Procesor je na 100% zlobí prohlížeč počítač je celkově zpomalený.
prosím o kontrolu logu.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:05:13, on 12.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DefaultTab\DefaultTabSearch.exe
C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\dtupdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\Windows-KB890830-V5.7-delta.exe
f:\1440a03fd39af6648f9a29a115\mrtstub.exe
C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\MRT.exe
F:\moje zaloha\Download\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3523&t=01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\kocour\Data aplikací\DefaultTab\DefaultTab\DefaultTabBHO.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mshhylrwSrv] C:\WINDOWS\inf\mshhylrw.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\dtupdate.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--
End of file - 7628 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
cpu 100% kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: cpu 100% kontrola logu
Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: cpu 100% kontrola logu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2013 01
Ran by kocour (administrator) on KOCOUR-8611202D on 12-12-2013 21:27:10
Running from F:\moje zaloha\Download
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files\DefaultTab\DefaultTabSearch.exe
() C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\dtupdate.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\Tablet.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(adi) C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\WTablet\TabUserW.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Smapp] - C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [98304 2003-01-31] (Analog Devices, Inc.)
HKLM\...\Run: [DrvLsnr] - C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe [69632 2002-05-28] (adi)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2012-01-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-04-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [mshhylrwSrv] - C:\WINDOWS\inf\mshhylrw.vbe [1558 2013-08-27] ()
HKLM\...\Run: [Printsrv] - C:\WINDOWS\system32\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-10] ()
HKCU\...\Run: [Google Update] - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKCU\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [954256 2012-04-04] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-04-04] ()
HKCU\...\Run: [AdobeBridge] - [x]
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TabUserW.exe.lnk
ShortcutTarget: TabUserW.exe.lnk -> C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3523&t=01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKCU - {2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {45b2cc87-927c-4f58-b00f-f411e1aa32b7} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {7f858914-b64a-4fdc-a82f-b4ecaf486973} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
SearchScopes: HKCU - {b1be8e4d-2a5b-49df-bc9b-fc76ccb4ecd7} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {da47e7a0-9f71-4c6a-b7db-8b177d47f3da} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\kocour\Data aplikací\Mozilla\Firefox\Profiles\ggrpvwv2.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: addon - C:\Documents and Settings\kocour\Data aplikací\Mozilla\Firefox\Profiles\ggrpvwv2.default\Extensions\addon@defaulttab.com.xpi
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\32.0.1700.41\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\32.0.1700.41\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\32.0.1700.41\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Extension: (Angry Birds) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (YouTube) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DefaultTab) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [573952 2013-10-07] ()
R2 DefaultTabUpdate; C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\dtupdate.exe [107520 2013-12-11] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)
R2 TabletService; C:\WINDOWS\system32\Tablet.exe [749568 2005-06-17] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [1139040 2010-12-28] (Ralink Technology, Corp.)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-12 21:26 - 2013-12-12 21:26 - 00000000 ____D C:\FRST
2013-12-12 14:33 - 2013-12-12 14:45 - 00013309 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-12 14:30 - 2013-12-12 14:41 - 00003649 _____ C:\WINDOWS\updspapi.log
2013-12-12 14:30 - 2013-12-12 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 14:25 - 2013-12-12 14:27 - 00005015 _____ C:\WINDOWS\KB2904266.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 13:48 - 2013-12-12 13:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 13:43 - 2013-12-12 13:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 13:38 - 2013-12-12 14:45 - 00002316 _____ C:\WINDOWS\ocmsn.log
2013-12-12 13:38 - 2013-12-12 14:44 - 00008026 _____ C:\WINDOWS\setupapi.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00017736 _____ C:\WINDOWS\ocgen.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00014154 _____ C:\WINDOWS\tsoc.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00012309 _____ C:\WINDOWS\comsetup.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00007474 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00005999 _____ C:\WINDOWS\iis6.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-12 13:37 - 2013-12-12 14:44 - 00037094 _____ C:\WINDOWS\FaxSetup.log
2013-12-12 13:37 - 2013-12-12 14:44 - 00001854 _____ C:\WINDOWS\msgsocm.log
2013-12-12 13:37 - 2013-12-12 14:32 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setupact.log
2013-12-11 23:01 - 2013-12-11 23:01 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-11 23:00 - 2013-12-11 23:01 - 00000000 ____D C:\Program Files\DefaultTab
2013-12-11 23:00 - 2013-12-11 23:00 - 00000000 ____D C:\Documents and Settings\kocour\Data aplikací\defaulttab
2013-12-11 22:58 - 2013-12-11 22:58 - 00000000 ____D C:\Program Files\PANDORA.TV
2013-12-11 22:54 - 2013-12-11 22:55 - 32359944 _____ C:\Documents and Settings\kocour\Plocha\KMPlayer_3-7-0-113.exe
2013-12-11 15:18 - 2013-12-12 13:45 - 00009891 _____ C:\WINDOWS\KB2893984.log
2013-12-11 15:18 - 2013-12-12 13:39 - 00008310 _____ C:\WINDOWS\KB2892075.log
2013-12-11 15:17 - 2013-12-12 14:32 - 00010411 _____ C:\WINDOWS\KB2898715.log
2013-12-11 15:17 - 2013-12-12 13:51 - 00009248 _____ C:\WINDOWS\KB2893294.log
2013-12-03 14:53 - 2013-12-08 17:48 - 00000000 ____D C:\Documents and Settings\kocour\Dokumenty\Warzone 2100 3.1
2013-12-03 14:40 - 2013-12-03 14:40 - 00413696 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00000769 _____ C:\Documents and Settings\All Users\Plocha\Warzone 2100-3.1.0.lnk
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Program Files\OpenAL
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Warzone 2100-3.1.0
2013-12-03 14:39 - 2013-12-06 23:11 - 00000000 ____D C:\Program Files\Warzone 2100-3.1.0
2013-11-27 17:26 - 2013-11-27 17:27 - 00001378 _____ C:\WINDOWS\system32\RaCoInst.log
2013-11-27 17:26 - 2010-12-28 06:59 - 01139040 ____R (Ralink Technology, Corp.) C:\WINDOWS\system32\Drivers\rt2870.sys
2013-11-27 17:26 - 2010-12-28 06:53 - 00238944 ____R (Ralink Technology, Inc.) C:\WINDOWS\system32\RaCoInst.dll
2013-11-27 17:26 - 2010-12-28 06:53 - 00014051 ____R C:\WINDOWS\system32\RaCoInst.dat
2013-11-19 21:38 - 2013-12-12 15:12 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
==================== One Month Modified Files and Folders =======
2013-12-12 21:26 - 2013-12-12 21:26 - 00000000 ____D C:\FRST
2013-12-12 21:11 - 2012-01-31 14:38 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-861567501-839522115-1004UA.job
2013-12-12 20:34 - 2013-03-01 15:38 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-12 19:00 - 2012-01-15 20:24 - 00000256 _____ C:\WINDOWS\Tasks\RMSchedule.job
2013-12-12 16:31 - 2012-01-15 18:41 - 01909748 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-12 15:12 - 2013-11-19 21:38 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-12-12 15:02 - 2012-01-18 00:21 - 00013075 _____ C:\WINDOWS\system32\tablet.dat
2013-12-12 15:02 - 2012-01-15 23:38 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml
2013-12-12 15:02 - 2012-01-15 19:13 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-12 15:02 - 2012-01-15 19:13 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-12 15:02 - 2012-01-15 19:08 - 03422328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 15:01 - 2012-01-15 18:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-12 15:00 - 2012-03-07 11:31 - 01483602 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1844237615-861567501-839522115-1004-0.dat
