VIRY.CZ

Poslední dobou je procesor vytížený na 100%. Prosím o kontrolu logu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by arachnoid at 2013-10-28 11:34:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (38%) free of 65 GB
Total RAM: 1643 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:34:17, on 28.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Start Menu X\StartMenuX.exe
C:\Users\arachnoid\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Zentimo\zentimo.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\arachnoid\Desktop\RSIT.exe
C:\Program Files\trend micro\arachnoid.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\arachnoid\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zentimo xStorage Manager] C:\Program Files\Zentimo\zentimo.exe /startup
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files\Moborobo\MoboroboDeviceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
O23 - Service: Zentimo Assistant (ZentimoService) - Unknown owner - C:\Program Files\Zentimo\ZentimoService.exe

--
End of file - 9788 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1520317117-1496835221-2367191781-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1520317117-1496835221-2367191781-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\arachnoid\AppData\Roaming\Mozilla\Firefox\Profiles\lgx3r6jw.default

prefs.js - "browser.startup.homepage" - "seznam.cz"

"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpplugin.dll
npwachk.dll
QuickTimePlugin.class

C:\Users\arachnoid\AppData\Roaming\Mozilla\Firefox\Profiles\lgx3r6jw.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-03-01 490656]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-03-01 302240]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-21 1996072]
"YouCam Mirage"=C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-02-18 136488]
"YouCam Tray"=C:\Program Files\CyberLink\YouCam\YouCamTray.exe [2011-02-18 162912]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2011-12-12 6318696]
"HP Quick Launch"=C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"HPOSD"=C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-11-13 296096]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-10-20 1576152]
"tvncontrol"=C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2013-09-25 20133824]
"StartMenuX"=C:\Program Files\Start Menu X\StartMenuX.exe [2012-10-04 3511728]
"Google Update"=C:\Users\arachnoid\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 136176]
"Zentimo xStorage Manager"=C:\Program Files\Zentimo\zentimo.exe [2012-02-07 2068480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
rem C:\Program Files\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
rem C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2011-10-26 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk]
C:\PROGRA~1\UNIVER~1\UMS.exe [2013-09-02 423089]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^arachnoid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk]
C:\PROGRA~1\Serviio\bin\SERVII~2.EXE [2013-08-08 610304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files\Comodo\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-28 11:31:19 ----D---- C:\Program Files\trend micro
2013-10-28 11:31:16 ----D---- C:\rsit
2013-10-19 17:14:58 ----SHD---- C:\Config.Msi
2013-10-19 11:58:14 ----D---- C:\ProgramData\Oracle
2013-10-19 11:56:33 ----D---- C:\Program Files\Common Files\Java
2013-10-19 11:56:21 ----A---- C:\Windows\system32\javaws.exe
2013-10-19 11:55:50 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-10-19 11:55:50 ----A---- C:\Windows\system32\javaw.exe
2013-10-19 11:55:49 ----A---- C:\Windows\system32\java.exe
2013-10-18 08:50:03 ----A---- C:\Windows\system32\OVDecode.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\OpenVideo.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2013-10-18 08:50:03 ----A---- C:\Windows\system32\coinst_12.104.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\clinfo.exe
2013-10-18 08:50:03 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat
2013-10-18 08:50:03 ----A---- C:\Windows\system32\ativvaxy_cik.dat
2013-10-18 08:50:03 ----A---- C:\Windows\system32\ativce02.dat
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atitmmxx.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atioglxx.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atimuixx.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atimpc32.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\amdpcom32.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\OpenCL.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2013-10-18 08:50:02 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atiicdxx.dat
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atiglpxx.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atigktxx.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atidxx32.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\aticalrt.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\aticaldd.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\aticalcl.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atiapfxx.exe
2013-10-18 08:50:02 ----A---- C:\Windows\system32\ati2edxx.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\amdocl_ld32.exe
2013-10-18 08:50:02 ----A---- C:\Windows\system32\amdocl_as32.exe
2013-10-18 08:50:01 ----A---- C:\Windows\system32\amdocl.dll
2013-10-18 08:45:09 ----A---- C:\Windows\system32\RtNicProp32.dll
2013-10-18 08:45:09 ----A---- C:\Windows\system32\drivers\Rt86win7.sys
2013-10-18 08:33:34 ----D---- C:\Users\arachnoid\AppData\Roaming\IObit
2013-10-17 18:51:35 ----D---- C:\Users\arachnoid\AppData\Roaming\1-abc
2013-10-17 18:51:35 ----D---- C:\Program Files\1-abc
2013-10-15 19:04:59 ----D---- C:\Program Files\Mozilla Firefox
2013-10-14 15:48:45 ----D---- C:\Program Files\Mozilla Thunderbird
2013-10-11 18:39:07 ----D---- C:\Program Files\Common Files\COMODO
2013-10-11 14:18:05 ----D---- C:\Program Files\PDF Architect
2013-10-11 14:17:42 ----D---- C:\Users\arachnoid\AppData\Roaming\pdfforge
2013-10-11 14:17:33 ----A---- C:\Windows\system32\MSMPIDE.DLL
2013-10-11 14:13:34 ----D---- C:\Program Files\sweetpacks bundle uninstaller
2013-10-09 19:57:18 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-08 18:55:23 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2013-10-08 18:55:23 ----A---- C:\Windows\system32\drivers\ggflt.sys
2013-10-08 18:52:23 ----D---- C:\Program Files\Sony Mobile
2013-10-04 09:15:04 ----A---- C:\Windows\system32\drivers\hmd.sys
2013-10-03 18:12:05 ----A---- C:\Windows\is-SGRU4.exe
2013-10-03 18:11:54 ----A---- C:\Windows\system32\pdfcmon.dll

======List of files/folders modified in the last 1 month======

2013-10-28 11:31:19 ----RD---- C:\Program Files
2013-10-28 10:54:41 ----D---- C:\Windows\System32
2013-10-28 10:54:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-28 10:54:39 ----D---- C:\Windows\inf
2013-10-28 10:52:04 ----D---- C:\Windows\temp
2013-10-27 19:02:58 ----SHD---- C:\System Volume Information
2013-10-27 17:45:31 ----D---- C:\Windows\system32\config
2013-10-27 17:28:32 ----D---- C:\Windows\system32\catroot2
2013-10-26 12:44:17 ----D---- C:\Windows\SoftwareDistribution
2013-10-26 12:42:43 ----D---- C:\Windows
2013-10-26 12:38:46 ----D---- C:\Windows\debug
2013-10-25 19:13:18 ----D---- C:\Users\arachnoid\AppData\Roaming\Wise Care 365
2013-10-25 19:09:38 ----SHD---- C:\Windows\Installer
2013-10-25 19:09:38 ----D---- C:\ProgramData\tmp
2013-10-25 19:09:37 ----D---- C:\Program Files\iCare Data Recovery
2013-10-25 18:24:14 ----D---- C:\Windows\system32\Tasks
2013-10-25 18:24:13 ----D---- C:\Windows\Tasks
2013-10-25 17:04:44 ----D---- C:\ProgramData\UMS
2013-10-24 15:10:04 ----D---- C:\Users\arachnoid\AppData\Roaming\vlc
2013-10-19 11:58:14 ----D---- C:\ProgramData
2013-10-19 11:56:33 ----D---- C:\Program Files\Common Files
2013-10-19 11:55:48 ----D---- C:\Program Files\Java
2013-10-18 08:51:15 ----D---- C:\Windows\system32\drivers
2013-10-18 08:50:47 ----D---- C:\Windows\system32\catroot
2013-10-18 08:50:45 ----D---- C:\Windows\system32\DriverStore
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atiuxpag.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atiumdva.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atiumdag.dll
2013-10-18 08:50:03 ----A---- C:\Windows\system32\atiu9pag.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atiesrxx.exe
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atieclxx.exe
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atidemgy.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\aticfx32.dll
2013-10-18 08:50:02 ----A---- C:\Windows\system32\atiadlxx.dll
2013-10-18 08:45:09 ----A---- C:\Windows\system32\RTNUninst32.dll
2013-10-18 08:33:35 ----D---- C:\ProgramData\IObit
2013-10-18 08:33:25 ----D---- C:\Program Files\IObit
2013-10-16 14:14:10 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-10-11 15:05:07 ----D---- C:\Users\arachnoid\AppData\Roaming\PDF Architect
2013-10-11 14:18:56 ----D---- C:\Program Files\PDFCreator
2013-10-11 13:23:31 ----D---- C:\ProgramData\PDF Architect
2013-10-10 17:54:16 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 17:44:14 ----D---- C:\Program Files\Comodo
2013-10-03 16:47:28 ----D---- C:\Program Files\Inpaint

