V správcovi úloh ukazuje že proces msinfo32.exe žere 50% CPU a proces System 25%. Keď som to chvíľu sledoval, po čase sa vyťaženie msinfo32.exe zmenšilo ale prehuplo sa to do iných procesov - services.exe, wmiprvse.exe či svchost.exe a následne zas naspäť do msinfo32.exe a System. Ak aj ukončím proces msinfo32.exe, po čase opäť nabehne (PC je pritom v kľude, nič sa na ňom nerobí).
Neviem či to môže nejak súvisieť s tými grafickými ovládačmi čo som riešil v predchádzajúcej téme, ale vtedy som tieto procesy a vyťaženie CPU nezaregistroval.
Prikladám log z FRST, vopred vďaka!
Mimochodom FRST nejak zblbol a po objavení logu FRST a Addition sa tieto zachvíľu samé zavreli a na ploche sa začali objavovať textové súbory first, first2... až first13. Po zavretí okna FRST Launchera to prestalo.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2017
Ran by Milan (administrator) on MINMI (09-12-2017 19:13:11)
Running from C:\Documents and Settings\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\Internet Security Essentials\vkise.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
(COMODO) C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Blizzard Entertainment) C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.5955\Agent.exe
(Blizzard Entertainment) C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.5955\Agent.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
(Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\MSInfo\OINFOP12.EXE
(forum.viry.cz) C:\Documents and Settings\Milan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16875008 2008-06-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2008-06-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2808832 2008-06-19] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [55824 2007-09-21] (Logitech, Inc.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1381568 2017-11-21] (COMODO)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2015-07-08] (ArcSoft Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-12-23] (Advanced Micro Devices, Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2013-12-23] (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2007-11-15] (Logitech, Inc.)
HKU\S-1-5-21-1214440339-299502267-839522115-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd)
Startup: C:\Documents and Settings\Milan\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2017-12-09]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{7ACE698D-4720-4025-B087-D0FD22DADB4F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-1214440339-299502267-839522115-1003 - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2009-01-04] (Logitech Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2010-03-09] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default [2017-12-09]
FF Homepage: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default -> hxxp://www.google.sk/
FF Extension: (Avira Browser Safety) - C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default\Extensions\abs@avira.com.xpi [2017-12-07]
FF SearchPlugin: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default\searchplugins\avira-safesearch.xml [2014-08-12]
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: (PC Sync 2 Synchronisation Extension) - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync [2009-06-05] [Lagacy] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-01-30] [Lagacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-25] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-25] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Milan\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Milan\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Milan\Application Data\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Milan\Application Data\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Milan\Application Data\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2015-07-02] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-25] (Adobe Systems Incorporated) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2013-12-23] (ATI Technologies Inc.) [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-08-14] (Avira Operations GmbH & Co. KG)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [8372088 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2080448 2017-11-21] (COMODO)
R2 GEST Service; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [80392 2008-07-11] ()
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-01-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-01-16] (Hewlett-Packard) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2015-07-02] (Arcsoft, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2013-12-23] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [115600 2016-08-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [140272 2016-08-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [20648 2017-11-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [659136 2017-11-16] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [32888 2017-11-16] (COMODO)
R3 gdrv; C:\WINDOWS\gdrv.sys [16608 2017-12-09] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 GPU-Z; C:\Documents and Settings\Milan\Local Settings\Temp\GPU-Z.sys [23936 2017-12-03] ()
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2009-04-23] (LogMeIn, Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-01] (HP)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [114248 2017-11-16] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [34176 2017-08-08] (COMODO)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145920 2015-07-02] (ITE )
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28432 2007-09-21] (Logitech, Inc.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
R2 rspndr; C:\WINDOWS\System32\DRIVERS\rspndr.sys [62336 2007-09-20] (Microsoft Corporation) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-05-11] () [File not signed]
S3 usb2vcom; C:\WINDOWS\System32\DRIVERS\usb2vcom.sys [30272 2006-04-03] () [File not signed]
U3 abat78nu; C:\WINDOWS\system32\Drivers\abat78nu.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 AtiHdmiService; system32\drivers\AtiHdmi.sys [X]
S3 GarenaPEngine; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\EOU3C76.tmp [X]
S3 GGSAFERDriver; \??\C:\Hry\Garena\safedrv.sys [X]
S1 mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225664 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-09 19:13 - 2017-12-09 19:13 - 000017315 _____ C:\Documents and Settings\Milan\Desktop\FRST.txt
2017-12-09 19:12 - 2017-12-09 19:12 - 000015327 _____ C:\Documents and Settings\Milan\Desktop\LM.bat
2017-12-09 19:07 - 2017-12-09 19:13 - 000000000 ____D C:\FRST
2017-12-09 19:07 - 2017-12-09 19:12 - 000029696 _____ C:\Documents and Settings\Milan\Local Settings\Application Data\MSGBOX.EXE
2017-12-09 19:05 - 2017-12-09 19:05 - 001751040 _____ (Farbar) C:\Documents and Settings\Milan\Desktop\FRST.exe
2017-12-09 19:05 - 2017-12-09 19:05 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\Milan\Desktop\FRSTLauncher.exe
2017-12-08 14:17 - 2017-12-08 14:40 - 000000000 ____D C:\Program Files\Battle.net
2017-12-08 02:00 - 2017-12-09 19:02 - 001312300 _____ C:\Documents.nfo
2017-12-08 01:54 - 2017-12-09 19:13 - 000000342 _____ C:\WINDOWS\Tasks\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921}.job
2017-12-07 22:57 - 2017-12-08 13:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-03 14:39 - 2017-12-03 14:44 - 000000000 ____D C:\Documents and Settings\Milan\Heaven
2017-12-03 14:38 - 2017-12-03 14:54 - 001065984 _____ C:\Documents and Settings\Milan\Local Settings\Application Data\file__0.localstorage
2017-12-03 14:36 - 2017-12-03 14:36 - 000001758 _____ C:\Documents and Settings\All Users\Desktop\Heaven Benchmark 4.0.lnk
2017-12-03 14:36 - 2017-12-03 14:36 - 000000000 ____D C:\Program Files\Unigine
2017-12-03 14:36 - 2017-12-03 14:36 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Unigine
2017-11-26 17:20 - 2017-11-26 17:20 - 000000000 ____D C:\Documents and Settings\Milan\Application Data\Blizzard
2017-11-26 15:57 - 2017-11-26 15:57 - 000000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\ATI
2017-11-26 15:57 - 2017-11-26 15:57 - 000000000 ____D C:\Documents and Settings\Milan\Application Data\ATI
2017-11-26 15:57 - 2017-11-26 15:57 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\ATI
2017-11-26 15:54 - 2017-11-26 15:54 - 000005610 _____ C:\Documents and Settings\Milan\Desktop\Report2.xml
2017-11-26 15:54 - 2017-11-26 15:54 - 000005610 _____ C:\Documents and Settings\Milan\Desktop\Report2.html
2017-11-26 15:53 - 2017-11-26 15:53 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
2017-11-26 15:52 - 2017-11-26 15:52 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-11-26 15:52 - 2013-12-23 09:37 - 000071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc32.dll
2017-11-26 15:52 - 2013-12-23 09:37 - 000071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom32.dll
2017-11-26 15:52 - 2013-12-23 09:33 - 006852096 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2017-11-26 15:52 - 2013-12-23 09:27 - 000442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIDEMGX.dll
2017-11-26 15:52 - 2013-12-23 09:26 - 000306176 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2017-11-26 15:52 - 2013-12-23 09:04 - 000212992 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\atipdlxx.dll
2017-11-26 15:52 - 2013-12-23 09:04 - 000163840 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\Oemdspif.dll
2017-11-26 15:52 - 2013-12-23 09:04 - 000043520 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ati2edxx.dll
2017-11-26 15:52 - 2013-12-23 09:02 - 000643072 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
2017-11-26 15:52 - 2013-12-23 09:01 - 000053248 _____ ( ATI Technologies Inc.) C:\WINDOWS\system32\ATIDDC.DLL
2017-11-26 15:52 - 2013-12-23 08:48 - 004847552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ati3duag.dll
2017-11-26 15:52 - 2013-12-23 08:38 - 000307200 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atiiiexx.dll
2017-11-26 15:52 - 2013-12-23 08:35 - 018964480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atioglxx.dll
2017-11-26 15:52 - 2013-12-23 08:27 - 002380800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2017-11-26 15:52 - 2013-12-23 08:22 - 001610912 _____ C:\WINDOWS\system32\ativvaxx.cap
2017-11-26 15:52 - 2013-12-23 08:15 - 000296208 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-11-26 15:52 - 2013-12-23 08:15 - 000163840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-11-26 15:52 - 2013-12-23 08:11 - 000929792 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atikvmag.dll
2017-11-26 15:52 - 2013-12-23 08:06 - 000017408 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atitvo32.dll
2017-11-26 15:52 - 2013-12-23 08:05 - 000053248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2017-11-26 15:52 - 2013-12-23 08:01 - 000663552 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2017-11-26 15:52 - 2013-12-23 08:01 - 000495616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiok3x2.dll
2017-11-26 15:52 - 2013-07-04 10:41 - 000710269 _____ C:\WINDOWS\system32\atiicdxx.dat
2017-11-26 15:52 - 2012-07-16 03:25 - 000038445 _____ C:\WINDOWS\atiogl.xml
2017-11-26 15:52 - 2010-08-27 19:32 - 000294912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2017-11-26 15:52 - 2009-06-22 16:34 - 000045056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2017-11-26 15:52 - 2009-05-11 22:35 - 000118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2017-11-26 15:52 - 2001-11-09 17:01 - 000024064 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ativcoxx.dll
2017-11-26 15:51 - 2017-11-26 15:51 - 000000000 ____D C:\Program Files\ATI
2017-11-26 15:50 - 2017-11-26 15:53 - 000000000 ____D C:\Program Files\ATI Technologies
2017-11-25 21:10 - 2017-11-25 21:03 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-04.dmp
2017-11-25 19:56 - 2017-11-25 19:54 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-03.dmp
2017-11-25 17:23 - 2017-11-25 17:15 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-02.dmp
2017-11-25 16:08 - 2017-11-25 16:05 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-01.dmp
2017-11-25 15:17 - 2017-11-25 15:17 - 000005300 _____ C:\Documents and Settings\Milan\Desktop\Report.html
2017-11-25 15:15 - 2017-11-25 15:15 - 000005300 _____ C:\Documents and Settings\Milan\Desktop\Report.xml
2017-11-25 15:13 - 2017-11-25 15:13 - 005996544 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2017-11-25 15:13 - 2017-11-25 15:13 - 000000000 ____D C:\Documents and Settings\NetworkService\Application Data\Macromedia
2017-11-25 14:52 - 2017-12-09 18:58 - 000000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-11-16 22:50 - 2017-11-16 22:50 - 000000010 _____ C:\WINDOWS\WININIT.INI
2017-11-12 16:30 - 2017-11-26 14:41 - 000000000 ____D C:\AMD
2017-11-12 15:40 - 2017-11-12 15:43 - 000000000 ____D C:\driver_uninstaller
2017-11-10 23:03 - 2017-11-10 23:03 - 000001657 _____ C:\Documents and Settings\Milan\Desktop\CrystalDiskInfo.lnk
2017-11-10 23:03 - 2017-11-10 23:03 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2017-11-10 23:03 - 2017-11-10 23:03 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CrystalDiskInfo
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-09 19:13 - 2017-05-12 18:55 - 000000000 ____D C:\Documents and Settings\Milan\Local Settings\Temp
2017-12-09 19:13 - 2015-10-23 18:32 - 000000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-12-09 19:02 - 2017-04-14 12:48 - 000000440 _____ C:\WINDOWS\Tasks\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627}.job
2017-12-09 19:02 - 2014-04-04 12:08 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2017-12-09 19:02 - 2001-08-23 13:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-12-09 16:47 - 2013-06-30 21:42 - 000000998 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job
2017-12-09 15:43 - 2013-02-02 13:02 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2017-12-09 15:29 - 2009-11-14 11:35 - 000000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\Blizzard Entertainment
2017-12-09 15:19 - 2009-01-02 16:21 - 000393216 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2017-12-09 15:11 - 2012-04-20 17:33 - 000000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-12-09 15:11 - 2009-01-04 15:43 - 000016608 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys
2017-12-09 15:11 - 2009-01-02 16:06 - 000000000 _____ C:\WINDOWS\MEMORY.DMP
2017-12-09 15:11 - 2009-01-02 15:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-09 14:02 - 2009-01-02 15:33 - 000032524 _____ C:\WINDOWS\SchedLgU.Txt
2017-12-09 00:59 - 2009-01-02 15:35 - 000000178 ___SH C:\Documents and Settings\Milan\ntuser.ini
2017-12-09 00:59 - 2009-01-02 15:34 - 000000000 ____D C:\Documents and Settings\Milan
2017-12-08 21:33 - 2014-04-11 22:15 - 000004096 _____ C:\WINDOWS\system32\crash
2017-12-08 14:33 - 2012-05-04 17:34 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-08 01:51 - 2013-06-20 17:18 - 000004414 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-03 15:30 - 2011-08-16 22:22 - 000000000 ____D C:\Program Files\Steam
2017-12-03 13:55 - 2009-05-23 19:00 - 000000000 ____D C:\Program Files\SpeedFan
2017-12-02 15:53 - 2011-05-18 12:55 - 000000000 ____D C:\Documents and Settings\Milan\My Documents\OpenTTD
2017-12-02 15:09 - 2013-01-28 16:04 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2017-12-02 15:08 - 2009-01-02 15:28 - 000000000 ____D C:\WINDOWS\Registration
2017-11-26 17:16 - 2009-01-04 17:01 - 000000000 ___HD C:\Program Files\Common Files\Blizzard Entertainment
2017-11-26 15:52 - 2009-01-02 16:06 - 000000000 RSHDC C:\WINDOWS\system32\dllcache
2017-11-26 15:52 - 2009-01-02 16:06 - 000000000 ____D C:\WINDOWS\inf
2017-11-26 15:48 - 2012-03-17 23:20 - 000008896 _____ C:\WINDOWS\system32\d3d9caps.dat
2017-11-26 15:41 - 2017-09-15 16:05 - 001480974 _____ C:\WINDOWS\ntbtlog.txt
2017-11-26 13:36 - 2016-05-01 15:33 - 000000826 _____ C:\Documents and Settings\Milan\Desktop\veci_co_riesis.txt
2017-11-25 21:10 - 2009-03-08 00:12 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-25 20:48 - 2011-08-16 22:22 - 000000000 ___HD C:\Program Files\Common Files\Steam
2017-11-25 15:13 - 2012-04-08 23:26 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-11-25 15:13 - 2011-05-16 13:05 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-11-25 15:13 - 2009-01-02 16:06 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-21 21:25 - 2013-01-24 22:43 - 000702376 _____ (COMODO) C:\WINDOWS\system32\guard32.dll
2017-11-21 21:25 - 2013-01-24 22:43 - 000044008 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-11-21 21:21 - 2013-01-24 22:42 - 000371392 _____ (COMODO) C:\WINDOWS\system32\cmdvrt32.dll
2017-11-19 16:17 - 2012-03-17 19:15 - 000000000 __SHD C:\WINDOWS\CSC
2017-11-16 14:39 - 2013-01-16 19:51 - 000659136 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdGuard.sys
2017-11-16 14:39 - 2013-01-16 19:51 - 000114248 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2017-11-16 14:39 - 2013-01-16 19:51 - 000032888 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2017-11-16 14:39 - 2013-01-16 19:51 - 000020648 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2017-11-12 15:04 - 2015-11-15 20:34 - 000000000 ____D C:\firefox_zalohy
==================== Files in the root of some directories =======
2017-10-07 21:03 - 2017-10-07 21:03 - 000003584 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-03 14:38 - 2017-12-03 14:54 - 001065984 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\file__0.localstorage
2017-12-09 19:07 - 2017-12-09 19:12 - 000029696 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\MSGBOX.EXE
2011-08-09 13:12 - 2011-08-09 16:41 - 000062662 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\SRDownloader.err
2011-08-09 13:11 - 2013-01-08 23:49 - 000001048 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\SRDownloader.nast
2014-10-17 13:21 - 2014-10-17 13:21 - 000000057 _____ () C:\Documents and Settings\All Users\Application Data\Ament.ini
2009-01-06 19:36 - 2014-06-07 13:03 - 000002125 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Some files in TEMP:
====================
2017-05-12 18:55 - 2017-05-12 18:55 - 000000000 ____D () C:\Documents and Settings\Milan\Local Settings\Temp\avgnt.exe
2017-12-03 13:55 - 2017-12-03 13:55 - 000192512 _____ () C:\Documents and Settings\Milan\Local Settings\Temp\sfamcc00001.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
==================== End of FRST.txt ============================
Přispějete na provoz fóra?