VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vytížení procesoru 70% +

https://forum.viry.cz:443/viewtopic.php?t=145427

Stránka 1 z 1

Vytížení procesoru 70% +

Napsal: 28 črc 2015 18:32
od martin891
Dobrý den,

prosím o pomoc procesor má stále využítí nad 70%. Ve sledování procesů ukazuje svchost.exe průměr 40%.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2015-07-28 19:20:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 171 GB (56%) free of 305 GB
Total RAM: 3008 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:30, on 28.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Ask Toolbar BHO - {434C4D2D-5637-006A-76A7-7A786E7484D7} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: (no name) - {434C4D2D-5637-006A-76A7-7A786E7484D7} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-356064856-1936743325-527621735-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-356064856-1936743325-527621735-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Upload to Facebook - C:\Program Files (x86)\WebcamMax\share\iecontext.htm
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8468 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-16395981-cc5e-4ec1-869e-b27da68cf2b6 -SystemEventPortName:HostProcess-47728cd3-d7d7-4fa4-baaf-0afb2ef7018c -IoCancelEventPortName:HostProcess-dc3c1819-4db9-4caf-b2ec-27b3cbf7ce54 -NonStateChangingEventPortName:HostProcess-7fd11481-1cb8-4601-a714-2f672c3e64b8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e9478a43-798c-4d70-9b6b-b7624b929e46 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\rundll32.exe appraiser.dll,DailyGatedCheck

"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Jirka\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000Core.job - C:\Users\Jirka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000UA.job - C:\Users\Jirka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\ojuudxij.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{434C4D2D-5637-006A-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{434C4D56-372D-5341-5400-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-25 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{434C4D2D-5637-006A-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-25 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-16 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{434C4D2D-5637-006A-76A7-7A786E7484D7}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12 1154720]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-16 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{434C4D2D-5637-006A-76A7-7A786E7484D7}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-16 194504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-30 53288576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Jirka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Jirka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2012-12-19 92296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Jirka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-17 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam.chromeUpdatePref]
C:\Users\Jirka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe [2013-02-13 942080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-30 53288576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jirka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-03-19 32667896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-25 5512912]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-28 19:20:26 ----D---- C:\Program Files\trend micro
2015-07-28 19:20:25 ----D---- C:\rsit
2015-07-28 19:12:33 ----D---- C:\Program Files (x86)\SpeedFan
2015-07-24 20:29:58 ----A---- C:\Windows\system32\hid.dll
2015-07-15 09:43:20 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 09:43:20 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 09:43:18 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 09:43:18 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 09:43:18 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 09:43:18 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 09:43:18 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 09:43:18 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 09:43:18 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wups.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 09:43:17 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 09:43:12 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 09:43:12 ----A---- C:\Windows\system32\msi.dll
2015-07-15 09:43:12 ----A---- C:\Windows\system32\authui.dll
2015-07-15 09:43:11 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 09:43:11 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 09:43:11 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 09:43:11 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 09:43:11 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 09:43:11 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 09:43:11 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 09:43:11 ----A---- C:\Windows\system32\consent.exe
2015-07-15 09:43:11 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 09:43:07 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 09:43:07 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 09:43:06 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 09:43:06 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 09:43:03 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 09:43:03 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 09:43:03 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 09:43:02 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 09:43:02 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 09:43:02 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 09:43:02 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 09:43:02 ----A---- C:\Windows\system32\acmigration.dll
2015-07-13 16:35:58 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-07-28 19:20:27 ----D---- C:\Windows\Temp
2015-07-28 19:20:26 ----D---- C:\Program Files
2015-07-28 19:16:07 ----HD---- C:\ProgramData
2015-07-28 19:12:33 ----RD---- C:\Program Files (x86)
2015-07-28 19:12:31 ----D---- C:\Windows\SysWOW64
2015-07-28 19:11:37 ----SHD---- C:\System Volume Information
2015-07-28 19:11:14 ----D---- C:\Windows\system32\drivers
2015-07-28 19:10:22 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2015-07-28 19:10:03 ----D---- C:\Windows\system32\config
2015-07-27 17:03:54 ----D---- C:\Windows\tracing
2015-07-27 10:03:05 ----D---- C:\Windows\Prefetch
2015-07-26 22:31:23 ----SD---- C:\Windows\system32\GWX
2015-07-24 20:31:37 ----D---- C:\Windows\System32
2015-07-24 19:40:20 ----D---- C:\Windows\Minidump
2015-07-24 19:40:16 ----D---- C:\Windows
2015-07-20 10:04:23 ----D---- C:\Windows\system32\catroot2
2015-07-16 19:42:46 ----SHD---- C:\Windows\Installer
2015-07-16 19:34:41 ----D---- C:\Windows\winsxs
2015-07-16 04:34:46 ----D---- C:\Windows\rescache
2015-07-16 03:30:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-16 03:30:35 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 03:30:35 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 03:30:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 03:10:47 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 03:10:47 ----D---- C:\Windows\system32\wbem
2015-07-16 03:10:47 ----D---- C:\Windows\system32\appraiser
2015-07-16 03:10:47 ----D---- C:\Windows\AppPatch
2015-07-16 03:10:33 ----D---- C:\Windows\system32\MRT
2015-07-15 23:35:33 ----D---- C:\Windows\Tasks
2015-07-15 20:43:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 07:47:26 ----D---- C:\ProgramData\Skype
2015-07-15 07:47:16 ----RD---- C:\Program Files (x86)\Skype
2015-07-15 07:44:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-07 13:52:35 ----SHD---- C:\$Recycle.Bin
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-25 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-25 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-25 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-25 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-25 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-25 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-25 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-25 136752]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-01 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-01 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;Sony sa0102 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-25 343336]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 878368]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-10-01 2324216]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-26 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-04-26 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-13 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-20 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Re: Vytížení procesoru 70% +

Napsal: 28 črc 2015 19:47
od Rudy
Zdravím!
Jak je na tom váš oper. systém s legalitou?

Re: Vytížení procesoru 70% +

Napsal: 29 črc 2015 03:30
od martin891
Pocitac je me tety a dala mi k nemu i instalacni cd. Tak myslim ze je legalni.

Re: Vytížení procesoru 70% +

Napsal: 29 črc 2015 16:59
od Rudy
OK. Zkusíme tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.