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-12-12 70784]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-12-12 34944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2013-05-07 35064]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 20072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-09-24 582936]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 44752]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-19 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-08 242240]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2013-10-04 15400]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 85464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys [2011-02-22 60464]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-10-18 9986048]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-10-18 463872]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-01 34976]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-10-04 2205696]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-01 259232]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-01 24736]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-01 175776]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-01 49312]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-01 141088]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-01 242336]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 27632]
R3 dvdfab;dvdfab; C:\Windows\system32\drivers\dvdfab.sys [2011-08-15 54144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-12-06 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-10-18 679128]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-19 84992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-21 1319856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 35968]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S1 AntiLog32;AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AVerAF15DMBTH;AVerMedia A850 USB; C:\Windows\System32\Drivers\AVerAF15DMBTH.sys [2010-05-06 569728]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-10-08 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-10-08 25200]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_hs.sys [2012-06-08 17672]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2009-12-04 17408]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-11-09 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-11-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\Windows\system32\drivers\srs_sscfilter_i386.sys [2009-12-15 268912]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-05-24 343456]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-11-09 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-11-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [2009-11-17 87968]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-10-18 219136]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-03-01 72864]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 4832192]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2009-12-03 99896]
R2 HPWMISVC;HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-07 1799272]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MoboroboDeviceService;Moborobo Device Service; C:\Program Files\Moborobo\MoboroboDeviceService.exe [2013-04-03 71976]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [2012-11-24 186760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-16 116648]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-16 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-05-21 818232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-14 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 ABBYY.Licensing.PDFTransformer.Classic.3.0;Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba; C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2010-02-01 759048]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

-----------------EOF-----------------

Zdravim

Ktery proces jej vytezuje??

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

V procesech nevidím nic co by vytěžovalo procesor a přesto je využití CPU mezi 70-90%.

