VIRY.CZ

Dobrý den, prosím o kontrolu tohoto PC. Je celý zasekaný (zejména videa na Youtube nejdou normálně poslouchat, i při načtení videa není hudba plynulá, ale "natahuje se" a zní divně). Dále nelze načíst flash disk ani DVD v mechanice PC - ale to nejspíše musím řešit jinde ... Předem moc díky za odpověď


Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Opluštil at 2012-11-24 12:39:00
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (73%) free of 38 GB
Total RAM: 255 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:43:05, on 24.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Plocha\RSIT.exe
C:\Program Files\trend micro\Petr Opluštil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3926 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-920026266-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-920026266-725345543-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-11-24 12:39:06 ----D---- C:\Program Files\trend micro
2012-11-24 12:39:00 ----D---- C:\rsit
2012-11-22 11:21:07 ----D---- C:\Office
2012-11-22 10:59:34 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-11-22 10:56:12 ----D---- C:\Program Files\Microsoft Works
2012-11-22 10:55:55 ----D---- C:\Program Files\MSBuild
2012-11-22 10:55:19 ----D---- C:\Program Files\Microsoft Visual Studio
2012-11-22 10:55:18 ----D---- C:\Program Files\Common Files\DESIGNER
2012-11-22 10:47:40 ----D---- C:\WINDOWS\SHELLNEW
2012-11-22 10:46:22 ----D---- C:\Program Files\Microsoft Office
2012-11-22 10:46:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-11-22 10:45:17 ----RHD---- C:\MSOCache
2012-11-22 10:32:11 ----D---- C:\Documents and Settings\Petr Opluštil\Data aplikací\WinRAR
2012-11-22 10:32:02 ----D---- C:\Program Files\WinRAR
2012-11-22 10:02:21 ----D---- C:\WINDOWS\system32\NtmsData
2012-11-16 13:28:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2012-11-16 13:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$

======List of files/folders modified in the last 1 month======

2012-11-24 12:39:18 ----D---- C:\WINDOWS\Prefetch
2012-11-24 12:39:06 ----RD---- C:\Program Files
2012-11-22 19:54:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-11-22 11:20:24 ----SD---- C:\Documents and Settings\Petr Opluštil\Data aplikací\Microsoft
2012-11-22 11:00:24 ----SHD---- C:\WINDOWS\Installer
2012-11-22 10:59:34 ----D---- C:\WINDOWS\system32
2012-11-22 10:59:30 ----D---- C:\WINDOWS\system32\CatRoot2
2012-11-22 10:58:53 ----D---- C:\WINDOWS\system32\config
2012-11-22 10:56:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-22 10:56:00 ----D---- C:\WINDOWS\WinSxS
2012-11-22 10:55:18 ----D---- C:\Program Files\Common Files
2012-11-22 10:54:34 ----RSD---- C:\WINDOWS\Fonts
2012-11-22 10:53:59 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-11-22 10:48:12 ----A---- C:\WINDOWS\win.ini
2012-11-22 10:48:04 ----D---- C:\Program Files\Common Files\System
2012-11-22 10:47:40 ----D---- C:\WINDOWS
2012-11-22 10:46:22 ----HD---- C:\WINDOWS\inf
2012-11-16 13:29:25 ----D---- C:\WINDOWS\Temp
2012-11-16 13:29:12 ----A---- C:\WINDOWS\system32\MRT.exe
2012-11-16 13:28:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-11-16 13:28:32 ----A---- C:\WINDOWS\imsins.BAK
2012-11-16 12:44:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-10-28 17:06:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-16 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-08-19 73984]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Zdravím!
1. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-920026266-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-920026266-725345543-1004UA.job

:commands
[Purity]
[Emptytem]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

