svchost.exe - CPU 50%

[graupel]

Zdravím. Mám problém s procesom svchost.exe - vyťažuje mi procesor CPU na 50%. Neviem nájsť príčinu. Okrem tohto problému, iné problémy s PC nemám.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mirko at 2017-05-22 15:29:05
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (9%) free of 102 GB
Total RAM: 2559 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29:11, on 22.5.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\Antivirus\AVGSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\Framework\Common\avgsvcx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\AVG\Antivirus\AVGUI.exe
C:\Program Files\AVG\Antivirus\aswidsagent.exe
C:\Documents and Settings\Mirko\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Mirko.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVGUI.exe] "C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-776561741-261478967-682003330-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Jakub')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2695437453
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe (file missing)

--
End of file - 5139 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Antivirus Emergency Update.job - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
C:\WINDOWS\tasks\AVG EUpdate Task.job - avgsetupx.exe /eu
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1482412472.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate $(Arg0)

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Mirko\Application Data\Mozilla\Firefox\Profiles\tckniyvc.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1224194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguirnx.exe [2017-04-27 220288]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2017-05-22 263232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2017-05-05 7618776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-05-14 29831168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-08-02 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerArchiver Tray]
C:\Program Files\PowerArchiver\PASTARTER.EXE [2008-01-24 141352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE"="C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE:*:Enabled:Client Activator"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll

======List of files/folders created in the last 1 month======

2017-05-22 15:29:05 ----D---- C:\rsit
2017-05-22 15:29:05 ----D---- C:\Program Files\trend micro
2017-05-22 14:42:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2017-05-22 14:39:34 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2017-05-22 13:56:09 ----A---- C:\WINDOWS\system32\avgBoot.exe
2017-05-22 13:37:25 ----D---- C:\AVG_Remover
2017-05-22 13:31:00 ----D---- C:\Documents and Settings\Mirko\Application Data\AVG
2017-05-22 13:29:25 ----A---- C:\WINDOWS\system32\drivers\avgVmm.sys
2017-05-22 13:29:25 ----A---- C:\WINDOWS\system32\drivers\avgStmXP.sys
2017-05-22 13:29:24 ----A---- C:\WINDOWS\system32\drivers\avgSP.sys
2017-05-22 13:29:24 ----A---- C:\WINDOWS\system32\drivers\avgRvrt.sys
2017-05-22 13:29:24 ----A---- C:\WINDOWS\system32\drivers\avgMonFlt.sys
2017-05-22 13:29:24 ----A---- C:\WINDOWS\system32\drivers\avgHwid.sys
2017-05-22 13:29:23 ----A---- C:\WINDOWS\system32\drivers\avgSnx.sys
2017-05-22 13:29:23 ----A---- C:\WINDOWS\system32\drivers\avgRdr.sys
2017-05-22 13:29:23 ----A---- C:\WINDOWS\system32\drivers\avgbunivx.sys
2017-05-22 13:29:23 ----A---- C:\WINDOWS\system32\drivers\avgblogx.sys
2017-05-22 13:29:22 ----A---- C:\WINDOWS\system32\drivers\avgbidshx.sys
2017-05-22 13:29:22 ----A---- C:\WINDOWS\system32\drivers\avgbidsdriverx.sys
2017-05-22 13:29:22 ----A---- C:\WINDOWS\system32\drivers\avgbdiskx.sys

======List of files/folders modified in the last 1 month======

2017-05-22 15:29:05 ----D---- C:\Program Files
2017-05-22 15:27:31 ----D---- C:\WINDOWS\Temp
2017-05-22 15:20:06 ----D---- C:\Documents and Settings\Mirko\Application Data\vlc
2017-05-22 15:19:41 ----D---- C:\Program Files\PowerArchiver
2017-05-22 15:17:34 ----D---- C:\WINDOWS\system32\CatRoot2
2017-05-22 15:15:53 ----D---- C:\WINDOWS
2017-05-22 15:15:02 ----D---- C:\WINDOWS\system32
2017-05-22 15:15:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-22 15:14:54 ----D---- C:\Program Files\Common Files
2017-05-22 14:43:50 ----D---- C:\WINDOWS\SoftwareDistribution
2017-05-22 14:34:11 ----D---- C:\WINDOWS\system32\drivers
2017-05-22 13:56:46 ----HD---- C:\WINDOWS\inf
2017-05-22 13:56:45 ----D---- C:\WINDOWS\system32\CatRoot
2017-05-22 13:56:24 ----SD---- C:\WINDOWS\Tasks
2017-05-22 13:55:19 ----SHD---- C:\WINDOWS\Installer
2017-05-22 13:55:19 ----HD---- C:\Config.Msi
2017-05-22 13:47:40 ----D---- C:\Program Files\Mozilla Firefox
2017-05-22 13:47:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-05-22 13:37:45 ----D---- C:\WINDOWS\Prefetch
2017-05-22 13:27:57 ----D---- C:\Program Files\AVG
2017-05-22 13:27:49 ----D---- C:\Documents and Settings\All Users\Application Data\Avg
2017-05-21 11:51:19 ----D---- C:\WINDOWS\system32\Macromed
2017-05-03 15:57:46 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidshx.sys [2017-05-22 151024]
R0 avgblog;avgblog; C:\WINDOWS\system32\drivers\avgblogx.sys [2017-05-22 270344]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbunivx.sys [2017-05-22 43992]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2017-05-22 63280]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2017-05-22 280928]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
R1 avgbdisk;avgbdisk; C:\WINDOWS\system32\drivers\avgbdiskx.sys [2017-05-22 135872]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriverx.sys [2017-05-22 260616]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr.sys [2017-05-22 61888]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2017-05-22 765704]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2017-05-22 483736]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2017-05-22 109056]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2016-02-21 13120]
R3 avgStmXP;avgStmXP; C:\WINDOWS\system32\drivers\avgStmXP.sys [2017-05-22 182208]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-02 6121856]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2008-01-11 31392]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-05-08 238080]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S3 avgHwid;avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [2017-05-22 35264]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
S3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2008-07-11 37088]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2017-05-22 264432]
R2 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2017-04-27 1189720]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2017-05-22 5782800]
S2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-07 154440]
S2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-07 154440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-22 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, pokud vyloženě nelpíš na antiviru AVG zbavil bych se jej.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
C:\WINDOWS\system32\xp_eos.exe

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[graupel]

Bohuzial, vymena AVG antivirusu sa mi stala osudnym. AVG som odinstaloval. Kedze s Avastom mam zle skusenosti, rozhodol som sa, ze vyskusam Aviru. Stiahol som ju z ich oficialneho webu, nainstaloval, PC sa zresetoval, a teraz operacny system nechce normalne nabehnut:
1.) Pri zapnuti PC mi najprv vypise, ze "System Windows sa spusta..." Trva to az 5 min. Prikladam obrazok: https://s5.postimg.org/9939hvi9z/IMG_20 ... 201930.jpg
2.) Potom sa prihlasim do svojho user uctu a trva to dalsich 5 min. Prikladam obrazok: https://s5.postimg.org/dw9bjn5mv/IMG_20 ... 202156.jpg
3.) Potom mi nabehne pracovna plocha, aj so subormi na ploche, problem vsak je, ze na PC sa prakticky neda nic robit, subory sa nedaju kopirovat, ani presuvat, nefunguje zvuk, internet, ani ziadny prehliadac sa neda spustit, spodna lista na ploche nie je modra ako obvykle, ale siva. Po asi 3 min mi naskoci na ploche nejaka hlaska, ze PC sa musi restartnut a zacne sa odpocitavat 1 minuta. Potom sa PC restartne a takto dokolecka dookola sa to toci. Prikladam obrazok tej hlasky: https://s5.postimg.org/msk3nkw93/IMG_20 ... 203128.jpg

Skusal som nudzovy rezim, tam tiez vsetko dlho nacitava, a napokon sa PC sam vypne.

Ako mam dalej postupovat? Bojim sa najma o to, ze stratim data. Daju sa data nejako zachranit? Pristup na moj ucet je vsak zaheslovany, no heslo si pamatam.

[Roli]

AVG nikdy po sobě nemumí uklidit a mě nenapadlo, že tam hned budeš rvát další antivir.

Jdi znovu do Nouzového režimu a vyber Poslední známá funkční konfigurace.

Nebo v normálním režimu dej Obnovu systému kde vyber datum kdy PC fungovalo normálně.

[graupel]

Bohuzial, nic sa neda robit ani v normalnom, ani v nudzovom rezime. PC nereaguje, zmrzne a zresetuje sa, v nudzaku sa dokonca vypne. Nepomohla ani oprava systemu z originalneho instalacneho CD.

[Roli]

Tak to mě tedy mrzí, zřejmě se tam něco z antiviru kouslo a poškodilo systém. Pokud chceš zachránit důležité věci připoj HDD k jinému PC kde si je z něj někam překopíruj.

[graupel]

Budú sa dať stiahnuť dáta, keď je môj administratorský účet na PC zaheslovaný?

[Roli]

Budú sa dať stiahnuť dáta, keď je môj administratorský účet na PC zaheslovaný?

Teoreticky ano, na složky a dokumenty by to nemělo mít vliv.