log z JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:2)
OS: Windows 7 Professional x86
Ran by arachnoid on po 28.10.2013 at 15:13:14.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\sweetpacks bundle uninstaller"

~~~ FireFox

Emptied folder: C:\Users\arachnoid\AppData\Roaming\mozilla\firefox\profiles\lgx3r6jw.default\minidumps [2 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\arachnoid\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 28.10.2013 at 16:21:27.00
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

log z adwcleaner

# AdwCleaner v3.010 - Report created 28/10/2013 at 16:53:23
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : arachnoid - ARACHNOID-PC
# Running from : C:\Users\arachnoid\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\arachnoid\AppData\Roaming\Mozilla\Firefox\Profiles\lgx3r6jw.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\arachnoid\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1468 octets] - [28/10/2013 16:22:18]
AdwCleaner[S0].txt - [1401 octets] - [28/10/2013 16:53:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1461 octets] ##########

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

mbar

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 8.0.7601.17514

Java version: 1.6.0_37

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.596000 GHz
Memory total: 1722712064, free: 360513536

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 8.0.7601.17514

Java version: 1.6.0_37

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.596000 GHz
Memory total: 1722712064, free: 343154688

=======================================

Downloaded database version: v2013.10.28.07
Downloaded database version: v2013.10.11.02
=======================================
Initializing...
------------ Kernel report ------------
10/28/2013 18:38:44
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\System32\DRIVERS\cmderd.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\cmdguard.sys
\SystemRoot\system32\DRIVERS\CFRMD.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\cmdhlp.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\inspect.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\hmd.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\Afc.sys
\SystemRoot\system32\drivers\dvdfab.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\DRIVERS\amdiox86.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW73.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Program Files\IObit\Protected Folder\pffilter.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msvcrt.dll
\Windows\System32\lpk.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shlwapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\wininet.dll
\Windows\System32\urlmon.dll
\Windows\System32\user32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\imagehlp.dll
\Windows\System32\normaliz.dll
\Windows\System32\usp10.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\psapi.dll
\Windows\System32\shell32.dll
\Windows\System32\nsi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\setupapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\ole32.dll
\Windows\System32\imm32.dll
\Windows\System32\advapi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8789fac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000081\
Lower Device Object: 0xffffffff8786f458
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff861ae030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006f\
Lower Device Object: 0xffffffff85ef4030
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff861ae030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff861aed18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff861ae030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85ffe8b8, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xffffffff85ffef08, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85ef4030, DeviceName: \Device\0000006f\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E6575E4A

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 132104492

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 132327400 Numsec = 492812312

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8789fac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff878714c8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8789fac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8786b560, DeviceName: Unknown, DriverName: \Driver\usbfilter\
DevicePointer: 0xffffffff8786f458, DeviceName: \Device\00000081\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
Partition information:

This drive is a Single Partition removable Drive.
Partition is not bootable

Disk Size: 31666995200 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...
Removal finished

mbam

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.28.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
arachnoid :: ARACHNOID-PC [administrátor]

28.10.2013 20:23:57
MBAM-log-2013-10-28 (22-34-59).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 357338
Uplynulý čas: 2 hodin, 10 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 24
C:\ProgramData\Comodo\Cis\Quarantine\data\{014E2A6F-BBD3-4B59-ADF8-3D452F38E056} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{0C75EA18-9E4A-4109-B70B-E2F9BAB3CF6E} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{0DD31302-DB7D-4D8E-9EDB-9C7FF44F1304} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{1C409A62-4083-4181-B447-8000A1F66457} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{256CB4DD-71A8-4658-9BDA-AEF811211DD6} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{28207363-0CF7-4CCD-9AAD-87575E81EE94} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{29F50F9B-D40F-43BE-B026-5E35F863FE1B} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{300B6420-40D5-48B5-9D3C-2DF236036A73} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{353CF441-0877-4F39-8265-A39AA69B5437} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{4363A500-AF4C-4372-996C-38E8D091C7D2} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{448478F6-CE67-40A4-9F59-DF3389D0093B} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{4958CD8D-9AD8-423D-834F-241D7A9E65FE} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{59DB989F-4FAC-461B-B4ED-F74A5DDF5BA0} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{5D89A433-A6CE-46A2-ACE8-DB8900