Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

CPU vždy na 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#16 Příspěvek od Rudy »

Avenger nedal žádný log?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#17 Příspěvek od ferdis »

Žiadny iba reštart a ani po ňom nič.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#18 Příspěvek od Rudy »

Zkuste to ještě jednou, ale v nouz. režimu. Pokud bude průběh stejný, dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#19 Příspěvek od ferdis »

ComboFix 12-11-23.02 - Fedo . 11. 2012 13:05:39.1.4 - x64 MINIMAL
Running from: c:\users\Fedo\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Fedo\AppData\Local\TempDIR
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\AppName.txt
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\DownloadURL.txt
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\GFInstaller.exe
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\Channel.txt
c:\windows\SysWow64\update
c:\windows\SysWow64\update\diablo121016.cl
c:\windows\SysWow64\update\diakgcn121016.cl
c:\windows\SysWow64\update\igfxupdate.exe
c:\windows\SysWow64\update\libcurl-4.dll
c:\windows\SysWow64\update\libeay32.dll
c:\windows\SysWow64\update\libidn-11.dll
c:\windows\SysWow64\update\libusb-1.0.dll
c:\windows\SysWow64\update\phatk121016.cl
c:\windows\SysWow64\update\poclbm121016.cl
c:\windows\SysWow64\update\poclbm121016GeForce GT 530gv1w256l4.bin
c:\windows\SysWow64\update\pthreadGC2.dll
c:\windows\SysWow64\update\scrypt121016.cl
c:\windows\SysWow64\update\ssleay32.dll
c:\windows\SysWow64\update\zlib1.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 12:08 . 2012-11-24 12:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-24 10:51 . 2012-11-24 10:51 61440 ----a-w- c:\windows\SysWow64\drivers\kbzq.sys
2012-11-24 10:34 . 2012-11-24 10:34 61440 ----a-w- c:\windows\SysWow64\drivers\wuad.sys
2012-11-24 10:30 . 2012-11-24 10:30 61440 ----a-w- c:\windows\SysWow64\drivers\uicf.sys
2012-11-24 10:28 . 2012-11-22 07:50 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-11-24 06:59 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\SCE
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- C:\Crash
2012-11-24 06:58 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\Sony Online Entertainment
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- c:\users\Public\Sony Online Entertainment
2012-11-23 14:35 . 2012-11-23 20:55 -------- d-----w- c:\program files\trend micro
2012-11-23 13:40 . 2012-11-23 13:40 -------- d-----w- c:\users\Fedo\AppData\Roaming\Malwarebytes
2012-11-23 13:39 . 2012-11-23 13:39 -------- d-----w- c:\programdata\Malwarebytes
2012-11-23 13:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{550323EF-08FE-4ECF-82C8-27D2B3DE53AF}\mpengine.dll
2012-11-22 20:47 . 2012-11-22 20:47 -------- d-----w- c:\program files\ESET
2012-11-22 18:44 . 2012-11-22 20:48 -------- d-----w- c:\users\Fedo\AppData\Local\ESET
2012-11-22 16:53 . 2012-11-24 12:00 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-22 16:47 . 2012-11-23 18:10 -------- d-----w- c:\program files\Core Temp
2012-11-22 14:32 . 2012-11-22 14:32 -------- d-----w- c:\users\UpdatusUser
2012-11-22 14:32 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-22 14:32 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-22 14:32 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-22 14:32 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-22 14:32 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-22 14:32 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-22 14:32 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-22 14:32 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-22 14:32 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-22 14:31 . 2012-11-22 14:31 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-22 14:31 . 2012-11-22 14:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- C:\NVIDIA
2012-11-21 19:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-21 19:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-21 19:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-21 19:50 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-21 19:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-sh--w- c:\programdata\DSS
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-----w- c:\programdata\Codemasters
2012-11-21 13:41 . 2012-11-21 13:41 -------- d-----w- c:\program files (x86)\BRS
2012-11-21 13:41 . 2011-03-19 14:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-11-21 13:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-11-21 13:41 . 2012-11-21 20:07 -------- d-----w- c:\program files (x86)\OpenAL
2012-11-21 13:41 . 2012-11-21 13:41 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-11-21 13:41 . 2012-11-21 13:41 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\program files (x86)\VID_0e8f&PID_0003
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\users\Fedo\AppData\Roaming\InstallShield
2012-11-19 20:49 . 2012-11-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 18:50 . 2012-11-22 07:50 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-19 18:50 . 2012-11-22 07:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-19 18:50 . 2012-11-19 18:51 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-18 21:05 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-11-18 21:05 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2012-11-15 19:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 19:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 19:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 19:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 18:20 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 18:20 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-11 12:27 . 2012-11-11 13:12 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-11 05:02 . 2012-11-11 05:02 -------- d-----w- c:\users\Fedo\AppData\Local\GFInstaller
2012-11-10 16:37 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-10 16:37 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-10 16:37 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-10 16:37 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-10 16:37 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-10 16:37 . 2012-11-10 16:37 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-10 16:37 . 2012-11-10 16:37 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-09 19:01 . 2012-11-09 19:03 -------- d-----w- c:\users\Fedo\AppData\Local\Skyrim
2012-11-09 18:58 . 2012-11-09 18:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-09 18:54 . 2012-11-09 18:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-09 17:13 . 2012-11-09 17:13 -------- d-----w- c:\users\Fedo\.thumbnails
2012-11-09 17:10 . 2012-11-09 17:11 -------- d-----w- c:\program files\GIMP 2
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\fontconfig
2012-11-09 17:03 . 2012-11-11 13:47 -------- d-----w- c:\users\Fedo\.gimp-2.8
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\gegl-0.2
2012-11-06 13:54 . 2012-11-06 13:54 -------- d-----w- c:\users\Fedo\AppData\Local\4A Games
2012-11-03 12:30 . 2012-11-03 12:30 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 15:15 . 2012-11-03 14:21 -------- d-----w- C:\Hry
2012-10-29 05:23 . 2012-10-29 05:23 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 05:23 . 2012-10-29 05:23 -------- d-----w- c:\windows\system32\Macromed
2012-10-28 12:53 . 2008-05-30 13:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll
2012-10-27 15:16 . 2012-10-27 15:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-26 15:13 . 2012-10-26 15:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-26 15:13 . 2012-10-26 15:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-26 15:13 . 2012-10-26 15:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-26 15:13 . 2012-10-26 15:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-26 15:13 . 2012-10-26 15:13 -------- d-----w- c:\program files\Java
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-26 15:11 . 2012-10-26 15:11 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Java
2012-10-26 14:55 . 2012-11-17 16:28 -------- d-----w- c:\users\Fedo\AppData\Roaming\.minecraft
2012-10-25 15:32 . 2012-10-25 15:32 -------- d-----w- c:\users\Fedo\AppData\Local\Downloaded Installations
2012-10-25 15:30 . 2012-10-25 15:30 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 14:42 . 2012-09-07 10:36 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-22 14:08 . 2012-09-06 13:27 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-15 19:02 . 2012-09-04 21:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-09 18:54 . 2012-09-09 08:17 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-03 12:34 . 2012-09-09 08:46 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-10-29 05:23 . 2011-07-11 04:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 15:13 . 2012-09-04 15:49 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 15:13 . 2012-09-04 15:49 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-26 15:11 . 2012-09-04 14:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 04:29 . 2012-10-20 04:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-08 07:21 . 2012-10-08 07:21 64072 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-02 22:21 . 2012-09-13 17:39 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-09-13 17:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-09-13 17:39 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-04 14:46 . 2012-09-04 14:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 14:10 . 2012-09-04 14:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-04 14:10 . 2012-09-04 14:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-04 14:10 . 2012-09-04 14:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-04 14:10 . 2012-09-04 14:10 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-04 14:10 . 2012-09-04 14:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-04 14:10 . 2012-09-04 14:10 448512 ----a-w- c:\windows\system32\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-04 14:10 . 2012-09-04 14:10 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-04 14:10 . 2012-09-04 14:10 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-04 14:10 . 2012-09-04 14:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-04 14:10 . 2012-09-04 14:10 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-04 14:10 . 2012-09-04 14:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-04 14:10 . 2012-09-04 14:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-04 14:10 . 2012-09-04 14:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-04 14:10 . 2012-09-04 14:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-04 14:10 . 2012-09-04 14:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-04 14:10 . 2012-09-04 14:10 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-04 14:10 . 2012-09-04 14:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-04 14:10 . 2012-09-04 14:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-04 14:10 . 2012-09-04 14:10 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-04 14:10 . 2012-09-04 14:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-31 18:19 . 2012-10-10 12:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 bqicyfyc;bqicyfyc;c:\windows\system32\drivers\wuad.sys [x]
R0 dzqzl;dzqzl;c:\windows\system32\drivers\uicf.sys [x]
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 64072]
R0 hizwhp;hizwhp;c:\windows\system32\drivers\kbzq.sys [x]
R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-14 1329304]
R2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 ALSysIO;ALSysIO;c:\users\Fedo\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-09 283200]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-24 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-29 05:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 6325424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-PlanetSide 2 PSG - c:\users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-24 13:10:03
ComboFix-quarantined-files.txt 2012-11-24 12:10
.
Pre-Run: 352 776 814 592 bytes free
Post-Run: 352 301 289 472 bytes free
.
- - End Of File - - 21F9181EE14349EBC78E0E0DCB97C837
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#20 Příspěvek od Rudy »

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\SysWow64\drivers\kbzq.sys
c:\windows\SysWow64\drivers\wuad.sys
c:\windows\SysWow64\drivers\uicf.sys
C:\Windows\SysWOW64\igfxupdate.exe
C:\Windows\SysWOW64\update\igfxupdate.exe

Driver::
bqicyfyc
dzqzl
kbzq

RegLock::
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#21 Příspěvek od ferdis »

1.Dúfam že nevadi lebo som zabudol ísť do núdzoveho režimu a po dokonceni mi neslo nic spusiť takže som musel ešte raz reštartovat PC
2. Problem nezmizol
3. Dávam Váv radšej log z CombFix po dokončení

ComboFix 12-11-24.02 - Fedo . 11. 2012 19:54:21.2.4 - x64
Running from: c:\users\Fedo\Desktop\ComboFix.exe
Command switches used :: c:\users\Fedo\Desktop\CFScript.txt
* Resident AV is active
.
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\drivers\kbzq.sys
c:\windows\SysWow64\drivers\uicf.sys
c:\windows\SysWow64\drivers\wuad.sys
c:\windows\SysWOW64\igfxupdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_bqicyfyc
-------\Service_dzqzl
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 06:59 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\SCE
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- C:\Crash
2012-11-24 06:58 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\Sony Online Entertainment
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- c:\users\Public\Sony Online Entertainment
2012-11-23 14:35 . 2012-11-23 20:55 -------- d-----w- c:\program files\trend micro
2012-11-23 13:40 . 2012-11-23 13:40 -------- d-----w- c:\users\Fedo\AppData\Roaming\Malwarebytes
2012-11-23 13:39 . 2012-11-23 13:39 -------- d-----w- c:\programdata\Malwarebytes
2012-11-23 13:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{550323EF-08FE-4ECF-82C8-27D2B3DE53AF}\mpengine.dll
2012-11-22 20:47 . 2012-11-22 20:47 -------- d-----w- c:\program files\ESET
2012-11-22 18:44 . 2012-11-22 20:48 -------- d-----w- c:\users\Fedo\AppData\Local\ESET
2012-11-22 16:53 . 2012-11-24 18:46 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-22 16:47 . 2012-11-23 18:10 -------- d-----w- c:\program files\Core Temp
2012-11-22 14:32 . 2012-11-22 14:32 -------- d-----w- c:\users\UpdatusUser
2012-11-22 14:32 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-22 14:32 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-22 14:32 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-22 14:32 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-22 14:32 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-22 14:32 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-22 14:32 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-22 14:32 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-22 14:32 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-22 14:31 . 2012-11-22 14:31 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-22 14:31 . 2012-11-22 14:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- C:\NVIDIA
2012-11-21 19:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-21 19:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-21 19:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-21 19:50 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-21 19:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-sh--w- c:\programdata\DSS
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-----w- c:\programdata\Codemasters
2012-11-21 13:41 . 2012-11-21 13:41 -------- d-----w- c:\program files (x86)\BRS
2012-11-21 13:41 . 2011-03-19 14:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-11-21 13:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-11-21 13:41 . 2012-11-21 20:07 -------- d-----w- c:\program files (x86)\OpenAL
2012-11-21 13:41 . 2012-11-21 13:41 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-11-21 13:41 . 2012-11-21 13:41 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\program files (x86)\VID_0e8f&PID_0003
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\users\Fedo\AppData\Roaming\InstallShield
2012-11-19 20:49 . 2012-11-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 18:50 . 2012-11-22 07:50 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-19 18:50 . 2012-11-22 07:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-19 18:50 . 2012-11-19 18:51 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-18 21:05 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-11-18 21:05 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2012-11-15 19:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 19:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 19:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 19:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 18:20 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 18:20 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-11 12:27 . 2012-11-11 13:12 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-11 05:02 . 2012-11-11 05:02 -------- d-----w- c:\users\Fedo\AppData\Local\GFInstaller
2012-11-10 16:37 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-10 16:37 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-10 16:37 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-10 16:37 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-10 16:37 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-10 16:37 . 2012-11-10 16:37 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-10 16:37 . 2012-11-10 16:37 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-09 19:01 . 2012-11-09 19:03 -------- d-----w- c:\users\Fedo\AppData\Local\Skyrim
2012-11-09 18:58 . 2012-11-09 18:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-09 18:54 . 2012-11-09 18:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-09 17:13 . 2012-11-09 17:13 -------- d-----w- c:\users\Fedo\.thumbnails
2012-11-09 17:10 . 2012-11-09 17:11 -------- d-----w- c:\program files\GIMP 2
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\fontconfig
2012-11-09 17:03 . 2012-11-24 15:27 -------- d-----w- c:\users\Fedo\.gimp-2.8
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\gegl-0.2
2012-11-06 13:54 . 2012-11-06 13:54 -------- d-----w- c:\users\Fedo\AppData\Local\4A Games
2012-11-03 12:30 . 2012-11-03 12:30 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 15:15 . 2012-11-03 14:21 -------- d-----w- C:\Hry
2012-10-29 05:23 . 2012-10-29 05:23 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 05:23 . 2012-10-29 05:23 -------- d-----w- c:\windows\system32\Macromed
2012-10-28 12:53 . 2008-05-30 13:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll
2012-10-27 15:16 . 2012-10-27 15:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-26 15:13 . 2012-10-26 15:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-26 15:13 . 2012-10-26 15:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-26 15:13 . 2012-10-26 15:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-26 15:13 . 2012-10-26 15:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-26 15:13 . 2012-10-26 15:13 -------- d-----w- c:\program files\Java
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-26 15:11 . 2012-10-26 15:11 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Java
2012-10-26 14:55 . 2012-11-17 16:28 -------- d-----w- c:\users\Fedo\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 14:42 . 2012-09-07 10:36 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-22 14:08 . 2012-09-06 13:27 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-15 19:02 . 2012-09-04 21:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-09 18:54 . 2012-09-09 08:17 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-03 12:34 . 2012-09-09 08:46 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-10-29 05:23 . 2011-07-11 04:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 15:13 . 2012-09-04 15:49 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 15:13 . 2012-09-04 15:49 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-26 15:11 . 2012-09-04 14:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 04:29 . 2012-10-20 04:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-08 07:21 . 2012-10-08 07:21 64072 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-02 22:21 . 2012-09-13 17:39 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-09-13 17:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-09-13 17:39 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-04 14:46 . 2012-09-04 14:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 14:10 . 2012-09-04 14:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-04 14:10 . 2012-09-04 14:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-04 14:10 . 2012-09-04 14:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-04 14:10 . 2012-09-04 14:10 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-04 14:10 . 2012-09-04 14:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-04 14:10 . 2012-09-04 14:10 448512 ----a-w- c:\windows\system32\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-04 14:10 . 2012-09-04 14:10 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-04 14:10 . 2012-09-04 14:10 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-04 14:10 . 2012-09-04 14:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-04 14:10 . 2012-09-04 14:10 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-04 14:10 . 2012-09-04 14:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-04 14:10 . 2012-09-04 14:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-04 14:10 . 2012-09-04 14:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-04 14:10 . 2012-09-04 14:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-04 14:10 . 2012-09-04 14:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-04 14:10 . 2012-09-04 14:10 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-04 14:10 . 2012-09-04 14:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-04 14:10 . 2012-09-04 14:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-04 14:10 . 2012-09-04 14:10 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-04 14:10 . 2012-09-04 14:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-31 18:19 . 2012-10-10 12:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 hizwhp;hizwhp;c:\windows\system32\drivers\kbzq.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 ALSysIO;ALSysIO;c:\users\Fedo\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 64072]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-14 1329304]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-09 283200]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-24 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-29 05:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 6325424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\igfxupdate.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-11-24 20:03:00 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-24 19:03
ComboFix2.txt 2012-11-24 12:10
.
Pre-Run: 340 953 382 912 bytes free
Post-Run: 340 665 053 184 bytes free
.
- - End Of File - - FDC9D880A01A735CE5BD7F87BCA71BC6
Upload was successful
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#22 Příspěvek od Rudy »

Ještě jednou spusťte ComboFix se skriptem:
KillAll::

Collect::
c:\windows\system32\drivers\kbzq.sys

Driver::
hizwhp

Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#23 Příspěvek od ferdis »

Taký istý spôsob ako predtým a treba aj núdzovy režim?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#24 Příspěvek od Rudy »

Stejným způsobem jako před tím, nouz. režim jen v tom případě, že by to v normálním nešlo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#25 Příspěvek od ferdis »

Znova sa nič nezmenilo.
Viete ako to vôobec napraviť?
Prodávam log:

ComboFix 12-11-24.02 - Fedo . 11. 2012 22:05:14.3.4 - x64
Running from: c:\users\Fedo\Desktop\ComboFix.exe
Command switches used :: c:\users\Fedo\Desktop\CFScript.txt
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hizwhp
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 21:08 . 2012-11-24 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-24 19:14 . 2012-11-24 19:18 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-24 19:14 . 2012-11-24 19:15 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-24 19:14 . 2012-11-24 19:14 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-11-24 19:06 . 2012-11-22 07:50 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-11-24 06:59 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\SCE
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- C:\Crash
2012-11-24 06:58 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\Sony Online Entertainment
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- c:\users\Public\Sony Online Entertainment
2012-11-23 14:35 . 2012-11-23 20:55 -------- d-----w- c:\program files\trend micro
2012-11-23 13:40 . 2012-11-23 13:40 -------- d-----w- c:\users\Fedo\AppData\Roaming\Malwarebytes
2012-11-23 13:39 . 2012-11-23 13:39 -------- d-----w- c:\programdata\Malwarebytes
2012-11-23 13:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{550323EF-08FE-4ECF-82C8-27D2B3DE53AF}\mpengine.dll
2012-11-22 20:47 . 2012-11-22 20:47 -------- d-----w- c:\program files\ESET
2012-11-22 18:44 . 2012-11-22 20:48 -------- d-----w- c:\users\Fedo\AppData\Local\ESET
2012-11-22 16:53 . 2012-11-24 19:10 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-22 16:47 . 2012-11-23 18:10 -------- d-----w- c:\program files\Core Temp
2012-11-22 14:32 . 2012-11-22 14:32 -------- d-----w- c:\users\UpdatusUser
2012-11-22 14:32 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-22 14:32 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-22 14:32 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-22 14:32 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-22 14:32 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-22 14:32 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-22 14:32 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-22 14:32 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-22 14:32 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-22 14:31 . 2012-11-22 14:31 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-22 14:31 . 2012-11-22 14:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- C:\NVIDIA
2012-11-21 19:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-21 19:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-21 19:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-21 19:50 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-21 19:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-sh--w- c:\programdata\DSS
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-----w- c:\programdata\Codemasters
2012-11-21 13:41 . 2012-11-21 13:41 -------- d-----w- c:\program files (x86)\BRS
2012-11-21 13:41 . 2011-03-19 14:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-11-21 13:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-11-21 13:41 . 2012-11-21 20:07 -------- d-----w- c:\program files (x86)\OpenAL
2012-11-21 13:41 . 2012-11-21 13:41 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-11-21 13:41 . 2012-11-21 13:41 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\program files (x86)\VID_0e8f&PID_0003
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\users\Fedo\AppData\Roaming\InstallShield
2012-11-19 20:49 . 2012-11-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 18:50 . 2012-11-22 07:50 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-19 18:50 . 2012-11-22 07:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-19 18:50 . 2012-11-19 18:51 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-18 21:05 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-11-18 21:05 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2012-11-15 19:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 19:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 19:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 19:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 18:20 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 18:20 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-11 12:27 . 2012-11-11 13:12 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-11 05:02 . 2012-11-11 05:02 -------- d-----w- c:\users\Fedo\AppData\Local\GFInstaller
2012-11-10 16:37 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-10 16:37 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-10 16:37 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-10 16:37 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-10 16:37 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-10 16:37 . 2012-11-10 16:37 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-10 16:37 . 2012-11-10 16:37 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-09 19:01 . 2012-11-09 19:03 -------- d-----w- c:\users\Fedo\AppData\Local\Skyrim
2012-11-09 18:58 . 2012-11-09 18:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-09 18:54 . 2012-11-09 18:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-09 17:13 . 2012-11-09 17:13 -------- d-----w- c:\users\Fedo\.thumbnails
2012-11-09 17:10 . 2012-11-09 17:11 -------- d-----w- c:\program files\GIMP 2
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\fontconfig
2012-11-09 17:03 . 2012-11-24 15:27 -------- d-----w- c:\users\Fedo\.gimp-2.8
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\gegl-0.2
2012-11-06 13:54 . 2012-11-06 13:54 -------- d-----w- c:\users\Fedo\AppData\Local\4A Games
2012-11-03 12:30 . 2012-11-03 12:30 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 15:15 . 2012-11-03 14:21 -------- d-----w- C:\Hry
2012-10-29 05:23 . 2012-10-29 05:23 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 05:23 . 2012-10-29 05:23 -------- d-----w- c:\windows\system32\Macromed
2012-10-28 12:53 . 2008-05-30 13:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll
2012-10-27 15:16 . 2012-10-27 15:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-26 15:13 . 2012-10-26 15:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-26 15:13 . 2012-10-26 15:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-26 15:13 . 2012-10-26 15:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-26 15:13 . 2012-10-26 15:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-26 15:13 . 2012-10-26 15:13 -------- d-----w- c:\program files\Java
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-26 15:11 . 2012-10-26 15:11 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Java
2012-10-26 14:55 . 2012-11-17 16:28 -------- d-----w- c:\users\Fedo\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-24 19:18 . 2012-09-07 10:36 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-15 19:02 . 2012-09-04 21:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-09 18:54 . 2012-09-09 08:17 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-03 12:34 . 2012-09-09 08:46 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-10-29 05:23 . 2011-07-11 04:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 15:13 . 2012-09-04 15:49 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 15:13 . 2012-09-04 15:49 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-26 15:11 . 2012-09-04 14:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 04:29 . 2012-10-20 04:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-08 07:21 . 2012-10-08 07:21 64072 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-02 22:21 . 2012-09-13 17:39 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-09-13 17:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-09-13 17:39 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-04 14:46 . 2012-09-04 14:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 14:10 . 2012-09-04 14:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-04 14:10 . 2012-09-04 14:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-04 14:10 . 2012-09-04 14:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-04 14:10 . 2012-09-04 14:10 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-04 14:10 . 2012-09-04 14:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-04 14:10 . 2012-09-04 14:10 448512 ----a-w- c:\windows\system32\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-04 14:10 . 2012-09-04 14:10 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-04 14:10 . 2012-09-04 14:10 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-04 14:10 . 2012-09-04 14:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-04 14:10 . 2012-09-04 14:10 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-04 14:10 . 2012-09-04 14:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-04 14:10 . 2012-09-04 14:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-04 14:10 . 2012-09-04 14:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-04 14:10 . 2012-09-04 14:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-04 14:10 . 2012-09-04 14:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-04 14:10 . 2012-09-04 14:10 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-04 14:10 . 2012-09-04 14:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-04 14:10 . 2012-09-04 14:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-04 14:10 . 2012-09-04 14:10 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-04 14:10 . 2012-09-04 14:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-31 18:19 . 2012-10-10 12:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 ALSysIO;ALSysIO;c:\users\Fedo\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 64072]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-14 1329304]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-09 283200]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-24 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-29 05:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 6325424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\igfxupdate.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-11-24 22:13:07 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-24 21:13
ComboFix2.txt 2012-11-24 19:03
ComboFix3.txt 2012-11-24 12:10
.
Pre-Run: 340 692 209 664 bytes free
Post-Run: 340 597 895 168 bytes free
.
- - End Of File - - 9D17329DE346DB7CE93203FAF3EB79A2
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#26 Příspěvek od Rudy »

Viete ako to vôobec napraviť?
Vážený uživateli. Zatěžovat procesor může defacto cokoli. Log mi řekl, že máte v PC nákazu (mimochodem dost vážnou - rootkit), kterou jsme právě odstranili. Někdy je nutné udělat více testů, abychom věděli, kde problém vězí. Takže mějte trpělivost, snad problém najdeme. Pokud trpělivost nemáte, vlevo nahoře je tlačítko "Odhlásit".

Otevřte správce úloh a zjistěte, který proces nejvíce zatěžuje systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#27 Příspěvek od ferdis »

Ja trpezlivosť mám ja len či vôbec je ešte nádej to urobiť bez preinštalovania windowsu a ja si vašu pracu veľmi cením.
Ako som uz na začiatku písal ako náhle pustim správcu nákaza zmizne a všetko je v poriadku a najvätšiu záťaž tam ma Google Chrome.
Opspravedlnujem sa ked som vás nejako urazil tým dotaz či viete ako to napraviť.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119521
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: CPU vždy na 100%

#28 Příspěvek od Rudy »

OK. Asi jsem si to přebral, jak jsem neměl. Nic se neděje, vysvětlil jste to. :) Stáhněte a spusťte ProcessExplorer: http://www.stahuj.centrum.cz/utility_a_ ... -explorer/ a vyhledejte v něm totéž, co v správci úloh. PE je podrobnější, zobrazí i návazné procesy.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ferdis
Návštěvník
Návštěvník
Příspěvky: 31
Registrován: 23 lis 2012 16:35

Re: CPU vždy na 100%

#29 Příspěvek od ferdis »

Keď to mám zapnute tak ta ista reakcia ako na Správcu čiže žiadne vytaženie CPU na 100% ale pod kolonkou CPU v PE je System Idle Process s cislom cca 95, ale dole pise CPU usage cca 5%.
Ked píšem niečo zle opravte ma ale mi poradte co by som mal presnejsie pozerať.
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: CPU vždy na 100%

#30 Příspěvek od cernohous13 »

:D to je nedorozumění
Idle = nevyužitý, připravený k akci pro další spouštěné programy.
Takže vytížení CPU-5% + 95% volných systémových prostředků :wink:

:oops: a promiňte, že vám do toho lezu
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“