Re: Vytížení procesoru 70% +

Napsal: 29 črc 2015 21:26
od martin891
Posílám logy ještě před nimi jsem ale vypnul automatické aktualizace. Snad jsem tím nic nepokazil. Kdyby náhodou pošlu log znovu. díky



OTL logfile created on: 29.7.2015 21:51:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,94 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 64,87% Memory free
5,87 Gb Paging File | 4,82 Gb Available in Paging File | 82,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 172,20 Gb Free Space | 57,79% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.07.29 21:49:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Downloads\OTL.exe
PRC - [2015.05.01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015.05.01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2013.10.01 15:46:48 | 002,324,216 | ---- | M] (PS Media s.r.o.) -- C:\Windows\SysWOW64\ssins.exe
PRC - [2013.02.19 22:32:20 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2015.01.12 04:34:30 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.07.15 20:43:11 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.07.13 16:36:05 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.06.03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015.05.01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015.05.01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014.04.12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.10.01 15:46:48 | 002,324,216 | ---- | M] (PS Media s.r.o.) [Auto | Running] -- C:\Windows\SysWOW64\ssins.exe -- (ssinstall)
SRV - [2013.02.19 22:32:20 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.08.15 22:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.04.15 23:32:14 | 001,071,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.03.15 09:38:46 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm)
DRV:64bit: - [2010.03.15 09:38:46 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic)
DRV:64bit: - [2010.03.15 09:38:46 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5)
DRV:64bit: - [2010.03.15 09:38:46 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV:64bit: - [2010.03.01 11:43:14 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex)
DRV:64bit: - [2010.03.01 11:43:12 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV:64bit: - [2010.03.01 11:43:02 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus)
DRV:64bit: - [2009.12.15 14:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 14:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 14:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.09.19 05:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009.09.19 05:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009.09.19 05:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.04.20 13:40:10 | 000,873,216 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes,DefaultScope = {15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{33928C08-B5A7-4EE1-8739-0129CF1AB4F6}: "URL" = http://www.search.ask.com/web?p2=%5EB1R ... erms}&psv=
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{545EA33C-9372-4A4E-89C6-9C3435D516D2}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{66EE26FC-A4A2-4110-A151-9A4521159E88}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{A4521521-5725-48FA-BAA5-7CE74B4F8D86}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{C707464D-E0EC-44DD-9FC6-589C253F035C}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{C75096FF-B2F1-4EAC-BF36-6AA537681FB4}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{CCF9D1BF-1A6D-4FF3-8370-07C7601EFF7A}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..\SearchScopes\{DC356363-E75B-4739-A792-3D6BFCF665C7}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_12902
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-356064856-1936743325-527621735-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jirka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jirka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015.03.16 21:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\mozilla\Extensions
[2015.04.04 09:58:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\mozilla\Firefox\Profiles\ojuudxij.default\extensions
[2015.07.13 16:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.07.13 16:36:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond\1.5.5_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi\1.3.2_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh\1.2.3_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.4.0.9058_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoblimgpefkcahebgokneaadhahmdah\1.2.0_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {434C4D56-372D-5341-5400-7A786E7484D7} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {434C4D2D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {434C4D2D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-356064856-1936743325-527621735-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-356064856-1936743325-527621735-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-356064856-1936743325-527621735-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Upload to Facebook - C:\Program Files (x86)\WebcamMax\share\iecontext.htm File not found
O8 - Extra context menu item: Upload to Facebook - C:\Program Files (x86)\WebcamMax\share\iecontext.htm File not found
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-356064856-1936743325-527621735-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.129.50.20 85.135.32.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39FC0E40-CAA2-439B-A636-F2D3425331DE}: DhcpNameServer = 62.129.50.20 85.135.32.100
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{aaf88d72-ca1e-11e2-afd4-001fd034c6b3}\Shell - "" = AutoRun
O33 - MountPoints2\{aaf88d72-ca1e-11e2-afd4-001fd034c6b3}\Shell\AutoRun\command - "" = I:\Startme.exe
O33 - MountPoints2\{af7c96c8-e621-11e1-8c01-001fd034c6b3}\Shell - "" = AutoRun
O33 - MountPoints2\{af7c96c8-e621-11e1-8c01-001fd034c6b3}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.VP70 - C:\Windows\SysWow64\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.07.29 15:18:56 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2015.07.28 20:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2015.07.28 20:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2015.07.28 20:45:29 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Programs
[2015.07.28 19:49:39 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.28 19:49:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.28 19:49:39 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.28 19:49:38 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.28 19:49:38 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.28 19:49:38 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.28 19:49:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.28 19:49:38 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.28 19:20:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.07.28 19:20:25 | 000,000,000 | ---D | C] -- C:\rsit
[2015.07.28 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2015.07.28 19:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2015.07.28 19:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2015.07.24 20:29:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hid.dll
[2015.07.17 07:41:43 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\GWX
[2015.07.15 09:43:20 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015.07.15 09:43:20 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015.07.15 09:43:18 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.15 09:43:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.15 09:43:18 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.15 09:43:18 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.15 09:43:18 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.15 09:43:18 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.15 09:43:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.15 09:43:17 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.15 09:43:17 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.15 09:43:17 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.15 09:43:17 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.15 09:43:17 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.15 09:43:17 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.15 09:43:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.15 09:43:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.15 09:43:12 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015.07.15 09:43:12 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015.07.15 09:43:11 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015.07.15 09:43:11 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015.07.15 09:43:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015.07.15 09:43:11 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015.07.15 09:43:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015.07.15 09:43:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015.07.15 09:43:07 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.15 09:43:06 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.07.13 16:35:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.07.13 15:19:00 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\Nová složka (2)

========== Files - Modified Within 30 Days ==========

[2015.07.29 21:55:06 | 000,007,598 | ---- | M] () -- C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
[2015.07.29 21:52:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.07.29 21:48:16 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.07.29 21:45:58 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.07.29 21:45:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.07.29 21:45:42 | 2365,235,200 | -HS- | M] () -- C:\hiberfil.sys
[2015.07.29 15:42:08 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.07.29 15:42:08 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.07.28 20:45:34 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2015.07.28 20:43:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.07.28 20:27:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000UA.job
[2015.07.28 19:12:35 | 000,001,007 | ---- | M] () -- C:\Users\Jirka\Desktop\SpeedFan.lnk
[2015.07.28 19:12:33 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2015.07.25 20:07:17 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.25 20:04:16 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.25 20:04:05 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.25 20:03:59 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.25 20:03:58 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.25 20:03:57 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.25 20:03:57 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.25 19:55:04 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.24 20:30:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hid.dll
[2015.07.20 21:24:40 | 000,508,016 | ---- | M] () -- C:\Users\Jirka\Desktop\JD8tdSS5.htm
[2015.07.20 21:14:32 | 008,120,946 | ---- | M] () -- C:\Users\Jirka\Desktop\Sima.ft.Ego---On-je-len-kamarát.mp3
[2015.07.20 10:19:48 | 000,051,661 | ---- | M] () -- C:\Users\Jirka\Desktop\11101196_1516739435241418_1970026878955079937_n.jpg
[2015.07.20 10:17:03 | 000,043,467 | ---- | M] () -- C:\Users\Jirka\Desktop\11666129_1519732094942152_4754731936212680410_n.jpg
[2015.07.20 10:13:35 | 000,048,073 | ---- | M] () -- C:\Users\Jirka\Desktop\10931057_436454833188178_2906941453924688300_n.jpg
[2015.07.20 10:12:30 | 000,257,083 | ---- | M] () -- C:\Users\Jirka\Desktop\1040248_186157298217934_480420445_o.jpg
[2015.07.18 23:27:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000Core.job
[2015.07.15 20:43:09 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.07.15 20:43:09 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.07.09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.04 20:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll

========== Files Created - No Company Name ==========

[2015.07.29 21:52:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.07.28 20:45:34 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2015.07.28 19:12:35 | 000,001,007 | ---- | C] () -- C:\Users\Jirka\Desktop\SpeedFan.lnk
[2015.07.28 19:12:31 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2015.07.24 20:49:57 | 000,007,598 | ---- | C] () -- C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
[2015.07.20 21:24:36 | 000,508,016 | ---- | C] () -- C:\Users\Jirka\Desktop\JD8tdSS5.htm
[2015.07.20 21:13:41 | 008,120,946 | ---- | C] () -- C:\Users\Jirka\Desktop\Sima.ft.Ego---On-je-len-kamarát.mp3
[2015.07.20 10:19:47 | 000,051,661 | ---- | C] () -- C:\Users\Jirka\Desktop\11101196_1516739435241418_1970026878955079937_n.jpg
[2015.07.20 10:17:02 | 000,043,467 | ---- | C] () -- C:\Users\Jirka\Desktop\11666129_1519732094942152_4754731936212680410_n.jpg
[2015.07.20 10:13:34 | 000,048,073 | ---- | C] () -- C:\Users\Jirka\Desktop\10931057_436454833188178_2906941453924688300_n.jpg
[2015.07.20 10:12:26 | 000,257,083 | ---- | C] () -- C:\Users\Jirka\Desktop\1040248_186157298217934_480420445_o.jpg
[2014.02.27 04:05:48 | 001,635,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.07.24 07:06:40 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\AVAST Software
[2015.07.24 07:06:40 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\AVAST Software
[2012.07.30 21:44:25 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\AlderGames
[2012.07.27 20:22:43 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\Artogon
[2012.10.02 20:37:08 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\BSplayer
[2012.04.19 00:46:51 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\EleFun Games
[2012.04.10 16:23:05 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\ERS G-Studio
[2012.06.23 09:20:24 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\ERS Game Studios
[2012.08.26 15:53:23 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\Meridian93
[2012.12.09 22:03:38 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\playmink
[2012.08.18 07:25:06 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\Rainbow
[2015.07.13 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\Seznam.cz
[2012.04.11 10:24:50 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\Shape games
[2012.08.18 11:33:31 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\Telefónica Móviles
[2012.09.20 18:54:01 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\URSE Games
[2012.07.30 13:59:04 | 000,000,000 | ---D | M] -- C:\Users\Děcka\AppData\Roaming\V-Games
[2014.02.08 00:59:36 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Absolutist
[2015.02.11 14:34:20 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Alawar
[2012.07.30 11:19:51 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AlderGames
[2013.10.17 17:04:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Artogon
[2013.06.12 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BlamGames
[2014.04.27 10:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BSplayer
[2012.09.26 16:52:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BSplayer Pro
[2015.03.16 20:26:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Dropbox
[2015.03.16 20:26:16 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DropboxMaster
[2013.06.12 19:37:20 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\EleFun Games
[2013.02.24 19:49:54 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ERS G-Studio
[2013.05.11 15:57:59 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ERS Game Studios
[2013.02.10 00:16:04 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\FashionCrazeChech
[2012.09.20 11:07:53 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mechanicus
[2013.06.12 18:38:19 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Melesta
[2013.06.20 12:13:00 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Meridian93
[2012.12.09 00:50:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mermaid
[2015.03.16 20:20:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\PetShowCraze
[2012.12.09 17:23:01 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\playmink
[2013.05.16 21:34:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Publisher
[2013.05.11 16:08:25 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Rainbow
[2013.03.16 12:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Rumbic Studio
[2015.03.16 20:29:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Seznam.cz
[2012.04.11 20:50:40 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Shape games
[2013.12.11 16:17:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Specialbit
[2013.05.11 16:14:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\spidla
[2014.02.07 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Spidla Data Processing
[2012.08.17 17:00:03 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Telefónica Móviles
[2014.02.06 10:50:58 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Trio
[2013.11.06 16:34:36 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Unity
[2012.09.17 16:54:34 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\URSE Games
[2012.07.30 11:15:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\V-Games
[2013.12.30 00:21:31 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WCMShare
[2013.10.01 21:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WebcamMax
[2013.05.11 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Špidla Data Processing, s.r.o

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,526 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 07:08:49 | 000,032,634 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(18).TXT
[2009.07.14 07:08:49 | 000,032,736 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(215).TXT
[2012.08.17 17:01:40 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.17 23:22:33 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000Core.job
[2012.10.17 23:22:34 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000UA.job
[2014.04.26 16:40:16 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.04.26 16:40:18 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[4 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.02.08 00:59:36 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Absolutist
[2012.08.17 17:02:54 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Adobe
[2015.02.11 14:34:20 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Alawar
[2012.07.30 11:19:51 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AlderGames
[2014.06.18 18:11:06 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Apple Computer
[2012.09.10 10:12:17 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ArcSoft
[2013.10.17 17:04:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Artogon
[2013.06.12 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BlamGames
[2014.04.27 10:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BSplayer
[2012.09.26 16:52:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BSplayer Pro
[2015.03.16 20:26:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Dropbox
[2015.03.16 20:26:16 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\DropboxMaster
[2013.06.12 19:37:20 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\EleFun Games
[2013.02.24 19:49:54 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ERS G-Studio
[2013.05.11 15:57:59 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\ERS Game Studios
[2013.02.10 00:16:04 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\FashionCrazeChech
[2012.04.10 10:40:46 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Identities
[2012.06.24 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Macromedia
[2012.09.20 11:07:53 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mechanicus
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Media Center Programs
[2013.06.12 18:38:19 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Melesta
[2013.06.20 12:13:00 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Meridian93
[2012.12.09 00:50:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mermaid
[2015.06.12 03:15:42 | 000,000,000 | --SD | M] -- C:\Users\Jirka\AppData\Roaming\Microsoft
[2015.03.16 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla
[2012.04.11 20:26:08 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\NVIDIA
[2015.03.16 20:20:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\PetShowCraze
[2012.12.09 17:23:01 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\playmink
[2013.05.16 21:34:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Publisher
[2013.05.11 16:08:25 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Rainbow
[2013.03.16 12:43:41 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Rumbic Studio
[2015.03.16 20:29:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Seznam.cz
[2012.04.11 20:50:40 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Shape games
[2015.07.29 21:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Skype
[2013.12.11 16:17:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Specialbit
[2013.05.11 16:14:32 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\spidla
[2014.02.07 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Spidla Data Processing
[2012.08.17 17:00:03 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Telefónica Móviles
[2014.02.06 10:50:58 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Trio
[2013.11.06 16:34:36 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Unity
[2012.09.17 16:54:34 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\URSE Games
[2012.07.30 11:15:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\V-Games
[2013.12.30 00:21:31 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WCMShare
[2013.10.01 21:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WebcamMax
[2013.05.11 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Špidla Data Processing, s.r.o

< %APPDATA%\*.exe /s >
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jirka\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jirka\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.09.13 15:24:48 | 001,009,288 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\szninstall.exe
[2012.09.14 14:06:28 | 002,515,592 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.02.13 16:16:08 | 000,942,080 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
[2013.01.22 14:55:12 | 000,456,696 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2012.12.19 10:12:06 | 000,092,296 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.02.04 15:53:30 | 000,055,808 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.02.04 15:53:34 | 000,077,824 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.07.28 20:43:02 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015.07.18 23:27:01 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000Core.job
[2015.07.28 20:27:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-356064856-1936743325-527621735-1000UA.job
[2015.07.29 21:48:16 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.07.29 21:45:58 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.07.28 19:12:33 | 000,000,045 | ---- | M] () -- C:\Windows\system32\initdebug.nfo
[2015.07.29 21:46:01 | 000,000,000 | ---- | M] () -- C:\Windows\system32\sinstall.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2015.06.30 13:15:34 | 053,288,576 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015.07.13 16:36:05 | 000,377,000 | ---- | M] (Mozilla Corporation) MD5=1CE7982AA6A983F4C49A32C8D624237B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.01.14 07:09:46 | 000,815,288 | ---- | M] (Microsoft Corporation) MD5=363BC25BACB34E9D40441968B1B3D5BE -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.07.24 00:39:58 | 000,813,896 | ---- | M] (Google Inc.) MD5=F58B9D451C467B2BAD88C7A8BBD5C285 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.07.29 21:52:56 | 000,000,512 | ---- | M] () MD5=2BDE5A1DFBB5A9A5E2343A6B66C114DF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.04.08 09:39:32 | 000,004,121 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\design4\decor\lava_crack1.jpg
[2008.04.08 09:39:32 | 000,006,331 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\design4\decor\lava_crack2.jpg
[2008.04.08 09:35:56 | 000,019,525 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\design4\decor\_lava_crack1.tga
[2008.04.08 09:36:14 | 000,022,544 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\design4\decor\_lava_crack2.tga
[2008.04.04 10:36:14 | 000,005,952 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\objects\crack\crack.JPG
[2008.04.04 10:36:58 | 000,027,692 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\objects\crack\_crack.tga
[2008.04.08 11:09:22 | 000,004,125 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\tutorial\tu_cracks.jpg
[2008.04.08 11:08:14 | 000,015,420 | ---- | M] () -- \Program Files (x86)\Alex Kocicak\data\tutorial\_tu_cracks.tga
[2006.05.08 16:21:06 | 000,021,110 | ---- | M] () -- \Program Files (x86)\Filipova dobrodružství - Na stopě rodinným pokladům\data\Sound\bubble_crack.ogg
[2011.11.17 15:45:08 | 000,001,189 | ---- | M] () -- \Program Files (x86)\Sanatorium Green Hills\data\Scripts\scenes\02_Main_Building_Entrance_Zoom_WallCrack.lua
[2011.11.17 15:45:14 | 000,065,751 | ---- | M] () -- \Program Files (x86)\Sanatorium Green Hills\data\Sound\02_Main_Building_Entrance\insect_in_crack.ogg
[2011.11.17 15:41:52 | 000,119,366 | ---- | M] () -- \Program Files (x86)\Sanatorium Green Hills\data\Texture\Scenes\02_Main_Building_Entrance\Zone_Main\Zoom_WallCrack\ZoomBgWallCrack.png
[2010.11.05 15:55:56 | 000,004,035 | ---- | M] () -- \Program Files (x86)\Sara Maribu a ztraceny svet\data\Texture\Scenes\21_Volcano\Layers\boxCracked.png
[2010.11.05 15:55:58 | 000,146,507 | ---- | M] () -- \Program Files (x86)\Sara Maribu a ztraceny svet\data\Texture\Scenes\21_Volcano\Zones\Box\Layers\layerOverCrack.png
[2010.11.05 15:56:18 | 000,290,109 | ---- | M] () -- \Program Files (x86)\Sara Maribu a ztraceny svet\data\Texture\Scenes\23_NearSacrificePlace\Zones\Ruins\Zones\WoodenBox\Layers\LayerCrack.jpg
[2006.10.30 01:00:00 | 000,043,856 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\basedata\bridge_cracks.dds
[2006.10.30 01:00:00 | 000,087,536 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\basedata\church02_cracks.dds
[2006.10.30 01:00:00 | 000,087,536 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\basedata\collapsing01_cracks.dds
[2006.10.30 01:00:00 | 000,022,000 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\basedata\cracks01.dds
[2006.10.30 01:00:00 | 000,000,771 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Models\Objects\Missionspec\snowcracks01_big.V3O
[2006.10.30 01:00:00 | 000,000,767 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Models\Objects\Missionspec\snowcracks01_small.V3O
[2006.10.30 01:00:00 | 000,002,369 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Models\Objects\ObjectChildren\church02_cracks.V3O
[2006.10.30 01:00:00 | 000,043,856 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Models\OpenHouses\burningtower\burning_tower01_cracks.dds
[2006.10.30 01:00:00 | 000,002,540 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Prototypes\Objects\Missionspec\snowcracks01_big.e4p
[2006.10.30 01:00:00 | 000,002,552 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Prototypes\Objects\Missionspec\snowcracks01_small.e4p
[2006.10.30 01:00:00 | 000,002,544 | ---- | M] () -- \Program Files (x86)\TopCD\Zachranari\Emergency 4\Data\Prototypes\Objects\ObjectChildren\church02_cracks.e4p
[2012.03.29 17:12:00 | 000,077,622 | ---- | M] () -- \Program Files (x86)\Uplnek\data\Texture\Minigames\21_Hiding_Place\Animations\firecracks_animation.png
[2012.03.29 18:24:00 | 000,077,622 | ---- | M] () -- \Program Files (x86)\Uplnek\data\Texture\Scenes\07_Gate\Zone_Main\Zoom_Armourer\Animations\firecracks_animation_[00000-00009].png

< *keygen* /s >

Re: Vytížení procesoru 70% +

Napsal: 29 črc 2015 21:27
od martin891
< *loader* /s >
[2015.03.20 18:12:46 | 000,060,712 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\YSLoader.exe
[2012.10.31 13:41:18 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader1.webp
[2012.10.31 13:41:18 | 000,000,352 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader1_.gif
[2012.10.31 13:41:18 | 000,000,298 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader1_1.webp
[2012.10.31 13:41:18 | 000,000,616 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader1_1_.gif
[2012.10.31 13:41:18 | 000,004,426 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader2.webp
[2012.10.31 13:41:18 | 000,007,074 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader2_.gif
[2012.10.31 13:41:18 | 000,005,564 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader3.webp
[2012.10.31 13:41:18 | 000,007,450 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader3_.gif
[2012.10.31 13:41:18 | 000,002,804 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader4.webp
[2012.10.31 13:41:18 | 000,015,217 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader4_.gif
[2012.05.28 13:07:12 | 000,005,450 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader_1.a3d
[2012.10.31 13:41:18 | 000,008,898 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader_b.webp
[2012.10.31 13:41:18 | 000,012,456 | ---- | M] () -- \Program Files (x86)\Kniha prani\data_cs\loading\loader_b_.gif
[2000.08.30 18:09:38 | 000,000,565 | ---- | M] () -- \Program Files (x86)\Mindscape\KIDnKID\Obj\loader.JAF
[2000.08.30 18:08:58 | 000,018,912 | ---- | M] () -- \Program Files (x86)\Mindscape\KIDnKID\Obj\loader.JSF
[2013.05.16 13:27:36 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2011.07.28 04:34:22 | 002,191,360 | ---- | M] () -- \Program Files (x86)\WebcamMax\ShareUploader.exe
[2015.03.20 18:12:26 | 000,077,096 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\YSLoader.exe
[2013.04.28 13:34:21 | 000,002,895 | ---- | M] () -- \Users\Děcka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ESU246WM\rmsloaderdelayed[1].js
[2013.04.28 13:28:54 | 000,003,471 | ---- | M] () -- \Users\Děcka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ESU246WM\salmonLoader_16x16[1].gif
[2013.04.28 13:28:54 | 000,005,150 | ---- | M] () -- \Users\Děcka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ESU246WM\salmonLoader_24x24[1].gif
[2014.02.01 22:01:48 | 000,001,537 | ---- | M] () -- \Users\Děcka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7IMZT56\AdLoader[1].htm
[2014.07.10 01:01:08 | 000,017,912 | ---- | M] () -- \Users\Děcka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WAOZT1YD\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.02.01 22:01:48 | 000,111,438 | ---- | M] () -- \Users\Děcka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WAOZT1YD\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2012.09.13 15:45:58 | 000,058,424 | ---- | M] () -- \Users\Děcka\AppData\Roaming\Seznam.cz\bin\libfoxloader.dll
[2012.08.07 14:39:12 | 000,000,165 | ---- | M] () -- \Users\Děcka\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2012.08.13 19:05:28 | 000,000,235 | ---- | M] () -- \Users\Děcka\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.install.bat
[2012.08.13 19:05:26 | 000,000,130 | ---- | M] () -- \Users\Děcka\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.uninstall.bat
[2015.06.05 20:08:42 | 000,072,638 | ---- | M] () -- \Users\Jirka\AppData\Local\Skype\Apps\login\images\loader.gif
[2015.06.05 20:08:42 | 000,003,032 | ---- | M] () -- \Users\Jirka\AppData\Local\Skype\Apps\login\images\loader.png
[2015.06.05 20:08:42 | 000,006,012 | ---- | M] () -- \Users\Jirka\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015.06.05 20:08:42 | 000,021,956 | ---- | M] () -- \Users\Jirka\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015.06.05 20:08:42 | 000,009,772 | ---- | M] () -- \Users\Jirka\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2012.09.13 15:45:58 | 000,058,424 | ---- | M] () -- \Users\Jirka\AppData\Roaming\Seznam.cz\bin\libfoxloader.dll
[2012.08.07 14:39:12 | 000,000,165 | ---- | M] () -- \Users\Jirka\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2012.08.13 19:05:28 | 000,000,235 | ---- | M] () -- \Users\Jirka\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.install.bat
[2012.08.13 19:05:26 | 000,000,130 | ---- | M] () -- \Users\Jirka\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.uninstall.bat
[2013.11.09 20:57:22 | 1470,025,728 | ---- | M] () -- \Users\Jirka\Downloads\patrik filmy\Pacifik Rim - Útok na Zemi 2013 CZ Dabing DVDRip DiwiX SuperUploaderLM.avi
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.16 03:08:13 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.10.16 03:08:13 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.efi.mui_35ee487d
[2014.10.16 03:08:13 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.exe.mui_3bc5b827
[2014.10.16 03:08:13 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.efi.mui_f412814e
[2014.10.16 03:08:13 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.exe.mui_ff8b5358
[2014.10.16 03:08:13 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2014.10.16 03:08:13 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.efi_75834aa0
[2014.10.16 03:08:13 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.exe_75835076
[2014.10.16 03:08:13 | 000,616,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.efi_85cd069f
[2014.10.16 03:08:13 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_91de5cbe2cd52578.manifest
[2014.12.13 03:57:48 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9200d0e22cbafea1.manifest
[2015.01.13 00:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.08.19 05:35:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.08.19 05:26:49 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_b98696ee9ca07f56.manifest
[2014.12.12 08:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll

========== Files - Unicode (All) ==========
[2013.10.08 07:29:10 | 000,000,000 | ---D | M](C:\Users\Jirka\AppData\Roaming\?pidla Data Processing, s.r.o) -- C:\Users\Jirka\AppData\Roaming\Špidla Data Processing, s.r.o
[2013.10.08 07:29:10 | 000,000,000 | ---D | M](C:\ProgramData\?pidla Data Processing, s.r.o) -- C:\ProgramData\Špidla Data Processing, s.r.o
[2013.10.08 07:29:10 | 000,000,000 | ---D | M](C:\Users\Jirka\AppData\Roaming\?pidla Data Processing, s.r.o) -- C:\Users\Jirka\AppData\Roaming\Špidla Data Processing, s.r.o
[2013.10.08 07:29:10 | 000,000,000 | ---D | M](C:\ProgramData\?pidla Data Processing, s.r.o) -- C:\ProgramData\Špidla Data Processing, s.r.o
(C:\Users\Jirka\AppData\Roaming\?pidla Data Processing, s.r.o) -- C:\Users\Jirka\AppData\Roaming\Špidla Data Processing, s.r.o
(C:\ProgramData\?pidla Data Processing, s.r.o) -- C:\ProgramData\Špidla Data Processing, s.r.o

< End of report >




OTL Extras logfile created on: 29.7.2015 21:51:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,94 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 64,87% Memory free
5,87 Gb Paging File | 4,82 Gb Available in Paging File | 82,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 172,20 Gb Free Space | 57,79% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-356064856-1936743325-527621735-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1157A961-9BD4-4AD7-B8F8-D651234563D9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1A32AFD4-7D47-43BE-9838-D3C4E3C0FBE6}" = lport=445 | protocol=6 | dir=in | app=system |
"{235C82F9-6B1D-4159-A1D7-B583117A5216}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{323E1465-A2FE-4C63-9A71-BC8C1D5EFB10}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{39AE7F43-BD5C-4289-A300-1AEA52411101}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41455317-348E-4152-BB35-F27B39B5439C}" = rport=445 | protocol=6 | dir=out | app=system |
"{59829F27-9E01-4AEA-8B29-65C29280124E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59947394-9E4F-45C7-B754-4AE58C8374CC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C6162B4-09F3-4FC9-AFD0-6573D192B768}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6009E9F0-4514-44B9-917E-227E3BEC898D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6117F28F-5B79-47EE-B9B6-59BE89B514A0}" = rport=138 | protocol=17 | dir=out | app=system |
"{61E38B22-229A-4956-BF20-31B40D1F9BBC}" = lport=138 | protocol=17 | dir=in | app=system |
"{72AFFE54-560F-4954-83FA-63EB7DC68EDA}" = lport=137 | protocol=17 | dir=in | app=system |
"{74C6173D-51B5-4008-86E7-E1F8F96EE3E3}" = rport=137 | protocol=17 | dir=out | app=system |
"{8AC9CF74-9927-4F20-9BBF-6822666F5C9D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A703000F-1B1F-46F8-A5A2-27C058D10F6F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{A99A466F-5714-4910-A807-EE64F67CF36F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B4C34D7B-75A4-4AD0-BA46-729264A3E57B}" = rport=139 | protocol=6 | dir=out | app=system |
"{C32102F3-111D-47A9-8D4A-D0513BD94EFB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DF7540A8-EE92-4FA6-A199-330601C17F82}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EEA0C830-853C-4287-B015-1D3E5F5D22C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FCEF1D50-EA44-4CD9-9DB6-AC6BBB575505}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05930070-1AA3-48B8-A985-4E199CE1DEC1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F20AB9E-01F9-454C-9A03-0CBA0E1CF281}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{20093C6C-D8A5-4A61-9A22-6D16AF8732D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24C7B348-D0EF-4B30-8528-B1A3E489B087}" = dir=in | app=c:\users\jirka\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{3187AF61-AC30-40E5-BBA8-52DDEC90DE32}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4060925B-B35B-40AA-9FAA-0DA90284CA59}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{42B227D8-DF44-4F5E-82BE-3E6A6102C38B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{45769361-8E7A-402E-BBAA-58A6BC1D3E46}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4C018952-F177-494C-AFD7-1E3D62E08F11}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{510F1E9E-CE6E-4367-B9A7-421E26D205F7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{55CA39EE-BCB7-4808-83A4-D46753753C84}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{5867B9FE-E990-4CD3-8301-4852E63DCA32}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{5C9F845A-2D50-4D99-813D-E8A9F564098D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{640B873C-D3F4-470A-BEB9-C54BBDFD2F26}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{71170389-2686-420C-BEB4-0D40F9EF7E64}" = protocol=58 | dir=in | app=system |
"{8B4727BD-2D51-421B-8174-D303F6CF7CB2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9420EC1C-49E4-4FF5-93CE-479CC57B62A2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C326E9B-E720-40A1-8DFB-0C01EB87D992}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D356DCC-7D35-422D-95FA-9FD295741639}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{A0080419-87C9-4A7C-B038-0CC1FE38DC95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A44C8E2A-6EE5-41EE-A93C-709A84192605}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{A49CE259-D103-473D-9BB5-4E90260B9E44}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5C27E92-D229-487A-82C1-15D1FFAB549F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A9368C29-C0B0-4605-94AE-9C23BE9C6FAC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AFE009F6-51CF-48DF-876F-ED6CDEE8F141}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B145366D-B9F4-4850-B620-DD5D5BB33348}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B596F07F-5758-4BE8-8566-7FF9F1EA8515}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BEBE80B9-E9FA-4C2F-9917-ED6C3D463A08}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CFF50FEF-B6A0-42AF-9BAD-ED78F5F5DDEB}" = protocol=6 | dir=out | app=system |
"{E0422452-AFD0-4261-A7E0-3F13B15E91A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E90BC0A7-8D0E-4A82-BB2D-AA0380421DE3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF6CD283-6807-4E1E-AD3A-C1D6C8F843F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{FAA70146-3617-4A5D-92EA-160BED19F794}D:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{FE5FD49A-78C7-4CA9-AA93-385E92C50FBD}C:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe |
"UDP Query User{3A4EF06D-8516-4CF2-B05B-5C32BE64E50D}D:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{CF07C6B5-B9E9-4D72-A5B8-B36E699E9B87}C:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Podpora aplikací Apple (64bitová)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.28

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E0FDD21-6AEC-4748-9079-BFAB6CB43889}_is1" = Moje cukrárna 1.0
"{885843E7-6CAC-4791-B7BF-1CD516017954}_is1" = DLL Suite 2013
"{A7A2804D-7EF9-4F2A-AC16-A40E9F1C1CF6}" = Růžový panter: Honba za pokladem
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Podpora aplikací Apple (32bitová)
"{Ahoj Benatky}_is1" = Ahoj Benátky v1.0
"{Alex Kocicak}_is1" = Alex Kočičák 1.0
"{Auta snu}_is1" = Auta snů 1.0
"{Brana svetu - cesta za horizont}_is1" = Brána světů - cesta za horizont 1.0
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBA6008A-3C14-4DFD-805F-3EFDA20BE0EF}_is1" = World Racing
"{Cesta za dobrodruzstvim - Nadesel cas}_is1" = Cesta za dobrodružstvím - Nadešel čas 1.0
"{Dárek k Valentýnu}_is1" = Dárek k Valentýnu 1.0
"{Drahokamovy mic - Davne legendy}_is1" = Drahokamový míč - Dávné legendy
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.155
"{Filipova dobrodružství - Na stopě rodinným pokladům}_is1" = Filipova dobrodružství - Na stopě rodinným pokladům 1.0
"{Hloubka zrady}_is1" = Hloubka zrady v1.0
"{Chytrolin}_is1" = Chytrolín v1.0
"{Jantarova kletba}_is1" = Jantarová kletba v1.0
"{Kniha prani}_is1" = Kniha přání v1.0
"{Kouzelná farma}_is1" = Kouzelná farma 1.0
"{Kouzelnicka akademie}_is1" = Kouzelnická akademie v1.0
"{Maestro - Hudba smrti}_is1" = Maestro - Hudba smrti v1.0
"{Mesto blaznu}_is1" = Město bláznů v1.0
"{Mezi nebem a zemi}_is1" = Mezi nebem a zemí v1.0
"{Mistr kuchar 2}_is1" = Mistr kuchař 2 v1.0
"{Moje cukrárna 2}_is1" = Moje cukrárna 2 1.0
"{Noc plna kouzel}_is1" = Noc plna kouzel v1.0
"{Pikova dama - Sberatelska edice}_is1" = Piková dáma - Sběratelská edice v1.0
"{Pilne vcelky}_is1" = Pilné včelky v1.0
"{Poklady starověké sluje}_is1" = Poklady starověké sluje 1.0
"{Putovani za zviraty}_is1" = Putování za zvířaty v1.0
"{Rajská zahrádka}_is1" = Rajská zahrádka v1.0
"{Rusalka a kouzelna perla}_is1" = Rusalka a kouzelná perla v1.2
"{Sanatorium Green Hills}_is1" = Sanatorium Green Hills v1.0
"{Sara Maribu a ztraceny svet}_is1" = Sára Maribu a ztracený svět 1.0
"{Sila lasky}_is1" = Síla lásky v1.0
"{Smajlici}_is1" = Smajlíci 1.1
"{Smaragdova zeme Solitaire}_is1" = Smaragdová země Solitaire v1.0
"{Splnene sny}_is1" = Splněné sny v1.0
"{Tehdy na Zapade - Jak to zacalo}_is1" = Tehdy na Západě - Jak to začalo v1.0
"{Tučňáci}_is1" = Tučňáci 1.0
"{Uplnek}_is1" = Úplněk v1.0
"{Vraždy v ulici Morgue}_is1" = Vraždy v ulici Morgue 1.0
"{Zahada Inku}_is1" = Záhada Inku v1.0
"{Zahradni policie}_is1" = Zahradní policie v1.0
"{Zachran syna}_is1" = Zachraň syna v1.0
"{Zachvev - Zly duch}_is1" = Záchvěv - Zlý duch v1.0
"{Ze zivota hmyzu}_is1" = Ze života hmyzu v1.1
"{Zeleny mesic}_is1" = Zelený měsíc v1.0
"{Zivlici}_is1" = Živlíci v1.0
"{Zlodeji dusi}_is1" = Zloději duší v1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Alenka 2 - Kouzelná země" = Alenka 2 - Kouzelná země
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"BSPlayerf" = BS.Player FREE
"Dobrý farmář" = Dobrý farmář
"Emilka Holubová - Montezumův poklad" = Emilka Holubová - Montezumův poklad
"Google Chrome" = Google Chrome
"InstallShield_{A7A2804D-7EF9-4F2A-AC16-A40E9F1C1CF6}" = Růžový panter: Honba za pokladem
"Katčin Rybí krámek" = Katčin Rybí krámek
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.6.0
"Medvěd Míša - Cesta kolem světa" = Medvěd Míša - Cesta kolem světa
"Módní salón" = Módní salón
"Mozilla Firefox 39.0 (x86 cs)" = Mozilla Firefox 39.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Můj butik" = Můj butik
"O2CZ" = O2
"Rex" = Rex
"SpeedFan" = SpeedFan (remove only)
"ssinstall" = Seznam Instalátor
"Táta hrdina" = Táta hrdina
"Update Engine" = Sony Ericsson Update Engine
"WebcamMax" = WebcamMax
"Zachranari_is1" = Zachranari
"Zvířecí salón krásy" = Zvířecí salón krásy

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-356064856-1936743325-527621735-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.7.2015 9:16:26 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 29.7.2015 9:16:26 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 29.7.2015 9:16:26 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 29.7.2015 9:16:27 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 29.7.2015 9:16:28 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 29.7.2015 9:16:28 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 29.7.2015 9:16:28 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 29.7.2015 9:16:28 | Computer Name = Jirka-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 29.7.2015 9:20:04 | Computer Name = Jirka-PC | Source = Customer Experience Improvement Program | ID = 1006
Description =

Error - 29.7.2015 15:51:11 | Computer Name = Jirka-PC | Source = Customer Experience Improvement Program | ID = 1006
Description =

[ Media Center Events ]
Error - 17.10.2012 15:26:30 | Computer Name = Jirka-PC | Source = MCUpdate | ID = 0
Description = 21:26:29 - Chyba při připojování k Internetu 21:26:29 - Nelze kontaktovat
server..

Error - 17.10.2012 15:27:04 | Computer Name = Jirka-PC | Source = MCUpdate | ID = 0
Description = 21:26:59 - Chyba při připojování k Internetu 21:26:59 - Nelze kontaktovat
server..

[ System Events ]
Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Plánovač úloh byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Sekundární přihlašování byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat
službu.

Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Služba oznamování událostí systému byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund:
Restartovat službu.

Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Rozpoznávání hardwaru byla nečekaně ukončena. Stalo se to 1
krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Motivy byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Služba WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error - 29.7.2015 9:35:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Update byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 29.7.2015 9:37:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Služba Plánovač multimédií, ale tato akce selhala kvůli
následující chybě: %%1056

Error - 29.7.2015 9:37:33 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Služba WMI, ale tato akce selhala kvůli následující chybě:
%%1056

Error - 29.7.2015 15:46:04 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7023
Description = Služba Přístup k zařízením standardu HID byla ukončena s následující
chybou: %%193


< End of report >

Re: Vytížení procesoru 70% +

Napsal: 29 črc 2015 21:39
od Rudy
To je OK. Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 06:12
od martin891
# AdwCleaner v4.208 - Log vytvořen 30/07/2015 v 07:07:46
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-26.2 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : Jirka - JIRKA-PC
# Spuštěno z : C:\Users\Jirka\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\AskPartnerNetwork
Složka Smazáno : C:\Program Files (x86)\VNT
Složka Smazáno : C:\Users\Děcka\AppData\Local\VNT
Složka Smazáno : C:\Users\Jirka\AppData\Local\VNT

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33928C08-B5A7-4EE1-8739-0129CF1AB4F6}
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v39.0 (x86 cs)


-\\ Google Chrome v44.0.2403.107

[C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.ask.com/web?tpid=CLMV7-SAT&o ... earchTerms}
[C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.ask.com/web?tpid=CLMV7-SAT&o ... earchTerms}

*************************

AdwCleaner[R0].txt - [2944 bytů] - [30/07/2015 07:06:23]
AdwCleaner[S0].txt - [2622 bytů] - [30/07/2015 07:07:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2680 bytů] ##########

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 06:21
od martin891
Dokud byly aktualizace vyplé tak vytížení nebylo tak hrozné.
Dnes jsem je zapnul a znovu to vyletělo na 70%.
Když jsem koukal do historie aktualizací tak jich tam bylo strašně hodně neúspěšných a ještě jsem zjistil že když kliknu na google chrome tak jen vyskočí tabulka stránka nereaguje.
Jak jsem dále zkoušel s aktualizacemi něco dělat narážel jsem jen na další chyby.než ke mě počítač dorazil tak se přehříval a zřejmě hodněkrát vypnul a to nejspíše poškodilo systém :(


posílám ještě log z mbam:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 30.7.2015
Čas skenování: 8:52
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.30.01
Databáze rootkitů: v2015.07.29.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jirka

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 424508
Uplynulý čas: 15 min, 6 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 4
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\AAAAJGBGGCKDBLEAMALCCMFNJAAFGNDG, Do karantény, [4f9afaedc4c6fd396d4b9dffc341b44c],
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\AAAAJGBGGCKDBLEAMALCCMFNJAAFGNDG, Do karantény, [6e7b3daaf595cd69d1e7acf0ad57c53b],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-356064856-1936743325-527621735-1001\SOFTWARE\AskPartnerNetwork, Do karantény, [bf2a5b8c3d4d6bcb07f4e727de25a25e],
PUP.Optional.Ask.A, HKU\S-1-5-21-356064856-1936743325-527621735-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AC472963-2F32-46F4-8E97-BD9D530C503A}, Do karantény, [47a25b8ce4a65cda57351785b45036ca],

Hodnoty registru: 3
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaajgbggckdbleamalccmfnjaafgndg|path, C:\ProgramData\AskPartnerNetwork\Toolbar\CLM-V7\CRX\ToolbarCR.crx, Do karantény, [4f9afaedc4c6fd396d4b9dffc341b44c]
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaajgbggckdbleamalccmfnjaafgndg|path, C:\ProgramData\AskPartnerNetwork\Toolbar\CLM-V7\CRX\ToolbarCR.crx, Do karantény, [6e7b3daaf595cd69d1e7acf0ad57c53b]
PUP.Optional.Ask.A, HKU\S-1-5-21-356064856-1936743325-527621735-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AC472963-2F32-46F4-8E97-BD9D530C503A}|SuggestionsURL_JSON, http://ss.websearch.ask.com/query?qsrc= ... earchTerms}, Do karantény, [47a25b8ce4a65cda57351785b45036ca]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 8
PUP.Optional.APNToolBar.A, C:\Users\Jirka\Documents\APNSetup.exe, Do karantény, [797094537119ef4796105e4a7b861ce4],
PUP.Optional.APNToolBar.A, C:\Users\Jirka\Downloads\WebcamMax-7.7.8.6.MultiLanguage.Setup (1).exe, Do karantény, [dd0c41a6eb9fec4a9c0becbc9e63827e],
PUP.Optional.APNToolBar.A, C:\Users\Jirka\Downloads\WebcamMax-7.7.8.6.MultiLanguage.Setup (2).exe, Do karantény, [93566483325881b51d8ab3f5a061f60a],
PUP.Optional.APNToolBar.A, C:\Users\Jirka\Downloads\WebcamMax-7.7.8.6.MultiLanguage.Setup.exe, Do karantény, [a841ba2d1d6dc571dbcc88208978669a],
PUP.Optional.APNToolBar.A, C:\Users\Jirka\Downloads\WebcamMax-7.8.0.6.MultiLanguage.Setup.exe, Do karantény, [c029d314583202344265d8d0dd2413ed],
PUP.Optional.Somoto.A, C:\Users\Jirka\Downloads\FLVPlayerSetup-N0DT0bcin.exe, Do karantény, [8960f2f513771125d8c7129d3ec65ba5],
PUP.Optional.Somoto.A, C:\Users\Jirka\Downloads\FLVPlayerSetup-N3FGNkG36.exe, Do karantény, [95548067f298fa3c247b1a955ea61ee2],
PUP.Optional.Somoto.A, C:\Users\Jirka\Downloads\FLVPlayerSetup-N7lqcXLCY.exe, Do karantény, [70795b8cc6c43ff7742b8c237a8a2bd5],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 17:49
od Rudy
Všechny nálezy smažte.

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 17:56
od martin891
smazáno

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 18:05
od Rudy
Nastala nějaká změna?

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 18:13
od martin891
svchost se uklidnil poté co jsem ve windows 7 manageru dal reset windows update.
Ale to je tak vše. Aktualizace stále nejde nainstalovat, chrome nefunguje, media player se nezapne a píše že očekával jinou verzi.
Dále jsem zkoušel příkaz sfc/scannow a ten napsal:

Ochrana prostředků systému Windows našel porušené soubory, ale nebylo možné odstranit některé z nich. Podrobnosti jsou uvedeny v souboru CBS. Protokol % WinDir %\Logs\CBS\CBS.log.

Re: Vytížení procesoru 70% +

Napsal: 30 črc 2015 19:28
od Rudy
Zkuste obnovu systému k datu, kdy korektně fungoval.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz