neustálé vytížení CPU

Zpráva

fstar · #1 Příspěvek od **fstar** » 20 úno 2011 22:14

Dobrý den,
mám pořád vytížený procesor na 100% přitom ve správci úloh v záložce procesy mi procesor nic nějak víc nezatěžuje.
Prosím o radu.

#2 Příspěvek od **Rudy** » 20 úno 2011 22:54

Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

fstar · #3 Příspěvek od **fstar** » 20 úno 2011 23:14

Logfile of random's system information tool 1.08 (written by random/random)
Run by Radek at 2011-02-20 23:12:53
Microsoft Windows 7 Home Premium
System drive C: has 95 GB (33%) free of 288 GB
Total RAM: 3066 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:12:58, on 20.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Radek\Desktop\RSIT.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskmgr.exe
C:\Users\Radek\Desktop\RSIT.exe
C:\Program Files\trend micro\Radek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Ashampoo Core Tuner] "C:\Program Files\Ashampoo\Ashampoo Core Tuner\ct.exe" -TRAY
O4 - HKCU\..\Run: [Google Update] "C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3721694161-4156762751-3679120609-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-3721694161-4156762751-3679120609-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: EngineServer - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: postgresql-9.0 - PostgreSQL Server 9.0 (postgresql-9.0) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6173\SAService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 13140 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3721694161-4156762751-3679120609-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3721694161-4156762751-3679120609-1001UA.job
C:\windows\tasks\Norton Security Scan for Radek.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}]
C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28 910624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
&Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-01-29 237568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0} - McAfee SiteAdvisor - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28 910624]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D5D47440-0750-463D-BAEF-A47D02414806}
{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-01-29 237568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"SiteAdvisor"=C:\Program Files\SiteAdvisor\6173\SiteAdv.exe [2007-08-28 36640]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-12-16 30192]
"Ashampoo Core Tuner"=C:\Program Files\Ashampoo\Ashampoo Core Tuner\ct.exe [2008-11-27 3291992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-24 135664]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-02-13 323392]
"fsm"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe

C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PowerMenu.lnk - C:\Program Files\PowerMenu\PowerMenu.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 months======

2011-02-20 22:59:35 ----D---- C:\rsit
2011-02-20 22:59:35 ----D---- C:\Program Files\trend micro
2011-02-20 21:06:23 ----D---- C:\Program Files\CpuIdle
2011-02-20 21:06:23 ----A---- C:\windows\system32\drivers\cpuidlep.sys
2011-02-20 20:58:32 ----D---- C:\Program Files\Ashampoo
2011-02-17 15:42:46 ----D---- C:\ProgramData\Synetic
2011-02-17 15:42:38 ----D---- C:\Users\Radek\AppData\Roaming\ProtectDISC
2011-02-17 15:38:38 ----D---- C:\Program Files\Crash Time 4 - The Syndicate - DEMO
2011-02-15 21:01:30 ----D---- C:\Program Files\Rar Repair Tool
2011-02-15 20:55:59 ----D---- C:\Program Files\ZipRecover
2011-02-15 16:53:48 ----D---- C:\Program Files\Xvid
2011-02-15 16:53:48 ----A---- C:\windows\system32\xvidvfw.dll
2011-02-15 16:53:48 ----A---- C:\windows\system32\xvidcore.dll
2011-02-15 16:53:46 ----D---- C:\Program Files\FDRLab
2011-02-11 15:47:49 ----AD---- C:\Program Files\Jetbull Poker
2011-02-10 17:11:50 ----A---- C:\windows\system32\vbscript.dll
2011-02-10 17:11:50 ----A---- C:\windows\system32\jscript.dll
2011-02-10 17:11:49 ----A---- C:\windows\system32\kerberos.dll
2011-02-10 17:11:46 ----A---- C:\windows\system32\win32k.sys
2011-02-10 17:11:44 ----A---- C:\windows\system32\mshtml.dll
2011-02-10 17:11:40 ----A---- C:\windows\system32\msfeeds.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\mstime.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\mshtmled.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\msfeedssync.exe
2011-02-10 17:11:39 ----A---- C:\windows\system32\msfeedsbs.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\licmgr10.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\iertutil.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\iepeers.dll
2011-02-10 17:11:39 ----A---- C:\windows\system32\iedkcs32.dll
2011-02-10 17:11:33 ----A---- C:\windows\system32\atmlib.dll
2011-02-10 17:11:33 ----A---- C:\windows\system32\atmfd.dll
2011-02-10 17:11:32 ----A---- C:\windows\system32\ntoskrnl.exe
2011-02-10 17:11:32 ----A---- C:\windows\system32\ntkrnlpa.exe
2011-02-10 17:11:32 ----A---- C:\windows\system32\ntdll.dll
2011-02-10 17:11:27 ----A---- C:\windows\system32\upnp.dll
2011-02-10 17:11:26 ----A---- C:\windows\system32\wininet.dll
2011-02-10 17:11:26 ----A---- C:\windows\system32\urlmon.dll
2011-02-10 17:11:26 ----A---- C:\windows\system32\msxml6.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\wscsvc.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\wscapi.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\winhttp.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\WebClnt.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\slwga.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\msxml3.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\ieframe.dll
2011-02-10 17:11:25 ----A---- C:\windows\system32\davclnt.dll
2011-02-10 17:11:24 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-02-06 16:25:56 ----D---- C:\Program Files\DarXide games
2011-02-04 03:36:48 ----D---- C:\Program Files\DownloadToolz
2011-01-29 01:36:26 ----A---- C:\log.txt
2011-01-29 01:32:44 ----D---- C:\Program Files\Qtracker
2011-01-29 00:33:12 ----A---- C:\windows\system32\drivers\PnkBstrK.sys
2011-01-29 00:33:12 ----A---- C:\Users\Radek\AppData\Roaming\PnkBstrK.sys
2011-01-29 00:32:55 ----A---- C:\windows\system32\PnkBstrB.exe
2011-01-29 00:32:52 ----A---- C:\windows\system32\PnkBstrA.exe
2011-01-29 00:23:08 ----SHD---- C:\windows\ftpcache
2011-01-24 17:58:27 ----D---- C:\Users\Radek\AppData\Roaming\Opera
2011-01-24 17:58:22 ----D---- C:\Program Files\Opera
2011-01-24 00:34:12 ----D---- C:\Program Files\Rozpisy pro Šťastných10 (KENO10) - free verze
2011-01-23 23:00:23 ----A---- C:\windows\system32\Nmsckn.dll
2011-01-23 23:00:23 ----A---- C:\windows\system32\Nmorenu.dll
2011-01-23 23:00:23 ----A---- C:\windows\system32\Nmocod.dll
2011-01-23 11:46:03 ----D---- C:\Users\Radek\AppData\Roaming\Dropbox
2011-01-23 10:42:52 ----D---- C:\Users\Radek\AppData\Roaming\xNeat Clipboard Manager
2011-01-23 10:42:44 ----D---- C:\Program Files\xNeat Clipboard Manager
2011-01-23 10:27:27 ----D---- C:\Program Files\BMI
2011-01-23 09:29:36 ----D---- C:\Program Files\regTool
2011-01-21 17:53:20 ----D---- C:\Program Files\Full Tilt Poker

======List of files/folders modified in the last 1 months======

2011-02-20 23:12:59 ----D---- C:\windows\Temp
2011-02-20 23:09:54 ----D---- C:\Users\Radek\AppData\Roaming\DNA
2011-02-20 22:59:35 ----RD---- C:\Program Files
2011-02-20 22:44:53 ----D---- C:\windows\system32\config
2011-02-20 22:30:56 ----D---- C:\windows\system32\catroot2
2011-02-20 22:29:57 ----HD---- C:\ProgramData
2011-02-20 22:29:57 ----A---- C:\ProgramData\HPWALog.txt
2011-02-20 22:29:48 ----D---- C:\Program Files\DNA
2011-02-20 22:29:39 ----D---- C:\Windows
2011-02-20 22:16:25 ----D---- C:\Users\Radek\AppData\Roaming\uTorrent
2011-02-20 21:48:13 ----D---- C:\windows\debug
2011-02-20 21:44:28 ----D---- C:\Program Files\CCleaner
2011-02-20 21:06:23 ----D---- C:\windows\system32\drivers
2011-02-20 20:17:24 ----D---- C:\windows\Microsoft.NET
2011-02-20 13:51:07 ----D---- C:\Users\Radek\AppData\Roaming\ICQ
2011-02-19 12:29:56 ----SHD---- C:\System Volume Information
2011-02-18 14:58:33 ----D---- C:\ProgramData\PDFC
2011-02-17 15:41:19 ----D---- C:\windows\system32\directx
2011-02-17 15:40:50 ----HD---- C:\windows\msdownld.tmp
2011-02-16 14:19:45 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-15 23:41:25 ----SHD---- C:\windows\Installer
2011-02-15 22:39:16 ----D---- C:\Users\Radek\AppData\Roaming\Free Download Manager
2011-02-15 20:55:54 ----D---- C:\windows\System32
2011-02-15 20:24:30 ----D---- C:\Downloads
2011-02-10 20:47:27 ----D---- C:\windows\winsxs
2011-02-10 20:45:25 ----D---- C:\Program Files\Internet Explorer
2011-02-10 20:27:38 ----A---- C:\windows\system32\MRT.exe
2011-02-10 20:27:11 ----D---- C:\ProgramData\Microsoft Help
2011-02-10 17:11:21 ----D---- C:\windows\system32\catroot
2011-02-06 16:26:02 ----A---- C:\windows\system32\OpenAL32.dll
2011-02-06 12:30:10 ----D---- C:\Program Files\Gothic III
2011-02-04 02:33:33 ----D---- C:\Users\Radek\AppData\Roaming\AIMP
2011-02-03 16:03:37 ----D---- C:\HMArchive
2011-01-29 01:12:22 ----RSD---- C:\windows\assembly
2011-01-29 01:10:39 ----A---- C:\windows\game.ini
2011-01-29 00:52:13 ----D---- C:\windows\system32\Tasks
2011-01-29 00:46:48 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-29 00:32:52 ----D---- C:\windows\system32\LogFiles
2011-01-29 00:27:14 ----D---- C:\Program Files\Activision
2011-01-27 16:36:36 ----D---- C:\Users\Radek\AppData\Roaming\FileZilla
2011-01-26 10:30:47 ----D---- C:\windows\system32\NDF
2011-01-25 16:52:44 ----D---- C:\Users\Radek\AppData\Roaming\Microgaming
2011-01-25 13:04:45 ----D---- C:\windows\Tasks
2011-01-24 16:03:15 ----D---- C:\Users\Radek\AppData\Roaming\skypePM
2011-01-24 16:03:15 ----D---- C:\Users\Radek\AppData\Roaming\Skype
2011-01-24 14:30:46 ----D---- C:\Program Files\Counter-Strike
2011-01-24 00:34:07 ----A---- C:\windows\GPInstall.exe
2011-01-24 00:14:40 ----A---- C:\windows\bluevoda.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel RAID Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-12-24 691696]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 cpuidlep;CpuIdle Pro System Driver; C:\windows\system32\drivers\cpuidlep.sys [2011-02-20 4484]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2009-11-16 50704]
R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-12-24 2506232]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
R3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 EagleNT;EagleNT; \??\C:\windows\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\windows\system32\drivers\nhcDriver.sys [2011-02-20 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 EngineServer;EngineServer; C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE [2009-06-03 14144]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 McShield;McShield; C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe [2009-06-03 144704]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2009-07-16 221024]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2011-01-29 66872]
R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2011-01-29 103736]
R2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0; C:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w []
R2 SiteAdvisor Service;SiteAdvisor Service; C:\Program Files\SiteAdvisor\6173\SAService.exe [2009-09-20 341280]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-14 1956136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 yksvc;Marvell Yukon Service; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-29 655624]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-12-16 30192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-06 1343400]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 21 úno 2011 17:46

Nic nebezpečného není vidět. Pro jistotu udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

fstar · #5 Příspěvek od **fstar** » 21 úno 2011 18:24

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5830

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

21.2.2011 18:23:31
mbam-log-2011-02-21 (18-23-17).txt

Typ kontroly: Rychlý test
Testované objekty: 168693
Uplynulý čas: 6 minut, 9 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 6
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 7
Infikované soubory: 20

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{014DA6C1-189F-421A-88CD-07CFE51CFF10} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DA6C1-189F-421A-88CD-07CFE51CFF10} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{014DA6C9-189F-421A-88CD-07CFE51CFF10} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DA6C9-189F-421A-88CD-07CFE51CFF10} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{516B94F3-50CB-40AC-9AE7-C4C1F9E4A956}_is1 (Rogue.RegTool) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
c:\program files\MySearch (Adware.MyWebSearch) -> No action taken.
c:\program files\MySearch\bar (Adware.MyWebSearch) -> No action taken.
c:\program files\MySearch\bar\History (Adware.MyWebSearch) -> No action taken.
c:\program files\MySearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
c:\program files\regTool (Rogue.RegTool) -> No action taken.
c:\program files\regTool\Email (Rogue.RegTool) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\regTool (Rogue.RegTool) -> No action taken.

Infikované soubory:
c:\Users\Radek\downloads\call of duty 4-crack (a.g.).exe (Trojan.Backdoor) -> No action taken.
c:\program files\MySearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken.
c:\program files\MySearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\regTool\folderzipper.dll (Rogue.RegTool) -> No action taken.
c:\program files\regTool\icsharpcode.sharpziplib.dll (Rogue.RegTool) -> No action taken.
c:\program files\regTool\microsoft.reportviewer.common.dll (Rogue.RegTool) -> No action taken.
c:\program files\regTool\microsoft.reportviewer.processingobjectmodel.dll (Rogue.RegTool) -> No action taken.
c:\program files\regTool\microsoft.reportviewer.winforms.dll (Rogue.RegTool) -> No action taken.
c:\program files\regTool\regdb.s3db (Rogue.RegTool) -> No action taken.
c:\program files\regTool\regTool.exe (Rogue.RegTool) -> No action taken.
c:\program files\regTool\regtool.exe.config (Rogue.RegTool) -> No action taken.
c:\program files\regTool\regTool.pdb (Rogue.RegTool) -> No action taken.
c:\program files\regTool\system.data.sqlite.dll (Rogue.RegTool) -> No action taken.
c:\program files\regTool\system.data.sqlite.xml (Rogue.RegTool) -> No action taken.
c:\program files\regTool\unins000.dat (Rogue.RegTool) -> No action taken.
c:\program files\regTool\unins000.exe (Rogue.RegTool) -> No action taken.
c:\program files\regTool\Email\vzorovyemail.txt (Rogue.RegTool) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\regTool\aplikace regtool na internetu.url (Rogue.RegTool) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\regTool\odinstalovat aplikaci regtool.lnk (Rogue.RegTool) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\regTool\regTool.lnk (Rogue.RegTool) -> No action taken.

#6 Příspěvek od **Rudy** » 21 úno 2011 18:42

Všechny nalezené položky smažte.

fstar · #7 Příspěvek od **fstar** » 21 úno 2011 18:57

Hotovo

#8 Příspěvek od **Rudy** » 21 úno 2011 19:30

Nastala nějaká změna?

fstar · #9 Příspěvek od **fstar** » 21 úno 2011 19:40

Stále to využití procesoru skáče od téměř nuly až po nějakých 70 procent.
Když sem si dal ve správci úloh v záložce "procesy" zobrazit procesy všech uživatelů, tak nějaký systémový proces svchost.exe zatěžuje procesor asi z 50ti procent.

#10 Příspěvek od **Rudy** » 21 úno 2011 19:46

Na zkoušku vypněte aut. aktualizace.

fstar · #11 Příspěvek od **fstar** » 21 úno 2011 20:12

Vypnuto, žádné změny.

#12 Příspěvek od **Rudy** » 21 úno 2011 21:02

Zkuste reinstalovat antivir.

fstar · #13 Příspěvek od **fstar** » 21 úno 2011 21:25

Reinstalováno, pořád stejné chování.

Obrázek

#14 Příspěvek od **Rudy** » 21 úno 2011 22:31

Zkuste obnovu systému k datu, kdy korketně fungoval.

fstar · #15 Příspěvek od **fstar** » 22 úno 2011 11:45

Popravdě už mi to dělá docela dlouho a až teď sem objevil toto fórum.
Zkusil sem tu obnovu systému a stále nic (možná by to šlo, kdybych tu obnovu nastavil třeba o půl roku zpět). Windows mi nabídl jen před pár posledními akcemi. Nemůže v tom pc/systému být ještě nějaký vir?

VIRY.CZ

neustálé vytížení CPU

neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU

Re: neustálé vytížení CPU