F704FA} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{6B177A29-6556-41CE-AD49-BA9D277D7728} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{8917B02E-411E-4732-A5C9-866F0DE2ADEA} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{9D3640C4-3F1A-470D-BD59-1E821482D6B9} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{C01E0EDB-6F14-4D3C-8061-2A8D4D875543} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{D14ABAA3-E6F0-444C-BFD1-DADEC07C9ABB} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{D41089BE-F914-4546-8C87-C77CF841AE66} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{D5DFEF72-9656-489D-86AE-DF99F9BE7DFA} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{DC05D536-4C68-44B3-ADAC-3394CEF79C6D} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{E7853A59-E2D6-43D9-8253-A92DD2F2C7D5} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Comodo\Cis\Quarantine\data\{ED2AB7C2-BE9E-4DEA-AEC7-C2B011AAC2B8} (Trojan.Agent.H) -> Nebyla provedena žádná instrukce.

(konec)

CPU je stale vytizeno??

Bohužel ano.

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/29/2013 04:24:19 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/29/2013 04:26:09 PM
Execution time: 0 hours(s), 1 minute(s), and 49 seconds(s)

ComboFix se mi nedaří nainstalovat, vždy je instalace přerušena. Přikládám snímek chybového hlášení
Obrázek

Zkuste CF spustit v nouzovem rezimu...

ComboFix 13-10-29.02 - arachnoid 29.10.2013 18:15:48.3.2 - x86 NETWORK
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1643.1217 [GMT 1:00]
Spuštěný z: c:\users\arachnoid\Desktop\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Enabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\arachnoid\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-28 do 2013-10-29 )))))))))))))))))))))))))))))))
.
.
2013-10-29 17:38 . 2013-10-29 17:38 -------- d-----w- c:\users\arachnoid\AppData\Local\temp
2013-10-29 17:38 . 2013-10-29 17:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-29 17:38 . 2013-10-29 17:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-28 17:38 . 2013-10-28 19:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-28 17:37 . 2013-10-28 17:37 75992 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-10-28 17:34 . 2013-09-20 09:49 18968 ----a-w- c:\windows\system32\sdnclean.exe
2013-10-28 17:34 . 2013-10-29 14:34 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-28 17:34 . 2013-10-28 17:35 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-10-28 15:22 . 2013-10-28 15:53 -------- d-----w- C:\AdwCleaner
2013-10-28 11:00 . 2013-10-28 11:00 -------- d-----w- c:\windows\ERUNT
2013-10-28 10:31 . 2013-10-28 10:34 -------- d-----w- c:\program files\trend micro
2013-10-28 10:31 . 2013-10-28 10:31 -------- d-----w- C:\rsit
2013-10-19 10:58 . 2013-10-19 10:58 -------- d-----w- c:\programdata\Oracle
2013-10-19 10:56 . 2013-10-19 10:56 -------- d-----w- c:\program files\Common Files\Java
2013-10-19 10:55 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-18 07:45 . 2013-10-18 07:45 77528 ----a-w- c:\windows\system32\RtNicProp32.dll
2013-10-18 07:45 . 2013-10-18 07:45 679128 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2013-10-18 07:33 . 2013-10-18 07:33 -------- d-----w- c:\users\arachnoid\AppData\Roaming\IObit
2013-10-17 17:51 . 2013-10-17 17:51 -------- d-----w- c:\users\arachnoid\AppData\Roaming\1-abc
2013-10-17 17:51 . 2013-10-17 17:51 -------- d-----w- c:\program files\1-abc
2013-10-14 14:48 . 2013-10-25 18:09 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-10-11 17:39 . 2013-10-11 17:39 -------- d-----w- c:\program files\Common Files\COMODO
2013-10-11 13:18 . 2013-10-11 13:18 -------- d-----w- c:\program files\PDF Architect
2013-10-11 13:17 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-10-11 13:17 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2013-10-11 13:17 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2013-10-09 18:57 . 2013-10-10 16:54 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-08 17:55 . 2013-10-08 17:55 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-10-08 17:55 . 2013-10-08 17:55 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-10-08 17:52 . 2013-10-09 16:47 -------- d-----w- c:\program files\Sony Mobile
2013-10-04 08:15 . 2013-10-04 08:15 15400 ----a-w- c:\windows\system32\drivers\hmd.sys
2013-10-03 17:12 . 2013-10-03 17:12 706560 ----a-w- c:\windows\is-SGRU4.exe
2013-10-03 17:11 . 2013-04-09 13:13 95416 ----a-w- c:\windows\system32\pdfcmon.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-18 07:50 . 2012-09-28 02:22 5944264 ----a-w- c:\windows\system32\atiumdag.dll
2013-10-18 07:50 . 2012-09-28 01:22 4450264 ----a-w- c:\windows\system32\atiumdva.dll
2013-10-18 07:50 . 2012-07-28 01:13 92304 ----a-w- c:\windows\system32\atiu9pag.dll
2013-10-18 07:50 . 2011-03-04 09:16 118584 ----a-w- c:\windows\system32\atiuxpag.dll
2013-10-18 07:50 . 2012-12-19 19:57 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-10-18 07:50 . 2012-12-19 19:56 492544 ----a-w- c:\windows\system32\atieclxx.exe
2013-10-18 07:50 . 2012-12-19 19:55 219136 ----a-w- c:\windows\system32\atiesrxx.exe
2013-10-18 07:50 . 2012-12-19 19:33 430080 ----a-w- c:\windows\system32\atiadlxx.dll
2013-10-18 07:50 . 2012-09-28 01:43 970912 ----a-w- c:\windows\system32\aticfx32.dll
2013-10-18 07:45 . 2011-07-29 12:42 102104 ----a-w- c:\windows\system32\RTNUninst32.dll
2013-10-10 16:54 . 2012-04-09 09:27 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-10 16:54 . 2011-07-29 14:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-04 08:15 . 2013-10-04 08:15 15400 ----a-w- c:\windows\inf\HMD\hmd.sys
2013-09-24 10:54 . 2013-06-18 14:16 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-06-18 14:16 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 10:54 . 2013-06-18 14:16 44752 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-06-18 14:16 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-06-18 14:15 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 10:53 . 2013-06-18 14:15 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 10:53 . 2013-06-18 14:15 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-09-24 10:53 . 2013-06-18 14:15 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-09-05 09:35 . 2013-09-05 09:35 55504 ----a-w- c:\windows\system32\offreg.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-09-25 20133824]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2012-10-04 3511728]