2013-12-12 15:00 - 2012-03-07 11:31 - 00204306 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2013-12-12 15:00 - 2012-01-15 18:53 - 00000178 ___SH C:\Documents and Settings\kocour\ntuser.ini
2013-12-12 15:00 - 2012-01-15 18:50 - 00032616 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-12 14:45 - 2013-12-12 14:33 - 00013309 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-12 14:45 - 2013-12-12 13:38 - 00002316 _____ C:\WINDOWS\ocmsn.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00017736 _____ C:\WINDOWS\ocgen.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00014154 _____ C:\WINDOWS\tsoc.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00012309 _____ C:\WINDOWS\comsetup.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00007474 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00005999 _____ C:\WINDOWS\iis6.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-12 14:44 - 2013-12-12 13:38 - 00008026 _____ C:\WINDOWS\setupapi.log
2013-12-12 14:44 - 2013-12-12 13:37 - 00037094 _____ C:\WINDOWS\FaxSetup.log
2013-12-12 14:44 - 2013-12-12 13:37 - 00001854 _____ C:\WINDOWS\msgsocm.log
2013-12-12 14:41 - 2013-12-12 14:30 - 00003649 _____ C:\WINDOWS\updspapi.log
2013-12-12 14:32 - 2013-12-12 13:37 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-12 14:32 - 2013-12-11 15:17 - 00010411 _____ C:\WINDOWS\KB2898715.log
2013-12-12 14:30 - 2013-12-12 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 14:27 - 2013-12-12 14:25 - 00005015 _____ C:\WINDOWS\KB2904266.log
2013-12-12 14:27 - 2012-01-17 00:00 - 00028930 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 14:25 - 2013-08-14 14:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 14:20 - 2012-01-15 20:22 - 00000000 ____D C:\Program Files\The KMPlayer
2013-12-12 13:54 - 2012-01-15 19:35 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-12 13:51 - 2013-12-11 15:17 - 00009248 _____ C:\WINDOWS\KB2893294.log
2013-12-12 13:48 - 2013-12-12 13:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 13:45 - 2013-12-11 15:18 - 00009891 _____ C:\WINDOWS\KB2893984.log
2013-12-12 13:43 - 2013-12-12 13:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 13:39 - 2013-12-11 15:18 - 00008310 _____ C:\WINDOWS\KB2892075.log
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setupact.log
2013-12-11 23:19 - 2012-01-22 22:32 - 00093696 _____ C:\Documents and Settings\kocour\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-11 23:02 - 2012-01-15 19:09 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-11 23:01 - 2013-12-11 23:01 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-11 23:01 - 2013-12-11 23:00 - 00000000 ____D C:\Program Files\DefaultTab
2013-12-11 23:01 - 2012-01-15 18:50 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-11 23:00 - 2013-12-11 23:00 - 00000000 ____D C:\Documents and Settings\kocour\Data aplikací\defaulttab
2013-12-11 23:00 - 2012-01-15 18:53 - 00000000 __RHD C:\Documents and Settings\kocour\Data aplikací
2013-12-11 22:58 - 2013-12-11 22:58 - 00000000 ____D C:\Program Files\PANDORA.TV
2013-12-11 22:55 - 2013-12-11 22:54 - 32359944 _____ C:\Documents and Settings\kocour\Plocha\KMPlayer_3-7-0-113.exe
2013-12-11 22:55 - 2012-01-15 18:53 - 00000000 ____D C:\Documents and Settings\kocour\Plocha
2013-12-11 15:36 - 2013-03-01 15:38 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 15:36 - 2012-01-16 01:18 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-10 22:49 - 2012-01-15 18:53 - 00000000 ____D C:\Documents and Settings\kocour
2013-12-10 22:08 - 2006-03-02 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-09 11:11 - 2012-01-31 14:38 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-861567501-839522115-1004Core.job
2013-12-08 17:48 - 2013-12-03 14:53 - 00000000 ____D C:\Documents and Settings\kocour\Dokumenty\Warzone 2100 3.1
2013-12-06 23:11 - 2013-12-03 14:39 - 00000000 ____D C:\Program Files\Warzone 2100-3.1.0
2013-12-05 01:50 - 2012-01-31 14:40 - 00002266 _____ C:\Documents and Settings\kocour\Plocha\Google Chrome.lnk
2013-12-04 21:13 - 2012-01-15 19:57 - 00000000 ____D C:\Documents and Settings\kocour\Local Settings\Data aplikací\Adobe
2013-12-03 14:53 - 2012-01-15 18:53 - 00000000 ___RD C:\Documents and Settings\kocour\Dokumenty
2013-12-03 14:40 - 2013-12-03 14:40 - 00413696 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00000769 _____ C:\Documents and Settings\All Users\Plocha\Warzone 2100-3.1.0.lnk
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Program Files\OpenAL
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Warzone 2100-3.1.0
2013-12-03 14:40 - 2012-01-15 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-27 17:28 - 2012-01-15 19:09 - 01120982 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-27 17:27 - 2013-11-27 17:26 - 00001378 _____ C:\WINDOWS\system32\RaCoInst.log
2013-11-19 11:21 - 2012-01-15 20:32 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-19 01:16 - 2012-05-01 22:33 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-11-19 01:16 - 2012-01-15 19:48 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-11-19 01:15 - 2012-01-15 20:28 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 04:00 - 2012-02-29 15:10 - 00150528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imagehlp.dll
2013-11-13 04:00 - 2006-03-02 13:00 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-11-13 02:13 - 2012-01-15 19:49 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
Some content of TEMP:
====================
C:\Documents and Settings\kocour\Local Settings\Temp\DefaultTabSetup2.exe
C:\Documents and Settings\kocour\Local Settings\Temp\KMP_3.7.0.113.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2006-03-02 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2006-03-02 13:00] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 13:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
Ran by kocour (administrator) on KOCOUR-8611202D on 12-12-2013 21:27:10
Running from F:\moje zaloha\Download
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files\DefaultTab\DefaultTabSearch.exe
() C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\dtupdate.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\Tablet.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(adi) C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\WTablet\TabUserW.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Smapp] - C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [98304 2003-01-31] (Analog Devices, Inc.)
HKLM\...\Run: [DrvLsnr] - C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe [69632 2002-05-28] (adi)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2012-01-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-04-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [mshhylrwSrv] - C:\WINDOWS\inf\mshhylrw.vbe [1558 2013-08-27] ()
HKLM\...\Run: [Printsrv] - C:\WINDOWS\system32\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-10] ()
HKCU\...\Run: [Google Update] - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKCU\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [954256 2012-04-04] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-04-04] ()
HKCU\...\Run: [AdobeBridge] - [x]
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TabUserW.exe.lnk
ShortcutTarget: TabUserW.exe.lnk -> C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3523&t=01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKCU - {2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} URL = http://www.mysearchresults.com/search?c ... earchTerms}
SearchScopes: HKCU - {45b2cc87-927c-4f58-b00f-f411e1aa32b7} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {7f858914-b64a-4fdc-a82f-b4ecaf486973} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
SearchScopes: HKCU - {b1be8e4d-2a5b-49df-bc9b-fc76ccb4ecd7} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKCU - {da47e7a0-9f71-4c6a-b7db-8b177d47f3da} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\kocour\Data aplikací\Mozilla\Firefox\Profiles\ggrpvwv2.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: addon - C:\Documents and Settings\kocour\Data aplikací\Mozilla\Firefox\Profiles\ggrpvwv2.default\Extensions\addon@defaulttab.com.xpi
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\32.0.1700.41\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\32.0.1700.41\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\32.0.1700.41\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\kocour\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Extension: (Angry Birds) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (YouTube) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DefaultTab) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\kocour\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [573952 2013-10-07] ()
R2 DefaultTabUpdate; C:\Documents and Settings\kocour\Data aplikací\defaulttab\defaulttab\dtupdate.exe [107520 2013-12-11] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)
R2 TabletService; C:\WINDOWS\system32\Tablet.exe [749568 2005-06-17] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [1139040 2010-12-28] (Ralink Technology, Corp.)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-12 21:26 - 2013-12-12 21:26 - 00000000 ____D C:\FRST
2013-12-12 14:33 - 2013-12-12 14:45 - 00013309 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-12 14:30 - 2013-12-12 14:41 - 00003649 _____ C:\WINDOWS\updspapi.log
2013-12-12 14:30 - 2013-12-12 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 14:25 - 2013-12-12 14:27 - 00005015 _____ C:\WINDOWS\KB2904266.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 13:48 - 2013-12-12 13:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 13:43 - 2013-12-12 13:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 13:38 - 2013-12-12 14:45 - 00002316 _____ C:\WINDOWS\ocmsn.log
2013-12-12 13:38 - 2013-12-12 14:44 - 00008026 _____ C:\WINDOWS\setupapi.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00017736 _____ C:\WINDOWS\ocgen.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00014154 _____ C:\WINDOWS\tsoc.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00012309 _____ C:\WINDOWS\comsetup.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00007474 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00005999 _____ C:\WINDOWS\iis6.log
2013-12-12 13:37 - 2013-12-12 14:45 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-12 13:37 - 2013-12-12 14:44 - 00037094 _____ C:\WINDOWS\FaxSetup.log
2013-12-12 13:37 - 2013-12-12 14:44 - 00001854 _____ C:\WINDOWS\msgsocm.log
2013-12-12 13:37 - 2013-12-12 14:32 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setupact.log
2013-12-11 23:01 - 2013-12-11 23:01 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-11 23:00 - 2013-12-11 23:01 - 00000000 ____D C:\Program Files\DefaultTab
2013-12-11 23:00 - 2013-12-11 23:00 - 00000000 ____D C:\Documents and Settings\kocour\Data aplikací\defaulttab
2013-12-11 22:58 - 2013-12-11 22:58 - 00000000 ____D C:\Program Files\PANDORA.TV
2013-12-11 22:54 - 2013-12-11 22:55 - 32359944 _____ C:\Documents and Settings\kocour\Plocha\KMPlayer_3-7-0-113.exe
2013-12-11 15:18 - 2013-12-12 13:45 - 00009891 _____ C:\WINDOWS\KB2893984.log
2013-12-11 15:18 - 2013-12-12 13:39 - 00008310 _____ C:\WINDOWS\KB2892075.log
2013-12-11 15:17 - 2013-12-12 14:32 - 00010411 _____ C:\WINDOWS\KB2898715.log
2013-12-11 15:17 - 2013-12-12 13:51 - 00009248 _____ C:\WINDOWS\KB2893294.log
2013-12-03 14:53 - 2013-12-08 17:48 - 00000000 ____D C:\Documents and Settings\kocour\Dokumenty\Warzone 2100 3.1
2013-12-03 14:40 - 2013-12-03 14:40 - 00413696 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00000769 _____ C:\Documents and Settings\All Users\Plocha\Warzone 2100-3.1.0.lnk
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Program Files\OpenAL
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Warzone 2100-3.1.0
2013-12-03 14:39 - 2013-12-06 23:11 - 00000000 ____D C:\Program Files\Warzone 2100-3.1.0
2013-11-27 17:26 - 2013-11-27 17:27 - 00001378 _____ C:\WINDOWS\system32\RaCoInst.log
2013-11-27 17:26 - 2010-12-28 06:59 - 01139040 ____R (Ralink Technology, Corp.) C:\WINDOWS\system32\Drivers\rt2870.sys
2013-11-27 17:26 - 2010-12-28 06:53 - 00238944 ____R (Ralink Technology, Inc.) C:\WINDOWS\system32\RaCoInst.dll
2013-11-27 17:26 - 2010-12-28 06:53 - 00014051 ____R C:\WINDOWS\system32\RaCoInst.dat
2013-11-19 21:38 - 2013-12-12 15:12 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
==================== One Month Modified Files and Folders =======
2013-12-12 21:26 - 2013-12-12 21:26 - 00000000 ____D C:\FRST
2013-12-12 21:11 - 2012-01-31 14:38 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-861567501-839522115-1004UA.job
2013-12-12 20:34 - 2013-03-01 15:38 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-12 19:00 - 2012-01-15 20:24 - 00000256 _____ C:\WINDOWS\Tasks\RMSchedule.job
2013-12-12 16:31 - 2012-01-15 18:41 - 01909748 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-12 15:12 - 2013-11-19 21:38 - 00000396 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-12-12 15:02 - 2012-01-18 00:21 - 00013075 _____ C:\WINDOWS\system32\tablet.dat
2013-12-12 15:02 - 2012-01-15 23:38 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml
2013-12-12 15:02 - 2012-01-15 19:13 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-12 15:02 - 2012-01-15 19:13 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-12 15:02 - 2012-01-15 19:08 - 03422328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-12 15:01 - 2012-01-15 18:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-12 15:00 - 2012-03-07 11:31 - 01483602 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1844237615-861567501-839522115-1004-0.dat
2013-12-12 15:00 - 2012-03-07 11:31 - 00204306 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2013-12-12 15:00 - 2012-01-15 18:53 - 00000178 ___SH C:\Documents and Settings\kocour\ntuser.ini
2013-12-12 15:00 - 2012-01-15 18:50 - 00032616 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-12 14:45 - 2013-12-12 14:33 - 00013309 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-12 14:45 - 2013-12-12 13:38 - 00002316 _____ C:\WINDOWS\ocmsn.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00017736 _____ C:\WINDOWS\ocgen.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00014154 _____ C:\WINDOWS\tsoc.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00012309 _____ C:\WINDOWS\comsetup.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00007474 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00005999 _____ C:\WINDOWS\iis6.log
2013-12-12 14:45 - 2013-12-12 13:37 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-12 14:44 - 2013-12-12 13:38 - 00008026 _____ C:\WINDOWS\setupapi.log
2013-12-12 14:44 - 2013-12-12 13:37 - 00037094 _____ C:\WINDOWS\FaxSetup.log
2013-12-12 14:44 - 2013-12-12 13:37 - 00001854 _____ C:\WINDOWS\msgsocm.log
2013-12-12 14:41 - 2013-12-12 14:30 - 00003649 _____ C:\WINDOWS\updspapi.log
2013-12-12 14:32 - 2013-12-12 13:37 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-12 14:32 - 2013-12-11 15:17 - 00010411 _____ C:\WINDOWS\KB2898715.log
2013-12-12 14:30 - 2013-12-12 14:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 14:27 - 2013-12-12 14:25 - 00005015 _____ C:\WINDOWS\KB2904266.log
2013-12-12 14:27 - 2012-01-17 00:00 - 00028930 _____ C:\WINDOWS\system32\TZLog.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 14:25 - 2013-08-14 14:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-12 14:20 - 2012-01-15 20:22 - 00000000 ____D C:\Program Files\The KMPlayer
2013-12-12 13:54 - 2012-01-15 19:35 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-12 13:51 - 2013-12-11 15:17 - 00009248 _____ C:\WINDOWS\KB2893294.log
2013-12-12 13:48 - 2013-12-12 13:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 13:45 - 2013-12-11 15:18 - 00009891 _____ C:\WINDOWS\KB2893984.log
2013-12-12 13:43 - 2013-12-12 13:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 13:39 - 2013-12-11 15:18 - 00008310 _____ C:\WINDOWS\KB2892075.log
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-12 13:37 - 2013-12-12 13:37 - 00000000 _____ C:\WINDOWS\setupact.log
2013-12-11 23:19 - 2012-01-22 22:32 - 00093696 _____ C:\Documents and Settings\kocour\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-11 23:02 - 2012-01-15 19:09 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-11 23:01 - 2013-12-11 23:01 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2013-12-11 23:01 - 2013-12-11 23:00 - 00000000 ____D C:\Program Files\DefaultTab
2013-12-11 23:01 - 2012-01-15 18:50 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2013-12-11 23:00 - 2013-12-11 23:00 - 00000000 ____D C:\Documents and Settings\kocour\Data aplikací\defaulttab
2013-12-11 23:00 - 2012-01-15 18:53 - 00000000 __RHD C:\Documents and Settings\kocour\Data aplikací
2013-12-11 22:58 - 2013-12-11 22:58 - 00000000 ____D C:\Program Files\PANDORA.TV
2013-12-11 22:55 - 2013-12-11 22:54 - 32359944 _____ C:\Documents and Settings\kocour\Plocha\KMPlayer_3-7-0-113.exe
2013-12-11 22:55 - 2012-01-15 18:53 - 00000000 ____D C:\Documents and Settings\kocour\Plocha
2013-12-11 15:36 - 2013-03-01 15:38 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 15:36 - 2012-01-16 01:18 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-10 22:49 - 2012-01-15 18:53 - 00000000 ____D C:\Documents and Settings\kocour
2013-12-10 22:08 - 2006-03-02 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-09 11:11 - 2012-01-31 14:38 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-861567501-839522115-1004Core.job
2013-12-08 17:48 - 2013-12-03 14:53 - 00000000 ____D C:\Documents and Settings\kocour\Dokumenty\Warzone 2100 3.1
2013-12-06 23:11 - 2013-12-03 14:39 - 00000000 ____D C:\Program Files\Warzone 2100-3.1.0
2013-12-05 01:50 - 2012-01-31 14:40 - 00002266 _____ C:\Documents and Settings\kocour\Plocha\Google Chrome.lnk
2013-12-04 21:13 - 2012-01-15 19:57 - 00000000 ____D C:\Documents and Settings\kocour\Local Settings\Data aplikací\Adobe
2013-12-03 14:53 - 2012-01-15 18:53 - 00000000 ___RD C:\Documents and Settings\kocour\Dokumenty
2013-12-03 14:40 - 2013-12-03 14:40 - 00413696 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-12-03 14:40 - 2013-12-03 14:40 - 00000769 _____ C:\Documents and Settings\All Users\Plocha\Warzone 2100-3.1.0.lnk
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Program Files\OpenAL
2013-12-03 14:40 - 2013-12-03 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Warzone 2100-3.1.0
2013-12-03 14:40 - 2012-01-15 19:09 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-27 17:28 - 2012-01-15 19:09 - 01120982 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-27 17:27 - 2013-11-27 17:26 - 00001378 _____ C:\WINDOWS\system32\RaCoInst.log
2013-11-19 11:21 - 2012-01-15 20:32 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-19 01:16 - 2012-05-01 22:33 - 00001698 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Security Essentials.lnk
2013-11-19 01:16 - 2012-01-15 19:48 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-11-19 01:15 - 2012-01-15 20:28 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 18:09 - 2013-11-14 18:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 18:08 - 2013-11-14 18:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 04:00 - 2012-02-29 15:10 - 00150528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imagehlp.dll
2013-11-13 04:00 - 2006-03-02 13:00 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-11-13 02:13 - 2012-01-15 19:49 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
Some content of TEMP:
====================
C:\Documents and Settings\kocour\Local Settings\Temp\DefaultTabSetup2.exe
C:\Documents and Settings\kocour\Local Settings\Temp\KMP_3.7.0.113.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1
C:\Windows\System32\winlogon.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea
C:\Windows\System32\svchost.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93
C:\Windows\System32\services.exe
[2006-03-02 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7
C:\Windows\System32\User32.dll
[2006-03-02 13:00] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53
C:\Windows\System32\userinit.exe
[2006-03-02 13:00] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239
C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 13:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (6.17 KiB) Staženo 36 x
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: cpu 100% kontrola logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do stejného adresáře jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [mshhylrwSrv] - C:\WINDOWS\inf\mshhylrw.vbe
C:\WINDOWS\inf\mshhylrw.vbe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3523&t=01
SearchScopes: HKCU - {2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} URL = http://www.mysearchresults.com/search?c ... earchTerms}
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
C:\Documents and Settings\kocour\Local Settings\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: cpu 100% kontrola logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-12-2013 03
Ran by kocour at 2013-12-12 23:06:13 Run:1
Running from F:\moje zaloha\logy
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
tart
HKLM\...\Run: [mshhylrwSrv] - C:\WINDOWS\inf\mshhylrw.vbe
C:\WINDOWS\inf\mshhylrw.vbe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3523&t=01
SearchScopes: HKCU - {2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} URL = http://www.mysearchresults.com/search?c ... earchTerms}
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
C:\Documents and Settings\kocour\Local Settings\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mshhylrwSrv => Value deleted successfully.
C:\WINDOWS\inf\mshhylrw.vbe => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Value deleted successfully.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms} ==> The Chrome "Settings" can be used to fix the entry.
"C:\Documents and Settings\kocour\Local Settings\Temp" directory move:
Could not move "C:\Documents and Settings\kocour\Local Settings\Temp\etilqs_3UVH5t9oOp9ArZx" => Scheduled to move on reboot.
C:\Documents and Settings\kocour\Local Settings\Temp\KMP_3.7.0.113.exe => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\users00 => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_142.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_154.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_21B.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_24F.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_48.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_4A.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_69.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_6D.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_76.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\KiesLiveupdateTemp\PluginHost.xml => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\installdt.tmp\DefaultTab.xpi => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\installdt.tmp\XPI\defaulttab\locale\en-US\defaulttab.properties => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\4012_6158\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\4012_6158\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\4012_6158\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3608_29527\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3608_29527\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3608_29527\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3124_26082\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3124_26082\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3124_26082\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1384_17277\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1384_17277\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1384_17277\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1152_17672\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1152_17672\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1152_17672\manifest.json => Moved successfully.
Could not move "C:\Documents and Settings\kocour\Local Settings\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-12 23:08:38)<=
C:\Documents and Settings\kocour\Local Settings\Temp\etilqs_3UVH5t9oOp9ArZx => Is moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp => Moved successfully.
==== End of Fixlog ====
Ran by kocour at 2013-12-12 23:06:13 Run:1
Running from F:\moje zaloha\logy
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
tart
HKLM\...\Run: [mshhylrwSrv] - C:\WINDOWS\inf\mshhylrw.vbe
C:\WINDOWS\inf\mshhylrw.vbe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3523&t=01
SearchScopes: HKCU - {2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} URL = http://www.mysearchresults.com/search?c ... earchTerms}
Toolbar: HKCU - No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms}
C:\Documents and Settings\kocour\Local Settings\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mshhylrwSrv => Value deleted successfully.
C:\WINDOWS\inf\mshhylrw.vbe => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2615EA9E-38BE-453F-BFE7-F5FC7D31BBF1} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Value deleted successfully.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01 ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c ... earchTerms} ==> The Chrome "Settings" can be used to fix the entry.
"C:\Documents and Settings\kocour\Local Settings\Temp" directory move:
Could not move "C:\Documents and Settings\kocour\Local Settings\Temp\etilqs_3UVH5t9oOp9ArZx" => Scheduled to move on reboot.
C:\Documents and Settings\kocour\Local Settings\Temp\KMP_3.7.0.113.exe => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\users00 => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_142.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_154.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_21B.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_24F.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_48.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_4A.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_69.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_6D.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\_76.tmp => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\KiesLiveupdateTemp\PluginHost.xml => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\installdt.tmp\DefaultTab.xpi => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\installdt.tmp\XPI\defaulttab\locale\en-US\defaulttab.properties => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\4012_6158\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\4012_6158\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\4012_6158\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3608_29527\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3608_29527\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3608_29527\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3124_26082\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3124_26082\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\3124_26082\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1384_17277\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1384_17277\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1384_17277\manifest.json => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1152_17672\crl-set => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1152_17672\manifest.fingerprint => Moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp\1152_17672\manifest.json => Moved successfully.
Could not move "C:\Documents and Settings\kocour\Local Settings\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-12 23:08:38)<=
C:\Documents and Settings\kocour\Local Settings\Temp\etilqs_3UVH5t9oOp9ArZx => Is moved successfully.
C:\Documents and Settings\kocour\Local Settings\Temp => Moved successfully.
==== End of Fixlog ====
Re: cpu 100% kontrola logu
zdá se,že je to vyřešené
Děkuji za pomoc
Děkuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: cpu 100% kontrola logu
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?