VIRY.CZ

Zdravím, tak som tu opäť s prosbou o pomoc

V správcovi úloh ukazuje že proces msinfo32.exe žere 50% CPU a proces System 25%. Keď som to chvíľu sledoval, po čase sa vyťaženie msinfo32.exe zmenšilo ale prehuplo sa to do iných procesov - services.exe, wmiprvse.exe či svchost.exe a následne zas naspäť do msinfo32.exe a System. Ak aj ukončím proces msinfo32.exe, po čase opäť nabehne (PC je pritom v kľude, nič sa na ňom nerobí).
Neviem či to môže nejak súvisieť s tými grafickými ovládačmi čo som riešil v predchádzajúcej téme, ale vtedy som tieto procesy a vyťaženie CPU nezaregistroval.

Prikladám log z FRST, vopred vďaka!
Mimochodom FRST nejak zblbol a po objavení logu FRST a Addition sa tieto zachvíľu samé zavreli a na ploche sa začali objavovať textové súbory first, first2... až first13. Po zavretí okna FRST Launchera to prestalo.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2017
Ran by Milan (administrator) on MINMI (09-12-2017 19:13:11)
Running from C:\Documents and Settings\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\Internet Security Essentials\vkise.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
(COMODO) C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Blizzard Entertainment) C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.5955\Agent.exe
(Blizzard Entertainment) C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.5955\Agent.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
(Microsoft Corporation) C:\PROGRA~1\COMMON~1\MICROS~1\MSInfo\OINFOP12.EXE
(forum.viry.cz) C:\Documents and Settings\Milan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16875008 2008-06-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2008-06-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2808832 2008-06-19] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [55824 2007-09-21] (Logitech, Inc.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1381568 2017-11-21] (COMODO)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2015-07-08] (ArcSoft Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-12-23] (Advanced Micro Devices, Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2013-12-23] (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2007-11-15] (Logitech, Inc.)
HKU\S-1-5-21-1214440339-299502267-839522115-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd)
Startup: C:\Documents and Settings\Milan\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2017-12-09]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{7ACE698D-4720-4025-B087-D0FD22DADB4F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-1214440339-299502267-839522115-1003 - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2009-01-04] (Logitech Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2010-03-09] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default [2017-12-09]
FF Homepage: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default -> hxxp://www.google.sk/
FF Extension: (Avira Browser Safety) - C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default\Extensions\abs@avira.com.xpi [2017-12-07]
FF SearchPlugin: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default\searchplugins\avira-safesearch.xml [2014-08-12]
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: (PC Sync 2 Synchronisation Extension) - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync [2009-06-05] [Lagacy] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-01-30] [Lagacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-25] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-25] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-25] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Milan\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Milan\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Milan\Application Data\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Milan\Application Data\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Milan\Application Data\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2015-07-02] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-11-25] (Adobe Systems Incorporated) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2013-12-23] (ATI Technologies Inc.) [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-08-14] (Avira Operations GmbH & Co. KG)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [8372088 2017-11-21] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2080448 2017-11-21] (COMODO)
