VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

CPU vždy na 100%

https://forum.viry.cz:443/viewtopic.php?t=126010

Stránka 2 z 5

Re: CPU vždy na 100%

Napsal: 24 lis 2012 11:49
od Rudy
Avenger nedal žádný log?

Re: CPU vždy na 100%

Napsal: 24 lis 2012 11:57
od ferdis
Žiadny iba reštart a ani po ňom nič.

Re: CPU vždy na 100%

Napsal: 24 lis 2012 12:48
od Rudy
Zkuste to ještě jednou, ale v nouz. režimu. Pokud bude průběh stejný, dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: CPU vždy na 100%

Napsal: 24 lis 2012 13:17
od ferdis
ComboFix 12-11-23.02 - Fedo . 11. 2012 13:05:39.1.4 - x64 MINIMAL
Running from: c:\users\Fedo\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Fedo\AppData\Local\TempDIR
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\AppName.txt
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\DownloadURL.txt
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\GFInstaller.exe
c:\users\Fedo\AppData\Local\TempDIR\GFInstaller\Channel.txt
c:\windows\SysWow64\update
c:\windows\SysWow64\update\diablo121016.cl
c:\windows\SysWow64\update\diakgcn121016.cl
c:\windows\SysWow64\update\igfxupdate.exe
c:\windows\SysWow64\update\libcurl-4.dll
c:\windows\SysWow64\update\libeay32.dll
c:\windows\SysWow64\update\libidn-11.dll
c:\windows\SysWow64\update\libusb-1.0.dll
c:\windows\SysWow64\update\phatk121016.cl
c:\windows\SysWow64\update\poclbm121016.cl
c:\windows\SysWow64\update\poclbm121016GeForce GT 530gv1w256l4.bin
c:\windows\SysWow64\update\pthreadGC2.dll
c:\windows\SysWow64\update\scrypt121016.cl
c:\windows\SysWow64\update\ssleay32.dll
c:\windows\SysWow64\update\zlib1.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 12:08 . 2012-11-24 12:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-24 10:51 . 2012-11-24 10:51 61440 ----a-w- c:\windows\SysWow64\drivers\kbzq.sys
2012-11-24 10:34 . 2012-11-24 10:34 61440 ----a-w- c:\windows\SysWow64\drivers\wuad.sys
2012-11-24 10:30 . 2012-11-24 10:30 61440 ----a-w- c:\windows\SysWow64\drivers\uicf.sys
2012-11-24 10:28 . 2012-11-22 07:50 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-11-24 06:59 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\SCE
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- C:\Crash
2012-11-24 06:58 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\Sony Online Entertainment
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- c:\users\Public\Sony Online Entertainment
2012-11-23 14:35 . 2012-11-23 20:55 -------- d-----w- c:\program files\trend micro
2012-11-23 13:40 . 2012-11-23 13:40 -------- d-----w- c:\users\Fedo\AppData\Roaming\Malwarebytes
2012-11-23 13:39 . 2012-11-23 13:39 -------- d-----w- c:\programdata\Malwarebytes
2012-11-23 13:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{550323EF-08FE-4ECF-82C8-27D2B3DE53AF}\mpengine.dll
2012-11-22 20:47 . 2012-11-22 20:47 -------- d-----w- c:\program files\ESET
2012-11-22 18:44 . 2012-11-22 20:48 -------- d-----w- c:\users\Fedo\AppData\Local\ESET
2012-11-22 16:53 . 2012-11-24 12:00 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-22 16:47 . 2012-11-23 18:10 -------- d-----w- c:\program files\Core Temp
2012-11-22 14:32 . 2012-11-22 14:32 -------- d-----w- c:\users\UpdatusUser
2012-11-22 14:32 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-22 14:32 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-22 14:32 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-22 14:32 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-22 14:32 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-22 14:32 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-22 14:32 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-22 14:32 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-22 14:32 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-22 14:31 . 2012-11-22 14:31 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-22 14:31 . 2012-11-22 14:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- C:\NVIDIA
2012-11-21 19:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-21 19:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-21 19:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-21 19:50 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-21 19:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-sh--w- c:\programdata\DSS
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-----w- c:\programdata\Codemasters
2012-11-21 13:41 . 2012-11-21 13:41 -------- d-----w- c:\program files (x86)\BRS
2012-11-21 13:41 . 2011-03-19 14:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-11-21 13:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-11-21 13:41 . 2012-11-21 20:07 -------- d-----w- c:\program files (x86)\OpenAL
2012-11-21 13:41 . 2012-11-21 13:41 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-11-21 13:41 . 2012-11-21 13:41 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\program files (x86)\VID_0e8f&PID_0003
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\users\Fedo\AppData\Roaming\InstallShield
2012-11-19 20:49 . 2012-11-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 18:50 . 2012-11-22 07:50 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-19 18:50 . 2012-11-22 07:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-19 18:50 . 2012-11-19 18:51 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-18 21:05 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-11-18 21:05 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2012-11-15 19:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 19:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 19:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 19:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 18:20 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 18:20 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-11 12:27 . 2012-11-11 13:12 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-11 05:02 . 2012-11-11 05:02 -------- d-----w- c:\users\Fedo\AppData\Local\GFInstaller
2012-11-10 16:37 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-10 16:37 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-10 16:37 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-10 16:37 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-10 16:37 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-10 16:37 . 2012-11-10 16:37 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-10 16:37 . 2012-11-10 16:37 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-09 19:01 . 2012-11-09 19:03 -------- d-----w- c:\users\Fedo\AppData\Local\Skyrim
2012-11-09 18:58 . 2012-11-09 18:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-09 18:54 . 2012-11-09 18:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-09 17:13 . 2012-11-09 17:13 -------- d-----w- c:\users\Fedo\.thumbnails
2012-11-09 17:10 . 2012-11-09 17:11 -------- d-----w- c:\program files\GIMP 2
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\fontconfig
2012-11-09 17:03 . 2012-11-11 13:47 -------- d-----w- c:\users\Fedo\.gimp-2.8
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\gegl-0.2
2012-11-06 13:54 . 2012-11-06 13:54 -------- d-----w- c:\users\Fedo\AppData\Local\4A Games
2012-11-03 12:30 . 2012-11-03 12:30 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 15:15 . 2012-11-03 14:21 -------- d-----w- C:\Hry
2012-10-29 05:23 . 2012-10-29 05:23 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 05:23 . 2012-10-29 05:23 -------- d-----w- c:\windows\system32\Macromed
2012-10-28 12:53 . 2008-05-30 13:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll
2012-10-27 15:16 . 2012-10-27 15:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-26 15:13 . 2012-10-26 15:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-26 15:13 . 2012-10-26 15:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-26 15:13 . 2012-10-26 15:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-26 15:13 . 2012-10-26 15:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-26 15:13 . 2012-10-26 15:13 -------- d-----w- c:\program files\Java
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-26 15:11 . 2012-10-26 15:11 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Java
2012-10-26 14:55 . 2012-11-17 16:28 -------- d-----w- c:\users\Fedo\AppData\Roaming\.minecraft
2012-10-25 15:32 . 2012-10-25 15:32 -------- d-----w- c:\users\Fedo\AppData\Local\Downloaded Installations
2012-10-25 15:30 . 2012-10-25 15:30 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 14:42 . 2012-09-07 10:36 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-22 14:08 . 2012-09-06 13:27 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-15 19:02 . 2012-09-04 21:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-09 18:54 . 2012-09-09 08:17 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-03 12:34 . 2012-09-09 08:46 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-10-29 05:23 . 2011-07-11 04:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 15:13 . 2012-09-04 15:49 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 15:13 . 2012-09-04 15:49 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-26 15:11 . 2012-09-04 14:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 04:29 . 2012-10-20 04:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-08 07:21 . 2012-10-08 07:21 64072 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-02 22:21 . 2012-09-13 17:39 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-09-13 17:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-09-13 17:39 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-04 14:46 . 2012-09-04 14:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 14:10 . 2012-09-04 14:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-04 14:10 . 2012-09-04 14:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-04 14:10 . 2012-09-04 14:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-04 14:10 . 2012-09-04 14:10 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-04 14:10 . 2012-09-04 14:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-04 14:10 . 2012-09-04 14:10 448512 ----a-w- c:\windows\system32\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-04 14:10 . 2012-09-04 14:10 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-04 14:10 . 2012-09-04 14:10 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-04 14:10 . 2012-09-04 14:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-04 14:10 . 2012-09-04 14:10 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-04 14:10 . 2012-09-04 14:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-04 14:10 . 2012-09-04 14:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-04 14:10 . 2012-09-04 14:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-04 14:10 . 2012-09-04 14:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-04 14:10 . 2012-09-04 14:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-04 14:10 . 2012-09-04 14:10 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-04 14:10 . 2012-09-04 14:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-04 14:10 . 2012-09-04 14:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-04 14:10 . 2012-09-04 14:10 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-04 14:10 . 2012-09-04 14:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-31 18:19 . 2012-10-10 12:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 bqicyfyc;bqicyfyc;c:\windows\system32\drivers\wuad.sys [x]
R0 dzqzl;dzqzl;c:\windows\system32\drivers\uicf.sys [x]
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 64072]
R0 hizwhp;hizwhp;c:\windows\system32\drivers\kbzq.sys [x]
R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-14 1329304]
R2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 ALSysIO;ALSysIO;c:\users\Fedo\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-09 283200]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-24 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-29 05:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 6325424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-PlanetSide 2 PSG - c:\users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-24 13:10:03
ComboFix-quarantined-files.txt 2012-11-24 12:10
.
Pre-Run: 352 776 814 592 bytes free
Post-Run: 352 301 289 472 bytes free
.
- - End Of File - - 21F9181EE14349EBC78E0E0DCB97C837

Re: CPU vždy na 100%

Napsal: 24 lis 2012 19:00
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\SysWow64\drivers\kbzq.sys
c:\windows\SysWow64\drivers\wuad.sys
c:\windows\SysWow64\drivers\uicf.sys
C:\Windows\SysWOW64\igfxupdate.exe
C:\Windows\SysWOW64\update\igfxupdate.exe

Driver::
bqicyfyc
dzqzl
kbzq

RegLock::
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: CPU vždy na 100%

Napsal: 24 lis 2012 20:09
od ferdis
1.Dúfam že nevadi lebo som zabudol ísť do núdzoveho režimu a po dokonceni mi neslo nic spusiť takže som musel ešte raz reštartovat PC
2. Problem nezmizol
3. Dávam Váv radšej log z CombFix po dokončení

ComboFix 12-11-24.02 - Fedo . 11. 2012 19:54:21.2.4 - x64
Running from: c:\users\Fedo\Desktop\ComboFix.exe
Command switches used :: c:\users\Fedo\Desktop\CFScript.txt
* Resident AV is active
.
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\drivers\kbzq.sys
c:\windows\SysWow64\drivers\uicf.sys
c:\windows\SysWow64\drivers\wuad.sys
c:\windows\SysWOW64\igfxupdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_bqicyfyc
-------\Service_dzqzl
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 06:59 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\SCE
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- C:\Crash
2012-11-24 06:58 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\Sony Online Entertainment
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- c:\users\Public\Sony Online Entertainment
2012-11-23 14:35 . 2012-11-23 20:55 -------- d-----w- c:\program files\trend micro
2012-11-23 13:40 . 2012-11-23 13:40 -------- d-----w- c:\users\Fedo\AppData\Roaming\Malwarebytes
2012-11-23 13:39 . 2012-11-23 13:39 -------- d-----w- c:\programdata\Malwarebytes
2012-11-23 13:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{550323EF-08FE-4ECF-82C8-27D2B3DE53AF}\mpengine.dll
2012-11-22 20:47 . 2012-11-22 20:47 -------- d-----w- c:\program files\ESET
2012-11-22 18:44 . 2012-11-22 20:48 -------- d-----w- c:\users\Fedo\AppData\Local\ESET
2012-11-22 16:53 . 2012-11-24 18:46 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-22 16:47 . 2012-11-23 18:10 -------- d-----w- c:\program files\Core Temp
2012-11-22 14:32 . 2012-11-22 14:32 -------- d-----w- c:\users\UpdatusUser
2012-11-22 14:32 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-22 14:32 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-22 14:32 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-22 14:32 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-22 14:32 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-22 14:32 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-22 14:32 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-22 14:32 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-22 14:32 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-22 14:31 . 2012-11-22 14:31 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-22 14:31 . 2012-11-22 14:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- C:\NVIDIA
2012-11-21 19:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-21 19:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-21 19:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-21 19:50 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-21 19:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-sh--w- c:\programdata\DSS
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-----w- c:\programdata\Codemasters
2012-11-21 13:41 . 2012-11-21 13:41 -------- d-----w- c:\program files (x86)\BRS
2012-11-21 13:41 . 2011-03-19 14:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-11-21 13:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-11-21 13:41 . 2012-11-21 20:07 -------- d-----w- c:\program files (x86)\OpenAL
2012-11-21 13:41 . 2012-11-21 13:41 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-11-21 13:41 . 2012-11-21 13:41 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\program files (x86)\VID_0e8f&PID_0003
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\users\Fedo\AppData\Roaming\InstallShield
2012-11-19 20:49 . 2012-11-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 18:50 . 2012-11-22 07:50 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-19 18:50 . 2012-11-22 07:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-19 18:50 . 2012-11-19 18:51 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-18 21:05 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-11-18 21:05 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2012-11-15 19:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 19:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 19:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 19:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 18:20 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 18:20 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-11 12:27 . 2012-11-11 13:12 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-11 05:02 . 2012-11-11 05:02 -------- d-----w- c:\users\Fedo\AppData\Local\GFInstaller
2012-11-10 16:37 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-10 16:37 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-10 16:37 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-10 16:37 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-10 16:37 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-10 16:37 . 2012-11-10 16:37 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-10 16:37 . 2012-11-10 16:37 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-09 19:01 . 2012-11-09 19:03 -------- d-----w- c:\users\Fedo\AppData\Local\Skyrim
2012-11-09 18:58 . 2012-11-09 18:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-09 18:54 . 2012-11-09 18:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-09 17:13 . 2012-11-09 17:13 -------- d-----w- c:\users\Fedo\.thumbnails
2012-11-09 17:10 . 2012-11-09 17:11 -------- d-----w- c:\program files\GIMP 2
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\fontconfig
2012-11-09 17:03 . 2012-11-24 15:27 -------- d-----w- c:\users\Fedo\.gimp-2.8
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\gegl-0.2
2012-11-06 13:54 . 2012-11-06 13:54 -------- d-----w- c:\users\Fedo\AppData\Local\4A Games
2012-11-03 12:30 . 2012-11-03 12:30 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 15:15 . 2012-11-03 14:21 -------- d-----w- C:\Hry
2012-10-29 05:23 . 2012-10-29 05:23 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 05:23 . 2012-10-29 05:23 -------- d-----w- c:\windows\system32\Macromed
2012-10-28 12:53 . 2008-05-30 13:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll
2012-10-27 15:16 . 2012-10-27 15:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-26 15:13 . 2012-10-26 15:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-26 15:13 . 2012-10-26 15:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-26 15:13 . 2012-10-26 15:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-26 15:13 . 2012-10-26 15:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-26 15:13 . 2012-10-26 15:13 -------- d-----w- c:\program files\Java
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-26 15:11 . 2012-10-26 15:11 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Java
2012-10-26 14:55 . 2012-11-17 16:28 -------- d-----w- c:\users\Fedo\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 14:42 . 2012-09-07 10:36 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-22 14:08 . 2012-09-06 13:27 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-15 19:02 . 2012-09-04 21:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-09 18:54 . 2012-09-09 08:17 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-03 12:34 . 2012-09-09 08:46 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-10-29 05:23 . 2011-07-11 04:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 15:13 . 2012-09-04 15:49 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 15:13 . 2012-09-04 15:49 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-26 15:11 . 2012-09-04 14:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 04:29 . 2012-10-20 04:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-08 07:21 . 2012-10-08 07:21 64072 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-02 22:21 . 2012-09-13 17:39 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-09-13 17:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-09-13 17:39 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-04 14:46 . 2012-09-04 14:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 14:10 . 2012-09-04 14:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-04 14:10 . 2012-09-04 14:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-04 14:10 . 2012-09-04 14:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-04 14:10 . 2012-09-04 14:10 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-04 14:10 . 2012-09-04 14:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-04 14:10 . 2012-09-04 14:10 448512 ----a-w- c:\windows\system32\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-04 14:10 . 2012-09-04 14:10 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-04 14:10 . 2012-09-04 14:10 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-04 14:10 . 2012-09-04 14:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-04 14:10 . 2012-09-04 14:10 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-04 14:10 . 2012-09-04 14:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-04 14:10 . 2012-09-04 14:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-04 14:10 . 2012-09-04 14:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-04 14:10 . 2012-09-04 14:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-04 14:10 . 2012-09-04 14:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-04 14:10 . 2012-09-04 14:10 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-04 14:10 . 2012-09-04 14:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-04 14:10 . 2012-09-04 14:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-04 14:10 . 2012-09-04 14:10 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-04 14:10 . 2012-09-04 14:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-31 18:19 . 2012-10-10 12:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 hizwhp;hizwhp;c:\windows\system32\drivers\kbzq.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 ALSysIO;ALSysIO;c:\users\Fedo\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 64072]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-14 1329304]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-09 283200]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-24 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-29 05:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 6325424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\igfxupdate.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-11-24 20:03:00 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-24 19:03
ComboFix2.txt 2012-11-24 12:10
.
Pre-Run: 340 953 382 912 bytes free
Post-Run: 340 665 053 184 bytes free
.
- - End Of File - - FDC9D880A01A735CE5BD7F87BCA71BC6
Upload was successful

Re: CPU vždy na 100%

Napsal: 24 lis 2012 20:17
od Rudy
Ještě jednou spusťte ComboFix se skriptem:
KillAll::

Collect::
c:\windows\system32\drivers\kbzq.sys

Driver::
hizwhp

Reboot::

Re: CPU vždy na 100%

Napsal: 24 lis 2012 21:34
od ferdis
Taký istý spôsob ako predtým a treba aj núdzovy režim?

Re: CPU vždy na 100%

Napsal: 24 lis 2012 21:37
od Rudy
Stejným způsobem jako před tím, nouz. režim jen v tom případě, že by to v normálním nešlo.

Re: CPU vždy na 100%

Napsal: 24 lis 2012 22:18
od ferdis
Znova sa nič nezmenilo.
Viete ako to vôobec napraviť?
Prodávam log:

ComboFix 12-11-24.02 - Fedo . 11. 2012 22:05:14.3.4 - x64
Running from: c:\users\Fedo\Desktop\ComboFix.exe
Command switches used :: c:\users\Fedo\Desktop\CFScript.txt
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hizwhp
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 21:08 . 2012-11-24 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-24 19:14 . 2012-11-24 19:18 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-24 19:14 . 2012-11-24 19:15 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-24 19:14 . 2012-11-24 19:14 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-11-24 19:06 . 2012-11-22 07:50 269824 ----a-w- c:\windows\SysWow64\igfxupdate.exe
2012-11-24 06:59 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\SCE
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- C:\Crash
2012-11-24 06:58 . 2012-11-24 06:59 -------- d-----w- c:\users\Fedo\AppData\Local\Sony Online Entertainment
2012-11-24 06:58 . 2012-11-24 06:58 -------- d-----w- c:\users\Public\Sony Online Entertainment
2012-11-23 14:35 . 2012-11-23 20:55 -------- d-----w- c:\program files\trend micro
2012-11-23 13:40 . 2012-11-23 13:40 -------- d-----w- c:\users\Fedo\AppData\Roaming\Malwarebytes
2012-11-23 13:39 . 2012-11-23 13:39 -------- d-----w- c:\programdata\Malwarebytes
2012-11-23 13:21 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{550323EF-08FE-4ECF-82C8-27D2B3DE53AF}\mpengine.dll
2012-11-22 20:47 . 2012-11-22 20:47 -------- d-----w- c:\program files\ESET
2012-11-22 18:44 . 2012-11-22 20:48 -------- d-----w- c:\users\Fedo\AppData\Local\ESET
2012-11-22 16:53 . 2012-11-24 19:10 -------- d-----w- c:\program files (x86)\SpeedFan
2012-11-22 16:47 . 2012-11-23 18:10 -------- d-----w- c:\program files\Core Temp
2012-11-22 14:32 . 2012-11-22 14:32 -------- d-----w- c:\users\UpdatusUser
2012-11-22 14:32 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-22 14:32 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-22 14:32 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-22 14:32 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-22 14:32 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-22 14:32 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-22 14:32 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-22 14:32 . 2012-08-30 19:14 60776 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-22 14:32 . 2012-08-30 19:14 52584 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-11-22 14:31 . 2012-11-22 14:31 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-11-22 14:31 . 2012-11-22 14:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-11-22 14:30 . 2012-11-22 14:30 -------- d-----w- C:\NVIDIA
2012-11-21 19:50 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-21 19:50 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-21 19:50 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-21 19:50 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-21 19:50 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-21 19:50 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-sh--w- c:\programdata\DSS
2012-11-21 13:52 . 2012-11-21 13:52 -------- d-----w- c:\programdata\Codemasters
2012-11-21 13:41 . 2012-11-21 13:41 -------- d-----w- c:\program files (x86)\BRS
2012-11-21 13:41 . 2011-03-19 14:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-11-21 13:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-11-21 13:41 . 2012-11-21 20:07 -------- d-----w- c:\program files (x86)\OpenAL
2012-11-21 13:41 . 2012-11-21 13:41 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-11-21 13:41 . 2012-11-21 13:41 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-11-21 13:41 . 2012-11-21 13:41 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\program files (x86)\VID_0e8f&PID_0003
2012-11-20 12:46 . 2012-11-20 12:46 -------- d-----w- c:\users\Fedo\AppData\Roaming\InstallShield
2012-11-19 20:49 . 2012-11-19 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-19 18:50 . 2012-11-22 07:50 410112 ----a-w- c:\windows\system32\taskhost.rs
