VIRY.CZ

uf, už sem měl na mále, po té co combofix zkončil mi nešel spustin net a halzelo to hlašku, že něco z registru je připraveno k smazání iexplore asi, tak sem to restartoval a už to běželo jinak

zde je log
ComboFix 12-11-26.02 - Michal 26.11.2012 19:07:23.2.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3326.1522 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michal\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\ParetoLogic Registration3.job"
"c:\windows\tasks\ParetoLogic Update Version3.job"
"c:\windows\tasks\RegCure Pro.job"
.
file zipped: c:\users\Michal\AppData\Roaming\NetMeeting\ca32.exe
file zipped: c:\windows\system32\igfxupdate.exe
file zipped: c:\windows\system32\jureg.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK
c:\users\Michal\AppData\Roaming\NetMeeting
c:\users\Michal\AppData\Roaming\NetMeeting\ca32.exe
c:\windows\system32\igfxupdate.exe
c:\windows\system32\jureg.exe
c:\windows\system32\update
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\ParetoLogic Registration3.job
c:\windows\tasks\ParetoLogic Update Version3.job
c:\windows\tasks\RegCure Pro.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SearchIndexer
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-26 do 2012-11-26 )))))))))))))))))))))))))))))))
.
.
2012-11-26 18:14 . 2012-11-26 18:17 -------- d-----w- c:\users\Michal\AppData\Local\temp
2012-11-26 18:14 . 2012-11-26 18:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-26 18:14 . 2012-11-26 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-26 17:30 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87BFD32D-4EE1-4030-84EF-437FC8ED8A48}\mpengine.dll
2012-11-26 14:41 . 2012-11-26 14:41 -------- d-----w- c:\program files\trend micro
2012-11-26 14:41 . 2012-11-26 14:51 -------- d-----w- C:\rsit
2012-11-26 14:03 . 2012-11-26 14:03 -------- d-----w- c:\program files\SQUARE ENIX
2012-11-26 13:59 . 2012-11-26 16:01 -------- d-----w- c:\program files\Steam
2012-11-25 11:56 . 2012-11-26 14:01 -------- d-----w- c:\windows\system32\wbem\Logs
2012-11-25 10:53 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-24 17:49 . 2012-11-25 11:37 -------- d-----w- c:\users\Michal\.VirtualBox
2012-11-24 17:47 . 2012-11-26 13:58 -------- d-----w- c:\program files\Oracle
2012-11-23 14:39 . 2012-11-23 14:39 -------- d-----w- c:\windows\Downloaded Program Files
2012-11-22 21:25 . 2012-11-25 10:36 -------- d-----w- c:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP
2012-11-22 20:34 . 2012-11-22 20:51 -------- d-----w- c:\windows\Debug
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\users\Michal\AppData\Roaming\ParetoLogic
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\users\Michal\AppData\Roaming\DriverCure
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\program files\Common Files\ParetoLogic
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\programdata\ParetoLogic
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\program files\ParetoLogic
2012-11-22 19:18 . 2012-11-22 19:19 -------- d-----w- c:\users\Michal\{9ecffe79-742a-4793-8eab-c802973f1e18}
2012-11-22 19:18 . 2012-11-09 16:35 20335464 ----a-w- c:\windows\system32\nvoglv32.dll
2012-11-22 19:18 . 2012-11-09 16:35 1874280 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-22 19:18 . 2012-11-09 16:35 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-22 19:18 . 2012-11-09 16:35 9364840 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-11-22 19:18 . 2012-11-09 16:35 7818504 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-22 19:18 . 2012-11-09 16:35 6149904 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-22 19:18 . 2012-11-09 16:35 2606440 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-22 19:15 . 2012-11-22 19:15 -------- d-----w- c:\windows\cs
2012-11-22 19:14 . 2012-11-22 19:14 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-11-22 19:12 . 2012-11-22 19:13 -------- d-----w- c:\program files\Windows Live
2012-11-22 19:11 . 2012-11-22 19:11 -------- d-----w- c:\users\Michal\AppData\Local\Windows Live
2012-11-22 19:11 . 2012-11-22 19:11 -------- d-----w- c:\program files\Common Files\Windows Live
2012-11-22 19:10 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2012-11-22 19:02 . 2012-11-22 20:54 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-22 19:02 . 2012-11-22 20:54 270848 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-22 19:02 . 2012-11-22 19:36 371712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-22 16:06 . 2012-11-22 16:26 -------- d-----w- c:\users\Michal\AppData\Roaming\GlarySoft
2012-11-22 15:53 . 2012-11-22 15:53 -------- d-----w- c:\programdata\Iomatic
