Nadměrné využití paměti, prosím o kontrolu logu

Darthy · Příspěvekod **Darthy** » 25 zář 2013 18:55

ComboFix 13-09-24.02 - Darthy . 09. 2013 18:43:01.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.7637.6024 [GMT 2:00]
Spuštěný z: c:\users\Darthy\Desktop\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Darthy\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-25 do 2013-09-25 )))))))))))))))))))))))))))))))
.
.
2013-09-25 16:48 . 2013-09-25 16:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-25 09:22 . 2013-09-25 09:22 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7596B73E-922A-44F0-A4BA-C06AAEA05B1C}\offreg.dll
2013-09-25 09:19 . 2013-09-25 09:19 -------- d-----w- c:\windows\ERUNT
2013-09-25 05:56 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7596B73E-922A-44F0-A4BA-C06AAEA05B1C}\mpengine.dll
2013-09-24 17:20 . 2013-09-25 09:15 -------- d-----w- C:\AdwCleaner
2013-09-24 17:15 . 2013-09-24 17:15 -------- d-----w- c:\programdata\Malwarebytes
2013-09-24 17:15 . 2013-09-24 17:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-24 17:15 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-24 16:44 . 2013-09-24 16:44 -------- d-----w- c:\program files\CCleaner
2013-09-23 16:47 . 2013-09-23 16:47 -------- d-----w- c:\program files (x86)\EAGLE-5.9.0
2013-09-22 16:58 . 2013-09-22 16:59 -------- d-----w- c:\program files (x86)\QIP Infium
2013-09-20 07:14 . 2013-09-20 07:14 -------- d-----w- c:\programdata\2DBoy
2013-09-19 07:19 . 2013-09-19 07:19 -------- d-----w- c:\programdata\RELOADED
2013-09-18 14:02 . 2013-09-18 14:02 -------- d-----w- c:\program files (x86)\Hamachi
2013-09-18 14:02 . 2013-09-18 14:02 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2013-09-18 09:03 . 2013-09-18 09:03 312744 ----a-w- c:\windows\system32\javaws.exe
2013-09-18 09:03 . 2013-09-18 09:03 189352 ----a-w- c:\windows\system32\javaw.exe
2013-09-18 09:03 . 2013-09-18 09:03 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-18 09:03 . 2013-09-18 09:03 189352 ----a-w- c:\windows\system32\java.exe
2013-09-18 09:02 . 2013-09-18 09:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-18 09:01 . 2013-09-18 09:01 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-15 20:42 . 2013-09-15 20:42 -------- d--h--w- c:\windows\system32\CanonMF Uninstaller Information
2013-09-15 20:42 . 2007-06-25 16:44 37376 ----a-w- c:\windows\system32\CNCLSI31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 63488 ----a-w- c:\windows\system32\CNCLSD31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 32768 ----a-w- c:\windows\system32\CNCLSC31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 45056 ----a-w- c:\windows\system32\CNCLST31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 21504 ----a-w- c:\windows\system32\CNCLSU31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 38912 ----a-w- c:\windows\system32\cncilsc.dll
2013-09-15 20:42 . 2007-06-25 16:44 25600 ----a-w- c:\windows\system32\CNCL4010.DLL
2013-09-15 20:42 . 2007-06-25 16:44 189952 ----a-w- c:\windows\system32\CNCC4010.DLL
2013-09-15 20:42 . 2007-06-25 16:43 32256 ----a-w- c:\windows\system32\CNCI4010.DLL
2013-09-15 20:41 . 2007-04-18 15:13 66048 ----a-w- c:\windows\system32\CNAS0MMK.DLL
2013-09-15 20:41 . 2013-09-15 20:41 -------- d-----w- c:\program files\Canon
2013-09-15 09:13 . 2013-09-15 09:20 -------- d-----w- c:\program files (x86)\JDownloader
2013-09-11 15:07 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-11 12:04 . 2013-09-11 12:04 -------- d-----w- c:\program files (x86)\Vimicro Corporation
2013-09-11 12:04 . 2013-09-12 10:13 -------- d-----w- c:\program files (x86)\IM Magician
2013-09-11 09:00 . 2013-09-11 09:00 -------- d-----w- c:\program files (x86)\S-Bar
2013-09-11 07:47 . 2011-04-15 15:26 1598464 ----a-w- c:\windows\SysWow64\MSIWmiAcpi.dll
2013-09-11 07:47 . 2009-07-09 13:54 160768 ----a-w- c:\windows\SysWow64\MSIService.exe
2013-09-11 04:57 . 2013-07-09 03:57 245760 ----a-w- c:\windows\SysWow64\LocationApi.dll
2013-09-11 04:57 . 2013-07-08 22:46 543744 ----a-w- c:\windows\system32\wwanmm.dll
2013-09-11 04:57 . 2013-07-08 22:45 312832 ----a-w- c:\windows\system32\LocationApi.dll