"Zentimo xStorage Manager"="c:\program files\Zentimo\zentimo.exe" [2012-02-07 2068480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2011-03-01 490656]
"AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2011-03-01 302240]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-12-21 1996072]
"YouCam Mirage"="c:\program files\CyberLink\YouCam\YCMMirage.exe" [2011-02-18 136488]
"YouCam Tray"="c:\program files\CyberLink\YouCam\YouCamTray.exe" [2011-02-18 162912]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2011-12-12 6318696]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"HPOSD"="c:\program files\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-11-13 296096]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-10-20 1576152]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2013-10-11 2327248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-10-11 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk
backup=c:\windows\pss\Universal Media Server.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^arachnoid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk]
path=c:\users\arachnoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
backup=c:\windows\pss\Serviio.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
rem [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
rem [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-06-20 13:07 2736128 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 12:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2012-12-19 14:49 642808 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-10-26 18:48 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [x]
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2013-05-07 35064]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-09-24 582936]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys [2013-10-04 15400]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [2009-11-17 87968]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-10-18 219136]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
R2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2011-03-01 72864]
R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2009-12-03 99896]
R2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-07 1799272]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MoboroboDeviceService;Moborobo Device Service;c:\program files\Moborobo\MoboroboDeviceService.exe [2013-04-03 71976]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2011-02-22 60464]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-15 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-09-20 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-09-13 171416]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files\Wise\Wise Care 365\BootTime.exe [2013-05-28 580232]
R2 ZentimoService;Zentimo Assistant;c:\program files\Zentimo\ZentimoService.exe [2011-12-09 259072]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-01 34976]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 AVerAF15DMBTH;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH.sys [2010-05-06 569728]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-01 259232]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-01 175776]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-01 49312]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-01 141088]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-01 242336]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 27632]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2013-10-08 12400]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2012-06-08 17672]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2009-12-03 17408]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-12-06 254056]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2012-06-08 115208]
R4 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R4 ABBYY.Licensing.PDFTransformer.Classic.3.0;Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba;c:\program files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2010-02-01 759048]
R4 IObitUnlocker;IObitUnlocker;c:\program files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-12-12 70784]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-12-12 34944]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 20072]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 44752]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-08 242240]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-01 24736]
S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [2011-08-15 54144]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2013-10-18 679128]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-29 35968]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 13:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 16:54]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-16 20:55]
.
2013-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-16 20:55]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1520317117-1496835221-2367191781-1000Core.job
- c:\users\arachnoid\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 15:17]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1520317117-1496835221-2367191781-1000UA.job
- c:\users\arachnoid\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 15:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?sourceid=ie7&q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 213.46.172.36
FF - ProfilePath - c:\users\arachnoid\AppData\Roaming\Mozilla\Firefox\Profiles\lgx3r6jw.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-PDFCreator Bundle by Fileparade.com - c:\program files\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-29 18:42:03
ComboFix-quarantined-files.txt 2013-10-29 17:42
.
Před spuštěním: 25015795712
Po spuštění: 24632164352
.
- - End Of File - - E008815B5B0109A1694003724CAAD669
A36C5E4F47E84449FF07ED3517B43A31

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Jak je na tom CPU

Procesor je stále na 100%, prakticky je celý systém nepoužitelný, navíc mi přestala reagovat klávesnice na notebooku. V Nouzovém režimu klávesnice funguje.

Ktery proces jej zatezuje??

NT kernel & System.

VIRY.CZ

CPU vytížené na 100%

CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%

Re: CPU vytížené na 100%