R2 GEST Service; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [80392 2008-07-11] ()
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-01-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-01-16] (Hewlett-Packard) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2015-07-02] (Arcsoft, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2013-12-23] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [115600 2016-08-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [140272 2016-08-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [20648 2017-11-16] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [659136 2017-11-16] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [32888 2017-11-16] (COMODO)
R3 gdrv; C:\WINDOWS\gdrv.sys [16608 2017-12-09] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 GPU-Z; C:\Documents and Settings\Milan\Local Settings\Temp\GPU-Z.sys [23936 2017-12-03] ()
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2009-04-23] (LogMeIn, Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-01] (HP)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [114248 2017-11-16] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [34176 2017-08-08] (COMODO)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145920 2015-07-02] (ITE )
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28432 2007-09-21] (Logitech, Inc.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
R2 rspndr; C:\WINDOWS\System32\DRIVERS\rspndr.sys [62336 2007-09-20] (Microsoft Corporation) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-05-11] () [File not signed]
S3 usb2vcom; C:\WINDOWS\System32\DRIVERS\usb2vcom.sys [30272 2006-04-03] () [File not signed]
U3 abat78nu; C:\WINDOWS\system32\Drivers\abat78nu.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 AtiHdmiService; system32\drivers\AtiHdmi.sys [X]
S3 GarenaPEngine; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\EOU3C76.tmp [X]
S3 GGSAFERDriver; \??\C:\Hry\Garena\safedrv.sys [X]
S1 mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225664 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-09 19:13 - 2017-12-09 19:13 - 000017315 _____ C:\Documents and Settings\Milan\Desktop\FRST.txt
2017-12-09 19:12 - 2017-12-09 19:12 - 000015327 _____ C:\Documents and Settings\Milan\Desktop\LM.bat
2017-12-09 19:07 - 2017-12-09 19:13 - 000000000 ____D C:\FRST
2017-12-09 19:07 - 2017-12-09 19:12 - 000029696 _____ C:\Documents and Settings\Milan\Local Settings\Application Data\MSGBOX.EXE
2017-12-09 19:05 - 2017-12-09 19:05 - 001751040 _____ (Farbar) C:\Documents and Settings\Milan\Desktop\FRST.exe
2017-12-09 19:05 - 2017-12-09 19:05 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\Milan\Desktop\FRSTLauncher.exe
2017-12-08 14:17 - 2017-12-08 14:40 - 000000000 ____D C:\Program Files\Battle.net
2017-12-08 02:00 - 2017-12-09 19:02 - 001312300 _____ C:\Documents.nfo
2017-12-08 01:54 - 2017-12-09 19:13 - 000000342 _____ C:\WINDOWS\Tasks\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921}.job
2017-12-07 22:57 - 2017-12-08 13:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-03 14:39 - 2017-12-03 14:44 - 000000000 ____D C:\Documents and Settings\Milan\Heaven
2017-12-03 14:38 - 2017-12-03 14:54 - 001065984 _____ C:\Documents and Settings\Milan\Local Settings\Application Data\file__0.localstorage
2017-12-03 14:36 - 2017-12-03 14:36 - 000001758 _____ C:\Documents and Settings\All Users\Desktop\Heaven Benchmark 4.0.lnk
2017-12-03 14:36 - 2017-12-03 14:36 - 000000000 ____D C:\Program Files\Unigine
2017-12-03 14:36 - 2017-12-03 14:36 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Unigine
2017-11-26 17:20 - 2017-11-26 17:20 - 000000000 ____D C:\Documents and Settings\Milan\Application Data\Blizzard
2017-11-26 15:57 - 2017-11-26 15:57 - 000000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\ATI
2017-11-26 15:57 - 2017-11-26 15:57 - 000000000 ____D C:\Documents and Settings\Milan\Application Data\ATI
2017-11-26 15:57 - 2017-11-26 15:57 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\ATI
2017-11-26 15:54 - 2017-11-26 15:54 - 000005610 _____ C:\Documents and Settings\Milan\Desktop\Report2.xml
2017-11-26 15:54 - 2017-11-26 15:54 - 000005610 _____ C:\Documents and Settings\Milan\Desktop\Report2.html