2013-09-11 04:57 . 2013-07-03 00:23 391168 ----a-w- c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 04:57 . 2013-06-30 22:30 67072 ----a-w- c:\windows\SysWow64\openfiles.exe
2013-09-11 04:57 . 2013-06-30 22:29 77312 ----a-w- c:\windows\system32\openfiles.exe
2013-09-11 04:57 . 2013-06-26 03:01 321536 ----a-w- c:\windows\system32\drivers\udfs.sys
2013-09-11 04:57 . 2013-06-11 23:43 154112 ----a-w- c:\windows\SysWow64\WinSCard.dll
2013-09-11 04:57 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-09-11 04:57 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-09-11 04:57 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-09-11 04:57 . 2013-08-03 04:30 4038144 ----a-w- c:\windows\system32\win32k.sys
2013-09-10 17:14 . 2013-09-10 17:14 -------- d-----w- c:\programdata\Guitar Pro 6
2013-09-10 17:06 . 2013-09-10 17:14 -------- d-----w- c:\program files (x86)\Guitar Pro 6
2013-09-08 12:36 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-09-08 12:36 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-09-08 12:36 . 2010-06-02 02:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2013-09-08 12:36 . 2010-05-26 09:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-09-08 12:36 . 2013-09-08 12:36 -------- d-----w- c:\program files\Futuremark
2013-09-08 12:06 . 2013-09-08 12:06 -------- d-----w- c:\program files (x86)\Common Files\Futuremark Shared
2013-09-08 12:05 . 2013-09-08 12:05 -------- d-----w- c:\program files (x86)\Futuremark
2013-09-08 09:18 . 2013-09-08 09:18 -------- d-----w- c:\program files (x86)\SDA
2013-09-08 08:59 . 2013-09-18 06:05 -------- d-----w- c:\program files (x86)\Fraps
2013-09-08 08:54 . 2013-09-08 08:54 -------- d-----w- c:\program files (x86)\BitTorrent
2013-09-08 08:34 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys
2013-09-08 08:32 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-09-08 08:31 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-09-08 08:30 . 2012-11-27 04:19 3245568 ----a-w- c:\windows\system32\rdpcorets.dll
2013-09-08 08:25 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2013-09-08 07:46 . 2013-09-18 23:26 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-08 07:46 . 2013-09-18 23:26 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-08 07:40 . 2013-09-08 07:48 -------- d-----r- c:\windows\BrowserChoice
2013-09-07 12:57 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-09-07 12:57 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-09-07 07:49 . 2013-09-11 05:22 -------- d-----w- c:\windows\system32\MRT
2013-09-07 07:36 . 2013-09-07 07:36 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-09-07 07:36 . 2013-09-07 07:36 -------- d-----r- c:\program files (x86)\Skype
2013-09-07 07:36 . 2013-05-02 15:29 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-09-06 18:46 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-09-06 18:46 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-09-06 18:44 . 2013-07-01 22:08 52848 ----a-w- c:\program files\Windows Defender\MpTpmAtt.dll
2013-09-06 18:43 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2013-09-06 18:43 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2013-09-06 18:43 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-09-06 18:43 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-06 18:43 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-09-06 18:43 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-09-06 18:43 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-09-06 18:43 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-09-06 18:43 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-09-06 18:43 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-09-06 18:40 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-09-06 18:39 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2013-09-06 18:33 . 2013-03-02 08:21 145408 ----a-w- c:\windows\SysWow64\powercfg.cpl
2013-09-06 18:32 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-06 18:32 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-06 18:31 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-09-06 18:31 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-09-06 18:31 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-09-06 18:31 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-06 18:29 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-06 18:29 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-09-06 18:29 . 2012-10-06 04:53 2893824 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-06 18:29 . 2012-10-06 04:15 2400256 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-09-06 18:28 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-09-06 18:28 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-09-06 18:27 . 2012-10-24 03:25 26624 ----a-w- c:\windows\system32\ReAgentc.exe
2013-09-06 18:27 . 2012-10-24 02:48 24064 ----a-w- c:\windows\SysWow64\ReAgentc.exe
2013-09-06 18:27 . 2012-12-15 04:55 443392 ----a-w- c:\windows\system32\ReAgent.dll
2013-09-06 18:27 . 2012-11-03 05:25 945152 ----a-w- c:\windows\system32\resetengmig.dll
2013-09-06 18:27 . 2013-03-02 08:23 375808 ----a-w- c:\windows\SysWow64\ReAgent.dll
2013-09-06 18:27 . 2013-03-02 02:44 1011200 ----a-w- c:\windows\system32\reseteng.dll
2013-09-06 18:27 . 2012-11-03 05:26 132096 ----a-w- c:\windows\system32\sysreset.exe
2013-09-06 18:27 . 2013-02-02 08:23 830464 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2013-09-06 18:25 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-09-06 18:25 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2013-09-06 18:25 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll
2013-09-06 18:25 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-09-06 18:25 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 08:39 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-09-06 07:56 . 2012-11-15 11:17 113976 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2013-09-06 07:56 . 2012-11-15 11:17 531768 ----a-w- c:\windows\SysWow64\SynCOM.dll
2013-09-06 07:56 . 2011-09-14 17:11 1048576 ----a-w- c:\windows\system32\syndata.bin
2013-09-06 07:56 . 2009-08-07 07:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-09-06 07:56 . 2012-11-15 11:17 179512 ----a-w- c:\windows\system32\SynTPCo15.dll
2013-09-06 07:56 . 2012-11-15 11:17 1035064 ----a-w- c:\windows\system32\SynCOM.dll
2013-09-06 07:56 . 2012-11-15 11:17 229176 ----a-w- c:\windows\system32\SynTPAPI.dll
2013-09-06 07:56 . 2012-11-15 11:17 462136 ----a-w- c:\windows\system32\drivers\SynTP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-06-27 485944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2013-07-23 84576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized [2012-8-1 553984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz130;cpuz130;c:\users\Darthy\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\Darthy\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 SjtWinIo;SJT I/O Driver;c:\windows\System32\drivers\SjtWinIo.sys;c:\windows\SYSNATIVE\drivers\SjtWinIo.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bwcW8x64.sys;c:\windows\SYSNATIVE\DRIVERS\bwcW8x64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\e22w8x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w8x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 07:28 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-05 18:23]
.
2013-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-05 18:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-13 12936848]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-07-31 763520]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-07-31 127616]
"Radio Manager"="c:\program files (x86)\SCM\Radio Manager.exe" [2012-09-13 403848]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2012-09-13 399776]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -
LSP: %SYSTEMROOT%\system32\BfLLR.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-09-25 18:50:00
ComboFix-quarantined-files.txt 2013-09-25 16:50
.
Před spuštěním: 448 682 229 760 bytes free
Po spuštění: 448 305 819 648 bytes free
.
- - End Of File - - B1A180F4464E90AB43B4BD45B7AC511E
5FB38429D5D77768867C76DCBDB35194

