VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Velké využití CPU

https://forum.viry.cz:443/viewtopic.php?t=136836

Stránka 1 z 2

Velké využití CPU

Napsal: 14 bře 2014 01:45
od Sichi
Dobrý den, můj problém spočívá v tom, že můj procesor pracuje skoro pořád na 80-100%. Sice je už trochu starší, ale myslím si, že při úplně banálních činnostech, jako je třeba prohlížení webu, je to docela dost. Co mám dělat?

Předem děkuji za pomoc.

Re: Velké využití CPU

Napsal: 14 bře 2014 02:06
od vyosek
Zdravim :)

:arrow: A budeme vesit z kristalove koule nebo logru od kafe :?:

:arrow: Aspon log z RSIT nebo FRST mi dejte, nahore je takovej veeelkej oranzovej obdelnik...

Re: Velké využití CPU

Napsal: 14 bře 2014 02:13
od Sichi
Omlouvám se, nevšiml jsem si :)

zde je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2014-03-14 02:15:18
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (62%) free of 77 GB
Total RAM: 2047 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:15:25, on 14.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IObit\Advanced SystemCare 7\Asc.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Owner\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?f=1&a=syd72&cd ... 673505&ir=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkID=131658
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ValueApps Loader - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll
O3 - Toolbar: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\Empowering Technology\awtray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 7859 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC7_PerformanceMonitor.job
C:\WINDOWS\tasks\Driver Booster Scan.job
C:\WINDOWS\tasks\Driver Booster Update.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-306829412-3668169067-3135776419-1003.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-306829412-3668169067-3135776419-1003.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default

prefs.js - "keyword.URL" - "http://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p="

"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\searchplugins\
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll [2013-12-13 1398080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-05 752448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}]
ValueApps - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll [2013-12-22 127264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-10 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll [2013-12-13 1398080]
{10921475-03CE-4E04-90CE-E2E7EF20C814} - ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-01-05 752448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-08-22 295512]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-12-13 1383232]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-06-08 14565376]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-08-16 368640]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-08-18 2460672]
"AdminWorks Tray"=C:\Acer\Empowering Technology\awtray.exe [2005-08-18 1304576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-08-22 39408]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-09 2285344]
"Facebook Update"=C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2014-02-08 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SkypeUpdate"=2
"RealNetworks Downloader Resolver Service"=2
"PnkBstrA"=2
"LiveUpdateSvc"=2
"JavaQuickStarterService"=2
"gusvc"=3
"gupdatem"=3
"gupdate"=2
"AWService"=2
"ATI Smart"=2
"Ati HotKey Poller"=2
"Application Updater"=2
"AdvancedSystemCareService7"=2
"AdobeFlashPlayerUpdateSvc"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-10-17 122880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\SindicateM2 - Kopie (6)\client.bin"="D:\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client"
"D:\QuadCoreM2\pack\core.bin"="D:\QuadCoreM2\pack\core.bin:*:Enabled:core"
"C:\Documents and Settings\Owner\Data aplikací\BitTorrent\BitTorrent.exe"="C:\Documents and Settings\Owner\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2380\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2581\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.beta.2581\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2014-03-14 02:15:19 ----D---- C:\Program Files\trend micro
2014-03-14 02:15:18 ----D---- C:\rsit
2014-03-14 01:26:00 ----D---- C:\Program Files\Combined Community Codec Pack
2014-03-14 01:14:05 ----D---- C:\Program Files\ValueApps
2014-03-14 01:14:04 ----A---- C:\WINDOWS\system32\tmpresp.tmp
2014-03-14 01:12:03 ----D---- C:\Program Files\ATI
2014-03-14 01:11:08 ----D---- C:\AMD
2014-03-13 03:15:20 ----D---- C:\Program Files\Mozilla Firefox
2014-03-13 02:56:02 ----D---- C:\Documents and Settings\Owner\Data aplikací\Mozilla
2014-03-13 02:55:58 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-03-13 02:55:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-03-13 02:41:00 ----D---- C:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-02-26 19:37:27 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2014-02-25 22:14:27 ----A---- C:\WINDOWS\uninst.exe
2014-02-24 18:42:22 ----D---- C:\Program Files\Rockstar Games
2014-02-22 13:25:42 ----D---- C:\Program Files\Game Dev Tycoon v1.3.2