2012-11-22 14:54 . 2012-11-22 14:54 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2012-11-22 14:52 . 2012-11-22 20:30 -------- d-----w- c:\users\Michal\AppData\Roaming\PC Cleaners
2012-11-22 14:52 . 2012-11-22 14:51 4589880 ----a-w- c:\windows\uninst.exe
2012-11-22 14:52 . 2012-11-22 14:52 -------- d-----w- c:\users\Michal\AppData\Roaming\PCPro
2012-11-22 14:52 . 2012-11-22 14:52 -------- d-----w- c:\programdata\PC1Data
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- c:\windows\Sun
2012-11-20 18:32 . 2012-11-20 18:32 -------- d-----w- c:\users\Michal\AppData\Roaming\Theta
2012-11-19 11:47 . 2012-11-20 10:35 -------- d-sh--w- c:\users\Michal\Drivers
2012-11-19 07:27 . 2012-11-20 09:46 -------- d-----w- c:\program files\Ubisoft
2012-11-16 18:44 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 18:44 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-16 18:09 . 2012-11-16 18:09 2032 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2012-11-14 13:48 . 2012-11-22 20:30 -------- d-----w- c:\users\Michal\AppData\Roaming\Sony
2012-11-08 11:20 . 2012-11-08 11:20 -------- d-----w- c:\users\Michal\AppData\Local\ElevatedDiagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 19:12 . 2009-08-18 10:24 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-20 09:46 . 2009-05-28 11:09 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-20 09:46 . 2009-05-28 11:09 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-11-09 16:35 . 2012-10-10 20:14 889192 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-11-09 16:35 . 2011-09-29 18:49 1011048 ----a-w- c:\windows\system32\nvdispco32.dll
2012-11-09 16:35 . 2010-02-26 12:01 12541648 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-11-09 16:35 . 2007-12-27 18:41 2496976 ----a-w- c:\windows\system32\nvapi.dll
2012-11-09 16:35 . 2007-12-27 18:41 15117136 ----a-w- c:\windows\system32\nvd3dum.dll
2012-11-09 12:19 . 2010-01-11 21:18 3984744 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-09 12:19 . 2010-01-11 21:18 2869608 ----a-w- c:\windows\system32\nvsvc.dll
2012-11-09 12:19 . 2010-01-11 21:18 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-09 12:19 . 2010-01-11 21:18 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-09 12:19 . 2010-01-11 21:18 645480 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-09 12:19 . 2010-01-11 21:18 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-11 07:49 . 2012-10-11 07:49 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-11 07:49 . 2012-10-11 07:49 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-28 06:51 . 2012-10-20 10:13 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4B3AAC6D-B85B-4839-8901-EC36BC58C43E}\gapaengine.dll
2012-09-28 06:51 . 2011-03-26 11:33 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-13 13:28 . 2012-10-10 19:01 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-03 19:38 . 2008-08-29 13:52 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-03 19:38 . 2008-08-29 13:52 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 20:25 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 13:46 . 2012-08-30 13:46 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-08-29 11:27 . 2012-10-10 19:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-10 19:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Michal\{9ecffe79-742a-4793-8eab-c802973f1e18} ----
.
2012-11-22 19:18 . 2012-11-09 16:35 9364840 ----a-w- c:\users\Michal\{9ecffe79-742a-4793-8eab-c802973f1e18}\nvlddmkm.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 4702208]
"hpfsched"="c:\windows\hpfsched.exe" [2000-06-21 36864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: Interfaces\{32172FAA-7755-47CD-81D4-DEB6EDB72D70}: NameServer = 192.168.53.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-26 19:18
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3300)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\hp\HPEZBTN\HPBtnSrv.exe
c:\windows\system32\spool\drivers\w32x86\hpzstatn.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\PANDORA.TV\PanService\PandoraService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\iashost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\ehome\ehmsas.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\ehome\ehsched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2012-11-26 19:22:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-26 18:22
ComboFix2.txt 2012-11-26 16:36
.
Před spuštěním: Volných bajtů: 249 092 464 640
Po spuštění: Volných bajtů: 249 126 879 232
.
- - End Of File - - B59560B4CE6EF4DBA9BE588FC475A191
Nahr nˇ probŘhlo ŁspŘçnŘ

zde je log

ComboFix 12-11-26.02 - Michal 26.11.2012 19:07:23.2.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3326.1522 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michal\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\ParetoLogic Registration3.job"
"c:\windows\tasks\ParetoLogic Update Version3.job"
"c:\windows\tasks\RegCure Pro.job"
.
file zipped: c:\users\Michal\AppData\Roaming\NetMeeting\ca32.exe
file zipped: c:\windows\system32\igfxupdate.exe
file zipped: c:\windows\system32\jureg.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin.LNK
c:\users\Michal\AppData\Roaming\NetMeeting
c:\users\Michal\AppData\Roaming\NetMeeting\ca32.exe
c:\windows\system32\igfxupdate.exe
c:\windows\system32\jureg.exe
c:\windows\system32\update
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\ParetoLogic Registration3.job
c:\windows\tasks\ParetoLogic Update Version3.job
c:\windows\tasks\RegCure Pro.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SearchIndexer
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-26 do 2012-11-26 )))))))))))))))))))))))))))))))
.
.
2012-11-26 18:14 . 2012-11-26 18:17 -------- d-----w- c:\users\Michal\AppData\Local\temp
2012-11-26 18:14 . 2012-11-26 18:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-26 18:14 . 2012-11-26 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-26 17:30 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87BFD32D-4EE1-4030-84EF-437FC8ED8A48}\mpengine.dll
2012-11-26 14:41 . 2012-11-26 14:41 -------- d-----w- c:\program files\trend micro
2012-11-26 14:41 . 2012-11-26 14:51 -------- d-----w- C:\rsit
2012-11-26 14:03 . 2012-11-26 14:03 -------- d-----w- c:\program files\SQUARE ENIX
2012-11-26 13:59 . 2012-11-26 16:01 -------- d-----w- c:\program files\Steam
2012-11-25 11:56 . 2012-11-26 14:01 -------- d-----w- c:\windows\system32\wbem\Logs
2012-11-25 10:53 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-24 17:49 . 2012-11-25 11:37 -------- d-----w- c:\users\Michal\.VirtualBox
2012-11-24 17:47 . 2012-11-26 13:58 -------- d-----w- c:\program files\Oracle
2012-11-23 14:39 . 2012-11-23 14:39 -------- d-----w- c:\windows\Downloaded Program Files
2012-11-22 21:25 . 2012-11-25 10:36 -------- d-----w- c:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP
2012-11-22 20:34 . 2012-11-22 20:51 -------- d-----w- c:\windows\Debug
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\users\Michal\AppData\Roaming\ParetoLogic
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\users\Michal\AppData\Roaming\DriverCure
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\program files\Common Files\ParetoLogic
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\programdata\ParetoLogic
2012-11-22 20:16 . 2012-11-22 20:16 -------- d-----w- c:\program files\ParetoLogic
2012-11-22 19:18 . 2012-11-22 19:19 -------- d-----w- c:\users\Michal\{9ecffe79-742a-4793-8eab-c802973f1e18}
2012-11-22 19:18 . 2012-11-09 16:35 20335464 ----a-w- c:\windows\system32\nvoglv32.dll
2012-11-22 19:18 . 2012-11-09 16:35 1874280 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-22 19:18 . 2012-11-09 16:35 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-22 19:18 . 2012-11-09 16:35 9364840 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-11-22 19:18 . 2012-11-09 16:35 7818504 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-22 19:18 . 2012-11-09 16:35 6149904 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-22 19:18 . 2012-11-09 16:35 2606440 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-22 19:15 . 2012-11-22 19:15 -------- d-----w- c:\windows\cs
2012-11-22 19:14 . 2012-11-22 19:14 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-11-22 19:12 . 2012-11-22 19:13 -------- d-----w- c:\program files\Windows Live
2012-11-22 19:11 . 2012-11-22 19:11 -------- d-----w- c:\users\Michal\AppData\Local\Windows Live
2012-11-22 19:11 . 2012-11-22 19:11 -------- d-----w- c:\program files\Common Files\Windows Live
2012-11-22 19:10 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2012-11-22 19:02 . 2012-11-22 20:54 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-22 19:02 . 2012-11-22 20:54 270848 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-22 19:02 . 2012-11-22 19:36 371712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-22 16:06 . 2012-11-22 16:26 -------- d-----w- c:\users\Michal\AppData\Roaming\GlarySoft
2012-11-22 15:53 . 2012-11-22 15:53 -------- d-----w- c:\programdata\Iomatic
2012-11-22 14:54 . 2012-11-22 14:54 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2012-11-22 14:52 . 2012-11-22 20:30 -------- d-----w- c:\users\Michal\AppData\Roaming\PC Cleaners
2012-11-22 14:52 . 2012-11-22 14:51 4589880 ----a-w- c:\windows\uninst.exe
2012-11-22 14:52 . 2012-11-22 14:52 -------- d-----w- c:\users\Michal\AppData\Roaming\PCPro
2012-11-22 14:52 . 2012-11-22 14:52 -------- d-----w- c:\programdata\PC1Data
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- c:\windows\Sun
2012-11-20 18:32 . 2012-11-20 18:32 -------- d-----w- c:\users\Michal\AppData\Roaming\Theta
2012-11-19 11:47 . 2012-11-20 10:35 -------- d-sh--w- c:\users\Michal\Drivers
2012-11-19 07:27 . 2012-11-20 09:46 -------- d-----w- c:\program files\Ubisoft
2012-11-16 18:44 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 18:44 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-16 18:09 . 2012-11-16 18:09 2032 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2012-11-14 13:48 . 2012-11-22 20:30 -------- d-----w- c:\users\Michal\AppData\Roaming\Sony
2012-11-08 11:20 . 2012-11-08 11:20 -------- d-----w- c:\users\Michal\AppData\Local\ElevatedDiagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 19:12 . 2009-08-18 10:24 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-11-20 09:46 . 2009-05-28 11:09 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-20 09:46 . 2009-05-28 11:09 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-11-09 16:35 . 2012-10-10 20:14 889192 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-11-09 16:35 . 2011-09-29 18:49 1011048 ----a-w- c:\windows\system32\nvdispco32.dll
2012-11-09 16:35 . 2010-02-26 12:01 12541648 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-11-09 16:35 . 2007-12-27 18:41 2496976 ----a-w- c:\windows\system32\nvapi.dll
2012-11-09 16:35 . 2007-12-27 18:41 15117136 ----a-w- c:\windows\system32\nvd3dum.dll
2012-11-09 12:19 . 2010-01-11 21:18 3984744 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-09 12:19 . 2010-01-11 21:18 2869608 ----a-w- c:\windows\system32\nvsvc.dll
2012-11-09 12:19 . 2010-01-11 21:18 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-09 12:19 . 2010-01-11 21:18 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-09 12:19 . 2010-01-11 21:18 645480 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-09 12:19 . 2010-01-11 21:18 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-11 07:49 . 2012-10-11 07:49 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-11 07:49 . 2012-10-11 07:49 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-28 06:51 . 2012-10-20 10:13 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4B3AAC6D-B85B-4839-8901-EC36BC58C43E}\gapaengine.dll
2012-09-28 06:51 . 2011-03-26 11:33 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-13 13:28 . 2012-10-10 19:01 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-03 19:38 . 2008-08-29 13:52 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-09-03 19:38 . 2008-08-29 13:52 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-08-30 20:03 . 2012-08-30 20:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 20:25 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 13:46 . 2012-08-30 13:46 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-08-29 11:27 . 2012-10-10 19:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-10 19:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Michal\{9ecffe79-742a-4793-8eab-c802973f1e18} ----
.
2012-11-22 19:18 . 2012-11-09 16:35 9364840 ----a-w- c:\users\Michal\{9ecffe79-742a-4793-8eab-c802973f1e18}\nvlddmkm.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 4702208]
"hpfsched"="c:\windows\hpfsched.exe" [2000-06-21 36864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: Interfaces\{32172FAA-7755-47CD-81D4-DEB6EDB72D70}: NameServer = 192.168.53.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-26 19:18
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3300)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\hp\HPEZBTN\HPBtnSrv.exe
c:\windows\system32\spool\drivers\w32x86\hpzstatn.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\PANDORA.TV\PanService\PandoraService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\iashost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\ehome\ehmsas.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\ehome\ehsched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2012-11-26 19:22:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-26 18:22
ComboFix2.txt 2012-11-26 16:36
.
Před spuštěním: Volných bajtů: 249 092 464 640
Po spuštění: Volných bajtů: 249 126 879 232
.
- - End Of File - - B59560B4CE6EF4DBA9BE588FC475A191
Nahr nˇ probŘhlo ŁspŘçnŘ

Ono staci cist navody

Tam je napsano co delat, ze staci restart

Jak se chova PC

Tak ten taskmgr.exe ted bere jen nějakých 15-20%, ale jinak v pohodě, řekl bych. To už je normální hodnota? Víš to neskáče.

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Ktery proces (za klidu PC) vytezuje CPU nejvice a kolik?

Dejte novy log z RSIT

Tak už jsem tady
ve správci úloh taskmgr.exe skáče od 20-25 cpu
Počítač už neblázní jak při plném vitížení, ted mi to připádá jak dříve.

log
Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2012-11-26 20:00:06
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 239 GB (51%) free of 469 GB
Total RAM: 3326 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:00:37, on 26.11.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michal\Desktop\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [hpfsched] C:\Windows\hpfsched.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\Windows\TEMP\E_SAA04.tmp" /EF "HKCU" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [fsm] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [WindowsUpdate] C:\Users\UpdatusUser\AppData\Roaming\win32.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32172FAA-7755-47CD-81D4-DEB6EDB72D70}: NameServer = 192.168.53.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Printer Status Server (hpzstatn) - Hewlett-Packard Company - C:\Windows\system32\spool\drivers\w32x86\hpzstatn.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7740 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-01-21 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-10-11 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-10-11 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-25 4702208]
"hpfsched"=C:\Windows\hpfsched.exe [2000-06-21 36864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=MPG4c32.dll
"vidc.mp42"=MPG4c32.dll
"Msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"=mpegacm.acm
"msacm.ulmp3acm"=ulmp3acm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.xvid"=xvid.dll
"vidc.MP43"=MPG4c32.dll
"VIDC.FPS1"=frapsvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-11-26 20:00:06 ----D---- C:\rsit
2012-11-26 19:52:56 ----SHD---- C:\$RECYCLE.BIN
2012-11-26 19:45:18 ----SD---- C:\32788R22FWJFW
2012-11-26 19:23:23 ----D---- C:\Windows\temp
2012-11-26 17:23:19 ----D---- C:\Windows\erdnt
2012-11-26 16:55:02 ----A---- C:\AdwCleaner[S1].txt
2012-11-26 16:34:39 ----A---- C:\AdwCleaner[R1].txt
2012-11-26 15:41:40 ----D---- C:\Program Files\trend micro
2012-11-26 15:03:19 ----D---- C:\Program Files\SQUARE ENIX
2012-11-26 14:59:19 ----D---- C:\Program Files\Steam
2012-11-24 18:47:51 ----D---- C:\Program Files\Oracle
2012-11-23 15:39:10 ----D---- C:\Windows\Downloaded Program Files
2012-11-22 21:34:34 ----D---- C:\Windows\Debug
2012-11-22 21:16:58 ----D---- C:\Users\Michal\AppData\Roaming\ParetoLogic
2012-11-22 21:16:58 ----D---- C:\Users\Michal\AppData\Roaming\DriverCure
2012-11-22 21:16:53 ----D---- C:\Program Files\Common Files\ParetoLogic
2012-11-22 21:16:52 ----D---- C:\ProgramData\ParetoLogic
2012-11-22 21:16:52 ----D---- C:\Program Files\ParetoLogic
2012-11-22 20:18:23 ----A---- C:\Windows\system32\nvoglv32.dll
2012-11-22 20:18:23 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-11-22 20:18:23 ----A---- C:\Windows\system32\nvcompiler.dll
2012-11-22 20:18:22 ----A---- C:\Windows\system32\nvopencl.dll
2012-11-22 20:18:22 ----A---- C:\Windows\system32\nvcuvid.dll
2012-11-22 20:18:22 ----A---- C:\Windows\system32\nvcuda.dll
2012-11-22 20:18:22 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-11-22 20:15:46 ----D---- C:\Windows\cs
2012-11-22 20:14:14 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-11-22 20:12:46 ----D---- C:\Program Files\Windows Live
2012-11-22 20:11:06 ----D---- C:\Program Files\Common Files\Windows Live
2012-11-22 20:10:22 ----A---- C:\Windows\system32\webservices.dll
2012-11-22 20:02:47 ----A---- C:\Windows\system32\SearchEngine.dat
2012-11-22 20:02:45 ----A---- C:\Windows\system32\SearchIndexer.dll
2012-11-22 17:06:35 ----D---- C:\Users\Michal\AppData\Roaming\GlarySoft
2012-11-22 16:53:53 ----D---- C:\ProgramData\Iomatic
2012-11-22 15:57:34 ----A---- C:\Windows\reimage.ini
2012-11-22 15:54:26 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2012-11-22 15:52:08 ----D---- C:\Users\Michal\AppData\Roaming\PC Cleaners
2012-11-22 15:52:07 ----A---- C:\Windows\uninst.exe
2012-11-22 15:52:03 ----D---- C:\Users\Michal\AppData\Roaming\PCPro
2012-11-22 15:52:03 ----D---- C:\ProgramData\PC1Data
2012-11-22 15:30:32 ----D---- C:\Windows\Sun
2012-11-20 19:32:57 ----D---- C:\Users\Michal\AppData\Roaming\Theta
2012-11-19 08:27:43 ----D---- C:\Program Files\Ubisoft
2012-11-16 23:25:49 ----A---- C:\Windows\system32\vbscript.dll
2012-11-16 23:25:49 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-16 23:25:48 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-16 23:25:48 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-16 23:25:48 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-16 23:25:48 ----A---- C:\Windows\system32\ieui.dll
2012-11-16 23:25:47 ----A---- C:\Windows\system32\wininet.dll
2012-11-16 23:25:47 ----A---- C:\Windows\system32\jscript.dll
2012-11-16 23:25:46 ----A---- C:\Windows\system32\url.dll
2012-11-16 23:25:46 ----A---- C:\Windows\system32\jscript9.dll
2012-11-16 23:25:46 ----A---- C:\Windows\system32\iertutil.dll
2012-11-16 23:25:44 ----A---- C:\Windows\system32\urlmon.dll
2012-11-16 23:25:43 ----A---- C:\Windows\system32\ieframe.dll
2012-11-16 23:25:42 ----A---- C:\Windows\system32\mshtml.dll
2012-11-16 19:44:08 ----A---- C:\Windows\system32\synceng.dll
2012-11-16 19:44:07 ----A---- C:\Windows\system32\win32k.sys
2012-11-14 14:48:42 ----D---- C:\Users\Michal\AppData\Roaming\Sony

======List of files/folders modified in the last 1 month======

2012-11-26 19:55:17 ----D---- C:\Windows
2012-11-26 19:45:30 ----D---- C:\Windows\system32\drivers
2012-11-26 19:17:04 ----A---- C:\Windows\system.ini
2012-11-26 19:17:00 ----D---- C:\Windows\system32\drivers\etc
2012-11-26 19:14:48 ----D---- C:\Windows\system32\config
2012-11-26 19:13:47 ----D---- C:\Windows\Tasks
2012-11-26 19:13:47 ----D---- C:\Windows\System32
2012-11-26 19:10:59 ----D---- C:\Windows\AppPatch
2012-11-26 19:10:58 ----D---- C:\Program Files\Common Files
2012-11-26 17:55:25 ----SHD---- C:\System Volume Information
2012-11-26 17:33:35 ----D---- C:\ProgramData
2012-11-26 17:12:09 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2012-11-26 17:02:02 ----D---- C:\Program Files\Common Files\Steam
2012-11-26 16:55:10 ----RD---- C:\Program Files
2012-11-26 16:55:07 ----D---- C:\ProgramData\ICQ
2012-11-26 14:59:25 ----SHD---- C:\Windows\Installer
2012-11-26 14:28:25 ----D---- C:\Users\Michal\AppData\Roaming\HpUpdate
2012-11-25 13:48:58 ----D---- C:\Windows\system32\Tasks
2012-11-25 12:59:32 ----D---- C:\Windows\SoftwareDistribution
2012-11-25 12:56:44 ----D---- C:\Windows\system32\wbem
2012-11-25 12:40:42 ----D---- C:\Users\Michal\AppData\Roaming\Macromedia
2012-11-25 12:37:39 ----D---- C:\Windows\system32\catroot2
2012-11-25 12:37:19 ----D---- C:\Windows\inf
2012-11-25 12:37:09 ----D---- C:\Windows\Logs
2012-11-25 12:01:11 ----HD---- C:\Windows\system32\GroupPolicy
2012-11-25 11:57:39 ----D---- C:\Program Files\NVIDIA Corporation
2012-11-25 11:38:34 ----D---- C:\Windows\system32\Msdtc
2012-11-25 11:36:34 ----D---- C:\Windows\system32\spool
2012-11-25 11:36:34 ----D---- C:\Windows\system32\CodeIntegrity
2012-11-25 11:36:30 ----D---- C:\Windows\registration
2012-11-25 10:58:27 ----D---- C:\Windows\system32\directx
2012-11-24 18:49:05 ----D---- C:\Windows\system32\catroot
2012-11-24 18:48:03 ----DC---- C:\Windows\system32\DRVSTORE
2012-11-24 15:39:06 ----D---- C:\ProgramData\NVIDIA
2012-11-22 21:36:38 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2012-11-22 21:30:40 ----D---- C:\Windows\SMINST
2012-11-22 21:30:40 ----D---- C:\ProgramData\EA Logs
2012-11-22 21:30:39 ----D---- C:\Windows\system32\LogFiles
2012-11-22 21:30:39 ----D---- C:\Windows\Panther
2012-11-22 21:30:39 ----D---- C:\Users\Michal\AppData\Roaming\XnView
2012-11-22 21:30:39 ----D---- C:\Users\Michal\AppData\Roaming\Vso
2012-11-22 21:30:39 ----D---- C:\Users\Michal\AppData\Roaming\Video Converter for Any Flv Player
2012-11-22 21:30:39 ----D---- C:\Users\Michal\AppData\Roaming\AIMP
2012-11-22 21:30:39 ----D---- C:\Program Files\WinTV
2012-11-22 21:30:39 ----D---- C:\Program Files\AntoniePlayer
2012-11-22 21:30:38 ----D---- C:\Windows\Minidump
2012-11-22 21:30:38 ----D---- C:\Users\Michal\AppData\Roaming\Any Video Converter Professional
2012-11-22 21:30:38 ----D---- C:\Program Files\Acoustica Mixcraft 5
2012-11-22 20:57:57 ----D---- C:\Windows\rescache
2012-11-22 20:45:41 ----D---- C:\Users\Michal\AppData\Roaming\Software Informer
2012-11-22 20:14:16 ----RSD---- C:\Windows\assembly
2012-11-22 20:13:14 ----SD---- C:\ProgramData\Microsoft
2012-11-22 20:13:05 ----RSD---- C:\Windows\Fonts
2012-11-22 20:13:03 ----D---- C:\Windows\winsxs
2012-11-22 20:12:38 ----D---- C:\Program Files\Common Files\microsoft shared
2012-11-22 20:10:34 ----D---- C:\Windows\system32\cs-CZ
2012-11-20 19:26:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-20 10:47:23 ----HD---- C:\Program Files\InstallShield Installation Information
2012-11-20 10:46:41 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-11-20 10:46:32 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-11-20 08:22:25 ----D---- C:\Windows\Prefetch
2012-11-19 10:34:40 ----D---- C:\ProgramData\Microsoft Help
2012-11-18 12:29:36 ----D---- C:\Windows\Microsoft.NET
2012-11-17 20:58:06 ----D---- C:\Users\Michal\AppData\Roaming\Movier
2012-11-17 08:41:00 ----D---- C:\Windows\system32\migration
2012-11-17 08:40:59 ----D---- C:\Program Files\Internet Explorer
2012-11-16 23:29:50 ----A---- C:\Windows\system32\mrt.exe
2012-11-16 23:29:19 ----A---- C:\Windows\win.ini
2012-11-10 13:08:10 ----D---- C:\ProgramData\Ubisoft
2012-11-09 17:35:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2012-11-09 17:35:00 ----A---- C:\Windows\system32\nvdispgenco32.dll
2012-11-09 17:35:00 ----A---- C:\Windows\system32\nvdispco32.dll
2012-11-09 17:35:00 ----A---- C:\Windows\system32\nvd3dum.dll
2012-11-09 17:35:00 ----A---- C:\Windows\system32\nvapi.dll
2012-11-09 13:19:35 ----A---- C:\Windows\system32\nvcpl.dll
2012-11-09 13:19:23 ----A---- C:\Windows\system32\nvsvc.dll
2012-11-09 13:19:14 ----A---- C:\Windows\system32\nvsvcr.dll
2012-11-09 13:19:14 ----A---- C:\Windows\system32\nvmctray.dll
2012-11-09 13:19:13 ----A---- C:\Windows\system32\nvvsvc.exe
2012-11-09 13:19:13 ----A---- C:\Windows\system32\nvshext.dll
2012-11-07 14:22:02 ----D---- C:\Program Files\Electronic Arts
2012-11-02 09:11:20 ----D---- C:\ProgramData\Origin
2012-10-31 14:21:21 ----HD---- C:\Program Files\Common Files\EAInstaller
2012-10-31 13:27:59 ----D---- C:\Users\Michal\AppData\Roaming\Origin
2012-10-31 13:27:45 ----D---- C:\Program Files\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iastor.sys [2008-12-04 328728]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-29 443448]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-08-02 271360]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-08-02 18048]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-29 232512]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2007-10-01 1129344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-25 2015192]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-11-09 9364840]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-08-03 91648]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 a4zszwue;a4zszwue; C:\Windows\system32\drivers\a4zszwue.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\Michal\AppData\Local\Temp\CFcatchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 99272]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-11-21 47360]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 hpzstatn;Printer Status Server; C:\Windows\system32\spool\drivers\w32x86\hpzstatn.exe [2000-06-21 503296]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-09-25 79136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-11-09 1259880]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-05-14 624856]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-11-20 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-11-09 645480]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 250808]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-11 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 287824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-11-26 529744]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880]

-----------------EOF-----------------

Myslím že je vše v pořádku. Jinak musím moc a moc poděkovat, sám bych to dohromady nikdy nedal takže uctivě děkuji.

Spustte HJT a provedeme fixnuti polozek

HJT najdete zde C:\Program Files\trend micro\Michal.exe
Otevre se Vam okno, kliknete na Do a system scan only
V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [fsm] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2196742219-2737495621-1387259624-1003\..\Run: [WindowsUpdate] C:\Users\UpdatusUser\AppData\Roaming\win32.exe (User 'UpdatusUser')
Kliknete na Fix checked (vlevo dole)
HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe

Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

Kód: Vybrat vše

:files
C:\Users\UpdatusUser\AppData\Roaming\*.exe
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Kliknete na cervene tlacitko MoveIt!
Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

All processes killed
========== FILES ==========
File/Folder C:\Users\UpdatusUser\AppData\Roaming\*.exe not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michal
->Temp folder emptied: 181205 bytes
->Temporary Internet Files folder emptied: 163927722 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 2026 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1628 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 877035 bytes

Total Files Cleaned = 157,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Michal
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Michal
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 11262012_205615

Spustte OTM a kliknete na CleanUp! tim po sobe uklidi

A pokud nejsou problemy ci dotazy, je to z me strany vse

Vše se zdá být v pořádku takže ještě jednou moc děkuji.

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%

Re: CPU v klidu 100%