2012-11-19 18:50 . 2012-11-22 07:50 269824 ----a-w- c:\windows\system32\SearchEngine.rs
2012-11-19 18:50 . 2012-11-19 18:51 307712 ----a-w- c:\windows\system32\SearchIndexer.dll
2012-11-18 21:05 . 2010-02-04 09:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2012-11-18 21:05 . 2010-02-04 09:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2012-11-15 19:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 19:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 19:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 19:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 18:20 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 18:20 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-11 12:27 . 2012-11-11 13:12 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-11 05:02 . 2012-11-11 05:02 -------- d-----w- c:\users\Fedo\AppData\Local\GFInstaller
2012-11-10 16:37 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-11-10 16:37 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-11-10 16:37 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-11-10 16:37 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-11-10 16:37 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-11-10 16:37 . 2012-11-10 16:37 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-11-10 16:37 . 2012-11-10 16:37 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-11-09 19:01 . 2012-11-09 19:03 -------- d-----w- c:\users\Fedo\AppData\Local\Skyrim
2012-11-09 18:58 . 2012-11-09 18:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-09 18:54 . 2012-11-09 18:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-09 17:13 . 2012-11-09 17:13 -------- d-----w- c:\users\Fedo\.thumbnails
2012-11-09 17:10 . 2012-11-09 17:11 -------- d-----w- c:\program files\GIMP 2
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\fontconfig
2012-11-09 17:03 . 2012-11-24 15:27 -------- d-----w- c:\users\Fedo\.gimp-2.8
2012-11-09 17:03 . 2012-11-09 17:03 -------- d-----w- c:\users\Fedo\AppData\Local\gegl-0.2
2012-11-06 13:54 . 2012-11-06 13:54 -------- d-----w- c:\users\Fedo\AppData\Local\4A Games
2012-11-03 12:30 . 2012-11-03 12:30 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 15:15 . 2012-11-03 14:21 -------- d-----w- C:\Hry
2012-10-29 05:23 . 2012-10-29 05:23 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 05:23 . 2012-10-29 05:23 -------- d-----w- c:\windows\system32\Macromed
2012-10-28 12:53 . 2008-05-30 13:18 238088 ----a-w- c:\windows\SysWow64\xactengine3_1.dll
2012-10-27 15:16 . 2012-10-27 15:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-10-26 15:13 . 2012-10-26 15:13 289768 ----a-w- c:\windows\system32\javaws.exe
2012-10-26 15:13 . 2012-10-26 15:13 189416 ----a-w- c:\windows\system32\javaw.exe
2012-10-26 15:13 . 2012-10-26 15:13 188904 ----a-w- c:\windows\system32\java.exe
2012-10-26 15:13 . 2012-10-26 15:13 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-10-26 15:13 . 2012-10-26 15:13 -------- d-----w- c:\program files\Java
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-26 15:11 . 2012-10-26 15:11 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-26 15:11 . 2012-10-26 15:11 -------- d-----w- c:\program files (x86)\Java
2012-10-26 14:55 . 2012-11-17 16:28 -------- d-----w- c:\users\Fedo\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-24 19:18 . 2012-09-07 10:36 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-15 19:02 . 2012-09-04 21:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-09 18:54 . 2012-09-09 08:17 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-03 12:34 . 2012-09-09 08:46 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-10-29 05:23 . 2011-07-11 04:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-26 15:13 . 2012-09-04 15:49 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 15:13 . 2012-09-04 15:49 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-26 15:11 . 2012-09-04 14:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 04:29 . 2012-10-20 04:29 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-08 07:21 . 2012-10-08 07:21 64072 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-02 22:21 . 2012-09-13 17:39 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-09-13 17:39 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-09-13 17:39 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-09-13 17:39 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 12:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:19 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-04 14:46 . 2012-09-04 14:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 14:10 . 2012-09-04 14:10 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-09-04 14:10 . 2012-09-04 14:10 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 82432 ----a-w- c:\windows\system32\icardie.dll
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-09-04 14:10 . 2012-09-04 14:10 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-09-04 14:10 . 2012-09-04 14:10 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-09-04 14:10 . 2012-09-04 14:10 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-09-04 14:10 . 2012-09-04 14:10 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-09-04 14:10 . 2012-09-04 14:10 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-09-04 14:10 . 2012-09-04 14:10 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-09-04 14:10 . 2012-09-04 14:10 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-09-04 14:10 . 2012-09-04 14:10 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-09-04 14:10 . 2012-09-04 14:10 448512 ----a-w- c:\windows\system32\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-09-04 14:10 . 2012-09-04 14:10 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-09-04 14:10 . 2012-09-04 14:10 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-09-04 14:10 . 2012-09-04 14:10 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-09-04 14:10 . 2012-09-04 14:10 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-09-04 14:10 . 2012-09-04 14:10 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-09-04 14:10 . 2012-09-04 14:10 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-09-04 14:10 . 2012-09-04 14:10 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-09-04 14:10 . 2012-09-04 14:10 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-09-04 14:10 . 2012-09-04 14:10 222208 ----a-w- c:\windows\system32\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 197120 ----a-w- c:\windows\system32\msrating.dll
2012-09-04 14:10 . 2012-09-04 14:10 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-09-04 14:10 . 2012-09-04 14:10 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-09-04 14:10 . 2012-09-04 14:10 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-09-04 14:10 . 2012-09-04 14:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-09-04 14:10 . 2012-09-04 14:10 149504 ----a-w- c:\windows\system32\occache.dll
2012-09-04 14:10 . 2012-09-04 14:10 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-09-04 14:10 . 2012-09-04 14:10 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 12288 ----a-w- c:\windows\system32\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-09-04 14:10 . 2012-09-04 14:10 114176 ----a-w- c:\windows\system32\admparse.dll
2012-09-04 14:10 . 2012-09-04 14:10 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-09-04 14:10 . 2012-09-04 14:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-09-04 14:10 . 2012-09-04 14:10 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-09-04 14:10 . 2012-09-04 14:10 103936 ----a-w- c:\windows\system32\inseng.dll
2012-09-04 14:10 . 2012-09-04 14:10 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-31 18:19 . 2012-10-10 12:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:19 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:19 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-11 627304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 ALSysIO;ALSysIO;c:\users\Fedo\AppData\Local\Temp\ALSysIO64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 64072]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-14 1329304]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 SearchIndexer;Search Indexer;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-09 283200]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-24 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2011-05-11 11:30]
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-29 05:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 6325424]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\d:\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-899677619-2367169523-353711658-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\d:\b*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\igfxupdate.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-11-24 22:13:07 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-24 21:13
ComboFix2.txt 2012-11-24 19:03
ComboFix3.txt 2012-11-24 12:10
.
Pre-Run: 340 692 209 664 bytes free
Post-Run: 340 597 895 168 bytes free
.
- - End Of File - - 9D17329DE346DB7CE93203FAF3EB79A2

Re: CPU vždy na 100%

Napsal: 24 lis 2012 22:28
od Rudy
Viete ako to vôobec napraviť?
Vážený uživateli. Zatěžovat procesor může defacto cokoli. Log mi řekl, že máte v PC nákazu (mimochodem dost vážnou - rootkit), kterou jsme právě odstranili. Někdy je nutné udělat více testů, abychom věděli, kde problém vězí. Takže mějte trpělivost, snad problém najdeme. Pokud trpělivost nemáte, vlevo nahoře je tlačítko "Odhlásit".

Otevřte správce úloh a zjistěte, který proces nejvíce zatěžuje systém.

Re: CPU vždy na 100%

Napsal: 24 lis 2012 22:47
od ferdis
Ja trpezlivosť mám ja len či vôbec je ešte nádej to urobiť bez preinštalovania windowsu a ja si vašu pracu veľmi cením.
Ako som uz na začiatku písal ako náhle pustim správcu nákaza zmizne a všetko je v poriadku a najvätšiu záťaž tam ma Google Chrome.
Opspravedlnujem sa ked som vás nejako urazil tým dotaz či viete ako to napraviť.

Re: CPU vždy na 100%

Napsal: 24 lis 2012 23:19
od Rudy
OK. Asi jsem si to přebral, jak jsem neměl. Nic se neděje, vysvětlil jste to. :) Stáhněte a spusťte ProcessExplorer: http://www.stahuj.centrum.cz/utility_a_ ... -explorer/ a vyhledejte v něm totéž, co v správci úloh. PE je podrobnější, zobrazí i návazné procesy.

Re: CPU vždy na 100%

Napsal: 24 lis 2012 23:26
od ferdis
Keď to mám zapnute tak ta ista reakcia ako na Správcu čiže žiadne vytaženie CPU na 100% ale pod kolonkou CPU v PE je System Idle Process s cislom cca 95, ale dole pise CPU usage cca 5%.
Ked píšem niečo zle opravte ma ale mi poradte co by som mal presnejsie pozerať.

Re: CPU vždy na 100%

Napsal: 25 lis 2012 06:34
od cernohous13
:D to je nedorozumění
Idle = nevyužitý, připravený k akci pro další spouštěné programy.
Takže vytížení CPU-5% + 95% volných systémových prostředků :wink:

:oops: a promiňte, že vám do toho lezu
Všechny časy jsou v UTC+01:00
Stránka 2 z 5

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz