VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Cpu1.exe

https://forum.viry.cz:443/viewtopic.php?t=135889

Stránka 1 z 1

Cpu1.exe

Napsal: 01 úno 2014 10:54
od Pepasdepa
Ahoj ahoj,
Hned k problému: Po startnutí PC po chvilce vyskočí tabulka jestli správce povoluje proces cpu1.exe, poté že proces ati.exe neodpovída a ještě jednou to sáme s cuda.exe, pak mi grafika a procesor naběhnou na 100%.
Co jsem už zde četl tak jsem udělal aspoň rkill, nějáké rady dále?


Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/01/2014 10:24:55 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* c:\windows\core.exe (PID: 2080) [WD-HEUR]
* C:\windows\cuda.exe (PID: 3804) [WD-HEUR]
* C:\windows\proxy.exe (PID: 3504) [WD-HEUR]
* C:\windows\cpu.exe (PID: 324) [WD-HEUR]

4 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

Program finished at: 02/01/2014 10:25:02 AM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)

Re: Cpu1.exe

Napsal: 01 úno 2014 10:55
od Pepasdepa
Combofix:

ComboFix 14-02-01.01 - Páníšek 01.02.2014 10:42:47.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8167.6228 [GMT 1:00]
Spuštěný z: c:\users\PßnÝÜek\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-01 do 2014-02-01 )))))))))))))))))))))))))))))))
.
.
2014-02-01 09:44 . 2014-02-01 09:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-31 12:31 . 2014-01-31 12:31 -------- d-----w- c:\users\Páníšek\AppData\Roaming\Avira
2014-01-31 12:31 . 2013-12-09 10:37 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-01-31 12:31 . 2013-12-09 10:37 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-01-31 12:31 . 2013-12-09 10:37 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-01-31 12:31 . 2013-12-09 10:37 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-01-31 12:31 . 2014-01-31 12:31 -------- d-----w- c:\programdata\Avira
2014-01-31 12:31 . 2014-01-31 12:31 -------- d-----w- c:\program files (x86)\Avira
2014-01-31 11:23 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-01-31 11:23 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-01-31 11:23 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-01-31 11:23 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-01-31 11:23 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-01-31 11:23 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-01-31 11:23 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-01-31 11:21 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-01-31 11:20 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-01-31 11:20 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-01-31 11:20 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2014-01-31 11:20 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2014-01-31 11:19 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2014-01-31 11:19 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2014-01-31 11:19 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-01-31 11:18 . 2014-01-31 11:18 -------- d-----w- c:\users\Páníšek\AppData\Roaming\MAXON
2014-01-31 11:13 . 2014-01-31 11:13 -------- d-----w- c:\users\Páníšek\AppData\Local\NVIDIA Corporation
2014-01-31 11:13 . 2014-01-31 11:14 -------- d-----w- c:\windows\system32\MRT
2014-01-31 11:12 . 2013-12-10 02:15 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-31 11:12 . 2013-12-10 02:14 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-31 11:12 . 2014-01-31 11:14 -------- d-----w- c:\users\Páníšek\AppData\Local\NVIDIA
2014-01-31 11:11 . 2013-12-19 18:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-01-31 08:43 . 2014-01-31 08:43 -------- d-----w- c:\program files\CPUID
2014-01-31 08:43 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E1E4EE0-58AD-4995-AF52-33141BF6F618}\mpengine.dll
2014-01-30 16:33 . 2014-01-30 16:33 -------- d-----w- c:\users\Páníšek\AppData\Local\The Witcher 2
2014-01-30 16:31 . 2006-03-31 11:40 352464 ----a-w- c:\windows\system32\xactengine2_1.dll
2014-01-30 15:53 . 2014-01-30 16:05 -------- d-----w- c:\program files (x86)\The Witcher 2 (CZ)
2014-01-29 09:13 . 2014-01-29 09:13 -------- d-----w- c:\users\Páníšek\AppData\Roaming\WinRAR
2014-01-28 19:45 . 2014-01-28 19:46 -------- d-----w- c:\users\Páníšek\AppData\Roaming\.technic
2014-01-28 18:24 . 2014-01-29 09:13 -------- d-----w- c:\program files (x86)\CarMechanic
2014-01-22 17:18 . 2014-01-22 17:36 -------- d-----w- c:\users\Páníšek\AppData\Roaming\BitTorrent
2014-01-22 15:33 . 2014-01-22 15:33 -------- d-----w- c:\program files (x86)\PFPortChecker
2014-01-21 19:24 . 2014-01-21 19:24 -------- d-----w- c:\users\Petan
2014-01-15 16:01 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 16:01 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 16:01 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 16:01 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 16:01 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 16:01 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 16:01 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 16:01 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-13 19:12 . 2014-01-13 19:12 312744 ----a-w- c:\windows\system32\javaws.exe
