Vytížení procesoru na 75-100% při běžném chodu PC

Zpráva

#16 Příspěvek od **Rudy** » 23 led 2015 18:15

OK, když tak se ozvěte.

skorojoerg · #17 Příspěvek od **skorojoerg** » 23 led 2015 18:18

Díky moc, když to zase začne, napíšu.

#18 Příspěvek od **Rudy** » 23 led 2015 19:26

Rádo se stalo!

skorojoerg · #19 Příspěvek od **skorojoerg** » 23 led 2015 20:08

Už to je zase zpátky

#20 Příspěvek od **Rudy** » 23 led 2015 20:44

Který proces nejvíc zatěžuje systém?

skorojoerg · #21 Příspěvek od **skorojoerg** » 23 led 2015 20:50

To právě nemůžu zjistit, správce úloh hlásí vytížení, větrák jede na plno, ale v procesech firefox 2% a jinak samý nuly

(

#22 Příspěvek od **Rudy** » 23 led 2015 21:41

Pak nechápu, jak jste přišel na těch 75-100%.

skorojoerg · #23 Příspěvek od **skorojoerg** » 23 led 2015 22:37

přes správce úloh (ctrl+shift+esc), protože mně bylo divný, že pořád hučí větrák a počítač je najednou jako šnek. Jenže v tom správci není vidět, co to zatěžuje, protože to všude je na nulových hodnotách a víc zjistit neumím, jsem laik

#24 Příspěvek od **Rudy** » 23 led 2015 22:41

skorojoerg píše:přes správce úloh (ctrl+shift+esc), protože mně bylo divný, že pořád hučí větrák a počítač je najednou jako šnek. Jenže v tom správci není vidět, co to zatěžuje, protože to všude je na nulových hodnotách a víc zjistit neumím, jsem laik

Právě. Proto jsou mi ty hodnoty 75-100% podivné, když tvrdíte, že ve správci vidět nejsou. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

skorojoerg · #25 Příspěvek od **skorojoerg** » 23 led 2015 23:39

ComboFix 15-01-22.02 - Marek Dvorský 23.01.2015 22:53:25.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8131.6230 [GMT 1:00]
Spuštěný z: c:\users\Marek Dvorskř\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-23 do 2015-01-23 )))))))))))))))))))))))))))))))
.
.
2015-01-23 21:56 . 2015-01-23 21:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-23 16:07 . 2015-01-23 19:25 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-23 16:06 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-23 16:06 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-23 16:06 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-23 16:06 . 2015-01-23 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-23 16:06 . 2015-01-23 16:06 -------- d-----w- c:\programdata\Malwarebytes
2015-01-23 13:21 . 2014-10-26 11:02 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34B75DB6-94BC-4C8C-88D3-9007B4E4BF75}\gapaengine.dll
2015-01-23 13:21 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3154DEDA-BE08-434F-B10C-82E8EB834A01}\mpengine.dll
2015-01-22 21:37 . 2015-01-22 21:37 -------- d-----w- C:\_OTM
2015-01-22 21:04 . 2015-01-22 21:04 -------- d-----w- c:\users\Marek Dvorský\AppData\Roaming\Elex-tech
2015-01-22 20:44 . 2015-01-22 21:42 -------- d-----w- c:\program files\trend micro
2015-01-22 20:44 . 2015-01-22 20:44 -------- d-----w- C:\rsit
2015-01-21 23:29 . 2015-01-22 21:03 -------- d-----w- C:\AdwCleaner
2015-01-21 23:27 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-01-16 14:29 . 2015-01-21 23:31 -------- d-----w- c:\windows\system32\log
2015-01-16 14:29 . 2015-01-03 08:57 52392 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2015-01-16 14:29 . 2015-01-16 14:29 -------- d-----w- c:\program files (x86)\Elex-tech
2015-01-15 15:49 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-01 17:08 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-30 22:35 . 2014-12-30 22:35 -------- d-----w- c:\users\Marek Dvorský\AppData\Local\TeamViewer
2014-12-30 18:40 . 2014-12-30 18:40 -------- d-----w- c:\users\Marek Dvorský\AppData\Roaming\TeamViewer
2014-12-30 18:40 . 2015-01-23 21:53 -------- d-----w- c:\program files (x86)\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-23 15:03 . 2014-10-23 08:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-23 15:03 . 2014-10-23 08:51 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-15 02:00 . 2014-10-28 09:06 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-31 11:14 . 2014-10-23 09:12 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 10:08 . 2014-12-17 06:32 16040184 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-12-13 10:08 . 2014-11-04 22:31 17264312 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-12-13 10:08 . 2014-10-23 08:42 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-12-13 10:08 . 2014-10-23 08:42 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2014-10-23 08:40 18594432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-12-13 10:08 . 2014-10-23 08:40 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-13 10:08 . 2014-10-23 08:40 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-13 08:03 . 2014-10-23 08:42 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2014-10-23 08:42 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2014-10-23 08:42 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2014-10-23 08:42 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2014-10-23 08:42 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2014-10-23 08:42 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 05:09 . 2014-12-18 20:11 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 20:11 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-13 00:12 . 2014-10-25 15:06 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-13 00:12 . 2014-10-23 08:43 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:12 . 2014-10-25 15:06 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-13 00:12 . 2014-10-23 08:43 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 23:11 . 2014-10-23 08:42 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-11-27 01:43 . 2014-12-10 20:01 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 10:46 . 2014-12-17 06:39 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-11-22 10:46 . 2014-12-17 06:39 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-11-22 10:46 . 2014-10-23 08:43 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-22 03:13 . 2014-12-10 20:01 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 20:01 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 20:01 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 20:01 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 20:01 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 20:01 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 20:01 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 20:01 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 20:01 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 20:01 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 20:01 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 20:01 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 20:01 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 20:01 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 20:01 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 20:01 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 20:01 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 20:01 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 20:01 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 20:01 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 20:01 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 20:01 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 20:01 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 20:01 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 20:01 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 20:01 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 20:01 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 20:01 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 20:01 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 20:01 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 20:01 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 20:01 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 20:01 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 20:01 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 20:01 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 20:01 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 20:01 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 20:01 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 20:01 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-13 00:20 . 2014-12-17 06:32 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-12-17 06:32 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-11 03:09 . 2014-12-10 20:01 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 15:06 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 15:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 20:01 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 15:06 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 15:06 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 04:53 . 2014-11-04 22:31 1876296 ----a-w- c:\windows\system32\nvdispco6434460.dll
2014-10-30 04:53 . 2014-11-04 22:31 1539272 ----a-w- c:\windows\system32\nvdispgenco6434460.dll
2014-10-28 02:25 . 2014-10-28 02:25 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-10-28 02:25 . 2014-10-28 02:25 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-10-28 02:25 . 2014-10-28 02:25 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-10-28 02:25 . 2014-10-28 02:25 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-10-28 02:25 . 2014-10-28 02:25 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-10-28 02:25 . 2014-10-28 02:25 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-10-28 02:25 . 2014-10-28 02:25 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-10-28 02:25 . 2014-10-28 02:25 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-10-28 02:25 . 2014-10-28 02:25 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-10-28 02:25 . 2014-10-28 02:25 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-10-28 02:25 . 2014-10-28 02:25 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-10-28 02:25 . 2014-10-28 02:25 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-10-28 02:25 . 2014-10-28 02:25 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-10-28 02:25 . 2014-10-28 02:25 247808 ----a-w- c:\windows\system32\msls31.dll
2014-10-28 02:25 . 2014-10-28 02:25 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-10-28 02:25 . 2014-10-28 02:25 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-10-28 02:25 . 2014-10-28 02:25 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-10-28 02:25 . 2014-10-28 02:25 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-10-28 02:25 . 2014-10-28 02:25 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-10-28 02:25 . 2014-10-28 02:25 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-10-28 02:25 . 2014-10-28 02:25 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-10-28 02:25 . 2014-10-28 02:25 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [2014-12-19 458456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ImageBrowser EX Agent.lnk - c:\program files (x86)\Canon\ImageBrowser EX\MFManager.exe [2014-10-25 69120]
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2014-11-16 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys;c:\windows\SYSNATIVE\DRIVERS\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeKrnlBoot.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys;c:\windows\SYSNATIVE\DRIVERS\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys [x]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [x]
S1 iSafeKrnlMon;YAC Monitor Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [x]
S1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [x]
S1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\DRIVERS\iSafeNetFilter.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeNetFilter.sys [x]
S2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iSafeService;YAC Service;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 15:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"Samsung Link"="c:\program files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [2014-11-06 607584]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Page_URL = about:blank
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Marek Dvorský\AppData\Roaming\Mozilla\Firefox\Profiles\fsl8rbwh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-01-23 22:58:39
ComboFix-quarantined-files.txt 2015-01-23 21:58
.
Před spuštěním: Volných bajtů: 59 211 554 816
Po spuštění: Volných bajtů: 58 801 807 360
.
- - End Of File - - 73D6DA8F193808B7E5D53B578E6EE28E
A36C5E4F47E84449FF07ED3517B43A31

#26 Příspěvek od **Rudy** » 24 led 2015 11:04

Přesuňte ComboFix na kořenový adresář c:\ . Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte rovněž na kořenový adresář c:\ jako CFScript.txt. Pak jej myší v průzkumníku windows (nebo jiném souborovém manažeru) přesuňte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

skorojoerg · #27 Příspěvek od **skorojoerg** » 24 led 2015 11:46

snad jsem to udělal správně....

log:
ComboFix 15-01-22.02 - Marek Dvorský 24.01.2015 11:38:51.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8131.6146 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-24 do 2015-01-24 )))))))))))))))))))))))))))))))
.
.
2015-01-23 16:07 . 2015-01-23 19:25 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-23 16:06 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-23 16:06 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-23 16:06 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-23 16:06 . 2015-01-23 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-23 16:06 . 2015-01-23 16:06 -------- d-----w- c:\programdata\Malwarebytes
2015-01-23 13:21 . 2014-10-26 11:02 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34B75DB6-94BC-4C8C-88D3-9007B4E4BF75}\gapaengine.dll
2015-01-23 13:21 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3154DEDA-BE08-434F-B10C-82E8EB834A01}\mpengine.dll
2015-01-22 21:37 . 2015-01-22 21:37 -------- d-----w- C:\_OTM
2015-01-22 21:04 . 2015-01-22 21:04 -------- d-----w- c:\users\Marek Dvorský\AppData\Roaming\Elex-tech
2015-01-22 20:44 . 2015-01-22 21:42 -------- d-----w- c:\program files\trend micro
2015-01-22 20:44 . 2015-01-22 20:44 -------- d-----w- C:\rsit
2015-01-21 23:29 . 2015-01-22 21:03 -------- d-----w- C:\AdwCleaner
2015-01-21 23:27 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-01-16 14:29 . 2015-01-21 23:31 -------- d-----w- c:\windows\system32\log
2015-01-16 14:29 . 2015-01-03 08:57 52392 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2015-01-16 14:29 . 2015-01-16 14:29 -------- d-----w- c:\program files (x86)\Elex-tech
2015-01-15 15:49 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-01-01 17:08 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-30 22:35 . 2014-12-30 22:35 -------- d-----w- c:\users\Marek Dvorský\AppData\Local\TeamViewer
2014-12-30 18:40 . 2014-12-30 18:40 -------- d-----w- c:\users\Marek Dvorský\AppData\Roaming\TeamViewer
2014-12-30 18:40 . 2015-01-23 21:53 -------- d-----w- c:\program files (x86)\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-23 15:03 . 2014-10-23 08:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-23 15:03 . 2014-10-23 08:51 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-15 02:00 . 2014-10-28 09:06 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-31 11:14 . 2014-10-23 09:12 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-13 10:08 . 2014-12-17 06:32 16040184 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-12-13 10:08 . 2014-11-04 22:31 17264312 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-12-13 10:08 . 2014-10-23 08:42 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-12-13 10:08 . 2014-10-23 08:42 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2014-10-23 08:40 18594432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-12-13 10:08 . 2014-10-23 08:40 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-13 10:08 . 2014-10-23 08:40 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-13 08:03 . 2014-10-23 08:42 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2014-10-23 08:42 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2014-10-23 08:42 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2014-10-23 08:42 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2014-10-23 08:42 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2014-10-23 08:42 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 05:09 . 2014-12-18 20:11 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 20:11 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-13 00:12 . 2014-10-25 15:06 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-13 00:12 . 2014-10-23 08:43 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:12 . 2014-10-25 15:06 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-13 00:12 . 2014-10-23 08:43 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 23:11 . 2014-10-23 08:42 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-11-27 01:43 . 2014-12-10 20:01 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 10:46 . 2014-12-17 06:39 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-11-22 10:46 . 2014-12-17 06:39 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-11-22 10:46 . 2014-10-23 08:43 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-22 03:13 . 2014-12-10 20:01 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 20:01 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 20:01 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 20:01 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 20:01 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 20:01 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 20:01 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 20:01 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 20:01 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 20:01 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 20:01 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 20:01 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 20:01 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 20:01 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 20:01 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 20:01 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 20:01 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 20:01 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 20:01 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 20:01 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 20:01 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 20:01 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 20:01 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 20:01 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 20:01 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 20:01 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 20:01 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 20:01 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 20:01 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 20:01 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 20:01 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 20:01 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 20:01 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 20:01 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 20:01 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 20:01 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 20:01 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 20:01 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 20:01 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-13 00:20 . 2014-12-17 06:32 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-12-17 06:32 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-11 03:09 . 2014-12-10 20:01 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 15:06 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 15:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 20:01 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 15:06 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 15:06 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 04:53 . 2014-11-04 22:31 1876296 ----a-w- c:\windows\system32\nvdispco6434460.dll
2014-10-30 04:53 . 2014-11-04 22:31 1539272 ----a-w- c:\windows\system32\nvdispgenco6434460.dll
2014-10-28 02:25 . 2014-10-28 02:25 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-10-28 02:25 . 2014-10-28 02:25 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-10-28 02:25 . 2014-10-28 02:25 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-10-28 02:25 . 2014-10-28 02:25 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-10-28 02:25 . 2014-10-28 02:25 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-10-28 02:25 . 2014-10-28 02:25 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-10-28 02:25 . 2014-10-28 02:25 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-10-28 02:25 . 2014-10-28 02:25 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-10-28 02:25 . 2014-10-28 02:25 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-10-28 02:25 . 2014-10-28 02:25 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-10-28 02:25 . 2014-10-28 02:25 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-10-28 02:25 . 2014-10-28 02:25 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-10-28 02:25 . 2014-10-28 02:25 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-10-28 02:25 . 2014-10-28 02:25 247808 ----a-w- c:\windows\system32\msls31.dll
2014-10-28 02:25 . 2014-10-28 02:25 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-10-28 02:25 . 2014-10-28 02:25 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-10-28 02:25 . 2014-10-28 02:25 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-10-28 02:25 . 2014-10-28 02:25 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-10-28 02:25 . 2014-10-28 02:25 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-10-28 02:25 . 2014-10-28 02:25 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-10-28 02:25 . 2014-10-28 02:25 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-10-28 02:25 . 2014-10-28 02:25 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [2014-12-19 458456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ImageBrowser EX Agent.lnk - c:\program files (x86)\Canon\ImageBrowser EX\MFManager.exe [2014-10-25 69120]
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2014-11-16 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 ALSysIO;ALSysIO;c:\users\MAREKD~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\MAREKD~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys;c:\windows\SYSNATIVE\DRIVERS\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeKrnlBoot.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys;c:\windows\SYSNATIVE\DRIVERS\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys [x]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [x]
S1 iSafeKrnlMon;YAC Monitor Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [x]
S1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [x]
S1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\DRIVERS\iSafeNetFilter.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeNetFilter.sys [x]
S2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iSafeService;YAC Service;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23 15:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"Samsung Link"="c:\program files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [2014-11-06 607584]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Page_URL = about:blank
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Marek Dvorský\AppData\Roaming\Mozilla\Firefox\Profiles\fsl8rbwh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Elex-tech\YAC\iSafeSvc2.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Hard Disk Sentinel\HDSentinel.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files (x86)\Elex-tech\YAC\iSafeTray.exe
.
**************************************************************************
.
Celkový čas: 2015-01-24 11:43:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-24 10:43
ComboFix2.txt 2015-01-23 21:58
.
Před spuštěním: Volných bajtů: 58 876 633 088
Po spuštění: Volných bajtů: 58 783 580 160
.
- - End Of File - - E59EE87C6023F99B9937D1255C1902EA
A36C5E4F47E84449FF07ED3517B43A31

#28 Příspěvek od **Rudy** » 24 led 2015 12:34

Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

skorojoerg · #29 Příspěvek od **skorojoerg** » 24 led 2015 14:37

nenastala, procesor na 100%

#30 Příspěvek od **cernohous13** » 24 led 2015 17:10

Rudy promine

Máš ve Správci úloh vlevo dole zaškrtnuto "Zobrazit procesy všech uživatelů" ?

VIRY.CZ

Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC

Re: Vytížení procesoru na 75-100% při běžném chodu PC