svchost.exe beží na 100 %

Zpráva

SuchSoft · #1 Příspěvek od **SuchSoft** » 31 bře 2013 23:40

Dobrý deň,
chcem poprosiť o pomoc pri riešení problému s procesom, ktorý beží na 100 %.
Už som skúsil mnoho vecí, ale nič z toho nepomohlo.
Systém sa správa tak, že asi pol minúty po nabehnutí Windows a načítaní osobných nastavení, začne jeden z procesov svchost.exe brať 100 % výkonu procesora - to trvá 7 sekúnd. Potom je minútu všetko OK. A potom zase začne brať ten istý proces 100 % výkonu procesora. Ak ten proces zhodím zo Správcu procesov, problém sa vyrieši (do reštartu), ale zčasti sa zmení motív Windows XP na Klasické nastavení (ako Windows 2000), čo sa do 5-ich minút samo čiastočne napraví.
Je to počítač kamaráta, mal vírus "Policajný vírus", ktorý som odstránil pomocou návodu z tohto fora, ale body obnovy už boli zmazané. Neviem, či to má s týmto problémom súvis. Ja si myslím, že nie.

Prikladám log z RSIT:
(tu mi je jeden súbor podozrivý: "altshell.ini", neviem zistiť o čo ide.)

Logfile of random's system information tool 1.08 (written by random/random)
Run by Petko at 2013-04-01 00:15:06
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 95 GB (62%) free of 153 GB
Total RAM: 959 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:16:07, on 1. 4. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Petko\Plocha\RSIT-1.06.exe
C:\Program Files\trend micro\Petko.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4753762078
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C342E23A-910F-421D-BF0A-4CBE9D087E46}: NameServer = 195.34.133.21,192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

--
End of file - 5328 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{F6E0C11A-3726-427D-A0FD-F18B288237CE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-15 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-15 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2006-01-25 184320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LXCRCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 []
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2013-03-13 4394032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CameraFixer]
C:\WINDOWS\CameraFixer.exe [2005-12-06 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
C:\Program Files\Lexmark 2400 Series\ezprint.exe [2006-02-07 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2006-02-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [2006-01-22 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2008-09-18 13574144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-09-18 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2010-02-22 18791456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater14.2.0"=2
"gusvc"=3
"ForcewareWebInterface"=2
"WMPNetworkSvc"=3
"SkypeUpdate"=2
"NBService"=3
"lxcr_device"=3
"JavaQuickStarterService"=2
"idsvc"=3
"ose"=3
"NVSvc"=2
"nSvcLog"=2
"nSvcIp"=2
"NMIndexingService"=3
"!SASCORE"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PFNet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Petko\Local Settings\Temporary Internet Files\Content.IE5\1H8ZFPXS\incredimail_install[1].exe"="C:\Documents and Settings\Petko\Local Settings\Temporary Internet Files\Content.IE5\1H8ZFPXS\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\Bin\IncMail.exe"="C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\Bin\ImApp.exe"="C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\Bin\ImpCnt.exe"="C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Program Files\AVG\AVG2013\avgnsx.exe"="C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2013\avgdiagex.exe"="C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostika 2013"
"C:\Program Files\AVG\AVG2013\avgemcx.exe"="C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Všeobecná kontrola pošty"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2013-03-31 23:20:32 ----D---- C:\Documents and Settings\Petko\Data aplikací\AVG
2013-03-31 23:19:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG
2013-03-31 23:19:06 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-31 23:08:02 ----D---- C:\Documents and Settings\Petko\Data aplikací\AVG2013
2013-03-31 23:06:00 ----HD---- C:\$AVG
2013-03-31 23:06:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2013
2013-03-31 22:33:54 ----D---- C:\Program Files\trend micro
2013-03-31 22:33:53 ----D---- C:\rsit
2013-03-31 21:10:48 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-31 20:48:08 ----D---- C:\WINDOWS\ie8updates
2013-03-31 20:46:29 ----HDC---- C:\WINDOWS\ie8
2013-03-31 20:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2492386$
2013-03-31 20:40:02 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2013-03-31 20:40:01 ----D---- C:\WINDOWS\system32\winrm
2013-03-31 20:39:56 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2013-03-31 20:39:55 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2013-03-31 20:02:01 ----A---- C:\WINDOWS\ntbtlog.txt
2013-03-31 19:59:42 ----D---- C:\b
2013-03-31 19:13:40 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-03-31 19:12:28 ----D---- C:\WINDOWS\Prefetch
2013-03-31 19:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2013-03-31 19:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2013-03-31 19:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2013-03-31 19:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2013-03-31 19:06:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2013-03-31 19:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2013-03-31 19:05:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2013-03-31 19:05:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2013-03-31 19:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2013-03-31 19:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-03-31 19:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-03-31 19:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2013-03-31 19:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2013-03-31 19:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-03-31 19:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2013-03-31 19:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-03-31 19:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-03-31 19:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-03-31 19:04:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2013-03-31 19:04:06 ----A---- C:\WINDOWS\imsins.BAK
2013-03-31 19:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2013-03-31 18:59:54 ----A---- C:\WINDOWS\setuplog.txt
2013-03-31 18:58:43 ----A---- C:\WINDOWS\000001_.tmp
2013-03-31 17:56:43 ----D---- C:\WINDOWS\I386
2013-03-31 17:07:15 ----D---- C:\install
2013-03-31 16:40:48 ----A---- C:\TDSSKiller.2.8.16.0_31.03.2013_16.40.48_log.txt
2013-03-31 15:37:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Privacyware
2013-03-31 14:14:17 ----D---- C:\Documents and Settings\Petko\Data aplikací\SUPERAntiSpyware.com
2013-03-31 14:13:51 ----D---- C:\Program Files\SUPERAntiSpyware
2013-03-31 14:13:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-03-30 21:32:55 ----D---- C:\Documents and Settings\Petko\Data aplikací\Malwarebytes
2013-03-30 21:32:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-03-30 21:15:11 ----D---- C:\TDSSKiller_Quarantine
2013-03-30 21:13:12 ----A---- C:\TDSSKiller.2.8.16.0_30.03.2013_20.13.12_log.txt
2013-03-30 21:01:38 ----D---- C:\a
2013-03-30 20:39:20 ----D---- C:\TC
2013-03-30 11:20:56 ----A---- C:\Documents and Settings\Petko\Data aplikací\AltShell.ini
2013-03-22 20:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$

======List of files/folders modified in the last 1 months======

2013-04-01 00:14:23 ----SHD---- C:\WINDOWS\Installer
2013-04-01 00:14:23 ----SHD---- C:\Config.Msi
2013-04-01 00:13:57 ----D---- C:\Program Files\AVG
2013-04-01 00:13:43 ----D---- C:\WINDOWS\system32
2013-04-01 00:06:59 ----D---- C:\WINDOWS\Temp
2013-03-31 23:44:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-03-31 23:37:48 ----D---- C:\WINDOWS\system32\CatRoot2
2013-03-31 23:37:43 ----D---- C:\WINDOWS
2013-03-31 23:20:55 ----D---- C:\WINDOWS\system32\config
2013-03-31 23:08:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-03-31 23:06:45 ----HD---- C:\WINDOWS\inf
2013-03-31 23:06:45 ----D---- C:\WINDOWS\system32\drivers
2013-03-31 22:53:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-03-31 22:33:54 ----RD---- C:\Program Files
2013-03-31 22:01:22 ----HD---- C:\WINDOWS\$hf_mig$
2013-03-31 21:22:53 ----SD---- C:\WINDOWS\Tasks
2013-03-31 21:18:41 ----D---- C:\WINDOWS\system32\cs-cz
2013-03-31 21:18:41 ----D---- C:\WINDOWS\Media
2013-03-31 21:18:41 ----D---- C:\WINDOWS\Help
2013-03-31 21:18:41 ----D---- C:\Program Files\Internet Explorer
2013-03-31 21:18:40 ----D---- C:\WINDOWS\AppPatch
2013-03-31 21:17:37 ----D---- C:\WINDOWS\security
2013-03-31 21:17:25 ----A---- C:\WINDOWS\wincmd.ini
2013-03-31 21:17:06 ----RSD---- C:\WINDOWS\assembly
2013-03-31 21:16:28 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-03-31 21:15:59 ----D---- C:\WINDOWS\system32\CatRoot
2013-03-31 21:09:19 ----D---- C:\Program Files\Microsoft Office
2013-03-31 20:43:09 ----D---- C:\WINDOWS\Microsoft.NET
2013-03-31 20:42:56 ----D---- C:\WINDOWS\Debug
2013-03-31 20:40:01 ----D---- C:\WINDOWS\system32\wbem
2013-03-31 20:16:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-03-31 20:14:55 ----RSH---- C:\boot.ini
2013-03-31 20:14:55 ----N---- C:\WINDOWS\win.ini
2013-03-31 20:14:55 ----N---- C:\WINDOWS\system.ini
2013-03-31 20:07:21 ----A---- C:\WINDOWS\ODBC.INI
2013-03-31 20:06:01 ----D---- C:\WINDOWS\SoftwareDistribution
2013-03-31 19:04:22 ----D---- C:\Program Files\Messenger
2013-03-31 18:59:25 ----D---- C:\WINDOWS\system32\oobe
2013-03-31 18:58:43 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-03-31 18:58:29 ----D---- C:\WINDOWS\EHome
2013-03-31 16:30:41 ----D---- C:\Program Files\Google
2013-03-31 16:28:04 ----D---- C:\Program Files\CCleaner
2013-03-31 13:54:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-03-30 21:32:53 ----SHD---- C:\System Volume Information
2013-03-30 21:32:53 ----D---- C:\WINDOWS\system32\Restore
2013-03-30 21:30:26 ----D---- C:\WINDOWS\pss
2013-03-30 21:20:18 ----D---- C:\Program Files\Common Files
2013-03-29 10:13:23 ----D---- C:\Program Files\lx_cats
2013-03-20 20:52:03 ----D---- C:\Documents and Settings\Petko\Data aplikací\Skype
2013-03-20 20:48:21 ----D---- C:\Program Files\The KMPlayer
2013-03-20 19:51:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-03-20 19:51:50 ----RD---- C:\Program Files\Skype
2013-03-20 19:48:38 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2013-03-14 15:13:24 ----D---- C:\Documents and Settings\Petko\Data aplikací\Intelli-studio
2013-03-13 18:56:58 ----D---- C:\WINDOWS\ie7updates
2013-03-04 14:15:42 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-02-08 60216]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-02-08 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-02-08 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-02-08 39224]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 43008]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-02-26 208184]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-03-01 22328]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-02-08 170808]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-02-14 182072]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-22 5862432]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-18 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 713xTVCard;SAA7135 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd;USB PC Camera (SN9C102); C:\WINDOWS\system32\DRIVERS\snpstd.sys [2005-11-18 390656]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2013-02-27 4937264]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2013-02-19 282624]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
S4 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-03 20543]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-11-15 161768]
S4 lxcr_device;lxcr_device; C:\WINDOWS\system32\lxcrcoms.exe [2006-02-03 495616]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S4 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-07-13 131131]
S4 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-07-13 65599]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-18 163908]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Ďakujem.

#2 Příspěvek od **Rudy** » 01 dub 2013 11:15

Zdravím!
Z log nevyplývá nic, co by nasvědčovalo nějakému problému. Na zkoušku vypněte aut. aktualizace a přeinstalujte antivir.

VIRY.CZ

svchost.exe beží na 100 %

svchost.exe beží na 100 %

Re: svchost.exe beží na 100 %