2017-11-26 15:53 - 2017-11-26 15:53 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
2017-11-26 15:52 - 2017-11-26 15:52 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-11-26 15:52 - 2013-12-23 09:37 - 000071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc32.dll
2017-11-26 15:52 - 2013-12-23 09:37 - 000071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom32.dll
2017-11-26 15:52 - 2013-12-23 09:33 - 006852096 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2017-11-26 15:52 - 2013-12-23 09:27 - 000442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIDEMGX.dll
2017-11-26 15:52 - 2013-12-23 09:26 - 000306176 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2017-11-26 15:52 - 2013-12-23 09:04 - 000212992 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\atipdlxx.dll
2017-11-26 15:52 - 2013-12-23 09:04 - 000163840 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\Oemdspif.dll
2017-11-26 15:52 - 2013-12-23 09:04 - 000043520 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ati2edxx.dll
2017-11-26 15:52 - 2013-12-23 09:02 - 000643072 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
2017-11-26 15:52 - 2013-12-23 09:01 - 000053248 _____ ( ATI Technologies Inc.) C:\WINDOWS\system32\ATIDDC.DLL
2017-11-26 15:52 - 2013-12-23 08:48 - 004847552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ati3duag.dll
2017-11-26 15:52 - 2013-12-23 08:38 - 000307200 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atiiiexx.dll
2017-11-26 15:52 - 2013-12-23 08:35 - 018964480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atioglxx.dll
2017-11-26 15:52 - 2013-12-23 08:27 - 002380800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2017-11-26 15:52 - 2013-12-23 08:22 - 001610912 _____ C:\WINDOWS\system32\ativvaxx.cap
2017-11-26 15:52 - 2013-12-23 08:15 - 000296208 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-11-26 15:52 - 2013-12-23 08:15 - 000163840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-11-26 15:52 - 2013-12-23 08:11 - 000929792 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atikvmag.dll
2017-11-26 15:52 - 2013-12-23 08:06 - 000017408 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atitvo32.dll
2017-11-26 15:52 - 2013-12-23 08:05 - 000053248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2017-11-26 15:52 - 2013-12-23 08:01 - 000663552 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2017-11-26 15:52 - 2013-12-23 08:01 - 000495616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiok3x2.dll
2017-11-26 15:52 - 2013-07-04 10:41 - 000710269 _____ C:\WINDOWS\system32\atiicdxx.dat
2017-11-26 15:52 - 2012-07-16 03:25 - 000038445 _____ C:\WINDOWS\atiogl.xml
2017-11-26 15:52 - 2010-08-27 19:32 - 000294912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2017-11-26 15:52 - 2009-06-22 16:34 - 000045056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2017-11-26 15:52 - 2009-05-11 22:35 - 000118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2017-11-26 15:52 - 2001-11-09 17:01 - 000024064 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ativcoxx.dll
2017-11-26 15:51 - 2017-11-26 15:51 - 000000000 ____D C:\Program Files\ATI
2017-11-26 15:50 - 2017-11-26 15:53 - 000000000 ____D C:\Program Files\ATI Technologies
2017-11-25 21:10 - 2017-11-25 21:03 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-04.dmp
2017-11-25 19:56 - 2017-11-25 19:54 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-03.dmp
2017-11-25 17:23 - 2017-11-25 17:15 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-02.dmp
2017-11-25 16:08 - 2017-11-25 16:05 - 000065536 ____H C:\WINDOWS\Minidump\Mini112517-01.dmp
2017-11-25 15:17 - 2017-11-25 15:17 - 000005300 _____ C:\Documents and Settings\Milan\Desktop\Report.html
2017-11-25 15:15 - 2017-11-25 15:15 - 000005300 _____ C:\Documents and Settings\Milan\Desktop\Report.xml
2017-11-25 15:13 - 2017-11-25 15:13 - 005996544 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2017-11-25 15:13 - 2017-11-25 15:13 - 000000000 ____D C:\Documents and Settings\NetworkService\Application Data\Macromedia
2017-11-25 14:52 - 2017-12-09 18:58 - 000000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-11-16 22:50 - 2017-11-16 22:50 - 000000010 _____ C:\WINDOWS\WININIT.INI
2017-11-12 16:30 - 2017-11-26 14:41 - 000000000 ____D C:\AMD
2017-11-12 15:40 - 2017-11-12 15:43 - 000000000 ____D C:\driver_uninstaller
2017-11-10 23:03 - 2017-11-10 23:03 - 000001657 _____ C:\Documents and Settings\Milan\Desktop\CrystalDiskInfo.lnk
2017-11-10 23:03 - 2017-11-10 23:03 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2017-11-10 23:03 - 2017-11-10 23:03 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CrystalDiskInfo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-09 19:13 - 2017-05-12 18:55 - 000000000 ____D C:\Documents and Settings\Milan\Local Settings\Temp
2017-12-09 19:13 - 2015-10-23 18:32 - 000000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-12-09 19:02 - 2017-04-14 12:48 - 000000440 _____ C:\WINDOWS\Tasks\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627}.job
2017-12-09 19:02 - 2014-04-04 12:08 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2017-12-09 19:02 - 2001-08-23 13:00 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-12-09 16:47 - 2013-06-30 21:42 - 000000998 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job
2017-12-09 15:43 - 2013-02-02 13:02 - 000000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2017-12-09 15:29 - 2009-11-14 11:35 - 000000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\Blizzard Entertainment
2017-12-09 15:19 - 2009-01-02 16:21 - 000393216 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2017-12-09 15:11 - 2012-04-20 17:33 - 000000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-12-09 15:11 - 2009-01-04 15:43 - 000016608 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys
2017-12-09 15:11 - 2009-01-02 16:06 - 000000000 _____ C:\WINDOWS\MEMORY.DMP
2017-12-09 15:11 - 2009-01-02 15:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-09 14:02 - 2009-01-02 15:33 - 000032524 _____ C:\WINDOWS\SchedLgU.Txt
2017-12-09 00:59 - 2009-01-02 15:35 - 000000178 ___SH C:\Documents and Settings\Milan\ntuser.ini
2017-12-09 00:59 - 2009-01-02 15:34 - 000000000 ____D C:\Documents and Settings\Milan
2017-12-08 21:33 - 2014-04-11 22:15 - 000004096 _____ C:\WINDOWS\system32\crash
2017-12-08 14:33 - 2012-05-04 17:34 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-08 01:51 - 2013-06-20 17:18 - 000004414 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-12-03 15:30 - 2011-08-16 22:22 - 000000000 ____D C:\Program Files\Steam
2017-12-03 13:55 - 2009-05-23 19:00 - 000000000 ____D C:\Program Files\SpeedFan
2017-12-02 15:53 - 2011-05-18 12:55 - 000000000 ____D C:\Documents and Settings\Milan\My Documents\OpenTTD
2017-12-02 15:09 - 2013-01-28 16:04 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2017-12-02 15:08 - 2009-01-02 15:28 - 000000000 ____D C:\WINDOWS\Registration
2017-11-26 17:16 - 2009-01-04 17:01 - 000000000 ___HD C:\Program Files\Common Files\Blizzard Entertainment
2017-11-26 15:52 - 2009-01-02 16:06 - 000000000 RSHDC C:\WINDOWS\system32\dllcache
2017-11-26 15:52 - 2009-01-02 16:06 - 000000000 ____D C:\WINDOWS\inf
2017-11-26 15:48 - 2012-03-17 23:20 - 000008896 _____ C:\WINDOWS\system32\d3d9caps.dat
2017-11-26 15:41 - 2017-09-15 16:05 - 001480974 _____ C:\WINDOWS\ntbtlog.txt
2017-11-26 13:36 - 2016-05-01 15:33 - 000000826 _____ C:\Documents and Settings\Milan\Desktop\veci_co_riesis.txt
2017-11-25 21:10 - 2009-03-08 00:12 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-25 20:48 - 2011-08-16 22:22 - 000000000 ___HD C:\Program Files\Common Files\Steam
2017-11-25 15:13 - 2012-04-08 23:26 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-11-25 15:13 - 2011-05-16 13:05 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-11-25 15:13 - 2009-01-02 16:06 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-21 21:25 - 2013-01-24 22:43 - 000702376 _____ (COMODO) C:\WINDOWS\system32\guard32.dll
2017-11-21 21:25 - 2013-01-24 22:43 - 000044008 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-11-21 21:21 - 2013-01-24 22:42 - 000371392 _____ (COMODO) C:\WINDOWS\system32\cmdvrt32.dll
2017-11-19 16:17 - 2012-03-17 19:15 - 000000000 __SHD C:\WINDOWS\CSC
2017-11-16 14:39 - 2013-01-16 19:51 - 000659136 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdGuard.sys
2017-11-16 14:39 - 2013-01-16 19:51 - 000114248 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2017-11-16 14:39 - 2013-01-16 19:51 - 000032888 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2017-11-16 14:39 - 2013-01-16 19:51 - 000020648 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2017-11-12 15:04 - 2015-11-15 20:34 - 000000000 ____D C:\firefox_zalohy

