pomalé PC,vysoké vytížení svchost.exe

Zpráva

joggy · #1 Příspěvek od **joggy** » 09 říj 2013 23:03

Zdravím!

Ode dneška mám zpomalené PC. Po zapnutí PC je vytížení svchost.exe 95%. Můžete poradit co s tím? Začalo to dělat dneska co jsem chtěl zkontrolovat aktualizace Windows XP. Nějaké aktualizace byly k dispozici žlutá ikona u hodin,ale vzápětí se to ztratilo. Poté jsem zkoušel aktualizace přes web,ale stále dokola to hledalo a hledalo ..a nic. Tak nevím jestli to může být tím?
Díky za pomoc.

log RSIT:
**********************************************************************
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-10-09 23:40:19
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (22%) free of 21 GB
Total RAM: 1023 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:41:41, on 9.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21352)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMY\SASCORE.EXE
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\PROGRAMY\Version8\TeamViewer_Service.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2036174522
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\PROGRAMY\SASCORE.EXE
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\PROGRAMY\Version8\TeamViewer_Service.exe
O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\PROGRAMY\WiselinkPro.exe

--
End of file - 6450 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\hdmdko8r.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-20 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-09-15 4851760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConMet]
C:\Testovaci programy\ConMet.exe [2013-05-01 4483584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-12-12 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\PROGRAMY\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\TESTOVACI PROGRAMY\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^RAMASST.lnk]
C:\WINDOWS\system32\RAMASST.exe [2003-03-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-09-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\PROGRAMY\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\viphone communicator\viphone communicator.exe"="C:\Program Files\viphone communicator\viphone communicator.exe:*:Enabled:viphone communicator"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\PROGRAMY\BlueSoleil_.exe"="C:\PROGRAMY\BlueSoleil_.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\PROGRAMY\Version8\TeamViewer.exe"="C:\PROGRAMY\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\PROGRAMY\Version8\TeamViewer_Service.exe"="C:\PROGRAMY\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

======List of files/folders created in the last 1 month======

2013-10-09 23:40:27 ----D---- C:\Program Files\trend micro
2013-10-09 23:40:19 ----D---- C:\rsit
2013-10-07 15:53:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2013-10-07 15:48:49 ----A---- C:\WINDOWS\system32\drivers\snapman.sys
2013-10-07 15:48:42 ----A---- C:\WINDOWS\system32\drivers\fltsrv.sys
2013-10-07 15:48:12 ----D---- C:\Program Files\Acronis
2013-10-05 20:15:21 ----D---- C:\Documents and Settings\Admin\Data aplikací\9119206B-B75E-4711-AF59-4D20BAD62FDF
2013-10-05 19:04:29 ----D---- C:\Documents and Settings\Admin\Data aplikací\Acronis
2013-10-05 18:54:21 ----HD---- C:\WINDOWS\system32\GroupPolicy
2013-10-05 18:52:13 ----D---- C:\Program Files\Common Files\Acronis
2013-10-04 16:33:58 ----D---- C:\Documents and Settings\Admin\Data aplikací\AVG2014
2013-10-04 16:27:10 ----D---- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2013-10-04 16:22:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2013-09-20 18:02:36 ----D---- C:\Program Files\Common Files\Java
2013-09-20 18:02:26 ----A---- C:\WINDOWS\system32\javaws.exe
2013-09-20 18:02:00 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-09-20 18:02:00 ----A---- C:\WINDOWS\system32\javaw.exe
2013-09-20 18:02:00 ----A---- C:\WINDOWS\system32\java.exe
2013-09-20 18:01:24 ----D---- C:\Program Files\Java
2013-09-20 17:36:56 ----D---- C:\Program Files\Mozilla Firefox
2013-09-16 23:42:33 ----D---- C:\Program Files\CCleaner
2013-09-12 22:10:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-12 22:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-12 22:08:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

======List of files/folders modified in the last 1 month======

2013-10-09 23:40:41 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-09 23:40:27 ----RD---- C:\Program Files
2013-10-09 23:40:24 ----D---- C:\WINDOWS\Prefetch
2013-10-09 23:33:53 ----D---- C:\WINDOWS\Temp
2013-10-09 22:43:31 ----D---- C:\WINDOWS
2013-10-09 22:40:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-09 22:37:11 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 19:24:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-10-09 18:19:58 ----SHD---- C:\WINDOWS\Installer
2013-10-07 15:48:55 ----HD---- C:\WINDOWS\inf
2013-10-07 15:48:55 ----D---- C:\WINDOWS\system32\drivers
2013-10-07 15:48:33 ----D---- C:\WINDOWS\WinSxS
2013-10-07 15:48:20 ----D---- C:\WINDOWS\system32
2013-10-05 20:16:03 ----D---- C:\WINDOWS\system32\CatRoot
2013-10-05 18:52:13 ----D---- C:\Program Files\Common Files
2013-10-04 16:34:59 ----D---- C:\Program Files\AVG
2013-10-04 16:33:17 ----HD---- C:\$AVG
2013-10-04 16:31:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-09-20 18:13:40 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-09-20 18:01:33 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-09-20 18:01:32 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-09-12 23:15:50 ----D---- C:\WINDOWS\system32\wbem
2013-09-12 23:15:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-12 23:14:03 ----D---- C:\WINDOWS\Debug
2013-09-12 22:09:53 ----D---- C:\WINDOWS\system32\cs-cz
2013-09-12 22:09:27 ----D---- C:\Program Files\Internet Explorer
2013-09-12 22:08:54 ----D---- C:\WINDOWS\ie7updates
2013-09-12 22:05:54 ----A---- C:\WINDOWS\win.ini
2013-09-12 22:03:20 ----D---- C:\WINDOWS\system32\MRT
2013-09-12 21:56:44 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2013-10-07 76768]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2013-10-07 170752]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2013-08-01 120120]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 P3;Ovladač procesoru Intel PentiumIII; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46592]
R1 SASDIFSV;SASDIFSV; \??\C:\PROGRAMY\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\PROGRAMY\SASKUTIL.SYS []
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-14 1897408]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAudio;Zvukový řadič VIA AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2008-04-14 84480]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-23 5888]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2012-06-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2012-06-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2012-06-27 123776]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-06 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\PROGRAMY\SASCORE.EXE [2012-09-12 116608]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-09-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-22 301152]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2003-05-23 106496]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-09-20 182696]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-12-12 2156952]
R2 TeamViewer8;TeamViewer 8; C:\PROGRAMY\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-20 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\PROGRAMY\WiselinkPro.exe [2010-02-17 3007488]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

#2 Příspěvek od **cernohous13** » 10 říj 2013 05:33

Zdravím,

stáhni a spusť http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
některé Antiviry jej mohou blokovat, proto je budeš muset na tu chvíli odstavit
vyčkej až se program spustí a provede prescan, pak
- Zvol možnost Prohledat a poté Smazat a následně Zpráva - otevře se log, ten sem vlož

pak zkus aktualizaci v MS IE z adresy http://www.update.microsoft.com/windows ... aspx?ln=cs

joggy · #3 Příspěvek od **joggy** » 10 říj 2013 09:42

Zdravím;
tak poílám ten log z RogueKilleru:
RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Odebrat -- Datum : 10/10/2013 10:36:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ][PUM] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HID SVC][Skrytý od API] HKLM\[...]\CCSet\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS001\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS002\[...]\Services : S () -> [0x3] Systém nemůže nalézt uvedenou cestu.

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[25] : NtClose @ 0x80567C07 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E9435)
[Address] SSDT[37] : NtCreateFile @ 0x8056F980 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E8C5C)
[Address] SSDT[41] : NtCreateKey @ 0x80573887 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E50B0)
[Address] SSDT[47] : NtCreateProcess @ 0x805B02E9 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E8031)
[Address] SSDT[48] : NtCreateProcessEx @ 0x805830E4 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E7EAE)
[Address] SSDT[53] : NtCreateThread @ 0x80578925 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E8693)
[Address] SSDT[62] : NtDeleteFile @ 0x805D610B -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E94B5)
[Address] SSDT[63] : NtDeleteKey @ 0x80595ABA -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E54E1)
[Address] SSDT[65] : NtDeleteValueKey @ 0x805936DA -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E5574)
[Address] SSDT[97] : NtLoadDriver @ 0x805A29BD -> HOOKED (C:\WINDOWS\system32\drivers\khips.sys @ 0xF54BC8B0)
[Address] SSDT[108] : NtMapViewOfSection @ 0x8057CB31 -> HOOKED (C:\WINDOWS\system32\drivers\khips.sys @ 0xF54BCA20)
[Address] SSDT[116] : NtOpenFile @ 0x8056F91B -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E8F27)
[Address] SSDT[119] : NtOpenKey @ 0x80569080 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E5307)
[Address] SSDT[206] : NtResumeThread @ 0x80578F98 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E871F)
[Address] SSDT[224] : NtSetInformationFile @ 0x8057E4DA -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E9229)
[Address] SSDT[247] : NtSetValueKey @ 0x8057DAF3 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E567D)
[Address] SSDT[274] : NtWriteFile @ 0x8057E785 -> HOOKED (C:\WINDOWS\system32\drivers\fwdrv.sys @ 0xF56E9186)
[Inline] IAT @explorer.exe (CreateThread) : KERNEL32.dll -> HOOKED (Unknown @ 0x0008057C)
[Inline] IAT @explorer.exe (VirtualAlloc) : KERNEL32.dll -> HOOKED (Unknown @ 0x00080004)
[Inline] IAT @explorer.exe (CreateProcessW) : KERNEL32.dll -> HOOKED (Unknown @ 0x000802C0)
[Inline] EAT @explorer.exe (CreateProcessA) : kernel32.dll -> HOOKED (Unknown @ 0x00080234)
[Inline] EAT @explorer.exe (CreateProcessInternalA) : kernel32.dll -> HOOKED (Unknown @ 0x0008034C)
[Inline] EAT @explorer.exe (CreateProcessInternalW) : kernel32.dll -> HOOKED (Unknown @ 0x000803D8)
[Inline] EAT @explorer.exe (CreateProcessW) : kernel32.dll -> HOOKED (Unknown @ 0x000802C0)
[Inline] EAT @explorer.exe (CreateRemoteThread) : kernel32.dll -> HOOKED (Unknown @ 0x000804F0)
[Inline] EAT @explorer.exe (CreateThread) : kernel32.dll -> HOOKED (Unknown @ 0x0008057C)
[Inline] EAT @explorer.exe (SetThreadContext) : kernel32.dll -> HOOKED (Unknown @ 0x00080608)
[Inline] EAT @explorer.exe (VirtualAlloc) : kernel32.dll -> HOOKED (Unknown @ 0x00080004)
[Inline] EAT @explorer.exe (VirtualAllocEx) : kernel32.dll -> HOOKED (Unknown @ 0x0008011C)
[Inline] EAT @explorer.exe (VirtualProtect) : kernel32.dll -> HOOKED (Unknown @ 0x00080090)
[Inline] EAT @explorer.exe (VirtualProtectEx) : kernel32.dll -> HOOKED (Unknown @ 0x000801A8)
[Inline] EAT @explorer.exe (WinExec) : kernel32.dll -> HOOKED (Unknown @ 0x00080464)
[Inline] EAT @explorer.exe (WriteProcessMemory) : kernel32.dll -> HOOKED (Unknown @ 0x00080694)
[Inline] EAT @explorer.exe (SetWindowsHookExA) : USER32.dll -> HOOKED (Unknown @ 0x00080720)
[Inline] EAT @explorer.exe (SetWindowsHookExW) : USER32.dll -> HOOKED (Unknown @ 0x000807AC)
[Inline] EAT @explorer.exe (InternetConnectA) : WININET.dll -> HOOKED (Unknown @ 0x00080F54)
[Inline] EAT @explorer.exe (InternetConnectW) : WININET.dll -> HOOKED (Unknown @ 0x00080FE0)
[Inline] EAT @explorer.exe (InternetOpenA) : WININET.dll -> HOOKED (Unknown @ 0x00080D24)
[Inline] EAT @explorer.exe (InternetOpenUrlA) : WININET.dll -> HOOKED (Unknown @ 0x00080E3C)
[Inline] EAT @explorer.exe (InternetOpenUrlW) : WININET.dll -> HOOKED (Unknown @ 0x00080EC8)
[Inline] EAT @explorer.exe (InternetOpenW) : WININET.dll -> HOOKED (Unknown @ 0x00080DB0)
[Inline] EAT @explorer.exe (URLDownloadA) : urlmon.dll -> HOOKED (Unknown @ 0x00080A68)
[Inline] EAT @explorer.exe (URLDownloadToCacheFileA) : urlmon.dll -> HOOKED (Unknown @ 0x00080C98)
[Inline] EAT @explorer.exe (URLDownloadToCacheFileW) : urlmon.dll -> HOOKED (Unknown @ 0x00080C0C)
[Inline] EAT @explorer.exe (URLDownloadToFileA) : urlmon.dll -> HOOKED (Unknown @ 0x00080B80)
[Inline] EAT @explorer.exe (URLDownloadToFileW) : urlmon.dll -> HOOKED (Unknown @ 0x00080AF4)
[Inline] EAT @explorer.exe (URLDownloadW) : urlmon.dll -> HOOKED (Unknown @ 0x000809DC)
[Inline] EAT @explorer.exe (bind) : WS2_32.dll -> HOOKED (Unknown @ 0x00080838)
[Inline] EAT @explorer.exe (connect) : WS2_32.dll -> HOOKED (Unknown @ 0x00080950)
[Inline] EAT @explorer.exe (socket) : WS2_32.dll -> HOOKED (Unknown @ 0x000808C4)
[Inline] EAT @firefox.exe (CreateProcessA) : kernel32.dll -> HOOKED (Unknown @ 0x00130234)
[Inline] EAT @firefox.exe (CreateProcessInternalA) : kernel32.dll -> HOOKED (Unknown @ 0x0013034C)
[Inline] EAT @firefox.exe (CreateProcessInternalW) : kernel32.dll -> HOOKED (Unknown @ 0x001303D8)
[Inline] EAT @firefox.exe (CreateProcessW) : kernel32.dll -> HOOKED (Unknown @ 0x001302C0)
[Inline] EAT @firefox.exe (CreateRemoteThread) : kernel32.dll -> HOOKED (Unknown @ 0x001304F0)
[Inline] EAT @firefox.exe (CreateThread) : kernel32.dll -> HOOKED (Unknown @ 0x0013057C)
[Inline] EAT @firefox.exe (SetThreadContext) : kernel32.dll -> HOOKED (Unknown @ 0x00130608)
[Inline] EAT @firefox.exe (VirtualAllocEx) : kernel32.dll -> HOOKED (Unknown @ 0x0013011C)
[Inline] EAT @firefox.exe (VirtualProtect) : kernel32.dll -> HOOKED (Unknown @ 0x00130090)
[Inline] EAT @firefox.exe (VirtualProtectEx) : kernel32.dll -> HOOKED (Unknown @ 0x001301A8)
[Inline] EAT @firefox.exe (WinExec) : kernel32.dll -> HOOKED (Unknown @ 0x00130464)
[Inline] EAT @firefox.exe (WriteProcessMemory) : kernel32.dll -> HOOKED (Unknown @ 0x00130694)
[Inline] EAT @firefox.exe (SetWindowsHookExA) : USER32.dll -> HOOKED (Unknown @ 0x00130720)
[Inline] EAT @firefox.exe (SetWindowsHookExW) : USER32.dll -> HOOKED (Unknown @ 0x001307AC)
[Inline] EAT @firefox.exe (?_Clocptr@_Locimp@locale@std@@0PAV123@A) : MSVCP100.dll -> HOOKED (Unknown @ 0x7B0B5348)
[Inline] EAT @firefox.exe (bind) : WS2_32.dll -> HOOKED (Unknown @ 0x00130838)
[Inline] EAT @firefox.exe (connect) : WS2_32.dll -> HOOKED (Unknown @ 0x00130950)
[Inline] EAT @firefox.exe (socket) : WS2_32.dll -> HOOKED (Unknown @ 0x001308C4)
[Inline] EAT @firefox.exe (InternetConnectA) : WININET.dll -> HOOKED (Unknown @ 0x00130F54)
[Inline] EAT @firefox.exe (InternetConnectW) : WININET.dll -> HOOKED (Unknown @ 0x00130FE0)
[Inline] EAT @firefox.exe (InternetOpenA) : WININET.dll -> HOOKED (Unknown @ 0x00130D24)
[Inline] EAT @firefox.exe (InternetOpenUrlA) : WININET.dll -> HOOKED (Unknown @ 0x00130E3C)
[Inline] EAT @firefox.exe (InternetOpenUrlW) : WININET.dll -> HOOKED (Unknown @ 0x00130EC8)
[Inline] EAT @firefox.exe (InternetOpenW) : WININET.dll -> HOOKED (Unknown @ 0x00130DB0)
[Inline] EAT @firefox.exe (URLDownloadA) : urlmon.dll -> HOOKED (Unknown @ 0x00130A68)
[Inline] EAT @firefox.exe (URLDownloadToCacheFileA) : urlmon.dll -> HOOKED (Unknown @ 0x00130C98)
[Inline] EAT @firefox.exe (URLDownloadToCacheFileW) : urlmon.dll -> HOOKED (Unknown @ 0x00130C0C)
[Inline] EAT @firefox.exe (URLDownloadToFileA) : urlmon.dll -> HOOKED (Unknown @ 0x00130B80)
[Inline] EAT @firefox.exe (URLDownloadToFileW) : urlmon.dll -> HOOKED (Unknown @ 0x00130AF4)
[Inline] EAT @firefox.exe (URLDownloadW) : urlmon.dll -> HOOKED (Unknown @ 0x001309DC)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 activation.acronis.com

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST3120814A +++++
--- User ---
[MBR] 16a0a2eb87c03701c0158a4e756cb8ab
[BSP] 300c5bdb25c2d9131c8fd1adf39ee8ec : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 43006068 | Size: 93471 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20998 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) (Standardní diskové jednotky) - WDC WD300AB-00BVA0 +++++
--- User ---
[MBR] c127ee76ac0348890a70e4a4e3bf310c
[BSP] ef04d80b018fb2f3fd97ab80b6513955 : Linux MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x82) [VISIBLE] Offset (sectors): 24115200 | Size: 976 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26121690 | Size: 15868 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16126 | Size: 11766 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10102013_103617.txt >>
RKreport[0]_S_10102013_103450.txt

#4 Příspěvek od **cernohous13** » 10 říj 2013 14:09

Stáhni TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe . Pak použij tento návod od kolegy:

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit uložit do karantény (Quarantine), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

joggy · #5 Příspěvek od **joggy** » 10 říj 2013 15:18

Zdravím!

Problém s vysokým vytížením svchost.exe po prvním léčení RogueKiller se zdá ,že zmizel

. Aktualizace Windows z poslaného odkazu v prvním "léčení" zatím stále nejdou...(stále hledá nejnovější aktualizace asi cca po 45 minutách jsem to nevydržel a ukončil to). Tak nevím jestli vůbec nějaké aktualizace v tomto měsíci byly nebo ne?

Díky za pomoc

Tak tady je log TDSSKiller:
******************************
16:04:07.0618 0x087c TDSS rootkit removing tool 3.0.0.12 Oct 9 2013 14:59:22
16:04:09.0221 0x087c ============================================================
16:04:09.0221 0x087c Current date / time: 2013/10/10 16:04:09.0221
16:04:09.0221 0x087c SystemInfo:
16:04:09.0221 0x087c
16:04:09.0221 0x087c OS Version: 5.1.2600 ServicePack: 3.0
16:04:09.0231 0x087c Product type: Workstation
16:04:09.0231 0x087c ComputerName: FANDA
16:04:09.0231 0x087c UserName: Admin
16:04:09.0231 0x087c Windows directory: C:\WINDOWS
16:04:09.0231 0x087c System windows directory: C:\WINDOWS
16:04:09.0231 0x087c Processor architecture: Intel x86
16:04:09.0231 0x087c Number of processors: 1
16:04:09.0231 0x087c Page size: 0x1000
16:04:09.0231 0x087c Boot type: Normal boot
16:04:09.0231 0x087c ============================================================
16:04:14.0188 0x087c System UUID: {EF3B01A2-5976-862A-5258-D5DF987C43AF}
16:04:17.0563 0x087c Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:04:17.0563 0x087c Drive \Device\Harddisk1\DR1 - Size: 0x6FD590000 (27.96 Gb), SectorSize: 0x200, Cylinders: 0xE41, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:04:17.0573 0x087c ============================================================
16:04:17.0573 0x087c \Device\Harddisk0\DR0:
16:04:17.0573 0x087c MBR partitions:
16:04:17.0583 0x087c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2903875, BlocksNum 0x4C2CC2C
16:04:17.0613 0x087c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x75304E0, BlocksNum 0x6A632E1
16:04:17.0613 0x087c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x29037F6
16:04:17.0613 0x087c \Device\Harddisk1\DR1:
16:04:17.0613 0x087c MBR partitions:
16:04:17.0613 0x087c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x18E95DA, BlocksNum 0x1EFE727
16:04:17.0613 0x087c ============================================================
16:04:17.0643 0x087c C: <-> \Device\Harddisk0\DR0\Partition3
16:04:17.0683 0x087c D: <-> \Device\Harddisk0\DR0\Partition1
16:04:17.0693 0x087c E: <-> \Device\Harddisk0\DR0\Partition2
16:04:17.0703 0x087c F: <-> \Device\Harddisk1\DR1\Partition1
16:04:17.0703 0x087c ============================================================
16:04:17.0703 0x087c Initialize success
16:04:17.0703 0x087c ============================================================
16:04:41.0998 0x0eac ============================================================
16:04:41.0998 0x0eac Scan started
16:04:41.0998 0x0eac Mode: Manual;
16:04:41.0998 0x0eac ============================================================
16:04:41.0998 0x0eac KSN ping started
16:04:47.0546 0x0eac KSN ping finished: true
16:04:48.0267 0x0eac ================ Scan system memory ========================
16:04:48.0277 0x0eac System memory - ok
16:04:48.0337 0x0eac ================ Scan services =============================
16:04:48.0437 0x0eac [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE C:\PROGRAMY\SASCORE.EXE
16:04:48.0447 0x0eac !SASCORE - ok
16:04:49.0428 0x0eac Abiosdsk - ok
16:04:49.0498 0x0eac abp480n5 - ok
16:04:49.0639 0x0eac [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:04:49.0659 0x0eac ACPI - ok
16:04:49.0759 0x0eac [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:04:50.0079 0x0eac ACPIEC - ok
16:04:50.0149 0x0eac adpu160m - ok
16:04:50.0270 0x0eac [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:04:50.0320 0x0eac aec - ok
16:04:50.0450 0x0eac [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:04:50.0540 0x0eac AFD - ok
16:04:50.0630 0x0eac Aha154x - ok
16:04:50.0750 0x0eac aic78u2 - ok
16:04:50.0830 0x0eac aic78xx - ok
16:04:50.0961 0x0eac [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:04:51.0211 0x0eac Alerter - ok
16:04:51.0331 0x0eac [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
16:04:51.0331 0x0eac ALG - ok
16:04:51.0421 0x0eac AliIde - ok
16:04:51.0531 0x0eac amsint - ok
16:04:51.0652 0x0eac [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:04:51.0992 0x0eac AppMgmt - ok
16:04:52.0072 0x0eac asc - ok
16:04:52.0162 0x0eac asc3350p - ok
16:04:52.0252 0x0eac asc3550 - ok
16:04:52.0403 0x0eac [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:04:52.0403 0x0eac AsyncMac - ok
16:04:52.0563 0x0eac [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:04:52.0573 0x0eac atapi - ok
16:04:52.0663 0x0eac Atdisk - ok
16:04:52.0763 0x0eac [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:04:52.0823 0x0eac Atmarpc - ok
16:04:52.0903 0x0eac [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:04:52.0943 0x0eac AudioSrv - ok
16:04:53.0064 0x0eac [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:04:53.0084 0x0eac audstub - ok
16:04:53.0224 0x0eac [ D39A1C2FB0486D55F2CFBB4359363788, 07F633B089D605BA4BC9AC9F127C8AE8BF9A1D61AFB998B16712169048F7C12F ] Avgdiskx C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
16:04:53.0254 0x0eac Avgdiskx - ok
16:04:53.0975 0x0eac [ 75295E1C49F068F0C7C3ED1211DF3EFB, EFC0E3BABD41067242E666D1FA072BCF25BB1FA3D6E621974E3514A37446CF96 ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
16:04:54.0576 0x0eac AVGIDSAgent - ok
16:04:54.0756 0x0eac [ E2D441E3F58C04DD91286F38916CE102, C03F50CE5BDFCBC2B0DB062D6517ADE99DFF8EB65859CF6122DC95D3167E7C7E ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
16:04:54.0806 0x0eac AVGIDSDriver - ok
16:04:54.0926 0x0eac [ 7E7E946C5620BD398BFCFA41E435545B, 0B2F496367F36BE20AD075DF0054E8DE083E690179F9C5C9ECF9B3677069D6CF ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
16:04:54.0946 0x0eac AVGIDSHX - ok
16:04:55.0026 0x0eac [ C3828E5C49924969799ED8B1E123A267, 26713E308FC9BBDF28BD4E47234002D6928AAA234F73B2248BB2466EBA41747E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
16:04:55.0087 0x0eac AVGIDSShim - ok
16:04:55.0197 0x0eac [ A997D4A7361F4870A4F13BA5BF36F388, 1DF529F4207081E154BC377154A02FD641C20EF8BDB913C232465519AAC48827 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
16:04:55.0237 0x0eac Avgldx86 - ok
16:04:55.0357 0x0eac [ 62C926243D7875BDE097904E4DE4FFAD, 32730FEB5133F51A62DEDB9528EDE5A8F9A3C8121753D09699C5EEB930E4E217 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
16:04:55.0427 0x0eac Avglogx - ok
16:04:55.0517 0x0eac [ 02C25C2974F728391E33A2E45A23FFA4, B36A9601BF855ABAC4855023913A8D977567AD15EDCC3FFAB3028A9B6FE5D2CA ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
16:04:55.0547 0x0eac Avgmfx86 - ok
16:04:55.0677 0x0eac [ 9745AD34365318593909EDDEDAE66B9A, 16374BF9789053AA0124CB8437E1192442F44E46D14435BF80A049CD0D47F16A ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
16:04:55.0687 0x0eac Avgrkx86 - ok
16:04:55.0798 0x0eac [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
16:04:55.0878 0x0eac Avgtdix - ok
16:04:56.0028 0x0eac [ D9EB91D8DD04D4DCE41C8FAE67D20449, 32A2BFFE546A7A8315CF7B8481E640E761BB2F0D7BFC2F6A7DD542F74224BA9D ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
16:04:56.0098 0x0eac avgwd - ok
16:04:56.0278 0x0eac [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:04:56.0499 0x0eac Beep - ok
16:04:56.0679 0x0eac [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
16:04:57.0059 0x0eac BITS - ok
16:04:57.0170 0x0eac BlueletAudio - ok
16:04:57.0290 0x0eac BlueletSCOAudio - ok
16:04:57.0440 0x0eac [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
16:04:57.0450 0x0eac Browser - ok
16:04:57.0590 0x0eac BT - ok
16:04:57.0680 0x0eac Btcsrusb - ok
16:04:57.0770 0x0eac [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
16:04:57.0780 0x0eac BthEnum - ok
16:04:57.0871 0x0eac BTHidEnum - ok
16:04:57.0951 0x0eac BTHidMgr - ok
16:04:58.0101 0x0eac [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
16:04:58.0131 0x0eac BTHMODEM - ok
16:04:58.0241 0x0eac [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
16:04:58.0331 0x0eac BthPan - ok
16:04:58.0471 0x0eac [ F338662A6C1FC11DD9508F6DFF2C06A2, 650993B9F641D05F34FB2E5771FB834A7EEDBD60C284FD1703043C297A6577F2 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
16:04:58.0552 0x0eac BTHPORT - ok
16:04:58.0692 0x0eac [ 70CA4B3F634C9DCA200832F8DA76E009, ACDAD55D6D94143B41E71685CDD8ADB2DA35635AE588EAED12BBDAA858ABF79E ] BthServ C:\WINDOWS\System32\bthserv.dll
16:04:58.0742 0x0eac BthServ - ok
16:04:58.0852 0x0eac [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
16:04:58.0882 0x0eac BTHUSB - ok
16:04:58.0972 0x0eac btkrnl - ok
16:04:59.0072 0x0eac [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:04:59.0403 0x0eac cbidf2k - ok
16:04:59.0493 0x0eac cd20xrnt - ok
16:04:59.0593 0x0eac [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:04:59.0763 0x0eac Cdaudio - ok
16:04:59.0863 0x0eac [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:04:59.0873 0x0eac Cdfs - ok
16:04:59.0964 0x0eac [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:04:59.0974 0x0eac Cdrom - ok
16:05:00.0074 0x0eac Changer - ok
16:05:00.0194 0x0eac [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:05:00.0204 0x0eac CiSvc - ok
16:05:00.0344 0x0eac [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:05:00.0414 0x0eac ClipSrv - ok
16:05:00.0484 0x0eac CmdIde - ok
16:05:00.0635 0x0eac COMSysApp - ok
16:05:00.0825 0x0eac Cpqarray - ok
16:05:00.0915 0x0eac [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:05:00.0975 0x0eac CryptSvc - ok
16:05:01.0055 0x0eac dac2w2k - ok
16:05:01.0145 0x0eac dac960nt - ok
16:05:01.0336 0x0eac [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:05:01.0466 0x0eac DcomLaunch - ok
16:05:01.0606 0x0eac [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:05:01.0636 0x0eac Dhcp - ok
16:05:01.0766 0x0eac [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:05:01.0776 0x0eac Disk - ok
16:05:01.0846 0x0eac dmadmin - ok
16:05:02.0097 0x0eac [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:05:02.0267 0x0eac dmboot - ok
16:05:02.0377 0x0eac [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:05:02.0397 0x0eac dmio - ok
16:05:02.0497 0x0eac [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:05:02.0527 0x0eac dmload - ok
16:05:02.0637 0x0eac [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:05:02.0677 0x0eac dmserver - ok
16:05:02.0798 0x0eac [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:05:02.0828 0x0eac DMusic - ok