2. Klikněte do obrazu videa pravým myšítkem>nastavení a vypněte hardwarovou akceleraci.

3. V PC chybí antivir.

Děkuji za odpověď a za rady Zkoušela jsem to s videem, vypla jsem hardw. akceleraci a je to pořád stejné Antivir stáhnu, zasílám nový log...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Opluštil at 2012-11-24 13:50:10
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (72%) free of 38 GB
Total RAM: 255 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:50:28, on 24.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Plocha\RSIT.exe
C:\Program Files\trend micro\Petr Opluštil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3920 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-11-24 13:33:42 ----D---- C:\_OTM
2012-11-24 12:39:06 ----D---- C:\Program Files\trend micro
2012-11-24 12:39:00 ----D---- C:\rsit
2012-11-22 11:21:07 ----D---- C:\Office
2012-11-22 10:59:34 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-11-22 10:56:12 ----D---- C:\Program Files\Microsoft Works
2012-11-22 10:55:55 ----D---- C:\Program Files\MSBuild
2012-11-22 10:55:19 ----D---- C:\Program Files\Microsoft Visual Studio
2012-11-22 10:55:18 ----D---- C:\Program Files\Common Files\DESIGNER
2012-11-22 10:47:40 ----D---- C:\WINDOWS\SHELLNEW
2012-11-22 10:46:22 ----D---- C:\Program Files\Microsoft Office
2012-11-22 10:46:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-11-22 10:45:17 ----RHD---- C:\MSOCache
2012-11-22 10:32:11 ----D---- C:\Documents and Settings\Petr Opluštil\Data aplikací\WinRAR
2012-11-22 10:32:02 ----D---- C:\Program Files\WinRAR
2012-11-22 10:02:21 ----D---- C:\WINDOWS\system32\NtmsData
2012-11-16 13:28:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2012-11-16 13:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$

======List of files/folders modified in the last 1 month======

2012-11-24 13:49:31 ----D---- C:\WINDOWS\Prefetch
2012-11-24 13:42:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-11-24 13:33:42 ----SD---- C:\WINDOWS\Tasks
2012-11-24 12:39:06 ----RD---- C:\Program Files
2012-11-22 11:20:24 ----SD---- C:\Documents and Settings\Petr Opluštil\Data aplikací\Microsoft
2012-11-22 11:00:24 ----SHD---- C:\WINDOWS\Installer
2012-11-22 10:59:34 ----D---- C:\WINDOWS\system32
2012-11-22 10:59:30 ----D---- C:\WINDOWS\system32\CatRoot2
2012-11-22 10:58:53 ----D---- C:\WINDOWS\system32\config
2012-11-22 10:56:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-22 10:56:00 ----D---- C:\WINDOWS\WinSxS
2012-11-22 10:55:18 ----D---- C:\Program Files\Common Files
2012-11-22 10:54:34 ----RSD---- C:\WINDOWS\Fonts
2012-11-22 10:53:59 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-11-22 10:48:12 ----A---- C:\WINDOWS\win.ini
2012-11-22 10:48:04 ----D---- C:\Program Files\Common Files\System
2012-11-22 10:47:40 ----D---- C:\WINDOWS
2012-11-22 10:46:22 ----HD---- C:\WINDOWS\inf
2012-11-16 13:29:25 ----D---- C:\WINDOWS\Temp
2012-11-16 13:29:12 ----A---- C:\WINDOWS\system32\MRT.exe
2012-11-16 13:28:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-11-16 13:28:32 ----A---- C:\WINDOWS\imsins.BAK
2012-11-16 12:44:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-10-28 17:06:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-16 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-08-19 73984]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Pěkný podvečer, zasílám logy - PC je ještě pomalejší a zasekanější než dříve

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.25.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Petr Opluštil :: PC [administrátor]

Ochrana: Povolena

25.11.2012 11:13:46
mbam-log-2012-11-25 (11-13-46).txt

Typ: Úplná kontrola (A:\|C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 211419
Uplynulý čas: 1 hodin, 16 minut, 36 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)



Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Opluštil at 2012-11-27 18:52:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 27 GB (69%) free of 38 GB
Total RAM: 255 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:07, on 27.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr Opluštil\Plocha\RSIT.exe
C:\Program Files\trend micro\Petr Opluštil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4564 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Petr Opluštil\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-11-25 16:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-11-25 16:35:18 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2012-11-25 16:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-11-25 16:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-11-25 13:29:36 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-11-25 13:29:35 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-11-25 13:29:32 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-11-25 13:29:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-11-25 13:29:28 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-11-25 13:29:24 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-11-25 13:29:24 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-11-25 13:29:23 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-11-25 13:27:41 ----A---- C:\WINDOWS\avastSS.scr
2012-11-25 13:27:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-11-25 13:26:37 ----D---- C:\Program Files\AVAST Software
2012-11-25 13:26:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-11-25 11:02:01 ----D---- C:\Documents and Settings\Petr Opluštil\Data aplikací\Malwarebytes
2012-11-25 11:01:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-11-25 11:00:56 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-11-25 11:00:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-11-24 16:27:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2012-11-24 16:07:57 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-11-24 16:07:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2012-11-24 16:07:20 ----D---- C:\Program Files\Windows Media Connect 2
2012-11-24 16:07:05 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2012-11-24 16:05:57 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2012-11-24 16:05:20 ----D---- C:\WINDOWS\system32\LogFiles
2012-11-24 16:05:20 ----D---- C:\WINDOWS\system32\drivers\UMDF
2012-11-24 16:05:12 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2012-11-24 13:33:42 ----D---- C:\_OTM
2012-11-24 12:39:06 ----D---- C:\Program Files\trend micro
2012-11-24 12:39:00 ----D---- C:\rsit
2012-11-22 11:21:07 ----D---- C:\Office
2012-11-22 10:59:34 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-11-22 10:56:12 ----D---- C:\Program Files\Microsoft Works
2012-11-22 10:55:55 ----D---- C:\Program Files\MSBuild
2012-11-22 10:55:19 ----D---- C:\Program Files\Microsoft Visual Studio
2012-11-22 10:55:18 ----D---- C:\Program Files\Common Files\DESIGNER
2012-11-22 10:47:40 ----D---- C:\WINDOWS\SHELLNEW
2012-11-22 10:46:22 ----D---- C:\Program Files\Microsoft Office
2012-11-22 10:46:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-11-22 10:45:17 ----RHD---- C:\MSOCache
2012-11-22 10:32:11 ----D---- C:\Documents and Settings\Petr Opluštil\Data aplikací\WinRAR
2012-11-22 10:32:02 ----D---- C:\Program Files\WinRAR
2012-11-22 10:02:21 ----D---- C:\WINDOWS\system32\NtmsData
2012-11-16 13:28:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2012-11-16 13:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$

======List of files/folders modified in the last 1 month======

2012-11-27 18:39:09 ----D---- C:\WINDOWS\Temp
2012-11-27 17:05:59 ----D---- C:\WINDOWS\Prefetch
2012-11-27 17:02:17 ----D---- C:\WINDOWS
2012-11-25 16:36:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-11-25 16:35:51 ----HD---- C:\WINDOWS\inf
2012-11-25 16:35:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-11-25 16:35:48 ----D---- C:\WINDOWS\system32
2012-11-25 16:35:28 ----A---- C:\WINDOWS\imsins.BAK
2012-11-25 16:34:03 ----D---- C:\WINDOWS\system32\CatRoot2
2012-11-25 13:29:36 ----D---- C:\WINDOWS\system32\drivers
2012-11-25 13:29:28 ----SD---- C:\WINDOWS\Tasks
2012-11-25 13:28:54 ----SHD---- C:\WINDOWS\Installer
2012-11-25 13:28:52 ----D---- C:\WINDOWS\WinSxS
2012-11-25 13:28:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-11-25 13:26:37 ----RD---- C:\Program Files
2012-11-24 16:39:32 ----D---- C:\WINDOWS\system32\CatRoot
2012-11-24 16:11:46 ----D---- C:\Program Files\Windows Media Player
2012-11-24 16:07:34 ----A---- C:\WINDOWS\win.ini
2012-11-24 16:07:16 ----D---- C:\WINDOWS\Help
2012-11-24 15:48:07 ----D---- C:\Documents and Settings\Petr Opluštil\Data aplikací\vlc
2012-11-22 11:20:24 ----SD---- C:\Documents and Settings\Petr Opluštil\Data aplikací\Microsoft
2012-11-22 10:58:53 ----D---- C:\WINDOWS\system32\config
2012-11-22 10:55:18 ----D---- C:\Program Files\Common Files
2012-11-22 10:54:34 ----RSD---- C:\WINDOWS\Fonts
2012-11-22 10:53:59 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-11-22 10:48:04 ----D---- C:\Program Files\Common Files\System
2012-11-16 13:29:12 ----A---- C:\WINDOWS\system32\MRT.exe
2012-11-16 12:44:48 ----HD---- C:\WINDOWS\$hf_mig$
2012-10-28 17:06:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-16 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-08-19 73984]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Toto je OK. Zkuste provést obnovu systému k datu, kdy korketně fungoval. Pokud se nic nezmění, dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware