windows\registration
2013-01-03 14:05:20 ----D---- C:\Windows\SoftwareDistribution
2013-01-03 10:11:24 ----SD---- C:\ProgramData\Microsoft
2013-01-02 17:24:02 ----D---- C:\Windows\SYSWOW64\Msdtc
2013-01-02 17:24:02 ----D---- C:\Windows\Panther
2013-01-02 12:11:04 ----D---- C:\Windows\Minidump
2013-01-02 12:11:04 ----D---- C:\Windows\Logs
2013-01-02 11:48:31 ----D---- C:\Qoobox
2013-01-02 11:42:48 ----A---- C:\Windows\system.ini
2013-01-02 11:42:43 ----D---- C:\Windows\system32\drivers\etc
2013-01-02 11:39:04 ----D---- C:\Windows\erdnt
2013-01-02 11:36:10 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-02 11:36:10 ----D---- C:\Windows\AppPatch
2013-01-02 11:36:09 ----D---- C:\Program Files (x86)\Common Files
2012-12-24 13:29:54 ----D---- C:\Program Files\Common Files
2012-12-24 11:04:23 ----D---- C:\Program Files (x86)\Lavalys

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-04 834544]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [2012-02-23 92176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2006-10-03 51200]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AmdLLD64;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD64.sys [2007-06-29 39424]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-31 26752]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys []
S3 NTIOLib_1_0_D;NTIOLib_1_0_D; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys []
S3 NTIOLib_1_1_S;NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SetupARService;SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [2012-12-13 24576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-19 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-25 407336]

-----------------EOF-----------------

VIRY.CZ

Zaseknuti PC

Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC

Re: Zaseknuti PC