======List of files/folders modified in the last 1 month======

2014-03-14 02:15:19 ----RD---- C:\Program Files
2014-03-14 02:15:00 ----D---- C:\WINDOWS\Prefetch
2014-03-14 02:05:19 ----D---- C:\WINDOWS\temp
2014-03-14 02:05:18 ----SHD---- C:\System Volume Information
2014-03-14 02:05:18 ----D---- C:\WINDOWS\system32\Restore
2014-03-14 02:05:11 ----AD---- C:\WINDOWS
2014-03-14 02:04:50 ----D---- C:\Qoobox
2014-03-14 01:35:02 ----D---- C:\WINDOWS\system32\CatRoot2
2014-03-14 01:32:36 ----D---- C:\WINDOWS\system32\config
2014-03-14 01:28:14 ----AD---- C:\WINDOWS\system32
2014-03-14 01:28:14 ----A---- C:\WINDOWS\system32\eRLog.ini
2014-03-14 01:28:05 ----D---- C:\WINDOWS\system32\Lang
2014-03-14 01:26:26 ----D---- C:\WINDOWS\system32\wbem
2014-03-14 01:26:25 ----D---- C:\WINDOWS\Registration
2014-03-14 01:26:15 ----SHD---- C:\WINDOWS\Installer
2014-03-14 01:26:14 ----AD---- C:\WINDOWS\system32\drivers
2014-03-14 01:26:12 ----RSHD---- C:\WINDOWS\system32\dllcache
2014-03-14 01:26:06 ----D---- C:\Config.Msi
2014-03-14 01:25:57 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-03-14 01:15:37 ----HD---- C:\WINDOWS\inf
2014-03-14 01:12:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-03-14 00:12:27 ----D---- C:\Documents and Settings\Owner\Data aplikací\Skype
2014-03-13 00:36:52 ----D---- C:\Documents and Settings\Owner\Data aplikací\vlc
2014-03-12 11:04:15 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-04 17:20:43 ----D---- C:\Program Files\Opera
2014-03-01 20:47:25 ----D---- C:\Program Files\Steam
2014-02-26 19:26:15 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 m5287;m5287; C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 85888]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2014-01-31 320120]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-10-17 2642944]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-06-08 3160576]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-09-08 6144]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-06-27 234752]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz130;cpuz130; C:\WINDOWS\system32\drivers\cpuz130.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2004-06-07 5035]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-22 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-22 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-13 118896]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S4 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S4 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2013-12-13 807800]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-10-17 495616]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-10-16 593920]
S4 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\awServ.exe [2005-08-18 86528]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-08-22 194032]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-01-11 182696]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2014-01-17 76888]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

-----------------EOF-----------------

Re: Velké využití CPU

Napsal: 14 bře 2014 02:22
od vyosek
Vy jste tam spoustel dneska ComboFix co??

Re: Velké využití CPU

Napsal: 14 bře 2014 02:25
od Sichi
No, už jsem s ním jednou pracoval, ale zapomněl jsem ho vymazat, tak jsem ho dneska jen smazal, ale nespouštěl.

Re: Velké využití CPU

Napsal: 14 bře 2014 02:26
od vyosek
:arrow: Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Velké využití CPU

Napsal: 14 bře 2014 02:35
od Sichi
Za moment přidám druhý log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on pá 14.03.2014 at 2:35:12,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] application updater
Successfully deleted: [Service] application updater



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchsettings
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1B2C4996-C50D-56D3-C853-546F85F4FDCE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1B2C4996-C50D-56D3-C853-546F85F4FDCE}



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Data aplikací\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Data aplikací\search settings"
Successfully deleted: [Folder] "C:\Program Files\application updater"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Failed to delete: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Owner\Data aplikací\mozilla\firefox\profiles\4f1qi6qf.default\user.js



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 14.03.2014 at 2:39:13,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Velké využití CPU

Napsal: 14 bře 2014 02:41
od Sichi
Druhý log.

# AdwCleaner v3.022 - Report created 14/03/2014 at 02:43:06
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ACER-6212E367EE
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Program Files\BitLord 2
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\ValueApps
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\SearchProtect
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\BitLord
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\SearchYa
Folder Deleted : C:\Documents and Settings\Owner\Data aplikací\ValueApps
Folder Deleted : C:\Documents and Settings\Owner\Dokumenty\BitLord
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
[!] Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\WINDOWS\Tasks\Driver Booster Update.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\searchya
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ File : C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [5174 octets] - [14/03/2014 02:41:54]
AdwCleaner[S0].txt - [5189 octets] - [14/03/2014 02:43:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5249 octets] ##########

Re: Velké využití CPU

Napsal: 14 bře 2014 02:42
od vyosek
:arrow: Supr, jdeme dale

:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Velké využití CPU

Napsal: 14 bře 2014 02:53
od Sichi
Log zde:


Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Owner on p  14.03.2014 at 2:49:42,23.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Owner\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.3.2014 2:50:15 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-306829412-3668169067-3135776419-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\DOCUME~1\ALLUSE~1\DATAAP~1\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\search.sqlite deleted
C:\FOUND.000 deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ProductData deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Package Cache deleted
C:\WINDOWS\wininit.ini deleted
C:\prefs.js deleted
C:\WINDOWS\System32\tmpresp.tmp deleted
"C:\WINDOWS\Installer\7c6f45.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\Documents and Settings\All Users\Data aplikacˇ\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [22.08.2013 16:43]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Data aplikacˇ\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 14:24]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12.10.2013 13:04]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com/ie"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{32FF8E03-4332-44D3-B5E5-A04F1D69D0E1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Owner\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=5 1610977 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Owner\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on p  14.03.2014 at 2:57:12,57 ======================

Re: Velké využití CPU

Napsal: 14 bře 2014 03:03
od vyosek
Supr, poprosim nyni o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: Velké využití CPU

Napsal: 14 bře 2014 03:13
od Sichi
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Owner (administrator) on ACER-6212E367EE on 14-03-2014 03:15:05
Running from C:\Documents and Settings\Owner\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(acer Inc.) C:\Acer\Empowering Technology\eRecovery\Monitor.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Adobe Systems Incorporated) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-08-22] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [14565376 2005-06-08] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-18] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-18] (Microsoft Corporation)
HKLM\...\Run: [ntiMUI] - c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [45056 2005-05-11] ()
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-18] ()
HKLM\...\Run: [LaunchApp] - Alaunch
HKLM\...\Run: [IMJPMIG8.1] - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-18] (Microsoft Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] - C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-07] (Windows (R) Server 2003 DDK provider)
HKLM\...\Run: [eRecoveryService] - C:\Acer\Empowering Technology\eRecovery\Monitor.exe [368640 2005-08-16] (acer Inc.)
HKLM\...\Run: [ADMTray.exe] - C:\Acer\Empowering Technology\admtray.exe [2460672 2005-08-18] (Avocent Inc.)
HKLM\...\Run: [AdminWorks Tray] - C:\Acer\Empowering Technology\awtray.exe [1304576 2005-08-18] (OSA Technologies, An Avocent Company)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-306829412-3668169067-3135776419-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-22] (Google Inc.)
HKU\S-1-5-21-306829412-3668169067-3135776419-1003\...\Run: [Facebook Update] - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [138096 2014-02-08] (Facebook Inc.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\4f1qi6qf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-13]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-22]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: SearchYa!
CHR DefaultSearchURL: http://www.google.com
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Adobe Acrobat) - c:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-22]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-22]
CHR Extension: (AdBlock) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-22]
CHR Extension: (Value apps) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon [2013-12-25]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-08-22]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-22]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-01-05]

========================== Services (Whitelisted) =================

S3 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
S4 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2007-10-16] ()
S4 AWService; C:\Acer\Empowering Technology\awServ.exe [86528 2005-08-18] (OSA Technologies Inc., An Avocent Company)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-11] (Oracle Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-01-17] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
R2 int15.sys; C:\Acer\Empowering Technology\eRecovery\int15.sys [69632 2005-01-13] ()
R0 m5287; C:\WINDOWS\System32\drivers\m5287.sys [85888 2005-02-05] (ULi Electronics Inc.)
S3 NdisFilt; C:\WINDOWS\System32\Drivers\NdisFilt.sys [5035 2004-06-07] (OSA Technologies)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETMNT; C:\WINDOWS\System32\DRIVERS\NETMNT.sys [9600 2005-05-02] ()
R1 OsaFsLoc; C:\WINDOWS\system32\drivers\OsaFsLoc.sys [11978 2005-07-19] (OSA Technologies)
R2 osaio; C:\WINDOWS\system32\drivers\osaio.sys [7296 2005-06-30] (OSA Technologies, An Avocent Company)
R2 osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [4010 2005-01-14] (Windows (R) 2000 DDK provider)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-01-31] (Duplex Secure Ltd.)
R1 UBHelper; C:\WINDOWS\system32\Drivers\UBHelper.sys [13952 2004-12-17] ()
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [234752 2005-06-27] (Marvell)
S3 cpuz130; No ImagePath
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 03:15 - 2014-03-14 03:15 - 00017852 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-03-14 03:13 - 2014-03-14 03:15 - 00000000 ____D () C:\FRST
2014-03-14 03:13 - 2014-03-14 03:13 - 00029696 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
2014-03-14 03:13 - 2014-03-14 03:13 - 00015327 _____ () C:\Documents and Settings\Owner\Plocha\LM.bat
2014-03-14 03:12 - 2014-03-14 03:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-03-14 03:11 - 2014-03-14 03:11 - 01145856 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-03-14 02:56 - 2014-03-14 02:49 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-03-14 02:50 - 2014-03-14 02:57 - 00007435 _____ () C:\zoek-results.log
2014-03-14 02:49 - 2014-03-14 02:54 - 00000000 ____D () C:\zoek_backup
2014-03-14 02:48 - 2014-03-14 02:48 - 01285120 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-03-14 02:45 - 2014-03-14 02:57 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-14 02:45 - 2014-03-14 02:57 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-14 02:45 - 2014-03-14 02:45 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-14 02:44 - 2014-03-14 02:56 - 00005334 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-14 02:41 - 2014-03-14 02:43 - 00000000 ____D () C:\AdwCleaner
2014-03-14 02:41 - 2014-03-14 02:41 - 01950720 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
2014-03-14 02:35 - 2014-03-14 02:35 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-14 02:34 - 2014-03-14 02:34 - 01037734 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-03-14 02:33 - 2014-03-14 02:33 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\rsit
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\Program Files\trend micro
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Program Files\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Catalyst Control Center
2014-03-14 01:12 - 2014-03-14 01:12 - 00000000 ____D () C:\Program Files\ATI
2014-03-14 01:11 - 2014-03-14 01:11 - 00000000 ____D () C:\AMD
2014-03-13 03:15 - 2014-03-13 03:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-13 03:01 - 2014-03-14 03:12 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Stažené soubory
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Mozilla
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Mozilla
2014-03-13 02:55 - 2014-03-14 01:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-13 02:55 - 2014-03-13 02:55 - 24501312 _____ (Mozilla) C:\Documents and Settings\Owner\Dokumenty\Firefox Setup 27.0.exe
2014-03-13 02:55 - 2014-03-13 02:55 - 00000734 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000728 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-03-13 02:41 - 2014-03-14 01:35 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-13 02:35 - 2014-03-13 02:35 - 09357880 _____ (CCCP Project ) C:\Documents and Settings\Owner\Dokumenty\Combined-Community-Codec-Pack-2013-04-20.exe
2014-03-01 16:28 - 2014-03-01 16:28 - 00000874 _____ () C:\Documents and Settings\Owner\Plocha\San Andreas Multiplayer.lnk
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Documents and Settings\Owner\Nabídka Start\Programy\San Andreas Multiplayer
2014-03-01 16:27 - 2014-03-01 16:28 - 11990847 _____ () C:\Documents and Settings\Owner\Dokumenty\sa-mp-0.3z-R1-install.exe
2014-03-01 14:17 - 2014-03-05 23:19 - 00202752 _____ () C:\Documents and Settings\Owner\Plocha\GTASAsf1.b
2014-02-26 19:39 - 2014-02-26 19:39 - 01191753 _____ () C:\Documents and Settings\Owner\Dokumenty\gtasa120cz.zip
2014-02-26 19:38 - 2014-03-01 16:28 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\GTA San Andreas User Files
2014-02-26 19:37 - 2014-02-26 19:37 - 00098304 _____ (Sony DADC Austria AG.) C:\WINDOWS\system32\CmdLineExt.dll
2014-02-26 19:26 - 2014-02-26 19:26 - 00001591 _____ () C:\Documents and Settings\All Users\Plocha\GTA San Andreas.lnk
2014-02-25 22:14 - 2014-02-25 22:14 - 00000000 ____D () C:\Documents and Settings\Owner\WINDOWS
2014-02-25 22:14 - 1998-02-06 21:37 - 00299520 _____ (InstallShield Corporation, Inc.) C:\WINDOWS\uninst.exe
2014-02-24 19:21 - 2014-02-24 19:46 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Max Payne 2 Savegames
2014-02-24 19:20 - 2014-02-24 19:20 - 01486848 _____ (Remedy Entertainment) C:\Documents and Settings\Owner\Dokumenty\Max-Payne-2-crack-(alik).exe
2014-02-24 19:16 - 2014-02-26 19:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Rockstar Games
2014-02-24 18:54 - 2014-02-24 18:55 - 38542610 _____ () C:\Documents and Settings\Owner\Dokumenty\MaxPayne2CZ_komplet.exe
2014-02-24 18:52 - 2014-02-24 18:52 - 00001757 _____ () C:\Documents and Settings\Owner\Plocha\Max Payne 2.lnk
2014-02-24 18:42 - 2014-02-26 19:26 - 00000000 ____D () C:\Program Files\Rockstar Games
2014-02-22 13:28 - 2014-02-23 18:55 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Game Dev Tycoon
2014-02-22 13:25 - 2014-02-22 13:25 - 00000633 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000627 _____ () C:\Documents and Settings\All Users\Plocha\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000000 ____D () C:\Program Files\Game Dev Tycoon v1.3.2
2014-02-22 13:25 - 2013-04-29 23:19 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Game.Dev.Tycoon-ALiAS
2014-02-22 13:07 - 2014-02-22 13:20 - 115532320 _____ () C:\Documents and Settings\Owner\Dokumenty\Game.Dev.Tycoon-ALiAS.rar
2014-02-15 14:14 - 2014-02-15 14:20 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha\Flashka

==================== One Month Modified Files and Folders =======

2014-03-14 03:15 - 2014-03-14 03:15 - 00017852 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-03-14 03:15 - 2014-03-14 03:13 - 00000000 ____D () C:\FRST
2014-03-14 03:15 - 2013-10-03 15:34 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-14 03:15 - 2005-09-08 10:20 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha
2014-03-14 03:13 - 2014-03-14 03:13 - 00029696 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\MSGBOX.EXE
2014-03-14 03:13 - 2014-03-14 03:13 - 00015327 _____ () C:\Documents and Settings\Owner\Plocha\LM.bat
2014-03-14 03:13 - 2005-09-08 10:20 - 00000000 ___HD () C:\Documents and Settings\Owner\Local Settings\Data aplikací
2014-03-14 03:12 - 2014-03-14 03:12 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-03-14 03:12 - 2014-03-13 03:01 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Stažené soubory
2014-03-14 03:11 - 2014-03-14 03:11 - 01145856 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-03-14 02:57 - 2014-03-14 02:50 - 00007435 _____ () C:\zoek-results.log
2014-03-14 02:57 - 2014-03-14 02:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-14 02:57 - 2014-03-14 02:45 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-14 02:57 - 2013-12-24 12:39 - 00000270 _____ () C:\WINDOWS\Tasks\Driver Booster Scan.job
2014-03-14 02:57 - 2013-08-22 16:43 - 00000278 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-306829412-3668169067-3135776419-1003.job
2014-03-14 02:57 - 2013-08-22 16:42 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-14 02:57 - 2013-08-22 15:45 - 00000739 _____ () C:\WINDOWS\system32\eRLog.ini
2014-03-14 02:57 - 2005-09-08 10:55 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-03-14 02:57 - 2005-09-08 10:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-14 02:56 - 2014-03-14 02:44 - 00005334 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-14 02:56 - 2013-08-22 18:18 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-03-14 02:56 - 2005-09-08 10:20 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-03-14 02:56 - 2005-09-08 10:16 - 00358925 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-14 02:54 - 2014-03-14 02:49 - 00000000 ____D () C:\zoek_backup
2014-03-14 02:54 - 2005-09-08 10:13 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-03-14 02:52 - 2013-08-22 16:42 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-14 02:49 - 2014-03-14 02:56 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-03-14 02:48 - 2014-03-14 02:48 - 01285120 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-03-14 02:45 - 2014-03-14 02:45 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-14 02:43 - 2014-03-14 02:41 - 00000000 ____D () C:\AdwCleaner
2014-03-14 02:43 - 2005-09-08 10:20 - 00000000 __RHD () C:\Documents and Settings\Owner\Data aplikací
2014-03-14 02:41 - 2014-03-14 02:41 - 01950720 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner.exe
2014-03-14 02:35 - 2014-03-14 02:35 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-14 02:34 - 2014-03-14 02:34 - 01037734 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-03-14 02:34 - 2005-09-08 10:20 - 00000000 ___RD () C:\Documents and Settings\Owner\Nabídka Start
2014-03-14 02:34 - 2005-09-08 10:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-03-14 02:34 - 2005-09-08 10:13 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-03-14 02:33 - 2014-03-14 02:33 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-03-14 02:33 - 2013-08-22 21:51 - 00000000 ____D () C:\Program Files\IObit
2014-03-14 02:23 - 2014-02-08 20:18 - 00000992 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003UA.job
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\rsit
2014-03-14 02:15 - 2014-03-14 02:15 - 00000000 ____D () C:\Program Files\trend micro
2014-03-14 02:05 - 2005-09-08 10:20 - 00000000 ____D () C:\Documents and Settings\Owner
2014-03-14 02:05 - 2005-09-08 10:15 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-03-14 02:04 - 2013-11-16 22:40 - 00000000 ____D () C:\Qoobox
2014-03-14 01:35 - 2014-03-13 02:41 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Player Classic
2014-03-14 01:32 - 2013-12-23 18:43 - 19988480 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-03-14 01:32 - 2013-12-23 18:43 - 00253952 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-03-14 01:32 - 2013-12-23 18:43 - 00053248 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-03-14 01:32 - 2013-12-23 18:43 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-03-14 01:32 - 2005-09-08 10:20 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-14 01:32 - 2005-09-08 10:20 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-14 01:27 - 2014-03-13 02:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Program Files\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Combined Community Codec Pack
2014-03-14 01:26 - 2014-03-14 01:26 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Catalyst Control Center
2014-03-14 01:26 - 2005-09-08 10:15 - 00000000 ____D () C:\WINDOWS\Registration
2014-03-14 01:12 - 2014-03-14 01:12 - 00000000 ____D () C:\Program Files\ATI
2014-03-14 01:11 - 2014-03-14 01:11 - 00000000 ____D () C:\AMD
2014-03-14 00:12 - 2013-08-22 21:02 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Skype
2014-03-13 20:23 - 2014-02-08 20:18 - 00000970 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-306829412-3668169067-3135776419-1003Core.job
2014-03-13 18:22 - 2013-08-22 16:43 - 00000286 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-306829412-3668169067-3135776419-1003.job
2014-03-13 03:20 - 2013-11-02 15:33 - 00000000 ___RD () C:\Documents and Settings\Owner\Plocha\Hudba
2014-03-13 03:15 - 2014-03-13 03:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-13 03:01 - 2005-09-08 10:20 - 00000000 ___RD () C:\Documents and Settings\Owner\Dokumenty
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Mozilla
2014-03-13 02:56 - 2014-03-13 02:56 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Mozilla
2014-03-13 02:55 - 2014-03-13 02:55 - 24501312 _____ (Mozilla) C:\Documents and Settings\Owner\Dokumenty\Firefox Setup 27.0.exe
2014-03-13 02:55 - 2014-03-13 02:55 - 00000734 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000728 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-03-13 02:55 - 2014-03-13 02:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-03-13 02:35 - 2014-03-13 02:35 - 09357880 _____ (CCCP Project ) C:\Documents and Settings\Owner\Dokumenty\Combined-Community-Codec-Pack-2013-04-20.exe
2014-03-13 00:36 - 2013-09-01 18:18 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\vlc
2014-03-12 17:54 - 2014-02-11 18:40 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-03-12 11:04 - 2013-10-03 15:34 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 11:04 - 2013-10-03 15:34 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2013-10-23 22:46 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\POjuwqJUh85
2014-03-06 23:20 - 2013-11-02 15:33 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha\Obrázky
2014-03-05 23:19 - 2014-03-01 14:17 - 00202752 _____ () C:\Documents and Settings\Owner\Plocha\GTASAsf1.b
2014-03-04 18:04 - 2013-08-22 16:42 - 00001817 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-03-04 17:20 - 2013-10-03 15:30 - 00000000 ____D () C:\Program Files\Opera
2014-03-04 17:18 - 2005-09-08 10:09 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-02 14:24 - 2014-02-07 18:55 - 19881984 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2014-03-02 14:24 - 2014-02-07 18:55 - 00253952 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2014-03-02 14:24 - 2014-02-07 18:55 - 00053248 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2014-03-02 14:24 - 2014-02-07 18:55 - 00024576 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2014-03-01 20:47 - 2014-01-19 16:13 - 00000000 ____D () C:\Program Files\Steam
2014-03-01 20:47 - 2013-08-24 17:25 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\League of Legends
2014-03-01 16:28 - 2014-03-01 16:28 - 00000874 _____ () C:\Documents and Settings\Owner\Plocha\San Andreas Multiplayer.lnk
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\Documents and Settings\Owner\Nabídka Start\Programy\San Andreas Multiplayer
2014-03-01 16:28 - 2014-03-01 16:27 - 11990847 _____ () C:\Documents and Settings\Owner\Dokumenty\sa-mp-0.3z-R1-install.exe
2014-03-01 16:28 - 2014-02-26 19:38 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\GTA San Andreas User Files
2014-03-01 16:28 - 2005-09-08 10:20 - 00000000 ___RD () C:\Documents and Settings\Owner\Nabídka Start\Programy
2014-02-26 19:39 - 2014-02-26 19:39 - 01191753 _____ () C:\Documents and Settings\Owner\Dokumenty\gtasa120cz.zip
2014-02-26 19:37 - 2014-02-26 19:37 - 00098304 _____ (Sony DADC Austria AG.) C:\WINDOWS\system32\CmdLineExt.dll
2014-02-26 19:26 - 2014-02-26 19:26 - 00001591 _____ () C:\Documents and Settings\All Users\Plocha\GTA San Andreas.lnk
2014-02-26 19:26 - 2014-02-24 19:16 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Rockstar Games
2014-02-26 19:26 - 2014-02-24 18:42 - 00000000 ____D () C:\Program Files\Rockstar Games
2014-02-26 19:26 - 2005-09-08 10:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-25 22:21 - 2005-09-08 10:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start
2014-02-25 22:14 - 2014-02-25 22:14 - 00000000 ____D () C:\Documents and Settings\Owner\WINDOWS
2014-02-24 19:46 - 2014-02-24 19:21 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Max Payne 2 Savegames
2014-02-24 19:20 - 2014-02-24 19:20 - 01486848 _____ (Remedy Entertainment) C:\Documents and Settings\Owner\Dokumenty\Max-Payne-2-crack-(alik).exe
2014-02-24 18:55 - 2014-02-24 18:54 - 38542610 _____ () C:\Documents and Settings\Owner\Dokumenty\MaxPayne2CZ_komplet.exe
2014-02-24 18:52 - 2014-02-24 18:52 - 00001757 _____ () C:\Documents and Settings\Owner\Plocha\Max Payne 2.lnk
2014-02-23 18:55 - 2014-02-22 13:28 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\Game Dev Tycoon
2014-02-22 13:25 - 2014-02-22 13:25 - 00000633 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000627 _____ () C:\Documents and Settings\All Users\Plocha\Game Dev Tycoon v1.3.2.lnk
2014-02-22 13:25 - 2014-02-22 13:25 - 00000000 ____D () C:\Program Files\Game Dev Tycoon v1.3.2
2014-02-22 13:20 - 2014-02-22 13:07 - 115532320 _____ () C:\Documents and Settings\Owner\Dokumenty\Game.Dev.Tycoon-ALiAS.rar
2014-02-15 14:20 - 2014-02-15 14:14 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha\Flashka
2014-02-15 14:14 - 2013-12-08 21:06 - 00011264 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2005-09-08 10:08] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2005-09-08 10:09] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2005-09-08 10:09] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2013-08-22 16:59] - [2008-04-14 07:52] - 0108544 ____A (Microsoft Corporation) f0d2ae69035092bf22dad6b50fab85c2

C:\WINDOWS\system32\User32.dll
[2005-09-08 10:09] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2013-08-22 16:59] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll
[2005-09-08 10:09] - [2008-04-14 07:51] - 0399360 ____A (Microsoft Corporation) c868f3ae15cf71a93f2aa3a32856d839

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2013-08-22 16:59] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Re: Velké využití CPU

Napsal: 14 bře 2014 03:14
od Sichi
zde ještě Addition :)

Re: Velké využití CPU

Napsal: 14 bře 2014 03:16
od vyosek
:arrow: Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/
  • C:\WINDOWS\system32\rpcss.dll
  • Kliknete na Choose file
  • Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
  • Kliknete na Scan It
  • Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
    Obrázek
  • Vysledek analyzy sem vlozte (jako odkaz)

Re: Velké využití CPU

Napsal: 14 bře 2014 03:22
od Sichi
https://www.virustotal.com/cs/file/7f08 ... 394764017/
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz