Svchost - 50% CPU
Napsal: 15 pro 2017 08:18
Ahoj,
zase otravuju, ale posledně jste mi moc pomohli - opět mi naskočil svchost a stále bere 50% výkonu...
Nemůžu se dopátrat, co to vždycky nastartuje. Jestli ty moje XP stále hledají nějaké aktualizace, které již neexistují, nebo někde něco pochytám... Ale všechny antiviry apod. mi nic nenašly - respektivě, co našly, to vyčistily. Ale SvcHost si běží stále po svém...
Prosím tedy o kontrolu logu a děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2017
Ran by Greggy (administrator) on DOUPE (15-12-2017 08:07:30)
Running from C:\Documents and Settings\Greggy\Plocha
Loaded Profiles: Greggy (Available Profiles: Greggy & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Piotr Pawlowski) C:\Program Files\foobar2000\foobar2000.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(forum.viry.cz) C:\Documents and Settings\Greggy\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-10] (AVAST Software)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-1343024091-343818398-1801674531-1004\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.226.248.1 213.226.252.252 192.168.1.1
Tcpip\..\Interfaces\{2B5E2055-782A-4327-AB47-85890C5DFB59}: [DhcpNameServer] 213.226.248.1 213.226.252.252 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={ ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: HKU\S-1-5-21-1343024091-343818398-1801674531-1004 - Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: No Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
Toolbar: HKU\S-1-5-21-1343024091-343818398-1801674531-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-09-23] (Společnost Microsoft)
FireFox:
========
FF DefaultProfile: fqyj0nkx.default
FF ProfilePath: C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default [2017-12-15]
FF user.js: detected! => C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default\user.js [2017-02-23]
FF Homepage: C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default -> hxxps://www.seznam.cz/
FF Extension: (Avast Online Security) - C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default\Extensions\wrc@avast.com.xpi [2017-10-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5904136 2017-11-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-10] (AVAST Software)
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S3 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2017-02-23] (Advanced Micro Devices)
S3 AmUStor; C:\WINDOWS\System32\drivers\AmUStor.SYS [75416 2017-02-23] (Alcor Micro, Corp.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [157176 2017-11-10] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [255616 2017-11-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [157408 2017-11-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [276728 2017-11-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [50376 2017-11-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42848 2017-11-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [124952 2017-11-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70112 2017-11-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [70864 2017-11-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783136 2017-11-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [388760 2017-11-15] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205392 2017-11-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [298360 2017-11-10] (AVAST Software)
S3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x32.sys [49472 2017-11-04] (CPUID)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59904 2017-10-04] ()
S3 GeneStor; C:\WINDOWS\System32\DRIVERS\GeneStor.sys [56832 2017-11-02] (GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2017-02-23] (REALiX(tm))
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [20368 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegProcessFilter.sys [20336 2017-09-28] (IObit.com)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [221112 2017-10-09] (Malwarebytes)
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [52736 2006-03-22] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2017-02-23] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [18944 2006-03-22] (NVIDIA Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed]
S3 GMSIPCI; \??\L:\INSTALL\GMSIPCI.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-15 08:07 - 2017-12-15 08:07 - 000010045 _____ C:\Documents and Settings\Greggy\Plocha\FRST.txt
2017-12-15 08:06 - 2017-12-15 08:06 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\Greggy\Plocha\FRSTLauncher.exe
2017-12-15 08:01 - 2017-12-15 08:01 - 001752576 _____ (Farbar) C:\Documents and Settings\Greggy\Plocha\FRST.exe
2017-12-13 22:50 - 2017-12-13 23:47 - 000000000 ____D C:\Program Files\RogueKiller
2017-12-13 22:50 - 2017-12-13 23:47 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2017-12-04 18:07 - 2017-12-04 18:07 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GeneStor_01009.Wdf
2017-11-28 10:58 - 2017-12-06 16:11 - 000000000 ____D C:\Documents and Settings\Greggy\Plocha\Nová složka
2017-11-27 21:48 - 2017-11-27 21:48 - 000380269 _____ C:\Documents and Settings\Greggy\Plocha\faktura-100064737.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-15 08:07 - 2017-10-22 21:11 - 000000000 ____D C:\Documents and Settings\Greggy\Local Settings\Temp
2017-12-15 08:07 - 2017-10-22 18:06 - 000000000 ____D C:\FRST
2017-12-15 08:07 - 2017-02-23 10:41 - 000000000 ____D C:\Documents and Settings\Greggy\Plocha
2017-12-15 08:06 - 2017-02-23 10:41 - 000000000 ___HD C:\Documents and Settings\Greggy\Local Settings\Data aplikací
2017-12-15 08:03 - 2017-02-23 12:22 - 000007824 _____ C:\WINDOWS\system32\nvAppTimestamps
2017-12-15 07:35 - 2017-02-24 00:07 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-12-15 07:28 - 2017-02-25 22:21 - 000000000 ____D C:\Documents and Settings\Greggy\Data aplikací\foobar2000
2017-12-15 07:26 - 2017-08-15 13:12 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2017-12-15 07:26 - 2017-02-23 11:03 - 000000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2017-12-15 07:26 - 2017-02-23 10:24 - 000000000 ____D C:\WINDOWS\Registration
2017-12-15 07:25 - 2017-10-24 19:48 - 000000282 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2017-12-15 07:25 - 2017-02-23 10:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-14 08:56 - 2017-11-02 11:19 - 000032604 _____ C:\WINDOWS\SchedLgU.Txt
2017-12-14 08:56 - 2017-02-24 01:16 - 000214342 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2017-12-14 08:56 - 2017-02-23 10:41 - 000000178 ___SH C:\Documents and Settings\Greggy\ntuser.ini
2017-12-14 01:24 - 2017-02-23 11:12 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2017-12-14 01:15 - 2017-02-23 23:00 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-12-13 23:49 - 2017-10-05 08:42 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-12-13 22:50 - 2017-02-23 11:12 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-12-13 22:48 - 2017-10-23 14:54 - 000002481 _____ C:\Documents and Settings\All Users\Plocha\Sophos Virus Removal Tool.lnk
2017-12-13 12:57 - 2017-02-23 11:24 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2017-12-13 12:56 - 2008-04-14 13:00 - 000002422 _____ C:\WINDOWS\system32\wpa.dbl
2017-12-13 12:55 - 2017-02-23 10:41 - 000000000 ____D C:\Documents and Settings\Greggy
2017-12-13 10:18 - 2017-02-23 23:00 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-12-13 10:18 - 2017-02-23 23:00 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-12-13 10:18 - 2017-02-23 10:25 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-09 11:40 - 2017-04-10 22:55 - 000226816 _____ C:\Documents and Settings\Greggy\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-08 20:10 - 2017-02-23 11:16 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-08 19:08 - 2017-06-10 04:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-06 15:50 - 2017-08-17 11:02 - 000000000 ____D C:\Documents and Settings\Greggy\Plocha\Hadry
2017-12-04 18:00 - 2017-04-10 22:54 - 000000000 ____D C:\KMPlayer
2017-12-01 11:58 - 2017-02-23 12:18 - 001399516 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2017-11-27 10:56 - 2017-04-10 22:54 - 000000522 _____ C:\Documents and Settings\Greggy\Plocha\KMPlayer.lnk
2017-11-25 15:38 - 2017-02-23 11:12 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-11-15 19:40 - 2017-02-23 11:03 - 000388760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
==================== Files in the root of some directories =======
2017-04-10 22:55 - 2017-12-09 11:40 - 000226816 _____ () C:\Documents and Settings\Greggy\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
2017-11-04 09:21 - 2010-12-09 16:15 - 000713216 _____ (Microsoft Corporation) C:\Documents and Settings\Greggy\Local Settings\Temp\dllnt_dump.dll
2017-11-27 10:55 - 2017-11-27 10:55 - 039544976 _____ (PandoraTV) C:\Documents and Settings\Greggy\Local Settings\Temp\KMP_4.2.2.5.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:19.76 GB) (Free:5.76 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (GAMES) (Fixed) (Total:195.3 GB) (Free:81.41 GB) NTFS
Drive e: (MUSIC) (Fixed) (Total:53.71 GB) (Free:14.25 GB) NTFS
Drive f: (DATAS) (Fixed) (Total:29.29 GB) (Free:6.21 GB) NTFS
Drive h: (IPOD) (Removable) (Total:1.88 GB) (Free:0.07 GB) FAT32
Available physical RAM: 817.31 MB
Total physical RAM: 2047.36 MB
Percentage of memory in use: 60%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3F963F95)
Partition 1: (Active) - (Size=19.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.3 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Malwarebytes (Disabled - Up to date) {D4AC7077-9720-47B0-8B38-DFAF3AA21DB6}
AV: Avast Antivirus (Disabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Greggy\Plocha" je 602 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
zase otravuju, ale posledně jste mi moc pomohli - opět mi naskočil svchost a stále bere 50% výkonu...