==================== Files in the root of some directories =======

2017-10-07 21:03 - 2017-10-07 21:03 - 000003584 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-03 14:38 - 2017-12-03 14:54 - 001065984 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\file__0.localstorage
2017-12-09 19:07 - 2017-12-09 19:12 - 000029696 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\MSGBOX.EXE
2011-08-09 13:12 - 2011-08-09 16:41 - 000062662 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\SRDownloader.err
2011-08-09 13:11 - 2013-01-08 23:49 - 000001048 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\SRDownloader.nast
2014-10-17 13:21 - 2014-10-17 13:21 - 000000057 _____ () C:\Documents and Settings\All Users\Application Data\Ament.ini
2009-01-06 19:36 - 2014-06-07 13:03 - 000002125 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log

Some files in TEMP:
====================
2017-05-12 18:55 - 2017-05-12 18:55 - 000000000 ____D () C:\Documents and Settings\Milan\Local Settings\Temp\avgnt.exe
2017-12-03 13:55 - 2017-12-03 13:55 - 000192512 _____ () C:\Documents and Settings\Milan\Local Settings\Temp\sfamcc00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Error - not a valid Win32 application.

To je divné. Zkuste to v nouz režimu a pokud to nepůjde ani pak, udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Zdravím,

AdwCleaner nefunguje ani v núdzovom režime, mám pocit že niekde som videl písať kolegu, že na WinXP to nefičí. Prikladám teda MBAM. Inak za celú dobu čo bežal scan, som nezaregistroval ten proces msinfo 32, ani iné vyťaženie CPU okrem samotného MBAM.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.12.17
Čas skenování: 12:11
Logovací soubor: d851cd93-dd9a-11e7-ac78-001fd08d7ebd.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3457
Licence: Vypršelo

-Systémová informace-
OS: Windows XP Service Pack 3
CPU: x86
Systém souborů: NTFS
Uživatel: MINMI\Milan

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 252383
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 5 hod, 21 min, 53 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
S3 GarenaPEngine; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\EOU3C76.tmp [X]
S3 GGSAFERDriver; \??\C:\Hry\Garena\safedrv.sys [X]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\Milan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Milan\Local Settings\Temp
C:\WINDOWS\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Zdravím,

ak nevadí, vykonám a pošlem log ďalší týždeň, keď budem pri PC.

OK. Snad na mne do té doby něco nespadne.

Zdravím,

tak som pri PC, dúfam že na Vás nič nespadlo

Zapol som PC, po nejakej dobe zblbla odbrazovka a vyskočila hláška o obnovení ovládača grafiky (prikladám). Po nejakej dobe obrazovka sčernela a monitor prešiel do power save mode, pričom po chvíľke sa PC sám reštartoval. Keď nabehol, opäť msinfo32.exe využívajúce 50% CPU. Vykonal som fix, PC sa reštartoval a nabiehal akosi dlho, pričom niekoľkokrát za sebou čudne pípal a až po chvíli prišlo jedno pípnutie a blikli kontrolky na klávesnici a začal na obrazovke nabiehať BIOS a Windows. Msinfo32.exe stále pretrváva na 50% CPU, pričom sa k nemu pripája aj iný proces, napr. System (45% CPU).

Fix result of Farbar Recovery Scan Tool (x86) Version: 17-12-2017
Ran by Milan (19-12-2017 21:49:33) Run:1
Running from C:\Documents and Settings\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
S3 GarenaPEngine; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\EOU3C76.tmp [X]
S3 GGSAFERDriver; \??\C:\Hry\Garena\safedrv.sys [X]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Documents and Settings\Milan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Documents and Settings\Milan\Local Settings\Temp
C:\WINDOWS\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-1214440339-299502267-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKLM\Software\Classes\PROTOCOLS\Handler\skype-ie-addon-data" => removed successfully.
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => not found
"HKLM\System\CurrentControlSet\Services\GarenaPEngine" => removed successfully.
GarenaPEngine => service removed successfully.
"HKLM\System\CurrentControlSet\Services\GGSAFERDriver" => removed successfully.
GGSAFERDriver => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Documents and Settings\Milan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Documents and Settings\Milan\Local Settings\Temp => moved successfully
"C:\WINDOWS\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 26220 B
Java, Flash, Steam htmlcache => 51787496 B
Windows/system/dllcache/drivers => 1211554 B
Edge => 0 B
Chrome => 0 B
Firefox => 372385181 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Documents and Settings => 0 B
Default User => 0 B
All Users => 0 B
systemprofile => 66228 B
LocalService => 66228 B
NetworkService => 1056139 B
Milan => 8394108 B
Administrator => 0 B

RecycleBin => 452540168 B
EmptyTemp: => 846.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:50:38 ====

Bylo smazáno. Co se týká toho Msinfo32.exe, je možné že má nějakou chybu. Zkuste obnovu systému k datu, kdy korketně fungoval. Ovladač zv. karty je buď chybn, nebo nevhodný anebo má problém samotná karta.

Zdravím,

práve som si všimol, že priamo v adresári C je zrazu nejaký súbor Documents, ktorého veľkosť sa mení - prikladám screen, vtedy bežal proces msinfo32.exe na 50% CPU a veľkosť súboru Documents bola 1,9 MB, teraz sledujem že proces msinfo32.exe je v task managerovi, ale konzumuje 0% CPU, pričom veľkosť súboru Documents je teraz 28,9 MB.

Ohľadom toho System Restore - je to bezpečné, netreba robiť nejakú zálohu dát? Nemôže mi to zmazať aj nejaké moje nesystémové súbory / programy?

OK. System restore je bezpečný, pokud není poškozen systém. Vrátí registry do stavu, který byl k datu provedení obnovy. To znamená, že budete muset přeinastalovat aplikace, které byly instalovány od onoho data do současnosti.

Zdravím,

ešte mám otázku. V system restore mám viacero bodov obnovy na výber, najstarší 1.10.2017 (v októbri celkovo 12, v novembri 4, v decembri 8) - ktorý vybrať? Najstarší?
Aplikácie som myslím odvtedy žiadne neinštaloval, teda pokiaľ sa nerátajú updaty napr. antivírusu. + ovplyvní to aj tie drivery ktoré sme riešili v predošlej téme? Ak by to neurobilo dobrotu, je možné to dať naspäť?
Vďaka

Drivery by to ovlivnit nemělo. Vybrat musíte takový bod, který má dřívější datum, než nastal problém s msinfo32.exe.

Zdravím po sviatkoch,

tak na PC sa asi pred 2 dňami pozeral film, ale zrazu to seklo a PC vôbec nereagoval, stále tá istá snímka na obrazovke, nič sa nedalo robiť. Po resete PC už nenabehol do normálneho režimu, po loadovacej obrazovke Windows nabehla čierna obrazovka a power save mode a PC sa sám reštartoval a opäť dokola to isté (raz sa mu aj podarilo nabehnúť až na plochu, ale hneď to zas vypadlo a samo sa reštartovalo). Do safe mode to ale nabehlo, takže som zazálohoval na externé disky a teraz spravil obnovu systému k 22.10., avšak následne po prevedení a reštarte už obrazovka nenabehne vôbec

Stále čierna obrazovka a kontrolka na monitore bliká (teda teraz nenabehne na obrazovke ani loadovacia obrazovka Windows, ani len BIOS), ale PC normálne hučí, aj klávesnica svieti. Po resete je situácia stále tá istá, žiadny signál na monitore. Nejaký nápad?

Napadlo ma ešte skúsiť tam dat tú starú grafickú kartu, či nabehne obraz (aj keď s tými farebnými útvarmi) alebo nie.

VIRY.CZ

msinfo32.exe žere 50% CPU

msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU

Re: msinfo32.exe žere 50% CPU