2014-01-13 19:12 . 2014-01-13 19:12 189352 ----a-w- c:\windows\system32\javaw.exe
2014-01-13 19:12 . 2014-01-13 19:12 189352 ----a-w- c:\windows\system32\java.exe
2014-01-13 19:12 . 2014-01-13 19:12 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-01-13 19:12 . 2014-01-13 19:12 -------- d-----w- c:\program files\Java
2014-01-06 20:18 . 2014-01-28 15:11 -------- d-----w- c:\users\Páníšek\AppData\Roaming\NVIDIA
2014-01-06 19:56 . 2014-01-28 18:45 -------- d-----w- c:\users\Páníšek\AppData\Roaming\.minecraft
2014-01-06 19:56 . 2014-01-13 19:12 -------- d-----w- c:\programdata\Oracle
2014-01-06 19:56 . 2014-01-06 19:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-01-06 19:56 . 2014-01-06 19:56 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-06 19:56 . 2014-01-06 19:56 -------- d-----w- c:\program files (x86)\Java
2014-01-06 19:15 . 2014-01-06 19:15 -------- d-----w- c:\programdata\T-Mobile
2014-01-06 19:14 . 2014-01-15 20:17 -------- d-----w- c:\programdata\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2014-01-06 19:14 . 2014-01-06 19:14 -------- d-----w- c:\users\Páníšek\AppData\Roaming\T-Mobile
2014-01-06 19:14 . 2014-01-06 19:14 -------- d-----w- c:\program files (x86)\T-Mobile
2014-01-06 19:14 . 2014-01-06 19:14 -------- d-----w- c:\users\Páníšek\AppData\Roaming\Razer
2014-01-06 19:14 . 2014-01-06 19:14 -------- d-----w- c:\programdata\Gemfor
2014-01-06 19:10 . 2014-01-06 19:10 -------- d-----w- c:\programdata\Razer
2014-01-06 19:09 . 2009-10-16 20:09 29952 ----a-w- c:\windows\system32\drivers\Lachesis.sys
2014-01-06 19:09 . 2014-01-06 19:09 -------- d-----w- c:\program files (x86)\Razer
2014-01-05 17:45 . 2014-01-05 17:45 -------- d-----w- c:\windows\system32\wbem\Framework
2014-01-05 14:56 . 2014-01-05 14:56 -------- d-----w- c:\users\Páníšek\AppData\Local\Programs
2014-01-05 14:48 . 2014-01-05 14:48 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2014-01-05 14:48 . 2014-01-05 14:48 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-01-05 14:48 . 2014-01-05 14:48 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-01-05 14:47 . 2014-01-05 14:54 -------- d-----w- c:\users\Páníšek\AppData\Roaming\DAEMON Tools Lite
2014-01-05 14:47 . 2014-01-05 14:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-01-03 14:08 . 2014-01-03 14:08 1050112 ----a-w- c:\windows\core.exe
2014-01-03 14:05 . 2014-01-03 14:05 190284 ----a-w- c:\windows\cpu1.exe
2014-01-02 11:36 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-01-02 11:33 . 2014-01-02 11:33 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-01-02 11:33 . 2014-01-02 11:33 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-01-02 11:33 . 2014-01-02 11:33 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-02 11:34 . 2014-01-02 11:34 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-01-02 11:34 . 2014-01-02 11:34 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-01-02 11:34 . 2014-01-02 11:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-12-31 14:52 . 2013-12-31 14:52 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-12-31 14:52 . 2013-12-31 14:52 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-12-31 14:52 . 2013-12-31 14:52 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-12-31 14:52 . 2013-12-31 14:52 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-12-31 14:52 . 2013-12-31 14:52 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-12-31 14:52 . 2013-12-31 14:52 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-12-31 14:52 . 2013-12-31 14:52 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-12-31 14:52 . 2013-12-31 14:52 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-12-31 14:52 . 2013-12-31 14:52 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-12-31 14:52 . 2013-12-31 14:52 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-12-31 14:52 . 2013-12-31 14:52 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-12-31 14:52 . 2013-12-31 14:52 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-12-31 14:52 . 2013-12-31 14:52 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-12-31 14:52 . 2013-12-31 14:52 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-12-31 14:52 . 2013-12-31 14:52 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-12-31 14:52 . 2013-12-31 14:52 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-12-31 14:52 . 2013-12-31 14:52 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-12-31 14:52 . 2013-12-31 14:52 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-12-31 14:52 . 2013-12-31 14:52 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-12-31 14:52 . 2013-12-31 14:52 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-12-31 14:52 . 2013-12-31 14:52 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-12-31 14:52 . 2013-12-31 14:52 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-12-31 14:52 . 2013-12-31 14:52 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-31 14:52 . 2013-12-31 14:52 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-12-31 14:52 . 2013-12-31 14:52 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-31 14:52 . 2013-12-31 14:52 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-12-31 14:52 . 2013-12-31 14:52 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-12-31 14:52 . 2013-12-31 14:52 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-12-31 14:52 . 2013-12-31 14:52 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-12-31 14:52 . 2013-12-31 14:52 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-31 14:52 . 2013-12-31 14:52 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-31 14:51 . 2013-12-31 14:51 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-12-31 14:51 . 2013-12-31 14:51 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-31 11:28 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-12-31 11:28 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-12-19 20:33 . 2013-12-30 11:12 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-12-30 11:12 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-19 20:33 . 2013-12-30 10:53 9700224 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-12-19 20:33 . 2013-12-30 10:53 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2013-12-30 10:53 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2013-12-30 10:53 18310112 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-19 20:33 . 2013-12-30 10:53 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-19 20:33 . 2013-12-30 10:53 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-12-19 18:53 . 2013-12-30 11:12 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-12-30 11:12 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-12-30 11:12 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-12-30 11:12 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-12-30 11:12 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2013-12-30 11:12 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-12-18 05:13 . 2013-12-29 19:14 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-05 08:42 . 2013-12-30 10:53 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-11-30 06:43 . 2013-11-30 06:43 478208 ----a-w- c:\windows\ati.exe
2013-11-30 06:43 . 2013-11-30 06:43 348672 ----a-w- c:\windows\curl.dll
2013-11-30 06:43 . 2013-11-30 06:43 82432 ----a-w- c:\windows\pthread.dll
2013-11-28 16:03 . 2013-11-28 16:03 4346744 ----a-w- c:\windows\proxy.exe
2013-11-21 21:45 . 2013-11-21 21:45 4422144 ----a-w- c:\windows\cuda.exe
2013-11-14 11:55 . 2013-12-30 10:53 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2013-11-14 11:55 . 2013-12-30 10:53 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:55 . 2013-12-30 10:53 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-12 02:23 . 2013-12-31 13:07 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-31 13:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"T-Mobile CManager"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2013-10-31 2166552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"Lachesis"="c:\program files (x86)\Razer\Lachesis\razerhid.exe" [2009-11-10 248320]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 684600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MbnExt;Mobile Broadband Extension Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys;c:\windows\SYSNATIVE\drivers\Lachesis.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-29 09:53 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29 18:41]
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29 18:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{B561BA22-B536-4BC8-81B9-F0916FC35E8D}: NameServer = 93.153.117.1 93.153.117.33
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-01 10:45:24
ComboFix-quarantined-files.txt 2014-02-01 09:45
ComboFix2.txt 2014-02-01 09:32
.
Před spuštěním: Volných bajtů: 292 035 760 128
Po spuštění: Volných bajtů: 291 596 341 248
.
- - End Of File - - 019A972C955BAF705202CC873ADA242F
A36C5E4F47E84449FF07ED3517B43A31

Re: Cpu1.exe

Napsal: 01 úno 2014 10:57
od vyosek
Zdravim :)

:arrow: Moc jste toho neprecetl, ale k tomu se dostaneme

:arrow: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna doamci verze :?:

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

:arrow: Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

:arrow: Nebezpeci CFka
  • Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
  • Maze stopy po haveti, takze v logu z RSIT neni nic videt
  • Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
  • CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
  • CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Re: Cpu1.exe

Napsal: 01 úno 2014 11:03
od Pepasdepa
To se omlouvám, byl jsem hrr, chci se toho co nejdříve zbavit a vám sem nechtěl brát zbytečný čas, nakonec to bude naopak.
Upřímně, legální windows nemám.
Omlouvám se tedy za porušení zdejších pravidel.

Re: Cpu1.exe

Napsal: 01 úno 2014 11:05
od vyosek
Ten ComboFix bych jeste prekousnul, ale nelegalni windows nikoli. Pravidla fora a charat mezinarodni aliance ASAP jejiz jsme cleny hovori jasne - nepodporuje piratsky SW a tim pachani trestneho cinu.

Je mi lito...

:closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz