VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

CPU 100%

https://forum.viry.cz:443/viewtopic.php?t=113877

Stránka 1 z 2

CPU 100%

Napsal: 28 črc 2011 17:44
od Tanaka
Zdravim,

omlouvám se že tu otravuju, ale po 3 tejdnech už si nevim rady... zkoušel sem pár antiviru (Windows antivir a NOD), vyčistit register, spybot a ad awara. Všechny něco našli, ale nic mi nepomohlo s vytížením mejch procesorů na 100% :(

Když nic nedělam max. tak koukám na web nebo puštim seriály tak se proccesory chovaj normálně, ale jakmile spustim jakoukoliv hru WoT, FEAR 3, ... který mi normalně běželi bez problému, tak mi zatížení procesoru vyskočí po pár minutách na 100% a furt to kolísá mezi normálem a 100%.

Správce úloh moc nápomocnej není, chvíli mi ten procák vytěžoval NT Kernel and system, po nalezení pár virů a jejich odstranění už to nedělá, ale pro změnu ty procesory vytěžujou sami hry se mi zdá, neboť ve využití procesoru kolísaj a chvílema to problikává že dokonce neodpovídaj. Ve hře mám pak místo nějakejch 25 fps pouze 1-6 fps.

System:
Windows 7 ulitmate
IP IV dual core 2Ghz
4096Mb RAM
Grafika: Nvidia 9500m GS 512Mb

tady posílam log z RSIT


file of random's system information tool 1.09 (written by random/random)
Run by Tanaka at 2011-07-28 18:46:58
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 23 GB (16%) free of 148 GB
Total RAM: 3070 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:47:17, on 28.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Windows\System32\perfmon.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tanaka\Desktop\RSIT.exe
C:\Program Files\trend micro\Tanaka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tanaka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Tanaka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKUS\S-1-5-21-2408523640-940453871-3699717050-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2408523640-940453871-3699717050-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 7296 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tanaka\AppData\Roaming\Mozilla\Firefox\Profiles\qdx0a8c9.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, battlefieldheroespatcher@ea.com:4.0.53.0, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, battlefieldplay4free@ea.com:1.0.53.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2405280&q="

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
SearchResults.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Tanaka\AppData\Roaming\Mozilla\Firefox\Profiles\qdx0a8c9.default\extensions\
battlefieldheroespatcher@ea.com
battlefieldplay4free@ea.com
engine@conduit.com
ffox@bandoo.com
plugin@gameplaylabs.com
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
{800b5000-a755-47e1-992b-48a1c1357f07}
{99079a25-328f-4bd4-be04-00955acaa0a7}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Tanaka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-21 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-09-23 413696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-07-06 9394792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-04-07 2145000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=C:\Program Files\Steam\steam.exe [2010-11-17 1242448]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-06-16 413072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2009-11-23 1115728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Tanaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
C:\Users\Tanaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=ac3acm.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"msacm.lhacm"=lhacm.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"VIDC.LAGS"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.VP70"=vp7vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=Ir50_32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-07-28 18:46:59 ----D---- C:\Program Files\trend micro
2011-07-28 18:46:58 ----D---- C:\rsit
2011-07-28 18:33:59 ----SHD---- C:\$RECYCLE.BIN
2011-07-28 18:33:54 ----A---- C:\ComboFix.txt
2011-07-28 18:30:36 ----D---- C:\Windows\temp
2011-07-28 18:20:25 ----A---- C:\Windows\zip.exe
2011-07-28 18:20:25 ----A---- C:\Windows\SWSC.exe
2011-07-28 18:20:25 ----A---- C:\Windows\SWREG.exe
2011-07-28 18:20:25 ----A---- C:\Windows\sed.exe
2011-07-28 18:20:25 ----A---- C:\Windows\PEV.exe
2011-07-28 18:20:25 ----A---- C:\Windows\NIRCMD.exe
2011-07-28 18:20:25 ----A---- C:\Windows\MBR.exe
2011-07-28 18:20:25 ----A---- C:\Windows\grep.exe
2011-07-28 18:19:26 ----D---- C:\Windows\ERDNT
2011-07-28 18:16:59 ----D---- C:\Qoobox
2011-07-28 15:40:31 ----D---- C:\Windows\pss
2011-07-28 13:21:07 ----D---- C:\ProgramData\IObit
2011-07-28 13:19:18 ----D---- C:\Users\Tanaka\AppData\Roaming\IObit
2011-07-28 13:19:15 ----D---- C:\Program Files\IObit
2011-07-28 13:16:29 ----D---- C:\Program Files\CPUID
2011-07-28 13:16:29 ----A---- C:\Windows\system32\drivers\cpuz135_x32.sys
2011-07-28 12:08:08 ----D---- C:\Users\Tanaka\AppData\Roaming\Systweak
2011-07-28 12:08:04 ----A---- C:\Windows\system32\roboot.exe
2011-07-28 11:27:32 ----D---- C:\Program Files\AML Products
2011-07-27 17:48:02 ----A---- C:\Windows\system32\unrar.dll
2011-07-27 17:48:01 ----A---- C:\Windows\avisplitter.ini
2011-07-27 17:48:00 ----A---- C:\Windows\system32\yv12vfw.dll
2011-07-27 17:48:00 ----A---- C:\Windows\system32\vp7vfw.dll
2011-07-27 17:47:59 ----A---- C:\Windows\system32\xvidcore.dll
2011-07-27 17:47:59 ----A---- C:\Windows\system32\ff_vfw.dll
2011-07-27 17:47:56 ----D---- C:\Program Files\K-Lite Codec Pack
2011-07-27 17:08:48 ----A---- C:\Windows\system32\mfds.dll
2011-07-27 16:51:36 ----D---- C:\Program Files\Win7codecs
2011-07-27 16:50:36 ----D---- C:\ProgramData\Win7codecs
2011-07-27 13:19:05 ----D---- C:\Program Files\TNod User & Password Finder
2011-07-27 13:15:33 ----D---- C:\ProgramData\ESET
2011-07-27 12:25:19 ----D---- C:\Program Files\ESET
2011-07-27 11:59:26 ----D---- C:\Users\Tanaka\AppData\Roaming\Malwarebytes
2011-07-27 11:59:11 ----D---- C:\ProgramData\Malwarebytes
2011-07-25 17:29:40 ----D---- C:\Ubisoft
2011-07-25 12:22:35 ----A---- C:\Windows\game.ini
2011-07-25 12:16:08 ----D---- C:\Program Files\Activision
2011-07-23 23:47:01 ----D---- C:\L10N
2011-07-23 15:40:15 ----D---- C:\Program Files\NCSoft
2011-07-23 15:39:15 ----D---- C:\Users\Tanaka\AppData\Roaming\InstallShield
2011-07-15 14:20:52 ----D---- C:\ProgramData\Bandoo
2011-07-15 14:19:50 ----D---- C:\ProgramData\boost_interprocess
2011-07-13 07:57:59 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-13 07:57:59 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-13 07:57:58 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 07:57:57 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 07:57:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 07:57:54 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 07:57:53 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 07:57:53 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 07:57:49 ----A---- C:\Windows\system32\win32k.sys
2011-07-03 22:48:42 ----A---- C:\Windows\system32\lagarith.dll
2011-06-29 16:39:20 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 16:39:15 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 16:39:15 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 16:39:14 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 16:39:13 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 16:39:13 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 16:39:13 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 16:39:13 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 16:39:12 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 16:39:12 ----A---- C:\Windows\system32\msscntrs.dll

======List of files/folders modified in the last 1 month======

2011-07-28 18:46:59 ----RD---- C:\Program Files
2011-07-28 18:35:53 ----D---- C:\Windows\system32\config
2011-07-28 18:32:45 ----D---- C:\Windows\Tasks
2011-07-28 18:32:45 ----D---- C:\Windows\system32\Tasks
2011-07-28 18:30:50 ----D---- C:\Windows
2011-07-28 18:30:50 ----A---- C:\Windows\system.ini
2011-07-28 18:30:38 ----D---- C:\Windows\system32\drivers\etc
2011-07-28 18:26:55 ----D---- C:\Windows\system32\drivers
2011-07-28 18:26:55 ----D---- C:\Windows\System32
2011-07-28 18:26:55 ----D---- C:\Windows\AppPatch
2011-07-28 18:26:53 ----D---- C:\Program Files\Common Files
2011-07-28 18:16:18 ----D---- C:\Program Files\Steam
2011-07-28 14:37:31 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-07-28 14:24:53 ----D---- C:\ProgramData
2011-07-28 14:23:01 ----SHD---- C:\Windows\Installer
2011-07-28 14:23:01 ----D---- C:\Config.Msi
2011-07-28 14:22:32 ----D---- C:\Program Files\GTactix
2011-07-28 14:22:25 ----SHD---- C:\System Volume Information
2011-07-28 14:22:13 ----D---- C:\Program Files\Google
2011-07-28 14:19:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-28 14:17:48 ----D---- C:\Program Files\Mafia 2
2011-07-28 14:13:41 ----D---- C:\Program Files\Uniblue
2011-07-28 14:13:07 ----D---- C:\Windows\system32\LogFiles
2011-07-28 13:11:46 ----D---- C:\Windows\Prefetch
2011-07-28 12:38:56 ----SD---- C:\ProgramData\Microsoft
2011-07-28 12:17:47 ----D---- C:\Users\Tanaka\AppData\Roaming\DAEMON Tools Lite
2011-07-28 12:17:46 ----D---- C:\Users\Tanaka\AppData\Roaming\Ventrilo
2011-07-28 12:17:46 ----D---- C:\Users\Tanaka\AppData\Roaming\TS3Client
2011-07-28 12:17:32 ----D---- C:\Windows\Logs
2011-07-28 12:17:32 ----D---- C:\Windows\debug
2011-07-28 12:15:14 ----D---- C:\Program Files\CCleaner
2011-07-28 11:51:33 ----D---- C:\Windows\system32\catroot2
2011-07-28 11:41:47 ----D---- C:\Program Files\Mozilla Firefox
2011-07-27 21:30:52 ----RASH---- C:\BOOTSECT.BAK
2011-07-27 21:30:51 ----D---- C:\Boot
2011-07-27 21:14:55 ----D---- C:\NVIDIA
2011-07-27 13:06:19 ----D---- C:\Windows\system32\DriverStore
2011-07-27 13:06:19 ----D---- C:\Windows\system32\catroot
2011-07-27 13:06:19 ----D---- C:\Windows\inf
2011-07-27 12:21:23 ----D---- C:\Program Files\XTB-Trader Contest
2011-07-27 12:15:53 ----D---- C:\Windows\Minidump
2011-07-27 12:10:49 ----HD---- C:\Windows\system32\GroupPolicy
2011-07-25 17:44:51 ----RSD---- C:\Windows\assembly
2011-07-23 23:43:43 ----SD---- C:\Windows\system32\Microsoft
2011-07-22 01:50:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-21 12:48:37 ----D---- C:\Program Files\Microsoft Office
2011-07-18 16:11:24 ----D---- C:\Users\Tanaka\AppData\Roaming\PC Suite
2011-07-17 19:59:55 ----D---- C:\ProgramData\Tunngle
2011-07-16 22:07:40 ----D---- C:\Users\Tanaka\AppData\Roaming\Tunngle
2011-07-16 22:07:13 ----D---- C:\Program Files\Tunngle
2011-07-15 12:48:15 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-13 21:50:53 ----D---- C:\Program Files\Common Files\Steam
2011-07-13 20:53:26 ----D---- C:\Windows\winsxs
2011-07-13 20:49:45 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2011-07-13 20:38:34 ----A---- C:\Windows\system32\MRT.exe
2011-07-13 20:38:12 ----D---- C:\ProgramData\Microsoft Help
2011-07-12 23:23:16 ----D---- C:\Program Files\SpeedFan
2011-07-10 15:02:08 ----RSD---- C:\Windows\Fonts
2011-06-29 18:54:51 ----D---- C:\Windows\rescache
2011-06-29 17:17:03 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2010-12-18 21696]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-06 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 96896]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-08-19 15392]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-07-06 3132712]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2011-03-14 54824]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S1 MpKsl054ae891;MpKsl054ae891; C:\Windows\system32\drivers\MpKsl054ae891.sys []
S1 MpKsl07aff2e2;MpKsl07aff2e2; C:\Windows\system32\drivers\MpKsl07aff2e2.sys []
S1 MpKsl0bbca275;MpKsl0bbca275; C:\Windows\system32\drivers\MpKsl0bbca275.sys []
S1 MpKsl0fba0df6;MpKsl0fba0df6; C:\Windows\system32\drivers\MpKsl0fba0df6.sys []
S1 MpKsl18bc4799;MpKsl18bc4799; C:\Windows\system32\drivers\MpKsl18bc4799.sys []
S1 MpKsl1917f015;MpKsl1917f015; C:\Windows\system32\drivers\MpKsl1917f015.sys []
S1 MpKsl24f38cae;MpKsl24f38cae; C:\Windows\system32\drivers\MpKsl24f38cae.sys []
S1 MpKsl30bb028c;MpKsl30bb028c; C:\Windows\system32\drivers\MpKsl30bb028c.sys []
S1 MpKsl397f35d8;MpKsl397f35d8; C:\Windows\system32\drivers\MpKsl397f35d8.sys []
S1 MpKsl43134444;MpKsl43134444; C:\Windows\system32\drivers\MpKsl43134444.sys []
S1 MpKsl43285541;MpKsl43285541; C:\Windows\system32\drivers\MpKsl43285541.sys []
S1 MpKsl4a796a32;MpKsl4a796a32; C:\Windows\system32\drivers\MpKsl4a796a32.sys []
S1 MpKsl4cd6f7be;MpKsl4cd6f7be; C:\Windows\system32\drivers\MpKsl4cd6f7be.sys []
S1 MpKsl500512aa;MpKsl500512aa; C:\Windows\system32\drivers\MpKsl500512aa.sys []
S1 MpKsl51c2c329;MpKsl51c2c329; C:\Windows\system32\drivers\MpKsl51c2c329.sys []
S1 MpKsl5362d88d;MpKsl5362d88d; C:\Windows\system32\drivers\MpKsl5362d88d.sys []
S1 MpKsl60d9c3d2;MpKsl60d9c3d2; C:\Windows\system32\drivers\MpKsl60d9c3d2.sys []
S1 MpKsl651d4d48;MpKsl651d4d48; C:\Windows\system32\drivers\MpKsl651d4d48.sys []
S1 MpKsl6f394020;MpKsl6f394020; C:\Windows\system32\drivers\MpKsl6f394020.sys []
S1 MpKsl778d3cd0;MpKsl778d3cd0; C:\Windows\system32\drivers\MpKsl778d3cd0.sys []
S1 MpKsl77c79a5d;MpKsl77c79a5d; C:\Windows\system32\drivers\MpKsl77c79a5d.sys []
S1 MpKsl7fa040a6;MpKsl7fa040a6; C:\Windows\system32\drivers\MpKsl7fa040a6.sys []
S1 MpKsl829e5603;MpKsl829e5603; C:\Windows\system32\drivers\MpKsl829e5603.sys []
S1 MpKsl8962b09c;MpKsl8962b09c; C:\Windows\system32\drivers\MpKsl8962b09c.sys []
S1 MpKsl9b14652e;MpKsl9b14652e; C:\Windows\system32\drivers\MpKsl9b14652e.sys []
S1 MpKsl9b8a187b;MpKsl9b8a187b; C:\Windows\system32\drivers\MpKsl9b8a187b.sys []
S1 MpKsl9d3d4da1;MpKsl9d3d4da1; C:\Windows\system32\drivers\MpKsl9d3d4da1.sys []
S1 MpKslb21fccc1;MpKslb21fccc1; C:\Windows\system32\drivers\MpKslb21fccc1.sys []
S1 MpKslbc0c900e;MpKslbc0c900e; C:\Windows\system32\drivers\MpKslbc0c900e.sys []
S1 MpKslcbaca8ab;MpKslcbaca8ab; C:\Windows\system32\drivers\MpKslcbaca8ab.sys []
S1 MpKslce0233b1;MpKslce0233b1; C:\Windows\system32\drivers\MpKslce0233b1.sys []
S1 MpKsld328064c;MpKsld328064c; C:\Windows\system32\drivers\MpKsld328064c.sys []
S1 MpKsle019e5cb;MpKsle019e5cb; C:\Windows\system32\drivers\MpKsle019e5cb.sys []
S1 MpKsle471910a;MpKsle471910a; C:\Windows\system32\drivers\MpKsle471910a.sys []
S1 MpKsleefa2d95;MpKsleefa2d95; C:\Windows\system32\drivers\MpKsleefa2d95.sys []
S1 MpKslf52ea44b;MpKslf52ea44b; C:\Windows\system32\drivers\MpKslf52ea44b.sys []
S1 MpKslf7f3bd99;MpKslf7f3bd99; C:\Windows\system32\drivers\MpKslf7f3bd99.sys []
S1 MpKslfc2a0f9e;MpKslfc2a0f9e; C:\Windows\system32\drivers\MpKslfc2a0f9e.sys []
S1 MpKslfd1ad6ca;MpKslfd1ad6ca; C:\Windows\system32\drivers\MpKslfd1ad6ca.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 51200]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\Tanaka\AppData\Local\Temp\catchme.sys []
S3 EagleNT;EagleNT; C:\Windows\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2009-12-04 17408]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2010-12-02 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-06-16 353168]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 810120]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2009-12-04 99896]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2011-07-15 741624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-01 136176]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-04-07 33560]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-07-13 411432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Re: CPU 100%

Napsal: 28 črc 2011 19:15
od Rudy
Dávat log z RSIT po skenu ComboFix je nesmysl, neboť CF smaže všechny stopy po nákaze. Otevřte soubor C:\combofix.txt a jeho obsah sem zkopírujte.

Re: CPU 100%

Napsal: 28 črc 2011 19:43
od Tanaka
omlouvám se dělam to poprvé:)

ComboFix 11-07-28.04 - Tanaka 28.07.2011 18:22:47.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.2009 [GMT 2:00]
Spuštěný z: c:\users\Tanaka\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
.
.
2011-07-28 11:21 . 2011-07-28 11:21 -------- d-----w- c:\programdata\IObit
2011-07-28 11:19 . 2011-07-28 11:19 -------- d-----w- c:\users\Tanaka\AppData\Roaming\IObit
2011-07-28 11:19 . 2011-07-28 11:19 -------- d-----w- c:\program files\IObit
2011-07-28 11:16 . 2011-07-28 11:16 -------- d-----w- c:\program files\CPUID
2011-07-28 11:16 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-07-28 10:08 . 2011-07-28 10:15 -------- d-----w- c:\users\Tanaka\AppData\Roaming\Systweak
2011-07-28 10:08 . 2011-07-07 11:26 17280 ----a-w- c:\windows\system32\roboot.exe
2011-07-28 09:27 . 2000-05-22 14:58 608448 ----a-w- c:\windows\system32\comctl32.ocx
2011-07-28 09:27 . 2011-07-28 09:27 -------- d-----w- c:\program files\AML Products
2011-07-28 05:04 . 2011-07-20 07:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DCF5818-F0BF-454A-A1CE-F0BB5954298D}\mpengine.dll
2011-07-27 15:48 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2011-07-27 15:48 . 2010-11-03 18:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-27 15:48 . 2006-04-02 12:47 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-07-27 15:47 . 2011-07-22 08:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-27 15:47 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-27 15:47 . 2011-07-27 15:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-27 15:08 . 2010-11-20 12:19 296448 ----a-w- c:\windows\system32\mfds.dll
2011-07-27 14:51 . 2011-07-27 15:36 -------- d-----w- c:\program files\Win7codecs
2011-07-27 14:50 . 2011-07-27 15:36 -------- d-----w- c:\programdata\Win7codecs
2011-07-27 11:46 . 2011-07-27 11:46 -------- d-----w- c:\users\Tanaka\AppData\Local\ESET
2011-07-27 11:19 . 2011-07-27 11:19 -------- d-----w- c:\program files\TNod User & Password Finder
2011-07-27 10:25 . 2011-07-27 11:15 -------- d-----w- c:\program files\ESET
2011-07-27 09:59 . 2011-07-27 09:59 -------- d-----w- c:\users\Tanaka\AppData\Roaming\Malwarebytes
2011-07-27 09:59 . 2011-07-27 09:59 -------- d-----w- c:\programdata\Malwarebytes
2011-07-25 15:29 . 2011-07-25 15:29 -------- d-----w- C:\Ubisoft
2011-07-25 10:16 . 2011-07-25 15:47 -------- d-----w- c:\program files\Activision
2011-07-23 21:47 . 2011-07-23 21:47 -------- d-----w- C:\L10N
2011-07-23 13:41 . 2011-07-23 13:41 -------- d-----w- c:\users\Tanaka\AppData\Local\assembly
2011-07-23 13:40 . 2011-07-23 13:41 -------- d-----w- c:\program files\NCSoft
2011-07-23 13:39 . 2011-07-23 13:39 -------- d-----w- c:\users\Tanaka\AppData\Roaming\InstallShield
2011-07-15 12:20 . 2011-07-15 12:21 -------- d-----w- c:\programdata\Bandoo
2011-07-15 12:20 . 2011-07-15 12:20 -------- d-----w- c:\users\Tanaka\AppData\Local\Ilivid Player
2011-07-15 12:19 . 2011-07-16 11:15 -------- d-----w- c:\programdata\boost_interprocess
2011-07-15 09:53 . 2011-07-15 09:53 -------- d-----w- c:\users\Tanaka\AppData\Local\WinZip
2011-07-03 20:48 . 2011-07-03 20:48 147456 ----a-w- c:\windows\system32\lagarith.dll
2011-06-29 14:39 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 14:39 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 14:39 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 14:39 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 14:39 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 14:39 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 14:39 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 14:39 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 14:39 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 14:39 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 14:17 . 2011-03-19 19:00 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-06-28 17:48 . 2010-03-22 22:09 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-26 14:04 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-24 14:44 . 2011-06-17 07:26 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2011-06-10 05:22 . 2011-06-11 17:06 32768 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\steam_api.dll
2011-06-10 04:12 . 2011-06-11 17:06 7483992 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\Engine.dll
2011-06-09 21:04 . 2011-06-11 17:06 294456 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\DukeForever.exe
2011-06-09 20:34 . 2011-06-11 17:06 448000 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\mss32.dll
2011-06-09 20:34 . 2011-06-11 17:06 79872 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\UWindow.dll
2011-06-09 20:34 . 2011-06-11 17:06 1723392 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\meqon.dll
2011-06-09 20:34 . 2011-06-11 17:06 43520 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\NullRenDev.dll
2011-06-09 20:34 . 2011-06-11 17:06 141312 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\MilesAudio.dll
2011-06-09 20:34 . 2011-06-11 17:06 664120 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\dnCommon.dll
2011-06-09 20:34 . 2011-06-11 17:06 607288 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\dnGame.dll
2011-06-09 20:34 . 2011-06-11 17:06 348216 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\dnAnimation.dll
2011-06-09 20:34 . 2011-06-11 17:06 1053240 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\dnAI.dll
2011-06-09 20:34 . 2011-06-11 17:06 93696 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\Fire.dll
2011-06-09 20:34 . 2011-06-11 17:06 743424 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\D3DDrv9.dll
2011-06-09 20:34 . 2011-06-11 17:06 1309696 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\Editor.dll
2011-06-09 20:34 . 2011-06-11 17:06 187392 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\binkw32.dll
2011-06-09 20:34 . 2011-06-11 17:06 9216 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\3DRDebugLib.dll
2011-06-09 20:34 . 2011-06-11 17:06 38912 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\BugHandler.dll
2011-06-09 20:10 . 2011-06-11 17:06 177720 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Razor 1911\Duke Nukem Forever\System\dnVehicles.dll
2011-05-28 02:53 . 2011-06-15 15:43 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2010-03-22 14:39 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 06:01 . 2011-06-07 18:35 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2011-06-07 18:35 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2011-06-07 18:35 301672 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2011-06-07 18:35 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2011-06-07 18:35 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-21 06:01 . 2011-06-07 18:35 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2011-06-07 18:35 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2011-06-07 18:34 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-21 06:01 . 2011-06-07 18:23 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-05-21 06:01 . 2011-06-07 18:23 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-21 06:01 . 2011-06-07 18:23 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-21 06:01 . 2011-06-07 18:23 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-21 06:01 . 2011-06-07 18:23 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-21 06:01 . 2011-06-07 18:23 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-21 06:01 . 2011-06-07 18:23 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-21 06:01 . 2011-06-07 18:23 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-21 06:01 . 2011-06-07 18:23 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-21 06:01 . 2011-06-07 18:23 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-21 06:01 . 2011-06-07 18:23 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-21 06:01 . 2011-06-07 18:23 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-21 06:01 . 2011-06-07 18:23 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-17 07:46 . 2010-03-22 14:56 141032 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-05-17 07:46 . 2010-03-22 15:38 281200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-05-17 07:46 . 2010-03-22 14:55 281200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-05-15 07:55 . 2010-03-22 14:56 138056 ----a-w- c:\users\Tanaka\AppData\Roaming\PnkBstrK.sys
2011-05-15 07:55 . 2010-03-22 14:55 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-05-15 07:54 . 2010-03-22 14:55 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-05-03 04:30 . 2011-06-15 15:43 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 04:30 . 2011-03-22 15:14 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="c:\program files\Steam\steam.exe" [2010-11-17 1242448]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-06-16 413072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-09-23 413696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-06 9394792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=""
.
[HKLM\~\startupfolder\C:^Users^Tanaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\users\Tanaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-11-23 14:21 1115728 ----a-w- c:\program files\Launch Manager\LManager.exe
.
R1 MpKsl054ae891;MpKsl054ae891; [x]
R1 MpKsl07aff2e2;MpKsl07aff2e2; [x]
R1 MpKsl0bbca275;MpKsl0bbca275; [x]
R1 MpKsl0fba0df6;MpKsl0fba0df6; [x]
R1 MpKsl18bc4799;MpKsl18bc4799; [x]
R1 MpKsl1917f015;MpKsl1917f015; [x]
R1 MpKsl24f38cae;MpKsl24f38cae; [x]
R1 MpKsl30bb028c;MpKsl30bb028c; [x]
R1 MpKsl397f35d8;MpKsl397f35d8; [x]
R1 MpKsl43134444;MpKsl43134444; [x]
R1 MpKsl43285541;MpKsl43285541; [x]
R1 MpKsl4a796a32;MpKsl4a796a32; [x]
R1 MpKsl4cd6f7be;MpKsl4cd6f7be; [x]
R1 MpKsl500512aa;MpKsl500512aa; [x]
R1 MpKsl51c2c329;MpKsl51c2c329; [x]
R1 MpKsl5362d88d;MpKsl5362d88d; [x]
R1 MpKsl60d9c3d2;MpKsl60d9c3d2; [x]
R1 MpKsl651d4d48;MpKsl651d4d48; [x]
R1 MpKsl6f394020;MpKsl6f394020; [x]
R1 MpKsl778d3cd0;MpKsl778d3cd0; [x]
R1 MpKsl77c79a5d;MpKsl77c79a5d; [x]
R1 MpKsl7fa040a6;MpKsl7fa040a6; [x]
R1 MpKsl829e5603;MpKsl829e5603; [x]
R1 MpKsl8962b09c;MpKsl8962b09c; [x]
R1 MpKsl9b14652e;MpKsl9b14652e; [x]
R1 MpKsl9b8a187b;MpKsl9b8a187b; [x]
R1 MpKsl9d3d4da1;MpKsl9d3d4da1; [x]
R1 MpKslb21fccc1;MpKslb21fccc1; [x]
R1 MpKslbc0c900e;MpKslbc0c900e; [x]
R1 MpKslcbaca8ab;MpKslcbaca8ab; [x]
R1 MpKslce0233b1;MpKslce0233b1; [x]
R1 MpKsld328064c;MpKsld328064c; [x]
R1 MpKsle019e5cb;MpKsle019e5cb; [x]
R1 MpKsle471910a;MpKsle471910a; [x]
R1 MpKsleefa2d95;MpKsleefa2d95; [x]
R1 MpKslf52ea44b;MpKslf52ea44b; [x]
R1 MpKslf7f3bd99;MpKslf7f3bd99; [x]
R1 MpKslfc2a0f9e;MpKslfc2a0f9e; [x]
R1 MpKslfd1ad6ca;MpKslfd1ad6ca; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-01 136176]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 51200]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2009-12-03 17408]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-12-02 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-06 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-06-16 353168]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 96896]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2009-12-03 99896]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-07-15 741624]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-01 15:00]
.
2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-01 15:00]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\35C4F464552514C4: DhcpNameServer = 81.25.16.250 81.25.28.250
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\36C61637379636F5261627: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\75C45323037434F58584D6B6: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\B46434: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Tanaka\AppData\Roaming\Mozilla\Firefox\Profiles\qdx0a8c9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic-Eng7 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
Toolbar-10 - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2408523640-940453871-3699717050-1000\Software\SecuROM\License information*]
"datasecu"=hex:aa,f9,76,f5,c1,47,68,6e,1d,9d,85,3a,49,8e,bb,2f,0e,b9,e2,6e,d2,
3c,d8,78,fd,09,67,f1,c5,af,63,3b,b7,b2,81,a9,87,15,a3,86,c5,39,84,88,3c,4b,\
"rkeysecu"=hex:ce,87,7a,fc,58,c7,62,8d,08,d3,2d,9b,d2,dc,1d,f0
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-28 18:33:54
ComboFix-quarantined-files.txt 2011-07-28 16:33
.
Před spuštěním: Volných bajtů: 24 764 137 472
Po spuštění: Volných bajtů: 24 371 781 632
.
- - End Of File - - 7C537E287D6F15DBB6615D180F5542CE

Re: CPU 100%

Napsal: 28 črc 2011 20:02
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Driver::
MpKsl054ae891
MpKsl07aff2e2
MpKsl0bbca275
MpKsl0fba0df6
MpKsl18bc4799
MpKsl1917f015
MpKsl24f38cae
MpKsl30bb028c
MpKsl397f35d8
MpKsl43134444
MpKsl43285541
MpKsl4a796a32
MpKsl4cd6f7be
MpKsl500512aa
MpKsl51c2c329
MpKsl5362d88d
MpKsl60d9c3d2
MpKsl651d4d48
MpKsl6f394020
MpKsl778d3cd0
MpKsl77c79a5d
MpKsl7fa040a6
MpKsl829e5603
MpKsl8962b09c
MpKsl9b14652e
MpKsl9b8a187b
MpKsl9d3d4da1
MpKslb21fccc1
MpKslbc0c900e
MpKslcbaca8ab
MpKslce0233b1
MpKsld328064c
MpKsle019e5cb
MpKsle471910a
MpKsleefa2d95
MpKslf52ea44b
MpKslf7f3bd99
MpKslfc2a0f9e
MpKslfd1ad6ca
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: CPU 100%

Napsal: 28 črc 2011 20:40
od Tanaka
tak tady to je, udělal sm to přesně podle návodu tak snad sme něco nepos*al :)

ComboFix 11-07-28.06 - Tanaka 28.07.2011 21:23:12.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.1811 [GMT 2:00]
Spuštěný z: c:\users\Tanaka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tanaka\Desktop\CFScript.txt.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MPKSL054AE891
-------\Legacy_MPKSL07AFF2E2
-------\Legacy_MPKSL0BBCA275
-------\Legacy_MPKSL0FBA0DF6
-------\Legacy_MPKSL18BC4799
-------\Legacy_MPKSL1917F015
-------\Legacy_MPKSL24F38CAE
-------\Legacy_MPKSL30BB028C
-------\Legacy_MPKSL397F35D8
-------\Legacy_MPKSL43134444
-------\Legacy_MPKSL43285541
-------\Legacy_MPKSL4A796A32
-------\Legacy_MPKSL4CD6F7BE
-------\Legacy_MPKSL500512AA
-------\Legacy_MPKSL51C2C329
-------\Legacy_MPKSL5362D88D
-------\Legacy_MPKSL651D4D48
-------\Legacy_MPKSL6F394020
-------\Legacy_MPKSL778D3CD0
-------\Legacy_MPKSL77C79A5D
-------\Legacy_MPKSL7FA040A6
-------\Legacy_MPKSL829E5603
-------\Legacy_MPKSL8962B09C
-------\Legacy_MPKSL9B14652E
-------\Legacy_MPKSL9B8A187B
-------\Legacy_MPKSL9D3D4DA1
-------\Legacy_MPKSLB21FCCC1
-------\Legacy_MPKSLBC0C900E
-------\Legacy_MPKSLCBACA8AB
-------\Legacy_MPKSLCE0233B1
-------\Legacy_MPKSLD328064C
-------\Legacy_MPKSLE019E5CB
-------\Legacy_MPKSLE471910A
-------\Legacy_MPKSLEEFA2D95
-------\Legacy_MPKSLF52EA44B
-------\Legacy_MPKSLF7F3BD99
-------\Legacy_MPKSLFC2A0F9E
-------\Legacy_MPKSLFD1AD6CA
-------\Service_MpKsl054ae891
-------\Service_MpKsl07aff2e2
-------\Service_MpKsl0bbca275
-------\Service_MpKsl0fba0df6
-------\Service_MpKsl18bc4799
-------\Service_MpKsl1917f015
-------\Service_MpKsl24f38cae
-------\Service_MpKsl30bb028c
-------\Service_MpKsl397f35d8
-------\Service_MpKsl43134444
-------\Service_MpKsl43285541
-------\Service_MpKsl4a796a32
-------\Service_MpKsl4cd6f7be
-------\Service_MpKsl500512aa
-------\Service_MpKsl51c2c329
-------\Service_MpKsl5362d88d
-------\Service_MpKsl60d9c3d2
-------\Service_MpKsl651d4d48
-------\Service_MpKsl6f394020
-------\Service_MpKsl778d3cd0
-------\Service_MpKsl77c79a5d
-------\Service_MpKsl7fa040a6
-------\Service_MpKsl829e5603
-------\Service_MpKsl8962b09c
-------\Service_MpKsl9b14652e
-------\Service_MpKsl9b8a187b
-------\Service_MpKsl9d3d4da1
-------\Service_MpKslb21fccc1
-------\Service_MpKslbc0c900e
-------\Service_MpKslcbaca8ab
-------\Service_MpKslce0233b1
-------\Service_MpKsld328064c
-------\Service_MpKsle019e5cb
-------\Service_MpKsle471910a
-------\Service_MpKsleefa2d95
-------\Service_MpKslf52ea44b
-------\Service_MpKslf7f3bd99
-------\Service_MpKslfc2a0f9e
-------\Service_MpKslfd1ad6ca
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
.
.
2011-07-28 19:31 . 2011-07-28 19:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-28 19:31 . 2011-07-28 19:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-28 18:07 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-28 18:07 . 2011-07-28 18:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-28 18:07 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-28 16:46 . 2011-07-28 18:12 -------- d-----w- c:\program files\trend micro
2011-07-28 16:46 . 2011-07-28 16:47 -------- d-----w- C:\rsit
2011-07-28 16:33 . 2011-07-28 19:35 -------- d-----w- c:\users\Tanaka\AppData\Local\temp
2011-07-28 11:21 . 2011-07-28 11:21 -------- d-----w- c:\programdata\IObit
2011-07-28 11:19 . 2011-07-28 11:19 -------- d-----w- c:\users\Tanaka\AppData\Roaming\IObit
2011-07-28 11:19 . 2011-07-28 11:19 -------- d-----w- c:\program files\IObit
2011-07-28 10:08 . 2011-07-28 10:15 -------- d-----w- c:\users\Tanaka\AppData\Roaming\Systweak
2011-07-28 10:08 . 2011-07-07 11:26 17280 ----a-w- c:\windows\system32\roboot.exe
2011-07-28 09:27 . 2000-05-22 14:58 608448 ----a-w- c:\windows\system32\comctl32.ocx
2011-07-28 09:27 . 2011-07-28 09:27 -------- d-----w- c:\program files\AML Products
2011-07-28 05:04 . 2011-07-20 07:44 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DCF5818-F0BF-454A-A1CE-F0BB5954298D}\mpengine.dll
2011-07-27 15:48 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2011-07-27 15:48 . 2010-11-03 18:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-27 15:48 . 2006-04-02 12:47 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-07-27 15:47 . 2011-07-22 08:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-27 15:47 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-27 15:47 . 2011-07-27 15:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-27 15:08 . 2010-11-20 12:19 296448 ----a-w- c:\windows\system32\mfds.dll
2011-07-27 14:51 . 2011-07-27 15:36 -------- d-----w- c:\program files\Win7codecs
2011-07-27 14:50 . 2011-07-27 15:36 -------- d-----w- c:\programdata\Win7codecs
2011-07-27 11:46 . 2011-07-27 11:46 -------- d-----w- c:\users\Tanaka\AppData\Local\ESET
2011-07-27 11:19 . 2011-07-27 11:19 -------- d-----w- c:\program files\TNod User & Password Finder
2011-07-27 10:25 . 2011-07-27 11:15 -------- d-----w- c:\program files\ESET
2011-07-27 09:59 . 2011-07-27 09:59 -------- d-----w- c:\users\Tanaka\AppData\Roaming\Malwarebytes
2011-07-27 09:59 . 2011-07-27 09:59 -------- d-----w- c:\programdata\Malwarebytes
2011-07-25 15:29 . 2011-07-25 15:29 -------- d-----w- C:\Ubisoft
2011-07-25 10:16 . 2011-07-25 15:47 -------- d-----w- c:\program files\Activision
2011-07-23 21:47 . 2011-07-23 21:47 -------- d-----w- C:\L10N
2011-07-23 13:41 . 2011-07-23 13:41 -------- d-----w- c:\users\Tanaka\AppData\Local\assembly
2011-07-23 13:40 . 2011-07-23 13:41 -------- d-----w- c:\program files\NCSoft
2011-07-23 13:39 . 2011-07-23 13:39 -------- d-----w- c:\users\Tanaka\AppData\Roaming\InstallShield
2011-07-15 12:20 . 2011-07-15 12:21 -------- d-----w- c:\programdata\Bandoo
2011-07-15 12:20 . 2011-07-15 12:20 -------- d-----w- c:\users\Tanaka\AppData\Local\Ilivid Player
2011-07-15 12:19 . 2011-07-16 11:15 -------- d-----w- c:\programdata\boost_interprocess
2011-07-15 09:53 . 2011-07-15 09:53 -------- d-----w- c:\users\Tanaka\AppData\Local\WinZip
2011-07-03 20:48 . 2011-07-03 20:48 147456 ----a-w- c:\windows\system32\lagarith.dll
2011-06-29 14:39 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 14:39 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 14:39 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 14:39 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 14:39 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 14:39 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 14:39 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 14:39 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 14:39 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 14:39 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-16 14:17 . 2011-03-19 19:00 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-06-28 17:48 . 2010-03-22 22:09 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-26 14:04 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-24 14:44 . 2011-06-17 07:26 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-28 02:53 . 2011-06-15 15:43 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2010-03-22 14:39 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 06:01 . 2011-06-07 18:35 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2011-06-07 18:35 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2011-06-07 18:35 301672 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2011-06-07 18:35 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2011-06-07 18:35 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-21 06:01 . 2011-06-07 18:35 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2011-06-07 18:35 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2011-06-07 18:34 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-21 06:01 . 2011-06-07 18:23 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-05-21 06:01 . 2011-06-07 18:23 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-21 06:01 . 2011-06-07 18:23 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-21 06:01 . 2011-06-07 18:23 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-21 06:01 . 2011-06-07 18:23 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-21 06:01 . 2011-06-07 18:23 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-21 06:01 . 2011-06-07 18:23 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-21 06:01 . 2011-06-07 18:23 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-21 06:01 . 2011-06-07 18:23 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-21 06:01 . 2011-06-07 18:23 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-21 06:01 . 2011-06-07 18:23 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-21 06:01 . 2011-06-07 18:23 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-21 06:01 . 2011-06-07 18:23 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-17 07:46 . 2010-03-22 14:56 141032 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-05-17 07:46 . 2010-03-22 15:38 281200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-05-17 07:46 . 2010-03-22 14:55 281200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-05-15 07:55 . 2010-03-22 14:56 138056 ----a-w- c:\users\Tanaka\AppData\Roaming\PnkBstrK.sys
2011-05-15 07:55 . 2010-03-22 14:55 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-05-15 07:54 . 2010-03-22 14:55 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-05-03 04:30 . 2011-06-15 15:43 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 04:30 . 2011-03-22 15:14 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="c:\program files\Steam\steam.exe" [2010-11-17 1242448]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-06-16 413072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-09-23 413696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-06 9394792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=""
.
[HKLM\~\startupfolder\C:^Users^Tanaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\users\Tanaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-11-23 14:21 1115728 ----a-w- c:\program files\Launch Manager\LManager.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 51200]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2009-12-03 17408]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-12-02 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-06 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-06-16 353168]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-04-07 96896]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2009-12-03 99896]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-07-15 741624]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 11:19]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\35C4F464552514C4: DhcpNameServer = 81.25.16.250 81.25.28.250
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\36C61637379636F5261627: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\75C45323037434F58584D6B6: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2D8321C4-D424-4DDA-A4FB-23E90FB67789}\B46434: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Tanaka\AppData\Roaming\Mozilla\Firefox\Profiles\qdx0a8c9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic-Eng7 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
AddRemove-{F2E23139-3404-4E3C-9855-7724415D62A5} - c:\program files\Common Files\BioWare\Uninstall Dragon Age 2.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2408523640-940453871-3699717050-1000\Software\SecuROM\License information*]
"datasecu"=hex:aa,f9,76,f5,c1,47,68,6e,1d,9d,85,3a,49,8e,bb,2f,0e,b9,e2,6e,d2,
3c,d8,78,fd,09,67,f1,c5,af,63,3b,b7,b2,81,a9,87,15,a3,86,c5,39,84,88,3c,4b,\
"rkeysecu"=hex:ce,87,7a,fc,58,c7,62,8d,08,d3,2d,9b,d2,dc,1d,f0
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5644)
c:\windows\System32\SysHook.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Advanced SystemCare 4\PMonitor.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-28 21:39:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-28 19:39
ComboFix2.txt 2011-07-28 16:33
.
Před spuštěním: Volných bajtů: 24 819 019 776
Po spuštění: Volných bajtů: 24 304 148 480
.
- - End Of File - - F961FB93F4DE33874742D5BB05676924

Re: CPU 100%

Napsal: 28 črc 2011 21:13
od Rudy
Smazáno. Tento soubor: c:\windows\system32\roboot.exe otestujte online na www.virustotal.com . Výsledek oznamte.

Re: CPU 100%

Napsal: 28 črc 2011 21:27
od Tanaka
File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

MD5: be083e16a50a441ecdf9dc9a6faeda6a
Date first seen: 2011-07-07 22:41:01 (UTC)
Date last seen: 2011-07-07 22:41:01 (UTC)
Detection ratio: 0/43

Re: CPU 100%

Napsal: 28 črc 2011 21:37
od Rudy
Soubor je v pořádku a tím pádem by měl být komp čistý. Používáte WindowsDefender a Ad-Aware. jeden z nich odinstalujte, může docházet k sw kolizi. Nastala nějaká změna?

Re: CPU 100%

Napsal: 28 črc 2011 21:52
od Tanaka
ouk, odinstaluju. Ano zlepšení tak o 75% už je to rozhodně hratelné.

Ví se přibližně kde byla chyba???

Každopádně Vám strašně moc děkuji a děkuji za Váš čas a kvalitní pomoc:)

Re: CPU 100%

Napsal: 28 črc 2011 21:56
od Rudy
Byla tam infekce, plus zbytky po antiviru MSE, který jste měl pravděpodobně dříve. Dále je možná kolize mezi WinDef a Ad-Aware. Nemáte zač!

Re: CPU 100%

Napsal: 29 črc 2011 11:30
od Tanaka
Tak problem přetrvává, dnes ráno jsem zapnul PC a vše je prakticky při starém, o něco lepší, ale furt je to dost rušivý element.... Ad-aware sem smáznul a současně používám už jen Defender, Spybot a Noda:(:(

Re: CPU 100%

Napsal: 29 črc 2011 11:44
od Rudy
Ještě zkuste odinstalovat toho Spybota, jednak už je to sw daleko za zenitem své slávy a mohl by se (jako sw stejného účelu) tlouci s WinDef.

Re: CPU 100%

Napsal: 29 črc 2011 12:33
od Tanaka
smazáno a furt nic.

procesory jsou teďka vytíženy už jen ze 75-90% stabilně (1. jádro 100%, 2. kolem 50-80%), ale stále je tu ten problém se sekánim.

Nemůže to souviset s tim, že sem rozšiřoval pameť z 2056Mb na 4092Mb? Navíc sem ještě dával novou chladící pastu na grafiku a obě jádra

Re: CPU 100%

Napsal: 29 črc 2011 12:36
od Rudy
Zkuste ještě:

1. vypnout na zkoušku aut. aktualizace.
2. přeinstalovat antivirus.

Re: CPU 100%

Napsal: 30 črc 2011 13:31
od Tanaka
auto. aktualizace vypnutý a misto Noda32 sem tam hodil ten antivir od Microsoftu a nic se nezmenilo:(
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz