TrustedInstaller

[sharker]

Tento proces mi nejako nereže, vyťažuje mi moj procesor do nepríčetnostia akonáhle ho zhodím sám sa znova pustí. Vypadá to ako trojan alebo podobný bordel..
Stretli ste sa s ním niekto
LOG:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:33:35 AM, on 11/30/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jojko a Bubka\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3486436627-2561657514-665905577-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3486436627-2561657514-665905577-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7214 bytes


DIKI

[zombux]

pustil bych na to Tix... ehhhh chci říct ComboFix

[sharker]

ComboFix 12-11-30.02 - Jojko a Bubka 11/30/2012 22:03:06.2.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16365.13867 [GMT 1:00]
Running from: c:\users\Jojko a Bubka\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Outdated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-30 )))))))))))))))))))))))))))))))
.
.
2012-11-30 21:08 . 2012-11-30 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-30 20:37 . 2012-11-30 20:37 -------- d-----w- c:\users\Jojko a Bubka\AppData\Local\Max Secure Software
2012-11-30 20:36 . 2012-11-30 20:37 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\GetRightToGo
2012-11-30 20:36 . 2012-11-30 20:36 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5B1E943-89C5-45FF-89FE-4718E36E3F84}\offreg.dll
2012-11-29 20:04 . 2012-10-29 20:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-28 17:40 . 2012-11-23 22:27 972192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-28 17:40 . 2012-10-23 05:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC735E66-5E43-4566-BD81-01E61928385E}\gapaengine.dll
2012-11-28 17:40 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5B1E943-89C5-45FF-89FE-4718E36E3F84}\mpengine.dll
2012-11-26 07:40 . 2012-11-26 07:40 -------- d-----w- c:\users\Jojko a Bubka\AppData\Local\SKIDROW
2012-11-26 06:32 . 2012-11-26 23:11 -------- d-----w- c:\program files (x86)\Hitman Absolution
2012-11-26 06:31 . 2012-11-26 06:31 -------- d-----w- c:\users\Jojko a Bubka\AppData\Local\Programs
2012-11-25 21:18 . 2012-11-25 21:18 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\Rockstar Games
2012-11-25 21:18 . 2012-11-25 21:18 -------- d-----w- c:\users\Jojko a Bubka\AppData\Local\Rockstar Games
2012-11-25 21:18 . 2012-11-25 21:18 -------- d-----w- c:\programdata\Rockstar Games
2012-11-25 19:39 . 2012-11-25 19:48 -------- d-----w- C:\download
2012-11-24 12:21 . 2012-11-24 12:21 -------- d-----w- c:\program files (x86)\Foxit Software
2012-11-24 10:22 . 2012-11-24 10:22 -------- d-----w- c:\programdata\Codemasters
2012-11-24 10:22 . 2012-11-24 10:22 -------- d-----w- c:\users\Jojko a Bubka\AppData\Local\FLT
2012-11-24 09:48 . 2012-11-24 09:48 -------- d-----w- c:\windows\SysWow64\Wat
2012-11-24 09:48 . 2012-11-24 09:48 -------- d-----w- c:\windows\system32\Wat
2012-11-24 02:46 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-11-24 02:41 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-24 02:41 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-24 02:41 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-11-24 02:41 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-24 02:41 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-11-24 02:16 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-11-24 02:15 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-11-24 02:10 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-11-24 02:10 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-11-24 01:53 . 2012-11-25 21:19 -------- d-----w- C:\R.G. Catalyst
2012-11-24 01:44 . 2012-11-24 01:44 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-11-24 01:30 . 2012-11-24 01:30 -------- d-----w- c:\programdata\Futuremark
2012-11-24 01:18 . 2012-11-24 01:18 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2012-11-23 23:43 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-11-23 23:43 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-11-23 23:43 . 2010-06-02 03:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2012-11-23 23:43 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-23 23:43 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-11-23 23:43 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-11-23 23:43 . 2010-05-26 10:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-11-23 23:43 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-23 23:43 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-11-23 23:43 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2012-11-23 22:35 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-11-23 22:35 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-11-23 22:35 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-11-23 22:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-11-23 22:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-11-23 22:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-11-23 22:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-11-23 22:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-11-23 22:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-11-23 22:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-11-23 22:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-23 22:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-11-23 22:28 . 2012-11-23 22:28 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-11-23 22:28 . 2012-11-30 20:57 -------- d-----w- c:\program files (x86)\Steam
2012-11-23 22:22 . 2012-11-23 22:22 -------- d-----w- c:\program files\Futuremark
2012-11-23 22:20 . 2012-11-23 22:20 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-23 22:20 . 2012-11-23 22:20 -------- d-----w- c:\program files\Microsoft Security Client
2012-11-23 22:18 . 2012-11-23 22:18 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-23 22:18 . 2012-11-25 20:29 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\DAEMON Tools Lite
2012-11-23 22:18 . 2012-11-23 22:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-11-23 22:07 . 2012-11-23 22:27 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-11-23 21:19 . 2012-11-23 21:19 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\OnLive App
2012-11-23 21:19 . 2012-11-23 21:19 -------- d-----w- c:\program files (x86)\OnLive
2012-11-23 21:15 . 2012-11-23 21:15 -------- d-----w- c:\program files (x86)\uTorrent
2012-11-23 21:14 . 2012-11-23 21:14 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\vlc
2012-11-23 21:14 . 2012-11-30 21:07 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\uTorrent
2012-11-23 21:13 . 2012-11-23 21:13 -------- d-----w- c:\program files (x86)\VideoLAN
2012-11-23 21:08 . 2012-11-30 20:57 -------- d-----w- c:\programdata\NVIDIA
2012-11-23 21:08 . 2012-11-24 02:09 -------- d-----w- c:\users\UpdatusUser
2012-11-23 21:04 . 2012-11-23 21:04 -------- d-----w- c:\users\Jojko a Bubka\AppData\Local\ElevatedDiagnostics
2012-11-23 21:00 . 2012-11-23 21:00 -------- d-----w- c:\program files (x86)\FinalWire
2012-11-23 20:59 . 2012-11-23 20:59 -------- d-----w- c:\users\Jojko a Bubka\AppData\Roaming\GHISLER
2012-11-23 20:59 . 2012-11-23 20:59 -------- d-----w- C:\totalcmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-11-23 968592]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-11-23 1353080]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2012-10-28 30624]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-09-20 136896]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-24 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-31 22:15]
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-31 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_microsoft-windows-volumemanagement_31bf3856ad364e35_***X‘ˆŒ*ÿÿÿÿ**¡**]
@="6.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-30 22:09:23
ComboFix-quarantined-files.txt 2012-11-30 21:09
.
Pre-Run: 862,022,881,280 bytes free
Post-Run: 861,879,820,288 bytes free
.
- - End Of File - - 369D04EF6CB3AE21D022CBB900B97A54

DONE


Tak ja neviem zameraj sa na ten sk.. proces ktorý nie a nie zlikvidovať :-/ viz screen
dik

[zombux]

pokud ComboFix nenašel nákazu, nebude se pravděpodobně jednat o vir, ale nějaký bordel v systému - např. vadný ovladač něčeho. ale teď v tom logu nevidím nic co by mi přišlo divné

[sharker]

Diki
Njn doska robila problém. AmD FX6200 už bol dokonca raz vymenený, prišlo vadné cpu od AMD, výmena kus za kus. Asi má ten kamoš čo mu to dávam do kopy vážne smolu..

[Znedlob]

Je to proces od Windows update. Neznepokojoval bych se tim. Stačí chvíli počkat.