16:05:02.0958 0x0eac [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:05:02.0968 0x0eac Dnscache - ok
16:05:03.0088 0x0eac [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:05:03.0519 0x0eac Dot3svc - ok
16:05:03.0609 0x0eac dpti2o - ok
16:05:03.0829 0x0eac [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:05:03.0839 0x0eac drmkaud - ok
16:05:03.0939 0x0eac [ 77C4901986FC7A83E853B300E80D234B, 82285FBCA1E0C5FE69A08470991413FBA0B3B0767A0722C5E6B9A2467AABB0A6 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
16:05:04.0019 0x0eac DVD-RAM_Service - ok
16:05:04.0130 0x0eac [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:05:04.0340 0x0eac EapHost - ok
16:05:04.0460 0x0eac [ D57F1811D8258D8D277CD9F53657EEF9, 2C7732DA3DCFC82F60F063F2EC9FA09F9D38D5CFBE80C850DED44DE43BDB666D ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys
16:05:04.0510 0x0eac epmntdrv - ok
16:05:04.0650 0x0eac [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:05:04.0730 0x0eac ERSvc - ok
16:05:04.0871 0x0eac [ F1DE3EEF501DDA7DDF99F2EDF0C5540E, 8D604553A3F5DB03BFFD50473ECB6F05EBCFCC6B5E1F149322830DBD6C806866 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys
16:05:04.0991 0x0eac EuGdiDrv - ok
16:05:05.0131 0x0eac [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
16:05:05.0171 0x0eac Eventlog - ok
16:05:05.0251 0x0eac [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
16:05:05.0301 0x0eac EventSystem - ok
16:05:05.0381 0x0eac [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:05:05.0421 0x0eac Fastfat - ok
16:05:05.0512 0x0eac [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:05:05.0562 0x0eac FastUserSwitchingCompatibility - ok
16:05:05.0692 0x0eac [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:05:05.0772 0x0eac Fdc - ok
16:05:05.0952 0x0eac [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:05:06.0433 0x0eac Fips - ok
16:05:06.0483 0x0eac [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:05:06.0493 0x0eac Flpydisk - ok
16:05:06.0643 0x0eac [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:05:06.0683 0x0eac FltMgr - ok
16:05:06.0793 0x0eac [ 27C75AC6D6FC808D8244D9C9CEA681D1, A68D79F64FF12769BE361BF3316909BB83E33772989EF3AA95613930B2B07C24 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
16:05:06.0803 0x0eac fltsrv - ok
16:05:06.0894 0x0eac [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:05:07.0324 0x0eac Fs_Rec - ok
16:05:07.0394 0x0eac [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:05:07.0414 0x0eac Ftdisk - ok
16:05:07.0524 0x0eac [ BEAE63CA06345E0714A3CAE6232482EA, 9A6E8384C1D8D76DA435A4422EFD723A4A8BAEB57681EC4152B335FDF21C07BB ] fwdrv C:\WINDOWS\system32\drivers\fwdrv.sys
16:05:07.0574 0x0eac fwdrv - ok
16:05:07.0715 0x0eac [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:05:07.0755 0x0eac gameenum - ok
16:05:07.0795 0x0eac [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:05:07.0855 0x0eac Gpc - ok
16:05:07.0915 0x0eac [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:05:07.0945 0x0eac helpsvc - ok
16:05:08.0045 0x0eac [ 0D349DC78C6EE16E655557E325A67D9C, 3EE81053E1BFB3AB333BA4FFA8AA332FADAF028C7BA417B1286C6BAA6911E63D ] HidBth C:\WINDOWS\system32\DRIVERS\hidbth.sys
16:05:08.0075 0x0eac HidBth - ok
16:05:08.0125 0x0eac HidServ - ok
16:05:08.0265 0x0eac [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:05:08.0296 0x0eac hidusb - ok
16:05:08.0376 0x0eac [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:05:08.0746 0x0eac hkmsvc - ok
16:05:08.0856 0x0eac hpn - ok
16:05:09.0037 0x0eac [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:05:09.0327 0x0eac HTTP - ok
16:05:09.0447 0x0eac [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:05:09.0557 0x0eac HTTPFilter - ok
16:05:09.0667 0x0eac i2omgmt - ok
16:05:09.0818 0x0eac i2omp - ok
16:05:09.0948 0x0eac [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:05:10.0018 0x0eac i8042prt - ok
16:05:10.0108 0x0eac [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:05:10.0198 0x0eac Imapi - ok
16:05:10.0248 0x0eac [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:05:10.0318 0x0eac ImapiService - ok
16:05:10.0419 0x0eac ini910u - ok
16:05:10.0439 0x0eac IntelIde - ok
16:05:10.0469 0x0eac [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:05:10.0509 0x0eac Ip6Fw - ok
16:05:11.0049 0x0eac [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:05:11.0059 0x0eac IpFilterDriver - ok
16:05:11.0090 0x0eac [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:05:11.0100 0x0eac IpInIp - ok
16:05:11.0200 0x0eac [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:05:11.0250 0x0eac IpNat - ok
16:05:11.0340 0x0eac [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:05:11.0350 0x0eac IPSec - ok
16:05:11.0450 0x0eac [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:05:11.0450 0x0eac IRENUM - ok
16:05:11.0550 0x0eac [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:05:11.0550 0x0eac isapnp - ok
16:05:11.0761 0x0eac [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:05:11.0781 0x0eac JavaQuickStarterService - ok
16:05:11.0901 0x0eac [ 603962B049A0018B3922FE4FC6050692, 1A35E3920CE4866373D631D1303DD113EF97E000853E5FD4CEA3D026E5F9A466 ] K320bus C:\WINDOWS\system32\DRIVERS\K320bus.sys
16:05:11.0941 0x0eac K320bus - ok
16:05:12.0041 0x0eac [ E40FCAB6E9C2B25C42216C233FBFB220, C40A726406C3F30BAEE7FB2173FB2885F63B4BA75CE858CE0AEABAD069C2E532 ] K320mgmt C:\WINDOWS\system32\DRIVERS\K320mgmt.sys
16:05:12.0081 0x0eac K320mgmt - ok
16:05:12.0201 0x0eac [ 26C7BA5D3EBEDCC4447EC10B6A193047, 53DC456125D7CC9624C23333B572DD76FB31D7B8EB819ED81D1643A06566303D ] K320obex C:\WINDOWS\system32\DRIVERS\K320obex.sys
16:05:12.0251 0x0eac K320obex - ok
16:05:12.0351 0x0eac [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:05:12.0401 0x0eac Kbdclass - ok
16:05:12.0482 0x0eac [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:05:12.0512 0x0eac kbdhid - ok
16:05:12.0612 0x0eac [ F1B81D62EA598047D28DD12E1F417976, B8AE2AD6B64F196C84C827162804F78259726B5098CD70F07CBB0DDD30904760 ] khips C:\WINDOWS\system32\drivers\khips.sys
16:05:12.0672 0x0eac khips - ok
16:05:12.0782 0x0eac [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:05:12.0842 0x0eac kmixer - ok
16:05:13.0153 0x0eac [ E7A74CEA1D5E6CE0EA5AD7D5C31A0D34, 7E0AF7285CD1EFD3E236E8940F8514D9607EB6A1C3BC5C43C643D387FC25BE81 ] KPF4 C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
16:05:13.0393 0x0eac KPF4 - ok
16:05:13.0543 0x0eac [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:05:13.0553 0x0eac KSecDD - ok
16:05:13.0703 0x0eac [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:05:13.0874 0x0eac LanmanServer - ok
16:05:14.0004 0x0eac [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:05:14.0124 0x0eac lanmanworkstation - ok
16:05:14.0224 0x0eac lbrtfdc - ok
16:05:14.0464 0x0eac [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:05:14.0585 0x0eac LmHosts - ok
16:05:14.0775 0x0eac [ 766A1D242F4390DDF1243084898A20C9, D509251CBBDB1A358A0E7D9116C61A0BE5589CFBBEF0FE8EC3AAD66DF90D61CA ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
16:05:14.0785 0x0eac meiudf - ok
16:05:14.0835 0x0eac [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:05:14.0855 0x0eac Messenger - ok
16:05:14.0955 0x0eac [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:05:15.0155 0x0eac mnmdd - ok
16:05:15.0376 0x0eac [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:05:15.0396 0x0eac mnmsrvc - ok
16:05:15.0506 0x0eac [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:05:15.0696 0x0eac Modem - ok
16:05:15.0796 0x0eac [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:05:15.0836 0x0eac Mouclass - ok
16:05:15.0937 0x0eac [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:05:15.0957 0x0eac mouhid - ok
16:05:16.0077 0x0eac [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:05:16.0087 0x0eac MountMgr - ok
16:05:16.0177 0x0eac [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:05:16.0197 0x0eac MozillaMaintenance - ok
16:05:16.0317 0x0eac mraid35x - ok
16:05:16.0417 0x0eac [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:05:16.0437 0x0eac MRxDAV - ok
16:05:16.0648 0x0eac [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:05:16.0798 0x0eac MRxSmb - ok
16:05:16.0928 0x0eac [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:05:16.0958 0x0eac MSDTC - ok
16:05:17.0078 0x0eac [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:05:17.0078 0x0eac Msfs - ok
16:05:17.0198 0x0eac MSIServer - ok
16:05:17.0349 0x0eac [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:05:17.0409 0x0eac MSKSSRV - ok
16:05:17.0489 0x0eac [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:05:17.0569 0x0eac MSPCLOCK - ok
16:05:17.0739 0x0eac [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:05:17.0779 0x0eac MSPQM - ok
16:05:17.0939 0x0eac [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:05:17.0999 0x0eac mssmbios - ok
16:05:18.0110 0x0eac [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:05:18.0120 0x0eac Mup - ok
16:05:18.0280 0x0eac [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
16:05:18.0580 0x0eac napagent - ok
16:05:18.0741 0x0eac [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:05:18.0781 0x0eac NDIS - ok
16:05:18.0931 0x0eac [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:05:18.0961 0x0eac NdisTapi - ok
16:05:19.0041 0x0eac [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:05:19.0051 0x0eac Ndisuio - ok
16:05:19.0181 0x0eac [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:05:19.0211 0x0eac NdisWan - ok
16:05:19.0311 0x0eac [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:05:19.0381 0x0eac NDProxy - ok
16:05:19.0462 0x0eac [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:05:19.0462 0x0eac NetBIOS - ok
16:05:19.0572 0x0eac [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:05:19.0622 0x0eac NetBT - ok
16:05:19.0772 0x0eac [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:05:19.0812 0x0eac NetDDE - ok
16:05:19.0902 0x0eac [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:05:19.0912 0x0eac NetDDEdsdm - ok
16:05:20.0062 0x0eac [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:05:20.0072 0x0eac Netlogon - ok
16:05:20.0173 0x0eac [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
16:05:20.0203 0x0eac Netman - ok
16:05:20.0343 0x0eac [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
16:05:20.0373 0x0eac Nla - ok
16:05:20.0463 0x0eac [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:05:20.0473 0x0eac Npfs - ok
16:05:20.0683 0x0eac [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:05:20.0773 0x0eac Ntfs - ok
16:05:20.0874 0x0eac [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:05:20.0874 0x0eac NtLmSsp - ok
16:05:21.0004 0x0eac [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:05:21.0384 0x0eac NtmsSvc - ok
16:05:21.0545 0x0eac [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:05:21.0715 0x0eac Null - ok
16:05:22.0115 0x0eac [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:05:22.0436 0x0eac nv - ok
16:05:22.0576 0x0eac [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:05:22.0626 0x0eac NwlnkFlt - ok
16:05:22.0716 0x0eac [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:05:22.0746 0x0eac NwlnkFwd - ok
16:05:22.0846 0x0eac [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:05:22.0856 0x0eac ose - ok
16:05:22.0967 0x0eac [ 3FC38E7FBE91DB40C34731195F4116C2, 342BDB0E60ED6CCD9442F35512D6486C6EF1BCAE712CB4A0D08E936CF5A67410 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
16:05:23.0017 0x0eac P3 - ok
16:05:23.0097 0x0eac [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:05:23.0117 0x0eac Parport - ok
16:05:23.0257 0x0eac [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:05:23.0257 0x0eac PartMgr - ok
16:05:23.0347 0x0eac [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:05:23.0357 0x0eac ParVdm - ok
16:05:23.0507 0x0eac [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:05:23.0537 0x0eac PCI - ok
16:05:23.0628 0x0eac PCIDump - ok
16:05:23.0758 0x0eac PCIIde - ok
16:05:23.0868 0x0eac [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:05:24.0128 0x0eac Pcmcia - ok
16:05:24.0208 0x0eac PDCOMP - ok
16:05:24.0299 0x0eac PDFRAME - ok
16:05:24.0419 0x0eac PDRELI - ok
16:05:24.0499 0x0eac PDRFRAME - ok
16:05:24.0649 0x0eac perc2 - ok
16:05:24.0769 0x0eac perc2hib - ok
16:05:25.0150 0x0eac [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
16:05:25.0170 0x0eac PlugPlay - ok
16:05:25.0290 0x0eac [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:05:25.0320 0x0eac PolicyAgent - ok
16:05:25.0430 0x0eac [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:05:25.0440 0x0eac PptpMiniport - ok
16:05:25.0550 0x0eac [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:05:25.0560 0x0eac ProtectedStorage - ok
16:05:25.0671 0x0eac [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:05:25.0721 0x0eac PSched - ok
16:05:25.0811 0x0eac [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:05:25.0831 0x0eac Ptilink - ok
16:05:25.0921 0x0eac ql1080 - ok
16:05:26.0021 0x0eac Ql10wnt - ok
16:05:26.0091 0x0eac ql12160 - ok
16:05:26.0181 0x0eac ql1240 - ok
16:05:26.0271 0x0eac ql1280 - ok
16:05:26.0402 0x0eac [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:05:26.0432 0x0eac RasAcd - ok
16:05:26.0542 0x0eac [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:05:26.0882 0x0eac RasAuto - ok
16:05:26.0992 0x0eac [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:05:27.0032 0x0eac Rasl2tp - ok
16:05:27.0153 0x0eac [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:05:27.0233 0x0eac RasMan - ok
16:05:27.0353 0x0eac [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:05:27.0383 0x0eac RasPppoe - ok
16:05:27.0483 0x0eac [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:05:27.0503 0x0eac Raspti - ok
16:05:27.0683 0x0eac [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:05:27.0713 0x0eac Rdbss - ok
16:05:27.0804 0x0eac [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:05:27.0844 0x0eac RDPCDD - ok
16:05:28.0004 0x0eac [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:05:28.0084 0x0eac rdpdr - ok
16:05:28.0254 0x0eac [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:05:28.0274 0x0eac RDPWD - ok
16:05:28.0384 0x0eac [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:05:28.0465 0x0eac RDSessMgr - ok
16:05:28.0595 0x0eac [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:05:28.0625 0x0eac redbook - ok
16:05:28.0725 0x0eac [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:05:29.0045 0x0eac RemoteAccess - ok
16:05:29.0196 0x0eac [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:05:29.0246 0x0eac RemoteRegistry - ok
16:05:29.0366 0x0eac [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
16:05:29.0376 0x0eac RFCOMM - ok
16:05:29.0546 0x0eac [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
16:05:29.0556 0x0eac ROOTMODEM - ok
16:05:29.0686 0x0eac [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:05:29.0716 0x0eac RpcLocator - ok
16:05:29.0857 0x0eac [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:05:29.0927 0x0eac RpcSs - ok
16:05:30.0057 0x0eac [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:05:30.0127 0x0eac RSVP - ok
16:05:30.0237 0x0eac [ CF84B1F0E8B14D4120AAF9CF35CBB265, 3F9B0E70DFD96B822A21A3D5E0438DCB3E08EF6A516756CE58CBDB2F52D09604 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
16:05:30.0307 0x0eac RTL8023xp - ok
16:05:30.0407 0x0eac [ 493B54A894A6E70DD02961A68DB8863F, 49E0C3A1AA8F23BED6650DA0FADD9C9F234132C1D1772BA15D59ACE9E42F66EF ] rtl8029 C:\WINDOWS\system32\DRIVERS\RTL8029.SYS
16:05:30.0417 0x0eac rtl8029 - ok
16:05:30.0517 0x0eac [ F83F88E1B125308FB5015EA0349502B0, 327C4516C239DFBC1110C81435B62129DC22B10C9431AA3D707304F4B42AD595 ] s125mdfl C:\WINDOWS\system32\DRIVERS\s125mdfl.sys
16:05:30.0578 0x0eac s125mdfl - ok
16:05:30.0718 0x0eac [ 402A97756C14940AD6AE5169C2FB105E, AF90E2D9E6218B2BEBED7633695CAFDC95EEB022EC247F69F206E3E46B41E9CE ] s125mdm C:\WINDOWS\system32\DRIVERS\s125mdm.sys
16:05:30.0748 0x0eac s125mdm - ok
16:05:30.0878 0x0eac [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
16:05:30.0888 0x0eac SamSs - ok
16:05:30.0998 0x0eac [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\PROGRAMY\SASDIFSV.SYS
16:05:31.0008 0x0eac SASDIFSV - ok
16:05:31.0088 0x0eac [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\PROGRAMY\SASKUTIL.SYS
16:05:31.0148 0x0eac SASKUTIL - ok
16:05:31.0239 0x0eac [ 729248B54AFF21E740054ACEBFDBCB1C, 1C901500A2BD23590217525DD280EA1AA870545CED7749DC677F5ABE1E767C27 ] SBKUPNT C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
16:05:31.0259 0x0eac SBKUPNT - ok
16:05:31.0389 0x0eac [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:05:31.0459 0x0eac SCardSvr - ok
16:05:31.0579 0x0eac [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:05:31.0609 0x0eac Schedule - ok
16:05:31.0759 0x0eac [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:05:31.0769 0x0eac Secdrv - ok
16:05:31.0859 0x0eac [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:05:31.0889 0x0eac seclogon - ok
16:05:32.0020 0x0eac [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
16:05:32.0050 0x0eac SENS - ok
16:05:32.0130 0x0eac [ 39BAA6F2646CA54E94BC8F8ED7A7FB58, 21D3217E617F8BA9910E4D99F337A848FEDB72A0D4A00B0FA972BEC8CAA05C3D ] Ser2pl C:\WINDOWS\system32\DRIVERS\ser2pl.sys
16:05:32.0200 0x0eac Ser2pl - ok
16:05:32.0340 0x0eac [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:05:32.0350 0x0eac serenum - ok
16:05:32.0430 0x0eac [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:05:32.0450 0x0eac Serial - ok
16:05:32.0761 0x0eac [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:05:33.0001 0x0eac Sfloppy - ok
16:05:33.0161 0x0eac [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:05:33.0231 0x0eac SharedAccess - ok
16:05:33.0362 0x0eac [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:05:33.0372 0x0eac ShellHWDetection - ok
16:05:33.0472 0x0eac Simbad - ok
16:05:33.0652 0x0eac [ 5583054EF09D13CA953DA1FAE287D80D, 812F14BE3AC754A0972AB16E9F29BEB7112C48EC626D3D6E54DD16540F10A14A ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
16:05:33.0702 0x0eac snapman - ok
16:05:33.0782 0x0eac Sparrow - ok
16:05:33.0862 0x0eac [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:05:33.0872 0x0eac splitter - ok
16:05:34.0012 0x0eac [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:05:34.0033 0x0eac Spooler - ok
16:05:34.0063 0x0eac ================ Scan global ===============================
16:05:34.0143 0x0eac [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
16:05:34.0283 0x0eac [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:05:34.0423 0x0eac [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:05:34.0573 0x0eac [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
16:05:34.0583 0x0eac [ Global ] - ok
16:05:34.0633 0x0eac ================ Scan MBR ==================================
16:05:34.0673 0x0eac [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:05:35.0314 0x0eac \Device\Harddisk0\DR0 - ok
16:05:35.0384 0x0eac [ C06575B18B90345CE86AB291B56DB94D ] \Device\Harddisk1\DR1
16:05:35.0404 0x0eac \Device\Harddisk1\DR1 - ok
16:05:35.0445 0x0eac ================ Scan VBR ==================================
16:05:35.0485 0x0eac [ 4385CD631B9166C799FC375FC1FFFFC5 ] \Device\Harddisk0\DR0\Partition1
16:05:35.0485 0x0eac \Device\Harddisk0\DR0\Partition1 - ok
16:05:35.0565 0x0eac [ FB6E093118F8A97687E3250CC2468506 ] \Device\Harddisk0\DR0\Partition2
16:05:35.0565 0x0eac \Device\Harddisk0\DR0\Partition2 - ok
16:05:35.0725 0x0eac [ D3D68409D63BDDD37ACD4861CF5BA5C7 ] \Device\Harddisk0\DR0\Partition3
16:05:35.0725 0x0eac \Device\Harddisk0\DR0\Partition3 - ok
16:05:35.0845 0x0eac [ C74CF15488721A1453F5062F735CF89D ] \Device\Harddisk1\DR1\Partition1
16:05:35.0855 0x0eac \Device\Harddisk1\DR1\Partition1 - ok
16:05:36.0166 0x0eac AV detected via SS1: AVG AntiVirus Free Edition 2014, 2014.0, enabled, updated
16:05:36.0246 0x0eac FW detected via SS1: AVG Internet Security 2012, 2012.0, enabled
16:05:36.0246 0x0eac FW detected via SS1: Kerio Personal Firewall, 4.2.2 T, enabled
16:05:36.0276 0x0eac ============================================================
16:05:36.0276 0x0eac Scan finished
16:05:36.0276 0x0eac ============================================================
16:05:36.0396 0x0540 Detected object count: 0
16:05:36.0396 0x0540 Actual detected object count: 0
16:06:28.0261 0x0340 Deinitialize success

#6 Příspěvek od **cernohous13** » 10 říj 2013 15:32

To vypadá v pořádku.

trváš na AVG?
běží ti tam dva FW - AVG+Kerio - možný konflikt
odinstalátor http://www.avg.com/cz-cs/utilities

doporučím Avast free http://www.avast.com/cs-cz/index

až se rozhodneš a případně provedeš, dej mi nový RSIT

joggy · #7 Příspěvek od **joggy** » 10 říj 2013 15:44

Zdravím!
To vypadá že víš víc než já...

.
AVG Free mám jen antivir.
Keiro firewall mám.
AVG firewall nemám nebo aspon o tom nevím...
Díval jsem se do antiviru AVG free a u položky firewall mám nenainstalováno.Tak teda nevím.

Na AVG netrvám jen jsme si už na sebe zvykli mám ho už mnoho let

Mám moc staré a pomalé PC spíše prahistorické Celeron 900. Ten Avast jsem už dříve zkoušel bylo pomalé.
Díky

#8 Příspěvek od **cernohous13** » 10 říj 2013 16:57

já nevím nic, to vykecal TDSSkiller

16:05:36.0166 0x0eac AV detected via SS1: AVG AntiVirus Free Edition 2014, 2014.0, enabled, updated
16:05:36.0246 0x0eac FW detected via SS1: AVG Internet Security 2012, 2012.0, enabled
16:05:36.0246 0x0eac FW detected via SS1: Kerio Personal Firewall, 4.2.2 T, enabled

tak to prověříme
Stáhni zde - http://screen317.changelog.fr/SecurityCheck.exe
nebo zde - http://screen317.spywareinfoforum.org/SecurityCheck.exe
ulož na plochu a spusť - další informace v černém okně
až skončí, otevře se notepad - obsah zkopíruj do své odpovědi.
zavřením notepadu se ukončí i program.

a AVG tu považujeme za trochu slabší v detekci a silnější v zatěžování

ale je to jen na tvé vůli

joggy · #9 Příspěvek od **joggy** » 10 říj 2013 17:41

Zdravím!
Tak problém s vysokým využitím svchost.exe je zpátky

.
Ještě než si mi napsal ten tvůj poslední příspěvek,tak mi to nedalo a tak jsem to AVG free 2014 odinstaloval a projel tou AVG utilitou z předchozího příspěvku a po odinstalování a následném restartu je to zpět.Poté jsem to AVG free 2014 znovu nainstaloval.
Chtěl jsem vyzkoušet tu tvoji poslední radu ohledně securitycheck.exe, ale uvedené odkazy mi nefungují.
Doufám,že jsem něco nepokazil...? Omlouvám se

přikládám nejnovější log RSIT po NOVÉ INSTALACI AVG free 2014:
***************************************************
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-10-10 18:34:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (25%) free of 21 GB
Total RAM: 1023 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:54, on 10.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21352)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMY\SASCORE.EXE
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\PROGRAMY\Version8\TeamViewer_Service.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgmfapx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Documents and Settings\Admin\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2036174522
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\PROGRAMY\SASCORE.EXE
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\PROGRAMY\Version8\TeamViewer_Service.exe
O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\PROGRAMY\WiselinkPro.exe

--
End of file - 6387 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\hdmdko8r.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-20 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConMet]
C:\Testovaci programy\ConMet.exe [2013-05-01 4483584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-12-12 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\PROGRAMY\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\TESTOVACI PROGRAMY\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^RAMASST.lnk]
C:\WINDOWS\system32\RAMASST.exe [2003-03-14 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-09-06 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\PROGRAMY\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\viphone communicator\viphone communicator.exe"="C:\Program Files\viphone communicator\viphone communicator.exe:*:Enabled:viphone communicator"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\PROGRAMY\BlueSoleil_.exe"="C:\PROGRAMY\BlueSoleil_.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\PROGRAMY\Version8\TeamViewer.exe"="C:\PROGRAMY\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\PROGRAMY\Version8\TeamViewer_Service.exe"="C:\PROGRAMY\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

======List of files/folders created in the last 1 month======

2013-10-10 18:19:28 ----D---- C:\Documents and Settings\Admin\Data aplikací\AVG2014
2013-10-10 17:53:10 ----D---- C:\WINDOWS\LastGood
2013-10-10 17:49:54 ----HD---- C:\$AVG
2013-10-10 17:49:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2014
2013-10-10 17:41:00 ----D---- C:\Program Files\AVG
2013-10-10 17:32:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-10-10 16:03:58 ----A---- C:\TDSSKiller.3.0.0.12_10.10.2013_16.03.58_log.txt
2013-10-10 16:02:25 ----A---- C:\TDSSKiller.2.8.16.0_10.10.2013_16.02.24_log.txt
2013-10-09 23:40:27 ----D---- C:\Program Files\trend micro
2013-10-09 23:40:19 ----D---- C:\rsit
2013-10-07 15:53:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2013-10-07 15:48:49 ----A---- C:\WINDOWS\system32\drivers\snapman.sys
2013-10-07 15:48:42 ----A---- C:\WINDOWS\system32\drivers\fltsrv.sys
2013-10-07 15:48:12 ----D---- C:\Program Files\Acronis
2013-10-05 20:15:21 ----D---- C:\Documents and Settings\Admin\Data aplikací\9119206B-B75E-4711-AF59-4D20BAD62FDF
2013-10-05 19:04:29 ----D---- C:\Documents and Settings\Admin\Data aplikací\Acronis
2013-10-05 18:54:21 ----HD---- C:\WINDOWS\system32\GroupPolicy
2013-10-05 18:52:13 ----D---- C:\Program Files\Common Files\Acronis
2013-10-04 16:27:10 ----D---- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
2013-09-25 20:57:14 ----A---- C:\WINDOWS\system32\drivers\avgdiskx.sys
2013-09-20 18:02:36 ----D---- C:\Program Files\Common Files\Java
2013-09-20 18:02:26 ----A---- C:\WINDOWS\system32\javaws.exe
2013-09-20 18:02:00 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-09-20 18:02:00 ----A---- C:\WINDOWS\system32\javaw.exe
2013-09-20 18:02:00 ----A---- C:\WINDOWS\system32\java.exe
2013-09-20 18:01:24 ----D---- C:\Program Files\Java
2013-09-20 17:36:56 ----D---- C:\Program Files\Mozilla Firefox
2013-09-16 23:42:33 ----D---- C:\Program Files\CCleaner
2013-09-12 22:10:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-12 22:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-12 22:08:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

======List of files/folders modified in the last 1 month======

2013-10-10 18:08:41 ----D---- C:\WINDOWS\Temp
2013-10-10 18:02:13 ----SHD---- C:\WINDOWS\Installer
2013-10-10 18:00:40 ----D---- C:\WINDOWS\Prefetch
2013-10-10 17:53:14 ----HD---- C:\WINDOWS\inf
2013-10-10 17:53:14 ----D---- C:\WINDOWS\system32\drivers
2013-10-10 17:53:10 ----D---- C:\WINDOWS
2013-10-10 17:41:00 ----RD---- C:\Program Files
2013-10-10 17:30:55 ----D---- C:\WINDOWS\system32
2013-10-10 17:26:30 ----D---- C:\WINDOWS\system32\CatRoot2
2013-10-10 17:06:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-10 00:31:17 ----D---- C:\PROGRAMY
2013-10-09 22:37:11 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-07 15:48:33 ----D---- C:\WINDOWS\WinSxS
2013-10-05 20:16:03 ----D---- C:\WINDOWS\system32\CatRoot
2013-10-05 18:52:13 ----D---- C:\Program Files\Common Files
2013-10-04 16:31:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-09-20 18:13:40 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-09-20 18:01:33 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-09-20 18:01:32 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-09-12 23:15:50 ----D---- C:\WINDOWS\system32\wbem
2013-09-12 23:15:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-12 23:14:03 ----D---- C:\WINDOWS\Debug
2013-09-12 22:09:53 ----D---- C:\WINDOWS\system32\cs-cz
2013-09-12 22:09:27 ----D---- C:\Program Files\Internet Explorer
2013-09-12 22:08:54 ----D---- C:\WINDOWS\ie7updates
2013-09-12 22:05:54 ----A---- C:\WINDOWS\win.ini
2013-09-12 22:03:20 ----D---- C:\WINDOWS\system32\MRT
2013-09-12 21:56:44 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-09-02 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2013-10-07 76768]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2013-10-07 170752]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416]
R1 P3;Ovladač procesoru Intel PentiumIII; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46592]
R1 SASDIFSV;SASDIFSV; \??\C:\PROGRAMY\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\PROGRAMY\SASKUTIL.SYS []
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-14 1897408]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAudio;Zvukový řadič VIA AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2008-04-14 84480]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-23 5888]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2012-06-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2012-06-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2012-06-27 123776]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-06 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-06 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\PROGRAMY\SASCORE.EXE [2012-09-12 116608]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2003-05-23 106496]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-09-20 182696]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-12-12 2156952]
R2 TeamViewer8;TeamViewer 8; C:\PROGRAMY\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-20 118680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\PROGRAMY\WiselinkPro.exe [2010-02-17 3007488]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Moc děkuji za pomoc

Moc děkuji

#10 Příspěvek od **cernohous13** » 10 říj 2013 17:57

Právě jsem stáhl SC zde http://screen317.spywareinfoforum.org/SecurityCheck.exe a vyzkoušel
zkus ho ať víme jak to je

joggy · #11 Příspěvek od **joggy** » 10 říj 2013 18:16

Zdravím!
Tak stažení té utility či programu nejde

.(zkoušeno v IE i firefoxu stránku nelze zobrazit,nelze se připojit na server.časov.interval vypršel.atd.)

už jsem z toho na prášky...PC pomalé jak šnek...ten je kometa

joggy · #12 Příspěvek od **joggy** » 10 říj 2013 23:09

Zdravím!

Tak jsem pročítal ostatní příspěvky s podobnou "tématikou" nakonec se tak nějak povedlo...

Jen jsem postupoval trošku odlišněji - většinou bylo razeno vypnout automatické aktualizace a provést aktualizaci přes web Microsoft Update. - u mně nefungovalo
Já jsem provedl úplný opak zapnul (měl jsem jen zapnuté oznámení na nové aktualizace) jsem automaticé aktualizace (vymazal tempy,projel to CCleanerem a restart PC).
Po restartu se provedli automatické aktualizace a bylo vymalováno

.PC jde jako normálně. Třeba to někomu pomůže...

Všem díky za pomoc

#13 Příspěvek od **cernohous13** » 11 říj 2013 05:45

šikula
na aktualizace by taky došlo, jen jsem chtěl nejprve zkontrolovat parazity a zrušit zbytečnosti

Sám sis opravil tak nemáš zač

A já tobě děkuji za tip, určitě vyzkouším.

VIRY.CZ

pomalé PC,vysoké vytížení svchost.exe

pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe

Re: pomalé PC,vysoké vytížení svchost.exe