Nemůžu se dopátrat, co to vždycky nastartuje. Jestli ty moje XP stále hledají nějaké aktualizace, které již neexistují, nebo někde něco pochytám... Ale všechny antiviry apod. mi nic nenašly - respektivě, co našly, to vyčistily. Ale SvcHost si běží stále po svém...
Prosím tedy o kontrolu logu a děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2017
Ran by Greggy (administrator) on DOUPE (15-12-2017 08:07:30)
Running from C:\Documents and Settings\Greggy\Plocha
Loaded Profiles: Greggy (Available Profiles: Greggy & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Piotr Pawlowski) C:\Program Files\foobar2000\foobar2000.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(forum.viry.cz) C:\Documents and Settings\Greggy\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-10] (AVAST Software)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-07-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-1343024091-343818398-1801674531-1004\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.226.248.1 213.226.252.252 192.168.1.1
Tcpip\..\Interfaces\{2B5E2055-782A-4327-AB47-85890C5DFB59}: [DhcpNameServer] 213.226.248.1 213.226.252.252 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={ ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: HKU\S-1-5-21-1343024091-343818398-1801674531-1004 - Modul přiřazení adres URL - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: No Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> No File
Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
Toolbar: HKU\S-1-5-21-1343024091-343818398-1801674531-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2013-09-23] (Společnost Microsoft)
FireFox:
========
FF DefaultProfile: fqyj0nkx.default
FF ProfilePath: C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default [2017-12-15]
FF user.js: detected! => C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default\user.js [2017-02-23]
FF Homepage: C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default -> hxxps://www.seznam.cz/
FF Extension: (Avast Online Security) - C:\Documents and Settings\Greggy\Data aplikací\Mozilla\Firefox\Profiles\fqyj0nkx.default\Extensions\wrc@avast.com.xpi [2017-10-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5904136 2017-11-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-10] (AVAST Software)
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S3 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2017-02-23] (Advanced Micro Devices)
S3 AmUStor; C:\WINDOWS\System32\drivers\AmUStor.SYS [75416 2017-02-23] (Alcor Micro, Corp.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [157176 2017-11-10] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [255616 2017-11-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [157408 2017-11-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [276728 2017-11-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [50376 2017-11-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42848 2017-11-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [124952 2017-11-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70112 2017-11-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [70864 2017-11-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [783136 2017-11-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [388760 2017-11-15] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205392 2017-11-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [298360 2017-11-10] (AVAST Software)
S3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x32.sys [49472 2017-11-04] (CPUID)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59904 2017-10-04] ()
S3 GeneStor; C:\WINDOWS\System32\DRIVERS\GeneStor.sys [56832 2017-11-02] (GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2017-02-23] (REALiX(tm))
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [20368 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegProcessFilter.sys [20336 2017-09-28] (IObit.com)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [221112 2017-10-09] (Malwarebytes)
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [52736 2006-03-22] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2017-02-23] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [18944 2006-03-22] (NVIDIA Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed]
S3 GMSIPCI; \??\L:\INSTALL\GMSIPCI.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-15 08:07 - 2017-12-15 08:07 - 000010045 _____ C:\Documents and Settings\Greggy\Plocha\FRST.txt
2017-12-15 08:06 - 2017-12-15 08:06 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\Greggy\Plocha\FRSTLauncher.exe
2017-12-15 08:01 - 2017-12-15 08:01 - 001752576 _____ (Farbar) C:\Documents and Settings\Greggy\Plocha\FRST.exe
2017-12-13 22:50 - 2017-12-13 23:47 - 000000000 ____D C:\Program Files\RogueKiller
2017-12-13 22:50 - 2017-12-13 23:47 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\RogueKiller
2017-12-04 18:07 - 2017-12-04 18:07 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GeneStor_01009.Wdf
2017-11-28 10:58 - 2017-12-06 16:11 - 000000000 ____D C:\Documents and Settings\Greggy\Plocha\Nová složka
2017-11-27 21:48 - 2017-11-27 21:48 - 000380269 _____ C:\Documents and Settings\Greggy\Plocha\faktura-100064737.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-12-15 08:07 - 2017-10-22 21:11 - 000000000 ____D C:\Documents and Settings\Greggy\Local Settings\Temp
2017-12-15 08:07 - 2017-10-22 18:06 - 000000000 ____D C:\FRST
2017-12-15 08:07 - 2017-02-23 10:41 - 000000000 ____D C:\Documents and Settings\Greggy\Plocha
2017-12-15 08:06 - 2017-02-23 10:41 - 000000000 ___HD C:\Documents and Settings\Greggy\Local Settings\Data aplikací
2017-12-15 08:03 - 2017-02-23 12:22 - 000007824 _____ C:\WINDOWS\system32\nvAppTimestamps
2017-12-15 07:35 - 2017-02-24 00:07 - 000000000 ____D C:\Program Files\Common Files\Adobe AIR
2017-12-15 07:28 - 2017-02-25 22:21 - 000000000 ____D C:\Documents and Settings\Greggy\Data aplikací\foobar2000
2017-12-15 07:26 - 2017-08-15 13:12 - 000000000 ____D C:\WINDOWS\system32\NtmsData
2017-12-15 07:26 - 2017-02-23 11:03 - 000000358 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2017-12-15 07:26 - 2017-02-23 10:24 - 000000000 ____D C:\WINDOWS\Registration
2017-12-15 07:25 - 2017-10-24 19:48 - 000000282 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2017-12-15 07:25 - 2017-02-23 10:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-14 08:56 - 2017-11-02 11:19 - 000032604 _____ C:\WINDOWS\SchedLgU.Txt
2017-12-14 08:56 - 2017-02-24 01:16 - 000214342 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2017-12-14 08:56 - 2017-02-23 10:41 - 000000178 ___SH C:\Documents and Settings\Greggy\ntuser.ini
2017-12-14 01:24 - 2017-02-23 11:12 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2017-12-14 01:15 - 2017-02-23 23:00 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-12-13 23:49 - 2017-10-05 08:42 - 000024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-12-13 22:50 - 2017-02-23 11:12 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2017-12-13 22:48 - 2017-10-23 14:54 - 000002481 _____ C:\Documents and Settings\All Users\Plocha\Sophos Virus Removal Tool.lnk
2017-12-13 12:57 - 2017-02-23 11:24 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\ProductData
2017-12-13 12:56 - 2008-04-14 13:00 - 000002422 _____ C:\WINDOWS\system32\wpa.dbl
2017-12-13 12:55 - 2017-02-23 10:41 - 000000000 ____D C:\Documents and Settings\Greggy
2017-12-13 10:18 - 2017-02-23 23:00 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-12-13 10:18 - 2017-02-23 23:00 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-12-13 10:18 - 2017-02-23 10:25 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-09 11:40 - 2017-04-10 22:55 - 000226816 _____ C:\Documents and Settings\Greggy\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-08 20:10 - 2017-02-23 11:16 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-08 19:08 - 2017-06-10 04:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-06 15:50 - 2017-08-17 11:02 - 000000000 ____D C:\Documents and Settings\Greggy\Plocha\Hadry
2017-12-04 18:00 - 2017-04-10 22:54 - 000000000 ____D C:\KMPlayer
2017-12-01 11:58 - 2017-02-23 12:18 - 001399516 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2017-11-27 10:56 - 2017-04-10 22:54 - 000000522 _____ C:\Documents and Settings\Greggy\Plocha\KMPlayer.lnk
2017-11-25 15:38 - 2017-02-23 11:12 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2017-11-15 19:40 - 2017-02-23 11:03 - 000388760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
==================== Files in the root of some directories =======
2017-04-10 22:55 - 2017-12-09 11:40 - 000226816 _____ () C:\Documents and Settings\Greggy\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
2017-11-04 09:21 - 2010-12-09 16:15 - 000713216 _____ (Microsoft Corporation) C:\Documents and Settings\Greggy\Local Settings\Temp\dllnt_dump.dll
2017-11-27 10:55 - 2017-11-27 10:55 - 039544976 _____ (PandoraTV) C:\Documents and Settings\Greggy\Local Settings\Temp\KMP_4.2.2.5.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:19.76 GB) (Free:5.76 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (GAMES) (Fixed) (Total:195.3 GB) (Free:81.41 GB) NTFS
Drive e: (MUSIC) (Fixed) (Total:53.71 GB) (Free:14.25 GB) NTFS
Drive f: (DATAS) (Fixed) (Total:29.29 GB) (Free:6.21 GB) NTFS
Drive h: (IPOD) (Removable) (Total:1.88 GB) (Free:0.07 GB) FAT32
Available physical RAM: 817.31 MB
Total physical RAM: 2047.36 MB
Percentage of memory in use: 60%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3F963F95)
Partition 1: (Active) - (Size=19.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.3 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Malwarebytes (Disabled - Up to date) {D4AC7077-9720-47B0-8B38-DFAF3AA21DB6}
AV: Avast Antivirus (Disabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Greggy\Plocha" je 602 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