Jinak jsem si všiml už po ADW a Mbam využití paměti kleslo...

Reklama

Příspěvekod **jaro3** » 25 zář 2013 20:15

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
http://files.avast.com/files/rootkit-scanner/aswmbr.exe
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Darthy · Příspěvekod **Darthy** » 25 zář 2013 21:54

ComboFix 13-09-24.02 - Darthy . 09. 2013 21:43:24.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.7637.5822 [GMT 2:00]
Spuštěný z: c:\users\Darthy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Darthy\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.153\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.153\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.153\psuser.dll
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.76\29.0.1547.76_29.0.1547.66_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-25 do 2013-09-25 )))))))))))))))))))))))))))))))
.
.
2013-09-25 19:48 . 2013-09-25 19:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-25 09:19 . 2013-09-25 09:19 -------- d-----w- c:\windows\ERUNT
2013-09-25 05:56 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7596B73E-922A-44F0-A4BA-C06AAEA05B1C}\mpengine.dll
2013-09-24 17:20 . 2013-09-25 09:15 -------- d-----w- C:\AdwCleaner
2013-09-24 17:15 . 2013-09-24 17:15 -------- d-----w- c:\programdata\Malwarebytes
2013-09-24 17:15 . 2013-09-24 17:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-24 17:15 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-24 16:44 . 2013-09-24 16:44 -------- d-----w- c:\program files\CCleaner
2013-09-23 16:47 . 2013-09-23 16:47 -------- d-----w- c:\program files (x86)\EAGLE-5.9.0
2013-09-22 16:58 . 2013-09-22 16:59 -------- d-----w- c:\program files (x86)\QIP Infium
2013-09-20 07:14 . 2013-09-20 07:14 -------- d-----w- c:\programdata\2DBoy
2013-09-19 07:19 . 2013-09-19 07:19 -------- d-----w- c:\programdata\RELOADED
2013-09-18 14:02 . 2013-09-18 14:02 -------- d-----w- c:\program files (x86)\Hamachi
2013-09-18 14:02 . 2013-09-18 14:02 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2013-09-18 09:03 . 2013-09-18 09:03 312744 ----a-w- c:\windows\system32\javaws.exe
2013-09-18 09:03 . 2013-09-18 09:03 189352 ----a-w- c:\windows\system32\javaw.exe
2013-09-18 09:03 . 2013-09-18 09:03 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-18 09:03 . 2013-09-18 09:03 189352 ----a-w- c:\windows\system32\java.exe
2013-09-18 09:02 . 2013-09-18 09:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-18 09:01 . 2013-09-18 09:01 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-15 20:42 . 2013-09-15 20:42 -------- d--h--w- c:\windows\system32\CanonMF Uninstaller Information
2013-09-15 20:42 . 2007-06-25 16:44 37376 ----a-w- c:\windows\system32\CNCLSI31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 63488 ----a-w- c:\windows\system32\CNCLSD31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 32768 ----a-w- c:\windows\system32\CNCLSC31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 45056 ----a-w- c:\windows\system32\CNCLST31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 21504 ----a-w- c:\windows\system32\CNCLSU31.DLL
2013-09-15 20:42 . 2007-06-25 16:44 38912 ----a-w- c:\windows\system32\cncilsc.dll
2013-09-15 20:42 . 2007-06-25 16:44 25600 ----a-w- c:\windows\system32\CNCL4010.DLL
2013-09-15 20:42 . 2007-06-25 16:44 189952 ----a-w- c:\windows\system32\CNCC4010.DLL
2013-09-15 20:42 . 2007-06-25 16:43 32256 ----a-w- c:\windows\system32\CNCI4010.DLL
2013-09-15 20:41 . 2007-04-18 15:13 66048 ----a-w- c:\windows\system32\CNAS0MMK.DLL
2013-09-15 20:41 . 2013-09-15 20:41 -------- d-----w- c:\program files\Canon
2013-09-15 09:13 . 2013-09-15 09:20 -------- d-----w- c:\program files (x86)\JDownloader
2013-09-11 15:07 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-11 12:04 . 2013-09-11 12:04 -------- d-----w- c:\program files (x86)\Vimicro Corporation
2013-09-11 12:04 . 2013-09-12 10:13 -------- d-----w- c:\program files (x86)\IM Magician
2013-09-11 09:00 . 2013-09-11 09:00 -------- d-----w- c:\program files (x86)\S-Bar
2013-09-11 07:47 . 2011-04-15 15:26 1598464 ----a-w- c:\windows\SysWow64\MSIWmiAcpi.dll
2013-09-11 07:47 . 2009-07-09 13:54 160768 ----a-w- c:\windows\SysWow64\MSIService.exe
2013-09-11 04:57 . 2013-07-09 03:57 245760 ----a-w- c:\windows\SysWow64\LocationApi.dll
2013-09-11 04:57 . 2013-07-08 22:46 543744 ----a-w- c:\windows\system32\wwanmm.dll
2013-09-11 04:57 . 2013-07-08 22:45 312832 ----a-w- c:\windows\system32\LocationApi.dll
2013-09-11 04:57 . 2013-07-03 00:23 391168 ----a-w- c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 04:57 . 2013-06-30 22:30 67072 ----a-w- c:\windows\SysWow64\openfiles.exe
2013-09-11 04:57 . 2013-06-30 22:29 77312 ----a-w- c:\windows\system32\openfiles.exe
2013-09-11 04:57 . 2013-06-26 03:01 321536 ----a-w- c:\windows\system32\drivers\udfs.sys
2013-09-11 04:57 . 2013-06-11 23:43 154112 ----a-w- c:\windows\SysWow64\WinSCard.dll
2013-09-11 04:57 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-09-11 04:57 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-09-11 04:57 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-09-11 04:57 . 2013-08-03 04:30 4038144 ----a-w- c:\windows\system32\win32k.sys
2013-09-10 17:14 . 2013-09-10 17:14 -------- d-----w- c:\programdata\Guitar Pro 6
2013-09-10 17:06 . 2013-09-10 17:14 -------- d-----w- c:\program files (x86)\Guitar Pro 6
2013-09-08 12:36 . 2010-06-02 02:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-09-08 12:36 . 2010-06-02 02:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-09-08 12:36 . 2010-06-02 02:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2013-09-08 12:36 . 2010-05-26 09:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2013-09-08 12:36 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-09-08 12:36 . 2013-09-08 12:36 -------- d-----w- c:\program files\Futuremark
2013-09-08 12:06 . 2013-09-08 12:06 -------- d-----w- c:\program files (x86)\Common Files\Futuremark Shared
2013-09-08 12:05 . 2013-09-08 12:05 -------- d-----w- c:\program files (x86)\Futuremark
2013-09-08 09:18 . 2013-09-08 09:18 -------- d-----w- c:\program files (x86)\SDA
2013-09-08 08:59 . 2013-09-18 06:05 -------- d-----w- c:\program files (x86)\Fraps
2013-09-08 08:54 . 2013-09-08 08:54 -------- d-----w- c:\program files (x86)\BitTorrent
2013-09-08 08:34 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys
2013-09-08 08:32 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-09-08 08:31 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-09-08 08:30 . 2012-11-27 04:19 3245568 ----a-w- c:\windows\system32\rdpcorets.dll
2013-09-08 08:25 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2013-09-08 07:46 . 2013-09-18 23:26 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-08 07:46 . 2013-09-18 23:26 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-08 07:40 . 2013-09-08 07:48 -------- d-----r- c:\windows\BrowserChoice
2013-09-07 12:57 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-09-07 12:57 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-09-07 07:49 . 2013-09-11 05:22 -------- d-----w- c:\windows\system32\MRT
2013-09-07 07:36 . 2013-09-07 07:36 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-09-07 07:36 . 2013-09-25 19:48 -------- d-----r- c:\program files (x86)\Skype
2013-09-07 07:36 . 2013-05-02 15:29 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-09-06 18:46 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-09-06 18:46 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-09-06 18:44 . 2013-07-01 22:08 52848 ----a-w- c:\program files\Windows Defender\MpTpmAtt.dll
2013-09-06 18:43 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2013-09-06 18:43 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2013-09-06 18:43 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-09-06 18:43 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-06 18:43 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-09-06 18:43 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-09-06 18:43 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-09-06 18:43 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-09-06 18:43 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-09-06 18:43 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-09-06 18:40 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-09-06 18:39 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2013-09-06 18:33 . 2013-03-02 08:21 145408 ----a-w- c:\windows\SysWow64\powercfg.cpl
2013-09-06 18:32 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-06 18:32 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-06 18:31 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-09-06 18:31 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-09-06 18:31 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-09-06 18:31 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-06 18:29 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-06 18:29 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-09-06 18:29 . 2012-10-06 04:53 2893824 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-06 18:29 . 2012-10-06 04:15 2400256 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-09-06 18:28 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-09-06 18:28 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-09-06 18:27 . 2012-10-24 03:25 26624 ----a-w- c:\windows\system32\ReAgentc.exe
2013-09-06 18:27 . 2012-10-24 02:48 24064 ----a-w- c:\windows\SysWow64\ReAgentc.exe
2013-09-06 18:27 . 2012-12-15 04:55 443392 ----a-w- c:\windows\system32\ReAgent.dll
2013-09-06 18:27 . 2012-11-03 05:25 945152 ----a-w- c:\windows\system32\resetengmig.dll
2013-09-06 18:27 . 2013-03-02 08:23 375808 ----a-w- c:\windows\SysWow64\ReAgent.dll
2013-09-06 18:27 . 2013-03-02 02:44 1011200 ----a-w- c:\windows\system32\reseteng.dll
2013-09-06 18:27 . 2012-11-03 05:26 132096 ----a-w- c:\windows\system32\sysreset.exe
2013-09-06 18:27 . 2013-02-02 08:23 830464 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2013-09-06 18:25 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-09-06 18:25 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2013-09-06 18:25 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll
2013-09-06 18:25 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-09-06 18:25 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-09-06 18:25 . 2013-02-12 00:17 20992 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-25 19:50 . 2013-09-25 19:50 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7596B73E-922A-44F0-A4BA-C06AAEA05B1C}\offreg.dll
2013-09-20 08:39 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-09-06 07:56 . 2012-11-15 11:17 113976 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2013-09-06 07:56 . 2012-11-15 11:17 531768 ----a-w- c:\windows\SysWow64\SynCOM.dll
2013-09-06 07:56 . 2011-09-14 17:11 1048576 ----a-w- c:\windows\system32\syndata.bin
2013-09-06 07:56 . 2009-08-07 07:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-09-06 07:56 . 2012-11-15 11:17 179512 ----a-w- c:\windows\system32\SynTPCo15.dll
2013-09-06 07:56 . 2012-11-15 11:17 1035064 ----a-w- c:\windows\system32\SynCOM.dll
2013-09-06 07:56 . 2012-11-15 11:17 229176 ----a-w- c:\windows\system32\SynTPAPI.dll
2013-09-06 07:56 . 2012-11-15 11:17 462136 ----a-w- c:\windows\system32\drivers\SynTP.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-06-27 485944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2013-07-23 84576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized [2012-8-1 553984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 cpuz130;cpuz130;c:\users\Darthy\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\Darthy\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [x]
R3 SjtWinIo;SJT I/O Driver;c:\windows\System32\drivers\SjtWinIo.sys;c:\windows\SYSNATIVE\drivers\SjtWinIo.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bwcW8x64.sys;c:\windows\SYSNATIVE\DRIVERS\bwcW8x64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\e22w8x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w8x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 07:28 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-13 12936848]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-07-31 763520]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-07-31 127616]
"Radio Manager"="c:\program files (x86)\SCM\Radio Manager.exe" [2012-09-13 403848]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2012-09-13 399776]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -
LSP: %SYSTEMROOT%\system32\BfLLR.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
.
**************************************************************************
.
Celkový čas: 2013-09-25 21:54:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-25 19:54
ComboFix2.txt 2013-09-25 16:50
.
Před spuštěním: 448 373 760 000 bytes free
Po spuštění: 448 147 763 200 bytes free
.
- - End Of File - - B62D8E9F5211EBEF477A47EAB3175206
5FB38429D5D77768867C76DCBDB35194

Darthy · Příspěvekod **Darthy** » 25 zář 2013 21:56

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:48, on 25. 9. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Users\Darthy\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Darthy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Qualcomm Atheros Killer Network Manager.lnk = C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 8203 bytes

Darthy · Příspěvekod **Darthy** » 25 zář 2013 22:02

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-25 22:00:02
-----------------------------
22:00:02.471 OS Version: Windows x64 6.2.9200
22:00:02.487 Number of processors: 4 586 0x1001
22:00:02.487 ComputerName: MSIGX60 UserName: Darthy
22:00:02.612 Initialze error 1
22:01:34.184 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002a
22:01:34.184 Disk 0 Vendor: WDC_WD7500BPKT-22PK4T0 01.01A01 Size: 715404MB BusType: 11
22:01:34.184 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000004b
22:01:34.184 Disk 1 Vendor: VID:02 0.7 Size: 7600MB BusType: 12
22:01:34.215 Disk 0 MBR read successfully
22:01:34.215 Disk 0 MBR scan
22:01:34.215 Disk 0 unknown MBR code
22:01:34.215 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:01:34.231 Disk 0 scanning C:\Windows\system32\drivers
22:01:34.231 Service scanning
22:01:34.855 Modules scanning
22:01:34.855 Disk 0 trace - called modules:
22:01:34.855 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
22:01:34.855 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80083255b0]
22:01:35.416 3 CLASSPNP.SYS[fffff8800155ee0a] -> nt!IofCallDriver -> [0xfffffa80082da040]
22:01:35.416 5 amd_xata.sys[fffff88001489634] -> nt!IofCallDriver -> \Device\0000002a[0xfffffa80082dc060]
22:01:35.416 Scan finished successfully
22:01:46.087 Disk 0 MBR has been saved successfully to "C:\Users\Darthy\Desktop\MBR.dat"
22:01:46.087 The log file has been saved successfully to "C:\Users\Darthy\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 25 zář 2013 22:52

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Darthy\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

Darthy · Příspěvekod **Darthy** » 26 zář 2013 09:30

Jak už jsem psal výše, po Mbam a ADW cleanu už využití spadlo, na cca 20-30%, takže to dost pomohlo. Můžu vědět co bylo nejspíš klíčové, kdyby se to opakovalo abych případně mohl aplikovat podobný postup, bez toho aniž bych vás zbytečně obíral o čas? Každopádně díky za pomoc.

Příspěvekod **jaro3** » 27 zář 2013 09:12

Vše je ve výmazech , hlavně velké množství Adware.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Darthy · Příspěvekod **Darthy** » 29 zář 2013 09:29

Problémy jsou, ale ty se hodí spíše do jiné sekce. Takže ještě jednu díky.

Příspěvekod **memphisto** » 29 zář 2013 09:49

i za jara není zač

Nadměrné využití paměti, prosím o kontrolu logu Vyřešeno

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu

Re: Nadměrné využití paměti, prosím o kontrolu logu Vyřešeno

Re: Nadměrné využití paměti, prosím o kontrolu logu

Kdo je online