Re: procesor na 100% zatížení
Napsal: 18 pro 2013 19:26
tady je nevyžádaný log, a děkuji za pomoc,taky pomůžu, podpořím fórum
ComboFix 13-12-17.02 - hp 18.12.2013 18:59:10.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4015.2804 [GMT 1:00]
Spuštěný z: c:\users\hp\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\hp\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-18 do 2013-12-18 )))))))))))))))))))))))))))))))
.
.
2013-12-17 22:33 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC4E5F5E-AD56-46C9-991C-B6AFE4F1679A}\mpengine.dll
2013-12-17 20:14 . 2013-12-17 20:18 -------- d-----w- C:\AdwCleaner
2013-12-17 16:32 . 2013-12-17 21:33 -------- d-----w- c:\program files\trend micro
2013-12-17 16:04 . 2013-12-17 16:04 -------- d-----w- C:\FRST
2013-12-15 14:26 . 2013-12-17 21:30 -------- d-----w- c:\program files (x86)\ESET
2013-12-11 22:46 . 2013-12-11 22:46 -------- d-----w- c:\users\hp\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2013-12-11 22:40 . 2013-12-11 22:40 -------- d-----w- c:\program files (x86)\OCCTPT
2013-12-11 22:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 22:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 22:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 22:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-11 22:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-11 22:25 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 22:25 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 22:25 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 22:25 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 22:25 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 22:25 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 22:25 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-11 22:25 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 22:25 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-11 22:25 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 22:25 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 22:24 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 22:24 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 22:24 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-11 22:24 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-11 22:24 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 22:24 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 22:24 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-11 22:24 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 02:17 . 2013-12-11 02:17 -------- d-----w- C:\EZ_CD_Audio_Converter_1.3.3.2_Portable
2013-12-11 01:53 . 2013-12-11 01:53 -------- d-----w- c:\windows\SysWow64\fac
2013-12-11 01:53 . 2013-12-11 01:53 -------- d-----w- c:\program files (x86)\Full Audio Converter
2013-12-11 01:46 . 2013-12-11 01:46 -------- d-----w- c:\program files (x86)\AIFF To MP3 Plus
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\program files (x86)\windealist
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\users\hp\AppData\Local\Pirrit Suggestor
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\users\hp\AppData\Roaming\Pirrit
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\program files (x86)\Pirrit
2013-12-07 10:07 . 2013-12-07 10:07 -------- d-----w- c:\program files (x86)\pazera-software
2013-12-06 06:08 . 2013-12-17 15:49 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-12-06 06:08 . 2013-12-06 06:08 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-12-04 06:14 . 2013-12-04 06:14 -------- d-----w- c:\users\hp\AppData\Roaming\Ashampoo
2013-12-04 06:13 . 2013-12-04 06:13 -------- d-----w- c:\users\hp\AppData\Local\ashampoo
2013-12-04 06:13 . 2013-12-04 06:13 -------- d-----w- c:\programdata\Ashampoo
2013-12-04 06:13 . 2013-12-04 06:13 -------- d-----w- c:\program files (x86)\Ashampoo
2013-11-29 16:21 . 2013-11-29 18:33 -------- d-----w- c:\program files (x86)\Call of Duty Ghosts
2013-11-28 04:24 . 2013-11-28 04:24 -------- d-----w- c:\programdata\McAfee Security Scan
2013-11-28 04:24 . 2013-11-28 04:24 -------- d-----w- c:\programdata\McAfee
2013-11-26 19:35 . 2013-12-16 18:54 -------- d-----w- c:\users\hp\AppData\Roaming\dvdcss
2013-11-26 04:01 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-24 14:57 . 2013-12-08 19:49 -------- d-----w- c:\users\hp\AppData\Roaming\BSplayer
2013-11-24 14:57 . 2013-11-24 14:57 -------- d-----w- c:\users\hp\AppData\Roaming\BSplayer Pro
2013-11-24 14:57 . 2013-11-24 14:57 -------- d-----w- c:\program files (x86)\Webteh
2013-11-23 19:17 . 2013-11-23 19:17 -------- d-----w- c:\users\hp\AppData\Roaming\AdobeUM
2013-11-23 07:09 . 2013-11-23 18:40 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-11-23 06:48 . 2013-11-23 06:48 -------- d-----w- c:\program files\Adobe
2013-11-23 06:47 . 2013-11-23 06:48 -------- d-----w- c:\program files\Common Files\Adobe
2013-11-23 06:46 . 2013-11-23 06:46 -------- d-----w- c:\program files (x86)\Adobe Media Player
2013-11-23 06:44 . 2013-11-23 06:44 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-11-23 06:41 . 2013-11-29 19:37 -------- d-----w- c:\users\hp\AppData\Local\Adobe
