Vysoké využití CPU (jsem lajk)

[richardpeterka]

Dobrý den rád bych poprosil o pomoc
Při zapnuté hře (dota2) Využití CPU 41% Podprocesy 945 +- a Procesy 74 což mi přijde jako vysoká čísla a při hraní se mi vypíná PC. (prachu se pravidelně zbavuji a hlavně dříve mi tuto hru stejný PC zvládal bez problémů)
Myslím si, že bych se potřeboval zbavit "bordelu" zkoušel jsem odinstalovat a smazat vše co nijak nepotřebuji + ccleaner + antivir

[Rudy]

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

[richardpeterka]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Richard Peterka at 2014-11-27 20:34:28
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 169 GB (34%) free of 501 GB
Total RAM: 3327 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:34:53, on 27.11.2014
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\WScript.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\Richard Peterka\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\lcpmnciiiqk.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Richard Peterka\Downloads\RSIT.exe
C:\Program Files\trend micro\Richard Peterka.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ORJ-SPE ... psv=&pt=tb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: save on - {C05F7854-38DF-D49B-3AFE-1F89260DA3A6} - C:\Program Files\save on\OWUVbpQiq.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnciiiqkSrv] C:\Windows\system32\mnciiiqk.vbe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [C:\AeriaGames\Downloader\aeria_ignite_install.exe] C:\AeriaGames\Downloader\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1" /quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 9649 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\C__AeriaGames_Downloader_aeria_ignite_install.exe.job - C:\AeriaGames\Downloader\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1" /quiet
C:\Windows\tasks\C__Users_Richard Peterka_AppData_Local_Opera_Opera_temporary_downloads_aeria_ignite_install.exe.job - C:\Users\Richard Peterka\AppData\Local\Opera\Opera\temporary_downloads\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1"
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask
C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
C:\Windows\tasks\RegCure Pro_sch_102DE03D-1718-11E4-A419-6CF0499E8183.job - C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe /schedule:"102DE03D-1718-11E4-A419-6CF0499E8183"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-11-24 12184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C05F7854-38DF-D49B-3AFE-1F89260DA3A6}]
save on - C:\Program Files\save on\OWUVbpQiq.dll [2014-06-16 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2014-11-24 12184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-05-24 1008184]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"MSStp"=C:\Windows\inf\msstp.vbe [2014-03-05 1584]
"mnciiiqkSrv"=C:\Windows\system32\mnciiiqk.vbe [2014-03-05 7670]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"kbdsprt"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-24 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Steam"=C:\Program Files\Steam\steam.exe [2014-11-25 1940160]
"C:\AeriaGames\Downloader\aeria_ignite_install.exe"=C:\AeriaGames\Downloader\aeria_ignite_install.exe [2013-04-30 3538712]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21650016]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-05-24 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Peterka]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-11-27 20:34:29 ----D---- C:\Program Files\trend micro
2014-11-27 20:34:28 ----D---- C:\rsit
2014-11-27 18:59:37 ----SHD---- C:\Config.Msi
2014-11-22 22:44:17 ----A---- C:\Users\Richard Peterka\AppData\Roaming\LogFile.txt
2014-11-07 13:37:28 ----D---- C:\Program Files\LogMeIn Hamachi
2014-11-02 13:14:24 ----D---- C:\ProgramData\AskPartnerNetwork
2014-11-02 13:14:24 ----D---- C:\Program Files\AskPartnerNetwork
2014-11-02 13:11:58 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2014-11-27 20:34:29 ----RD---- C:\Program Files
2014-11-27 20:34:17 ----D---- C:\Windows\Temp
2014-11-27 19:54:45 ----D---- C:\ProgramData\DivX
2014-11-27 19:54:43 ----D---- C:\Program Files\Common Files
2014-11-27 19:54:41 ----D---- C:\Program Files\DivX
2014-11-27 19:54:38 ----D---- C:\Windows\Prefetch
2014-11-27 19:54:29 ----D---- C:\Users\Richard Peterka\AppData\Roaming\DivX
2014-11-27 19:54:12 ----D---- C:\Windows\System32
2014-11-27 19:32:43 ----SHD---- C:\System Volume Information
2014-11-27 19:32:08 ----D---- C:\Users\Richard Peterka\AppData\Roaming\Skype
2014-11-27 19:23:22 ----D---- C:\Program Files\Steam
2014-11-27 19:23:08 ----D---- C:\Program Files\Common Files\Steam
2014-11-27 19:14:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-27 19:04:14 ----D---- C:\Windows\inf
2014-11-27 19:04:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 18:59:58 ----SHD---- C:\Windows\Installer
2014-11-21 19:53:40 ----D---- C:\Users\Richard Peterka\AppData\Roaming\vlc
2014-11-17 19:40:13 ----D---- C:\Windows\system32\catroot2
2014-11-02 13:14:24 ----HD---- C:\ProgramData
2014-11-02 13:11:12 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-11-02 13:10:56 ----D---- C:\ProgramData\Oracle
2014-11-02 13:10:40 ----D---- C:\Program Files\Java
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-03-30 717296]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 9183232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 265216]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2012-02-23 83984]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 PAC207;Trust WB-1400T Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
S1 MpKsl10940704;MpKsl10940704; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87805536-3225-46A4-90D3-5A0DE50C73AD}\MpKsl10940704.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-05-24 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-05-24 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-05-24 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-05-24 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-05-24 6016]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-11-08 16896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-05-24 35328]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2008-05-24 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-05-24 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-05-24 83328]
S4 ErrDev;Ovladače chybového zařízení hardwaru Microsoft; C:\Windows\system32\drivers\errdev.sys [2008-05-24 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-05-24 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 163328]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-11-24 166296]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-03-19 1564368]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 100232]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-07-05 76888]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-11-25 833728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2012-03-06 4199520]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []

-----------------EOF-----------------
omlouvám se, že to trvalo

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[richardpeterka]

# AdwCleaner v4.102 - Report created 27/11/2014 at 21:34:28
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Username : Richard Peterka - RICHARD-PC
# Running from : C:\Users\Richard Peterka\Downloads\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\save on
Folder Deleted : C:\ProgramData\2af77c181388be6f
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\Astroburn Toolbar
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Program Files\save on
Folder Deleted : C:\Program Files\Common Files\ParetoLogic
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\RICHAR~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Richard Peterka\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Richard Peterka\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Richard Peterka\AppData\Local\torch
Folder Deleted : C:\Users\Richard Peterka\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Richard Peterka\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Richard Peterka\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Richard Peterka\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Richard Peterka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Users\Richard Peterka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfekccfipbfapipbdmcglbjmdajpembp
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfekccfipbfapipbdmcglbjmdajpembp
Folder Deleted : C:\Users\Richard Peterka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfekccfipbfapipbdmcglbjmdajpembp
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfekccfipbfapipbdmcglbjmdajpembp
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfekccfipbfapipbdmcglbjmdajpembp
Folder Deleted : C:\Users\Richard Peterka\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfekccfipbfapipbdmcglbjmdajpembp
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\Richard Peterka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage
File Deleted : C:\Users\Richard Peterka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : paretologic registration3
Task Deleted : paretologic update version3

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C05F7854-38DF-D49B-3AFE-1F89260DA3A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C05F7854-38DF-D49B-3AFE-1F89260DA3A6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C05F7854-38DF-D49B-3AFE-1F89260DA3A6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C05F7854-38DF-D49B-3AFE-1F89260DA3A6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18639

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Google Chrome v35.0.1916.153

[C:\Users\Richard Peterka\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Richard Peterka\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kfekccfipbfapipbdmcglbjmdajpembp

-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [7635 octets] - [27/11/2014 21:30:29]
AdwCleaner[S0].txt - [7146 octets] - [27/11/2014 21:34:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7206 octets] ##########

[Rudy]

Dejte nový log RSIT.

[richardpeterka]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Richard Peterka at 2014-11-27 22:00:03
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 169 GB (34%) free of 501 GB
Total RAM: 3327 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:23, on 27.11.2014
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\WScript.exe
C:\Windows\System32\WScript.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Windows\system32\lcpmnciiiqk.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
c:\Users\Richard Peterka\Downloads\RSIT.exe
C:\Program Files\trend micro\Richard Peterka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll" (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnciiiqkSrv] C:\Windows\system32\mnciiiqk.vbe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [C:\AeriaGames\Downloader\aeria_ignite_install.exe] C:\AeriaGames\Downloader\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1" /quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 8191 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\C__AeriaGames_Downloader_aeria_ignite_install.exe.job - C:\AeriaGames\Downloader\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1" /quiet
C:\Windows\tasks\C__Users_Richard Peterka_AppData_Local_Opera_Opera_temporary_downloads_aeria_ignite_install.exe.job - C:\Users\Richard Peterka\AppData\Local\Opera\Opera\temporary_downloads\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1"
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask
C:\Windows\tasks\RegCure Pro_sch_102DE03D-1718-11E4-A419-6CF0499E8183.job - C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe /schedule:"102DE03D-1718-11E4-A419-6CF0499E8183"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Search App by Ask - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4F524A2D-5350-4500-76A7-7A786E7484D7} - Search App by Ask - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-05-24 1008184]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"MSStp"=C:\Windows\inf\msstp.vbe [2014-03-05 1584]
"mnciiiqkSrv"=C:\Windows\system32\mnciiiqk.vbe [2014-03-05 7670]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"kbdsprt"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-24 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Steam"=C:\Program Files\Steam\steam.exe [2014-11-25 1940160]
"C:\AeriaGames\Downloader\aeria_ignite_install.exe"=C:\AeriaGames\Downloader\aeria_ignite_install.exe [2013-04-30 3538712]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21650016]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-05-24 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Peterka]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-11-27 21:30:15 ----D---- C:\AdwCleaner
2014-11-27 20:34:29 ----D---- C:\Program Files\trend micro
2014-11-27 20:34:28 ----D---- C:\rsit
2014-11-27 18:59:37 ----SHD---- C:\Config.Msi
2014-11-22 22:44:17 ----A---- C:\Users\Richard Peterka\AppData\Roaming\LogFile.txt
2014-11-07 13:37:28 ----D---- C:\Program Files\LogMeIn Hamachi
2014-11-02 13:11:58 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2014-11-27 21:59:55 ----D---- C:\Windows\Temp
2014-11-27 21:57:31 ----D---- C:\Program Files\Steam
2014-11-27 21:57:01 ----D---- C:\Users\Richard Peterka\AppData\Roaming\Skype
2014-11-27 21:42:40 ----D---- C:\Windows\System32
2014-11-27 21:42:40 ----D---- C:\Windows\inf
2014-11-27 21:42:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 21:35:51 ----D---- C:\Windows
2014-11-27 21:34:38 ----RD---- C:\Program Files
2014-11-27 21:34:38 ----D---- C:\Program Files\Common Files
2014-11-27 21:34:32 ----HD---- C:\ProgramData
2014-11-27 19:54:45 ----D---- C:\ProgramData\DivX
2014-11-27 19:54:41 ----D---- C:\Program Files\DivX
2014-11-27 19:54:38 ----D---- C:\Windows\Prefetch
2014-11-27 19:54:29 ----D---- C:\Users\Richard Peterka\AppData\Roaming\DivX
2014-11-27 19:32:43 ----SHD---- C:\System Volume Information
2014-11-27 19:23:08 ----D---- C:\Program Files\Common Files\Steam
2014-11-27 19:14:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-27 18:59:58 ----SHD---- C:\Windows\Installer
2014-11-21 19:53:40 ----D---- C:\Users\Richard Peterka\AppData\Roaming\vlc
2014-11-17 19:40:13 ----D---- C:\Windows\system32\catroot2
2014-11-02 13:11:12 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-11-02 13:10:56 ----D---- C:\ProgramData\Oracle
2014-11-02 13:10:40 ----D---- C:\Program Files\Java
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-03-30 717296]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 9183232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 265216]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2012-02-23 83984]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 PAC207;Trust WB-1400T Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
S1 MpKsl10940704;MpKsl10940704; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87805536-3225-46A4-90D3-5A0DE50C73AD}\MpKsl10940704.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-05-24 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-05-24 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-05-24 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-05-24 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-05-24 6016]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-11-08 16896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-05-24 35328]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2008-05-24 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-05-24 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-05-24 83328]
S4 ErrDev;Ovladače chybového zařízení hardwaru Microsoft; C:\Windows\system32\drivers\errdev.sys [2008-05-24 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-05-24 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 163328]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-03-19 1564368]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 100232]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-07-05 76888]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-11-25 833728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2012-03-06 4199520]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\AskPartnerNetwork
C:\Windows\inf\msstp.vbe
C:\Windows\system32\mnciiiqk.vbe
C:\Program Files\McAfee Security Scan
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSStp"=-
"mnciiiqkSrv"=-
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[richardpeterka]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Richard Peterka at 2014-11-27 22:18:51
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 170 GB (34%) free of 501 GB
Total RAM: 3327 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:19:17, on 27.11.2014
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\notepad.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\_OTM\MovedFiles\11272014_221045\C_Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\Users\Richard Peterka\Downloads\RSIT.exe
C:\Program Files\trend micro\Richard Peterka.exe
C:\Windows\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [C:\AeriaGames\Downloader\aeria_ignite_install.exe] C:\AeriaGames\Downloader\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1" /quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 7689 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\C__AeriaGames_Downloader_aeria_ignite_install.exe.job - C:\AeriaGames\Downloader\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1" /quiet
C:\Windows\tasks\C__Users_Richard Peterka_AppData_Local_Opera_Opera_temporary_downloads_aeria_ignite_install.exe.job - C:\Users\Richard Peterka\AppData\Local\Opera\Opera\temporary_downloads\aeria_ignite_install.exe /exenoupdates /exelang 0 /prereqs "1"
C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job - C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe -StartupTask
C:\Windows\tasks\RegCure Pro_sch_102DE03D-1718-11E4-A419-6CF0499E8183.job - C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe /schedule:"102DE03D-1718-11E4-A419-6CF0499E8183"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-05-24 1008184]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"kbdsprt"= []
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-05-24 1233920]
"Steam"=C:\Program Files\Steam\steam.exe [2014-11-25 1940160]
"C:\AeriaGames\Downloader\aeria_ignite_install.exe"=C:\AeriaGames\Downloader\aeria_ignite_install.exe [2013-04-30 3538712]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21650016]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-05-24 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Peterka]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-11-27 22:10:45 ----D---- C:\_OTM
2014-11-27 21:30:15 ----D---- C:\AdwCleaner
2014-11-27 20:34:29 ----D---- C:\Program Files\trend micro
2014-11-27 20:34:28 ----D---- C:\rsit
2014-11-27 18:59:37 ----SHD---- C:\Config.Msi
2014-11-22 22:44:17 ----A---- C:\Users\Richard Peterka\AppData\Roaming\LogFile.txt
2014-11-07 13:37:28 ----D---- C:\Program Files\LogMeIn Hamachi
2014-11-02 13:11:58 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2014-11-27 22:18:49 ----D---- C:\Windows\Temp
2014-11-27 22:16:41 ----D---- C:\Users\Richard Peterka\AppData\Roaming\Skype
2014-11-27 22:16:21 ----D---- C:\Program Files\Steam
2014-11-27 22:12:44 ----D---- C:\Windows
2014-11-27 22:10:46 ----RD---- C:\Program Files
2014-11-27 22:10:46 ----D---- C:\Windows\Tasks
2014-11-27 22:10:46 ----D---- C:\Windows\System32
2014-11-27 22:10:46 ----D---- C:\Windows\inf
2014-11-27 21:42:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 21:34:38 ----D---- C:\Program Files\Common Files
2014-11-27 21:34:32 ----HD---- C:\ProgramData
2014-11-27 19:54:45 ----D---- C:\ProgramData\DivX
2014-11-27 19:54:41 ----D---- C:\Program Files\DivX
2014-11-27 19:54:38 ----D---- C:\Windows\Prefetch
2014-11-27 19:54:29 ----D---- C:\Users\Richard Peterka\AppData\Roaming\DivX
2014-11-27 19:32:43 ----SHD---- C:\System Volume Information
2014-11-27 19:23:08 ----D---- C:\Program Files\Common Files\Steam
2014-11-27 19:14:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-27 18:59:58 ----SHD---- C:\Windows\Installer
2014-11-21 19:53:40 ----D---- C:\Users\Richard Peterka\AppData\Roaming\vlc
2014-11-17 19:40:13 ----D---- C:\Windows\system32\catroot2
2014-11-02 13:11:12 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-11-02 13:10:56 ----D---- C:\ProgramData\Oracle
2014-11-02 13:10:40 ----D---- C:\Program Files\Java
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-03-30 717296]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 9183232]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 265216]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2012-02-23 83984]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 PAC207;Trust WB-1400T Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
S1 MpKsl10940704;MpKsl10940704; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87805536-3225-46A4-90D3-5A0DE50C73AD}\MpKsl10940704.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-05-24 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-05-24 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-05-24 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-05-24 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-05-24 6016]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-11-08 16896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-05-24 35328]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2008-05-24 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-05-24 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-05-24 83328]
S4 ErrDev;Ovladače chybového zařízení hardwaru Microsoft; C:\Windows\system32\drivers\errdev.sys [2008-05-24 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-05-24 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 163328]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-03-19 1564368]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 100232]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-07-05 76888]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-11-25 833728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe []
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2012-03-06 4199520]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[richardpeterka]

Ano, je to už na první pohled lepší CPU se pohybuje okolo 25% a zvuk PC není tak hlasitý jako předtím, ale stále to není úplně ono.

[Rudy]

Na zkoušku vypněte aut. aktualizace, příp. přeinstalujte antivir.

[richardpeterka]

Ani to nepomohlo, zkoušel jsem deffragmentovat disk, spybots SAD2 a CCcleaner a problém je tu stále. Antivirus mam Microsoft security essentials nevím jestli je úplně vhodný.

[Rudy]

Tak to je bezva ozvat se za čtvrt roku. Zopakujte mi,prosím, ještě jednou problém. Děkuji.

[richardpeterka]

Omlouvám se, "Dobrý den rád bych poprosil o pomoc
Při zapnuté hře (dota2) Využití CPU 41% Podprocesy 945 +- a Procesy 74 což mi přijde jako vysoká čísla a při hraní se mi vypíná PC. (prachu se pravidelně zbavuji a hlavně dříve mi tuto hru stejný PC zvládal bez problémů)
Myslím si, že bych se potřeboval zbavit "bordelu" zkoušel jsem odinstalovat a smazat vše co nijak nepotřebuji + ccleaner + antivir + defragmentoval jsem disk + Spybot Search and destroy"