2013-11-23 05:56 . 2013-12-08 02:51 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-11-23 05:56 . 2013-12-17 15:49 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-11-23 05:20 . 2013-11-23 05:20 -------- d-----w- c:\users\hp\AppData\Local\HP
2013-11-23 05:15 . 2013-11-23 05:16 -------- d-----w- c:\users\hp\AppData\Roaming\HP
2013-11-23 05:13 . 2013-11-23 05:13 -------- d-----w- c:\programdata\WEBREG
2013-11-23 05:11 . 2013-11-23 05:11 -------- d-----w- c:\program files (x86)\Common Files\HP
2013-11-23 05:11 . 2013-11-23 05:11 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-11-23 05:02 . 2013-11-23 05:02 -------- d-----w- c:\programdata\Hewlett-Packard
2013-11-23 05:02 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2013-11-23 04:50 . 2013-11-23 05:13 -------- d-----w- c:\programdata\HP
2013-11-21 11:24 . 2013-11-26 15:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-11-21 11:24 . 2013-11-21 22:16 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-11-21 11:24 . 2013-11-26 15:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-21 11:24 . 2013-11-21 11:24 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-11-21 11:24 . 2013-11-21 11:24 -------- d-----w- c:\users\hp\AppData\Local\PunkBuster
2013-11-21 11:23 . 2013-11-21 11:23 -------- d-----w- c:\programdata\Orbit
2013-11-21 01:26 . 2013-11-21 01:26 -------- d-----w- c:\users\hp\AppData\Roaming\Milestone
2013-11-21 01:26 . 2013-11-21 01:26 -------- d-----w- c:\programdata\Steam
2013-11-21 01:25 . 2013-11-21 01:25 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2013-11-21 01:25 . 2013-11-21 01:25 -------- d-----w- c:\programdata\Logs
2013-11-20 23:54 . 2013-11-20 23:54 -------- d-----w- c:\windows\USB Vibration
2013-11-20 23:54 . 2002-08-05 09:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2013-11-20 23:54 . 2002-08-02 02:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2013-11-20 23:54 . 2002-08-02 01:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2013-11-20 23:54 . 2002-08-02 01:20 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-11-20 23:54 . 2002-08-02 01:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2013-11-20 23:54 . 2002-08-02 01:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2013-11-20 23:53 . 2013-11-20 23:53 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2013-11-20 23:53 . 2013-11-20 23:53 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2013-11-20 23:53 . 2013-11-20 23:53 -------- d-----w- c:\program files (x86)\USB Vibration
2013-11-20 23:42 . 2013-11-20 23:52 -------- d-----w- c:\program files (x86)\WRC 4 FIA World Rally Championship
2013-11-20 23:35 . 2013-11-20 23:35 -------- d-----w- c:\programdata\ATI
2013-11-20 23:35 . 2013-11-20 23:35 -------- d-----w- c:\users\hp\AppData\Roaming\ATI
2013-11-20 23:35 . 2013-11-20 23:35 -------- d-----w- c:\users\hp\AppData\Local\ATI
2013-11-20 23:34 . 2013-11-20 23:34 0 ----a-w- c:\windows\ativpsrm.bin
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\programdata\AMD
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files (x86)\AMD AVT
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files (x86)\AMD APP
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-11-20 23:31 . 2012-05-14 06:12 96896 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-11-20 23:31 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2013-11-20 23:31 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2013-11-20 23:31 . 2013-11-20 23:31 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-11-20 23:30 . 2013-11-20 23:30 -------- d-----w- c:\program files\ATI
2013-11-20 23:29 . 2013-11-20 23:32 -------- d-----w- c:\program files\ATI Technologies
2013-11-19 22:36 . 2013-12-18 03:56 -------- d-----w- c:\users\hp\AppData\Roaming\vlc
2013-11-19 22:35 . 2013-11-19 22:35 -------- d-----w- c:\program files (x86)\VideoLAN
2013-11-19 12:01 . 2013-11-19 12:01 -------- d-----w- C:\pwroff30
2013-11-19 10:51 . 2013-11-19 10:54 -------- d-----w- C:\budik
2013-11-19 00:57 . 2013-11-19 00:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-21 01:55 . 2010-02-10 08:14 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2013-11-19 02:33 . 2013-11-16 14:14 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-17 23:03 . 2013-11-17 23:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-11-17 23:03 . 2013-11-17 23:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-11-17 23:03 . 2013-11-17 23:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-11-17 23:03 . 2013-11-17 23:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-11-17 23:03 . 2013-11-17 23:03 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-11-17 23:03 . 2013-11-17 23:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-11-17 23:03 . 2013-11-17 23:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-11-17 23:03 . 2013-11-17 23:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-11-17 23:03 . 2013-11-17 23:03 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-11-17 23:03 . 2013-11-17 23:03 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-11-17 23:03 . 2013-11-17 23:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-11-17 23:03 . 2013-11-17 23:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-11-17 23:03 . 2013-11-17 23:03 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-11-17 23:03 . 2013-11-17 23:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-11-17 23:03 . 2013-11-17 23:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-11-17 23:03 . 2013-11-17 23:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-11-17 23:03 . 2013-11-17 23:03 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-11-17 23:03 . 2013-11-17 23:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-11-17 23:03 . 2013-11-17 23:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-11-17 23:03 . 2013-11-17 23:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-11-17 23:03 . 2013-11-17 23:03 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-11-17 23:03 . 2013-11-17 23:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-11-17 23:03 . 2013-11-17 23:03 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-11-17 23:03 . 2013-11-17 23:03 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-11-17 23:03 . 2013-11-17 23:03 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-11-17 23:03 . 2013-11-17 23:03 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-11-17 23:03 . 2013-11-17 23:03 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-11-17 23:03 . 2013-11-17 23:03 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-17 02:40 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-11-17 02:40 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-11-16 18:02 . 2013-11-16 17:42 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-11-16 14:27 . 2013-11-16 14:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-16 14:27 . 2013-11-16 14:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-12 02:30 . 2013-11-17 14:32 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 14:32 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 14:32 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 14:32 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 14:32 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-17 14:37 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 14:37 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-17 14:37 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-17 14:37 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-17 14:37 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-17 14:37 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-17 14:37 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-17 14:37 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-17 14:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 14:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-17 14:37 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-25 02:26 . 2013-11-17 14:37 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 02:26 . 2013-11-17 14:37 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:23 . 2013-11-17 14:37 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-25 02:23 . 2013-11-17 14:37 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 02:23 . 2013-11-17 14:37 28160 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 02:22 . 2013-11-17 14:37 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 02:21 . 2013-11-17 14:37 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 02:21 . 2013-11-17 14:37 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 01:58 . 2013-11-17 14:37 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-25 01:57 . 2013-11-17 14:37 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-25 01:57 . 2013-11-17 14:37 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-25 01:56 . 2013-11-17 14:37 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03 . 2013-11-17 14:37 30720 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"TV IR"="c:\program files (x86)\TV IR\TV IR.exe" [2011-04-13 1437184]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\MSI\TotalMedia 3.5\TMMonitor.exe [2013-11-17 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 PirritUpdater;PirritUpdater;c:\program files (x86)\Pirrit\AutoUpdater.exe;c:\program files (x86)\Pirrit\AutoUpdater.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 smsbda;DVB-T TV Stick;c:\windows\system32\drivers\smsbda.sys;c:\windows\SYSNATIVE\drivers\smsbda.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 06:44 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{AD31EC12-2C2C-43F9-BD2C-2B0C7DB55D41}: NameServer = 172.31.30.138,172.31.30.139
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Far Cry 3_is1 - c:\hry\Far Cry 3\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2013-12-18 19:09:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-18 18:09
ComboFix2.txt 2013-12-18 16:51
.
Před spuštěním: Volných bajtů: 74 553 372 672
Po spuštění: Volných bajtů: 74 238 648 320
.
- - End Of File - - 88431C0949DE5BF361FD80A2AE13D123
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-12-17.02 - hp 18.12.2013 18:59:10.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4015.2804 [GMT 1:00]
Spuštěný z: c:\users\hp\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\hp\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-18 do 2013-12-18 )))))))))))))))))))))))))))))))
.
.
2013-12-17 22:33 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC4E5F5E-AD56-46C9-991C-B6AFE4F1679A}\mpengine.dll
2013-12-17 20:14 . 2013-12-17 20:18 -------- d-----w- C:\AdwCleaner
2013-12-17 16:32 . 2013-12-17 21:33 -------- d-----w- c:\program files\trend micro
2013-12-17 16:04 . 2013-12-17 16:04 -------- d-----w- C:\FRST
2013-12-15 14:26 . 2013-12-17 21:30 -------- d-----w- c:\program files (x86)\ESET
2013-12-11 22:46 . 2013-12-11 22:46 -------- d-----w- c:\users\hp\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2013-12-11 22:40 . 2013-12-11 22:40 -------- d-----w- c:\program files (x86)\OCCTPT
2013-12-11 22:33 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 22:33 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 22:33 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 22:33 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-11 22:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-11 22:25 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 22:25 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 22:25 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 22:25 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 22:25 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 22:25 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 22:25 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-11 22:25 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 22:25 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-11 22:25 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 22:25 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 22:24 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 22:24 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 22:24 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-11 22:24 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-11 22:24 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 22:24 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 22:24 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-11 22:24 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 02:17 . 2013-12-11 02:17 -------- d-----w- C:\EZ_CD_Audio_Converter_1.3.3.2_Portable
2013-12-11 01:53 . 2013-12-11 01:53 -------- d-----w- c:\windows\SysWow64\fac
2013-12-11 01:53 . 2013-12-11 01:53 -------- d-----w- c:\program files (x86)\Full Audio Converter
2013-12-11 01:46 . 2013-12-11 01:46 -------- d-----w- c:\program files (x86)\AIFF To MP3 Plus
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\program files (x86)\windealist
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\users\hp\AppData\Local\Pirrit Suggestor
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\users\hp\AppData\Roaming\Pirrit
2013-12-07 10:08 . 2013-12-07 10:08 -------- d-----w- c:\program files (x86)\Pirrit
2013-12-07 10:07 . 2013-12-07 10:07 -------- d-----w- c:\program files (x86)\pazera-software
2013-12-06 06:08 . 2013-12-17 15:49 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-12-06 06:08 . 2013-12-06 06:08 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-12-04 06:14 . 2013-12-04 06:14 -------- d-----w- c:\users\hp\AppData\Roaming\Ashampoo
2013-12-04 06:13 . 2013-12-04 06:13 -------- d-----w- c:\users\hp\AppData\Local\ashampoo
2013-12-04 06:13 . 2013-12-04 06:13 -------- d-----w- c:\programdata\Ashampoo
2013-12-04 06:13 . 2013-12-04 06:13 -------- d-----w- c:\program files (x86)\Ashampoo
2013-11-29 16:21 . 2013-11-29 18:33 -------- d-----w- c:\program files (x86)\Call of Duty Ghosts
2013-11-28 04:24 . 2013-11-28 04:24 -------- d-----w- c:\programdata\McAfee Security Scan
2013-11-28 04:24 . 2013-11-28 04:24 -------- d-----w- c:\programdata\McAfee
2013-11-26 19:35 . 2013-12-16 18:54 -------- d-----w- c:\users\hp\AppData\Roaming\dvdcss
2013-11-26 04:01 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-24 14:57 . 2013-12-08 19:49 -------- d-----w- c:\users\hp\AppData\Roaming\BSplayer
2013-11-24 14:57 . 2013-11-24 14:57 -------- d-----w- c:\users\hp\AppData\Roaming\BSplayer Pro
2013-11-24 14:57 . 2013-11-24 14:57 -------- d-----w- c:\program files (x86)\Webteh
2013-11-23 19:17 . 2013-11-23 19:17 -------- d-----w- c:\users\hp\AppData\Roaming\AdobeUM
2013-11-23 07:09 . 2013-11-23 18:40 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-11-23 06:48 . 2013-11-23 06:48 -------- d-----w- c:\program files\Adobe
2013-11-23 06:47 . 2013-11-23 06:48 -------- d-----w- c:\program files\Common Files\Adobe
2013-11-23 06:46 . 2013-11-23 06:46 -------- d-----w- c:\program files (x86)\Adobe Media Player
2013-11-23 06:44 . 2013-11-23 06:44 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-11-23 06:41 . 2013-11-29 19:37 -------- d-----w- c:\users\hp\AppData\Local\Adobe
2013-11-23 05:56 . 2013-12-08 02:51 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-11-23 05:56 . 2013-12-17 15:49 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-11-23 05:20 . 2013-11-23 05:20 -------- d-----w- c:\users\hp\AppData\Local\HP
2013-11-23 05:15 . 2013-11-23 05:16 -------- d-----w- c:\users\hp\AppData\Roaming\HP
2013-11-23 05:13 . 2013-11-23 05:13 -------- d-----w- c:\programdata\WEBREG
2013-11-23 05:11 . 2013-11-23 05:11 -------- d-----w- c:\program files (x86)\Common Files\HP
2013-11-23 05:11 . 2013-11-23 05:11 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2013-11-23 05:02 . 2013-11-23 05:02 -------- d-----w- c:\programdata\Hewlett-Packard
2013-11-23 05:02 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2013-11-23 04:50 . 2013-11-23 05:13 -------- d-----w- c:\programdata\HP
2013-11-21 11:24 . 2013-11-26 15:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-11-21 11:24 . 2013-11-21 22:16 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-11-21 11:24 . 2013-11-26 15:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-21 11:24 . 2013-11-21 11:24 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-11-21 11:24 . 2013-11-21 11:24 -------- d-----w- c:\users\hp\AppData\Local\PunkBuster
2013-11-21 11:23 . 2013-11-21 11:23 -------- d-----w- c:\programdata\Orbit
2013-11-21 01:26 . 2013-11-21 01:26 -------- d-----w- c:\users\hp\AppData\Roaming\Milestone
2013-11-21 01:26 . 2013-11-21 01:26 -------- d-----w- c:\programdata\Steam
2013-11-21 01:25 . 2013-11-21 01:25 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2013-11-21 01:25 . 2013-11-21 01:25 -------- d-----w- c:\programdata\Logs
2013-11-20 23:54 . 2013-11-20 23:54 -------- d-----w- c:\windows\USB Vibration
2013-11-20 23:54 . 2002-08-05 09:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2013-11-20 23:54 . 2002-08-02 02:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2013-11-20 23:54 . 2002-08-02 01:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2013-11-20 23:54 . 2002-08-02 01:20 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-11-20 23:54 . 2002-08-02 01:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2013-11-20 23:54 . 2002-08-02 01:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2013-11-20 23:53 . 2013-11-20 23:53 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2013-11-20 23:53 . 2013-11-20 23:53 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2013-11-20 23:53 . 2013-11-20 23:53 -------- d-----w- c:\program files (x86)\USB Vibration
2013-11-20 23:42 . 2013-11-20 23:52 -------- d-----w- c:\program files (x86)\WRC 4 FIA World Rally Championship
2013-11-20 23:35 . 2013-11-20 23:35 -------- d-----w- c:\programdata\ATI
2013-11-20 23:35 . 2013-11-20 23:35 -------- d-----w- c:\users\hp\AppData\Roaming\ATI
2013-11-20 23:35 . 2013-11-20 23:35 -------- d-----w- c:\users\hp\AppData\Local\ATI
2013-11-20 23:34 . 2013-11-20 23:34 0 ----a-w- c:\windows\ativpsrm.bin
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\programdata\AMD
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files (x86)\AMD AVT
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files (x86)\AMD APP
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-11-20 23:32 . 2013-11-20 23:32 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-11-20 23:31 . 2012-05-14 06:12 96896 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-11-20 23:31 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2013-11-20 23:31 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2013-11-20 23:31 . 2013-11-20 23:31 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-11-20 23:30 . 2013-11-20 23:30 -------- d-----w- c:\program files\ATI
2013-11-20 23:29 . 2013-11-20 23:32 -------- d-----w- c:\program files\ATI Technologies
2013-11-19 22:36 . 2013-12-18 03:56 -------- d-----w- c:\users\hp\AppData\Roaming\vlc
2013-11-19 22:35 . 2013-11-19 22:35 -------- d-----w- c:\program files (x86)\VideoLAN
2013-11-19 12:01 . 2013-11-19 12:01 -------- d-----w- C:\pwroff30
2013-11-19 10:51 . 2013-11-19 10:54 -------- d-----w- C:\budik
2013-11-19 00:57 . 2013-11-19 00:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-21 01:55 . 2010-02-10 08:14 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2013-11-19 02:33 . 2013-11-16 14:14 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-17 23:03 . 2013-11-17 23:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-11-17 23:03 . 2013-11-17 23:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-11-17 23:03 . 2013-11-17 23:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-11-17 23:03 . 2013-11-17 23:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-11-17 23:03 . 2013-11-17 23:03 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-11-17 23:03 . 2013-11-17 23:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-11-17 23:03 . 2013-11-17 23:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-11-17 23:03 . 2013-11-17 23:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-11-17 23:03 . 2013-11-17 23:03 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-11-17 23:03 . 2013-11-17 23:03 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-11-17 23:03 . 2013-11-17 23:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-11-17 23:03 . 2013-11-17 23:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-11-17 23:03 . 2013-11-17 23:03 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-11-17 23:03 . 2013-11-17 23:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-11-17 23:03 . 2013-11-17 23:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-11-17 23:03 . 2013-11-17 23:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-11-17 23:03 . 2013-11-17 23:03 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-11-17 23:03 . 2013-11-17 23:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-11-17 23:03 . 2013-11-17 23:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-11-17 23:03 . 2013-11-17 23:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-11-17 23:03 . 2013-11-17 23:03 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-11-17 23:03 . 2013-11-17 23:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-11-17 23:03 . 2013-11-17 23:03 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-11-17 23:03 . 2013-11-17 23:03 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-11-17 23:03 . 2013-11-17 23:03 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-11-17 23:03 . 2013-11-17 23:03 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-11-17 23:03 . 2013-11-17 23:03 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-11-17 23:03 . 2013-11-17 23:03 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-17 23:03 . 2013-11-17 23:03 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-11-17 02:40 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-11-17 02:40 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-11-16 18:02 . 2013-11-16 17:42 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-11-16 14:27 . 2013-11-16 14:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-16 14:27 . 2013-11-16 14:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-12 02:30 . 2013-11-17 14:32 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 14:32 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 14:32 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 14:32 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 14:32 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-17 14:37 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 14:37 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-17 14:37 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-17 14:37 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-17 14:37 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-17 14:37 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-17 14:37 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-17 14:37 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-17 14:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 14:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-17 14:37 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-25 02:26 . 2013-11-17 14:37 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 02:26 . 2013-11-17 14:37 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:23 . 2013-11-17 14:37 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-25 02:23 . 2013-11-17 14:37 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 02:23 . 2013-11-17 14:37 28160 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 02:22 . 2013-11-17 14:37 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 02:21 . 2013-11-17 14:37 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 02:21 . 2013-11-17 14:37 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 01:58 . 2013-11-17 14:37 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-25 01:57 . 2013-11-17 14:37 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-25 01:57 . 2013-11-17 14:37 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-25 01:56 . 2013-11-17 14:37 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03 . 2013-11-17 14:37 30720 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"TV IR"="c:\program files (x86)\TV IR\TV IR.exe" [2011-04-13 1437184]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\MSI\TotalMedia 3.5\TMMonitor.exe [2013-11-17 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 PirritUpdater;PirritUpdater;c:\program files (x86)\Pirrit\AutoUpdater.exe;c:\program files (x86)\Pirrit\AutoUpdater.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 smsbda;DVB-T TV Stick;c:\windows\system32\drivers\smsbda.sys;c:\windows\SYSNATIVE\drivers\smsbda.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 06:44 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{AD31EC12-2C2C-43F9-BD2C-2B0C7DB55D41}: NameServer = 172.31.30.138,172.31.30.139
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Far Cry 3_is1 - c:\hry\Far Cry 3\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2013-12-18 19:09:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-18 18:09
ComboFix2.txt 2013-12-18 16:51
.
Před spuštěním: Volných bajtů: 74 553 372 672
Po spuštění: Volných bajtů: 74 238 648 320
.
- - End Of File - - 88431C0949DE5BF361FD80A2AE13D123
A36C5E4F47E84449FF07ED3517B43A31