none
svchost netsvcs kernell32.dll cpu usage problém

    Dotaz

  • Zdravím,

    mám dotaz na svchost, vytěžuje cpu na 100 %. Našel jsem si téma na tomto foru od 16. listopadu 2009, kde se doporučuje svchost oscanovat antivirem, popř updatovat windows update agent. Oscanoval jsem pomocí MS Security Essentials c:\windows\system32\svchost.exe  - žádný vir nenalezen. Možná bych měl oscanovat netsvcs a kernell32?

    Kde zjistím verzi windows update agenta?

    Jinak zde podrobnosti:

     

    Snad pomohou.

     

    Předem pozdravuji pana Prágla, na jehož přednáškách v prvním ročníku bakalářského studia FIT ČVUT jsem před rokem byl. :)

     

    Předem děkuji za jakoukoli pomoc.

     

    P.S.: Na obrázku je okénko Stack for thread 3964, položky v tomto okénku se mohou mírně lišit při každém restartu systému (popř. s během času).



    11. května 2011 16:39

Odpovědi

Všechny reakce

  • Ahoj, kolego,

    hodne divne je ze parent process tohoto service chvostu je explorer.exe. Jakou verzi Process Exploreru mas ze u toho svchostu neni tab "Services" (u korektnich sluzeb spoustenych pres svchost tato zalozka je?)? Jaky procesor mas v sestave? Neni to vicejadro AMD?

    Windows Update Agent by se mel sam predstavit ve %windir%\windowsupdate.log

    MP




    11. května 2011 20:06
    Moderátor
  • Měla by to být nejnovější verze Process Exploreru, stáhl jsem ji dnes/včera, takže ta od 3. května - 14.11

    Jinak jedná se o notebook Acer Aspire 3003wlmi, Mobile AMD Sempron procesor 3000+, je to už starší mašina na dnešní poměry.

    Momentálně pouštím AVG rescue CD - bootuju z pamětové karty. Trvá to dlouho, nějaké adware to zatím našlo, ovšem ještě nejsem nejspíš ani zdaleka u konce scanu.

    11. května 2011 20:33
  • Tak AVG doběhl, oscanoval vše, ale nenašel nic. Co se týče WindowsUpdate.log - je to tento řádek? "WU client version 7.4.7600.226"
    11. května 2011 23:00
  •  1. McSACore.exe je soubor, ktery by mel mit digitalni podpis. Existuje malware, ktery se tvari jako MsSACore, ale je umisteny jinde, nez prava verze programu.

    2. Udelejte analyzu pomoci HiJackThis a uvedte tady vystupni log.

    3. Mate na pocitaci grafiku od NVIDIA (typ, driver,...)?

    Pod carou: Uvadejte vzdy radeji cely vypis. Neni od veci pri podezreni na nezadouci software spustit Autoruns a take poskytnout vypis.



    12. května 2011 5:57
    Moderátor
  • Děkuji za odpověď.

    Nemám 2 antiviry - mám pouze Security Essentials. To od McAfee je pouze Site Advisor pro Firefox (a asi i Internet Explorer).

    Výpis z autoruns poskytnu později, zatim výstup z hijack this:

    ===================================================

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:29:46, on 12.5.2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\eManager\anbmServ.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\keyhook.exe
    C:\Program Files\Arcade\PCMService.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Launch Manager\QtZgAcer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\acer\eRecovery\Monitor.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    D:\fix_svchost\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
    O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264587424968
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

    --
    End of file - 7940 bytes

    12. května 2011 14:43
  • A jinak grafika není nVidia. Jedná se o věstavěnou grafiku od SiS.

     

    U toho McSACore.exe, co má potomka rundll32 na prvním obrázku jsem dal v Process Exploreru pravym tlačitkem properties a na záložce image verify - píše "Site Advisor (Verified) McAfee, Inc."

    12. května 2011 14:51
  • Výstup autoruns:

    ======================================

     

    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
    + "AGRSMMSG"    "SoftModem Messaging Applet"    "Agere Systems"    "c:\windows\agrsmmsg.exe"
    + "eRecoveryService"    "OBRCheck"    "acer Inc."    "c:\windows\system32\check.exe"
    + "LaunchApp"    "Acer Launch Tool Utility"    "Acer Inc."    "c:\windows\alaunch.exe"
    + "LManager"    "Launch Manager"    "Dritek System Inc."    "c:\program files\launch manager\qtzgacer.exe"
    + "mouseElf"    "The Mouse main program"    ""    "c:\program files\scroll mouse\mouseelf.exe"
    + "MSC"    "Microsoft Security Client User Interface"    "Microsoft Corporation"    "c:\program files\microsoft security client\msseces.exe"
    + "MSPY2002"    ""    ""    "c:\windows\system32\ime\pintlgnt\imscinst.exe"
    + "PCMService"    "CyberLink PowerCinema Resident Program"    "CyberLink Corp."    "c:\program files\arcade\pcmservice.exe"
    + "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"
    + "SiS Windows KeyHook"    "SiS Compatible Super VGA Keyboard Daemon"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\keyhook.exe"
    + "SiSPower"    "Dynamic link library for setting Power Scheme"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\sispower.dll"
    + "SoundMan"    "Realtek Sound Manager"    "Realtek Semiconductor Corp."    "C:\WINDOWS\soundman.exe"
    + "SynTPEnh"    "Synaptics TouchPad Enhancements"    "Synaptics, Inc."    "c:\program files\synaptics\syntp\syntpenh.exe"
    + "SynTPLpr"    "TouchPad Driver Helper Application"    "Synaptics, Inc."    "c:\program files\synaptics\syntp\syntplpr.exe"
    "C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění"    ""    ""    ""
    + "Utility Tray.lnk"    "SiS Compatible Super VGA Tray Application"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\sistray.exe"
    "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
    + "Adresář 6"    "Knihovna instalačního programu Outlook Express"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
    + "Microsoft Outlook Express 6"    "Knihovna instalačního programu Outlook Express"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
    "HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""
    + "dssrequest"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
    + "sacore"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
    + "0"    ""    ""    "File not found: About:Home"
    "HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
    + "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"
    + "PSPad"    ""    ""    "c:\program files\pspad editor\pspadshell.dll"
    + "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
    "HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
    + "jetAudio"    "Shell Extension for jetAudio"    "JetAudio"    "c:\program files\jetaudio\jetflext.dll"
    "HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
    + "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"
    + "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
    "HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
    + "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
    "HKCU\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
    + "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "OpenOffice.org"    "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
    "HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
    + "jetAudio"    "Shell Extension for jetAudio"    "JetAudio"    "c:\program files\jetaudio\jetflext.dll"
    + "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
    "HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
    + "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
    + "Java(tm) Plug-In 2 SSV Helper"    "Java(TM) Platform SE binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\jp2ssv.dll"
    + "JQSIEStartDetectorImpl Class"    "Java(TM) Quick Starter binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
    + "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
    + "{724d43a9-0d85-11d4-9908-00400523e39a}"    "RoboForm Main Module"    "Siber Systems Inc."    "c:\program files\siber systems\ai roboform\roboform.dll"
    "HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks"    ""    ""    ""
    + "McAfee SiteAdvisor Toolbar"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
    "HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
    + "&RoboForm"    "RoboForm Main Module"    "Siber Systems Inc."    "c:\program files\siber systems\ai roboform\roboform.dll"
    + "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"
    "HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
    + "Fill Forms"    ""    ""    "c:\program files\siber systems\ai roboform\roboformcomfillforms.html"
    + "RoboForm Toolbar"    ""    ""    "c:\program files\siber systems\ai roboform\roboformcomshowtoolbar.html"
    + "Save Forms"    ""    ""    "c:\program files\siber systems\ai roboform\roboformcomsavepass.html"
    + "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"
    "Task Scheduler"    ""    ""    ""
    + "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"
    + "MP Scheduled Scan.job"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft security client\antimalware\mpcmdrun.exe"
    "HKLM\System\CurrentControlSet\Services"    ""    ""    ""
    + "anbmService"    "Service Program for Acer eManager"    "OSA Technologies Inc."    "c:\acer\emanager\anbmserv.exe"
    + "AppMgmt"    "Poskytuje služby instalace softwaru, jako např. Přiřadit, Publikovat a Odebrat."    ""    "File not found: C:\WINDOWS\System32\appmgmts.dll"
    + "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
    + "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Sun Microsystems, Inc."    "c:\program files\java\jre6\bin\jqs.exe"
    + "McAfee SiteAdvisor Service"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcsacore.exe"
    + "MsMpSvc"    "Helps protect users from malware and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\microsoft security client\antimalware\msmpeng.exe"
    + "ose"    "Uloží instalační soubory používané k aktualizacím a opravám. Tento modul je požadován ke stažení aktualizací instalačního programu a zpráv o chybách programu Dr.Watson."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"
    + "WMPNetworkSvc"    "Sdílí knihovny programu Windows Media Player s ostatními hráči v síti a médii pomocí technologie Universal Plug and Play."    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
    "HKLM\System\CurrentControlSet\Services"    ""    ""    ""
    + "AgereSoftModem"    "SoftModem Device Driver"    "Agere Systems"    "c:\windows\system32\drivers\agrsm.sys"
    + "ALCXWDM"    "Realtek AC'97 Audio Driver (WDM)"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\alcxwdm.sys"
    + "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl5.sys"
    + "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
    + "DKbFltr"    "Dritek PS2 Keyboard Filter Driver"    "Dritek System Inc."    "c:\windows\system32\drivers\dkbfltr.sys"
    + "ENTECH"    ""    "EnTech Taiwan"    "c:\windows\system32\drivers\entech.sys"
    + "genmcmnUSB"    "WDM NULL filter driver"    ""    "c:\windows\system32\drivers\gflmouhid.sys"
    + "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
    + "int15.sys"    ""    ""    "c:\program files\acer\erecovery\int15.sys"
    + "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
    + "MpKsl15ad07be"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{27101EF7-BD51-42C5-8140-A71CA19FCF9B}\MpKsl15ad07be.sys"
    + "MpKsl222ef3f4"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E439D94-6C29-488F-83EA-A0097866965C}\MpKsl222ef3f4.sys"
    + "MpKsl486edd9e"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{46B1F552-EE84-4C65-99F8-860DF2B193DA}\MpKsl486edd9e.sys"
    + "MpKsl587168d1"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{16374017-5808-4C6F-9F95-A1FCA842E6AD}\MpKsl587168d1.sys"
    + "MpKsl63537104"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E7C14796-95A8-4A6B-AF67-875461E29E63}\MpKsl63537104.sys"
    + "MpKsl79e03c98"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{16374017-5808-4C6F-9F95-A1FCA842E6AD}\MpKsl79e03c98.sys"
    + "MpKsl7ba79c8d"    "KSLDriver"    "Microsoft Corporation"    "c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{16374017-5808-4c6f-9f95-a1fca842e6ad}\mpksl7ba79c8d.sys"
    + "MpKsl801d321a"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A0216EB-CE27-4ED0-B466-2B945E707D83}\MpKsl801d321a.sys"
    + "MpKsl845bcd3f"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{16374017-5808-4C6F-9F95-A1FCA842E6AD}\MpKsl845bcd3f.sys"
    + "MpKsl97ab5340"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3BAF78B0-AD22-473B-9FFF-51846AB739E9}\MpKsl97ab5340.sys"
    + "MpKsla7cb2bc7"    "KSLDriver"    "Microsoft Corporation"    "c:\documents and settings\all users\data aplikací\microsoft\microsoft antimalware\definition updates\{16374017-5808-4c6f-9f95-a1fca842e6ad}\mpksla7cb2bc7.sys"
    + "MpKsle5d24a93"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{59EBC051-2E72-4BF6-B110-9FF28AF08D40}\MpKsle5d24a93.sys"
    + "MpKsleea10952"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C50019F6-0939-436B-8D82-CD853B6C37AA}\MpKsleea10952.sys"
    + "MpKslf35d3783"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9A0216EB-CE27-4ED0-B466-2B945E707D83}\MpKslf35d3783.sys"
    + "MpKslfcd954e1"    ""    ""    "File not found: c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1972FC9E-6887-413C-BC4B-A91AD2E913AE}\MpKslfcd954e1.sys"
    + "NTIDrvr"    "NTI CD-ROM Filter Driver"    "NewTech Infosystems, Inc."    "c:\windows\system32\drivers\ntidrvr.sys"
    + "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
    + "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
    + "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
    + "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
    + "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
    + "pfc"    "Padus(R) ASPI Shell"    "Padus, Inc."    "c:\windows\system32\drivers\pfc.sys"
    + "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
    + "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"
    + "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
    + "Ser2pl"    "USB-to-Serial Cable Driver"    "Prolific Technology Inc."    "c:\windows\system32\drivers\ser2pl.sys"
    + "SiS315"    "SiS Compatible Super VGA Driver"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\drivers\sisgrp.sys"
    + "SISAGP"    "SiS AGPv3.5 Filter"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\drivers\sisagpx.sys"
    + "SiSkp"    "SiS VGA Driver Manager"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\drivers\srvkp.sys"
    + "SISNICXP"    "SiS PCI Fast Ethernet Adapter Driver"    "SiS Corporation"    "c:\windows\system32\drivers\sisnicxp.sys"
    + "StMp3Rec"    "Generic MP3 Player USB Driver"    "Generic"    "c:\windows\system32\drivers\stmp3rec.sys"
    + "SynTP"    "Synaptics Touchpad Driver"    "Synaptics, Inc."    "c:\windows\system32\drivers\syntp.sys"
    + "UBHelper"    ""    ""    "c:\windows\system32\drivers\ubhelper.sys"
    + "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
    + "msacm.iac2"    "Indeo® Audio Software"    "Ligos Corporation"    "c:\windows\system32\iac25_32.ax"
    + "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
    + "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
    + "msacm.trspch"    "DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
    + "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
    + "vidc.DIVX"    "divx"    "DivXNetworks"    "c:\windows\system32\divx.dll"
    + "VIDC.FPS1"    "Fraps"    "Beepa P/L"    "c:\windows\system32\frapsvid.dll"
    + "vidc.iv31"    "Ligos Indeo® Video 3.2"    "Ligos Corporation"    "c:\windows\system32\ir32_32.dll"
    + "vidc.iv32"    "Ligos Indeo® Video 3.2"    "Ligos Corporation"    "c:\windows\system32\ir32_32.dll"
    + "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
    + "vidc.iv50"    "Ligos Indeo® Video 5.11"    "Ligos Corporation"    "c:\windows\system32\ir50_32.dll"
    + "vidc.yv12"    "divx"    "DivXNetworks"    "c:\windows\system32\divx.dll"
    + "vidc.yvu9"    ""    ""    "c:\windows\system32\iyvu9_32.dll"

    12. května 2011 15:11
  • Pokračování autoruns (nevešlo se do 1 příspěvku):

    ===========================================

     

    "HKLM\Software\Classes\Filter"    ""    ""    ""
    + "Elecard MPEG2 Demultiplexer"    "Moonlight-Elecard MPEG 2 Demultiplexer"    "Moonlight Cordless Ltd."    "c:\program files\sopcast\codec\mpeg2dmx.ax"
    + "Indeo® Video 4.5 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
    + "Indeo® Video 4.5 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
    + "Moonlight H.264 Video Decoder"    "Moonlight H264 Video Decoder"    "Moonlight Cordless Ltd."    "c:\program files\sopcast\codec\h264dec.ax"
    "HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
    + "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "AC3Filter"    "ac3filter"    ""    "c:\program files\ac3filter\ac3filter.ax"
    + "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
    + "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "Aspect Ratio Resizer 16x9"    "Aspect Ratio Converter"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\aspectratioconverter16x9.ax"
    + "Aspect Ratio Resizer 4x3"    "Aspect Ratio Converter"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\aspectratioconverter4x3.ax"
    + "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "CyberLink Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\audiofilter\claud.ax"
    + "CyberLink Audio Decoder (Trial)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\audiofilter\claud_trial.ax"
    + "CyberLink Audio Decoder 0"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad0.ax"
    + "CyberLink Audio Decoder 1"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad1.ax"
    + "CyberLink Audio Decoder 2"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad2.ax"
    + "CyberLink Audio Decoder 3"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad3.ax"
    + "CyberLink Audio Decoder 4"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad4.ax"
    + "CyberLink Audio Decoder 5"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad5.ax"
    + "CyberLink Audio Decoder 6"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clad6.ax"
    + "CyberLink Audio Effect"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\shared files\audiofilter\claudfx.ax"
    + "CyberLink Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files\cyberlink\shared files\pdaudenc.ax"
    + "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\audiofilter\claudiocd.ax"
    + "Cyberlink Byte Counter Filter"    "Cyberlink Byte Counter Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\shared files\pdbytecounter.ax"
    + "CyberLink DDR"    "CyberLink DDR"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\pdrender.ax"
    + "CyberLink Double Pin Tee"    "Cyberlink Double Tee Filter"    "CtberLink Corporation"    "c:\program files\cyberlink\shared files\pddoubletee.ax"
    + "Cyberlink Dump Dispatch Filter"    "Cyberlink File Dump Dispatch Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\cldumpdispatch.ax"
    + "Cyberlink Dump Filter"    "Cyberlink File Dump Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\pddump.ax"
    + "CyberLink DV Buffer"    "CLDVBuffer Filter"    "CyberLink"    "c:\program files\cyberlink\shared files\pddvbuffer.ax"
    + "CyberLink DV Dump Filter"    "DV dump Filter"    "CyberLink Corporation"    "c:\program files\cyberlink\shared files\pddvdump.ax"
    + "CyberLink DV Filter"    "DVTCR"    "CyberLink"    "c:\program files\cyberlink\shared files\pddvtcr.ax"
    + "CyberLink DV Reader Filter"    "DVMultReader Filter"    "CyberLink"    "c:\program files\cyberlink\shared files\pddvmrd.ax"
    + "Cyberlink DV Scene Detect Filter"    "CLDVScnDt"    "CyberLink"    "c:\program files\cyberlink\shared files\cldvscndt.ax"
    + "CyberLink DVD Navigator"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\navfilter\clnavx.ax"
    + "Cyberlink File Reader (Async.)"    "Cyberlink MPEG File Reader"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\pdreader.ax"
    + "Cyberlink Gate Filter"    "CLGate"    "CyberLink"    "c:\program files\cyberlink\shared files\pdgate.ax"
    + "CyberLink Line21 Decoder Filter"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\videofilter\clline21.ax"
    + "CyberLink Load Image Filter"    "CLImage"    "CyberLink"    "c:\program files\cyberlink\shared files\climage.ax"
    + "CyberLink LPCM Converter"    "LPCM Converter Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\lpcmcvrt.ax"
    + "CyberLink M2V Writer"    "CLM2VWriter"    "CyberLink"    "c:\program files\cyberlink\shared files\clm2vwriter.ax"
    + "CyberLink MP3 Wrapper-PCM"    "CyberLink MP3 Wrapper"    "CyberLink Corp."    "c:\program files\arcade\music\clmp3wrap.ax"
    + "CyberLink MPEG Audio Encoder (PowerDirector)"    "CyberLink MPEG Audio Encoder"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\pdmpgaenc.ax"
    + "CyberLink MPEG Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clmvd.ax"
    + "CyberLink MPEG Muxer"    "MpgMux"    "CyberLink"    "c:\program files\cyberlink\shared files\pdmpgmux.ax"
    + "CyberLink MPEG Video Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clmmd.ax"
    + "CyberLink MPEG Video Encoder"    "CyberLink MPEG Video Encoder                               "    "CyberLink Corp.                                            "    "c:\program files\cyberlink\shared files\pdmpgvenc.ax"
    + "CyberLink MPEG-1 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clm1splter.ax"
    + "CyberLink MPEG-2 Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clm2splter.ax"
    + "CyberLink PCM Wrapper"    "CyberLink PCM Wrapper"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\clpcmenc.ax"
    + "CyberLink PP Video/SP Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerproducer\clppvsd.ax"
    + "Cyberlink Sample Drop Filter"    "PDVDrop"    "Cyberlink"    "c:\program files\cyberlink\shared files\pdvdrop.ax"
    + "Cyberlink Scene Detect Filter"    "CLScnDt"    "CyberLink"    "c:\program files\cyberlink\shared files\clscndt.ax"
    + "CyberLink SlideShowLT Source Filter"    "CyberLink Slide Show Controler for PCM"    "CyberLink Corp."    "c:\program files\arcade\photo\slideshowlt.ax"
    + "CyberLink SnapShot Filter"    "CLSnapShot Filter"    "CyberLink"    "c:\program files\cyberlink\shared files\pdsnapshot.ax"
    + "CyberLink TimeStretch Filter"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\audiofilter\clauts.ax"
    + "CyberLink Transform Tee"    "CyberLink Transform Tee"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\pdtee.ax"
    + "CyberLink Video Regulator"    "CLRGL"    "Cyberlink"    "c:\program files\arcade\photo\clrgl.ax"
    + "Cyberlink Video Regulator"    "CyberLink Video Regulator"    "CyberLink"    "c:\program files\cyberlink\shared files\pdresample.ax"
    + "CyberLink Video/SP Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\videofilter\clvsd.ax"
    + "CyberLink WAV Dest"    "CLWavDest"    "CyberLink"    "c:\program files\cyberlink\shared files\pdwavdest.ax"
    + "CyberLink Wave Visualization Filter"    "CyberLink Wave Format Renderer Module for PCM"    "CyberLink Corp."    "c:\program files\arcade\music\clwaverender.ax"
    + "CyberLink YUY2 DeInterlace"    "DitlYuY2"    "CyberLink"    "c:\program files\cyberlink\shared files\pdditlyuy2.ax"
    + "CyberLink YUY2 Sub-Sampling"    "SubYUY2 Filter"    "CyberLink Corp."    "c:\program files\cyberlink\shared files\pdsubyuy2.ax"
    + "DirectVobSub"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "Gabest"    "c:\program files\sopcast\codec\vsfilter.dll"
    + "DirectVobSub (auto-loading version)"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "Gabest"    "c:\program files\sopcast\codec\vsfilter.dll"
    + "DivX Decoder Filter"    "DivX® Decoder Filter"    "DivXNetworks, Inc."    "c:\windows\system32\divxdec.ax"
    + "DivX Demux"    "DivX® Media Filter"    "DivXNetworks"    "c:\windows\system32\divxmedia.ax"
    + "DivX Subtitle Decoder"    "DivX® Media Filter"    "DivXNetworks"    "c:\windows\system32\divxmedia.ax"
    + "Elecard MPEG2 Demultiplexer"    "Moonlight-Elecard MPEG 2 Demultiplexer"    "Moonlight Cordless Ltd."    "c:\program files\sopcast\codec\mpeg2dmx.ax"
    + "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "Honestech VCD/SVCD Encoder"    ""    ""    "File not found: C:\WINDOWS\system32\htvcdsvcd.ax"
    + "Indeo Video (r) 5.11 Progressive Download Source"    "Ligos Indeo® Video IVF Source Filter 5.11"    "Ligos Corporation"    "c:\windows\system32\ivfsrc.ax"
    + "Indeo® Audio Software"    "Indeo® Audio Software"    "Ligos Corporation"    "c:\windows\system32\iac25_32.ax"
    + "Indeo® Video 5.11 Compression Filter"    "Ligos Indeo® Video 5.11"    "Ligos Corporation"    "c:\windows\system32\ir50_32.dll"
    + "Indeo® Video 5.11 Decompression Filter"    "Ligos Indeo® Video 5.11"    "Ligos Corporation"    "c:\windows\system32\ir50_32.dll"
    + "Intervideo 3gFileSource"    "Intervideo 3G File Source Filter"    "Microsoft Corporation"    "c:\program files\intervideo\common\bin\source3g.ax"
    + "Intervideo AMR Decoder"    "IVI AMR Decoding"    "Intervideo, Inc."    "c:\program files\intervideo\common\bin\amrdec.ax"
    + "InterVideo Audio Decoder"    "IVIAUDIO LOGID.36709"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviaudio.ax"
    + "InterVideo Audio Processor Fx"    ""    ""    "c:\program files\intervideo\common\bin\auprocfx.ax"
    + "InterVideo Demultiplexer"    "InterVideo® MPEG System Demultiplexer Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ividemux.ax"
    + "Intervideo H.264 Decoder"    "Videosoft H.264 Decoder"    "Videosoft, Inc."    "c:\program files\intervideo\common\bin\ivih264.dll"
    + "InterVideo Navigator"    "IVINAV LOGID.36709"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ivinav.ax"
    + "InterVideo PSIP/SI Filter"    "InterVideo PSIP/SI Sections/Tables Filter"    "InterVideo, Inc."    "c:\program files\intervideo\common\bin\psidecod.ax"
    + "InterVideo Subtitle"    "Minimal Null Filter (Sample)"    "MyCompanyName"    "c:\program files\intervideo\common\bin\ivisubtitle.ax"
    + "InterVideo Video Decoder"    "IVIVIDEO LOGID.36709"    " InterVideo Inc."    "c:\program files\intervideo\common\bin\ivivideo.ax"
    + "IVI QT source"    "iviQTsource"    "InterVideo"    "c:\program files\intervideo\common\bin\iviqtsource.ax"
    + "JetAudio Audio Decoder"    "DirectShow Audio Decoder for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpad.ax"
    + "JetAudio Audio Encoder"    "DirectShow Audio Encoder for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpax.ax"
    + "JetAudio Audio Stream Switcher"    "Audio Stream Switcher for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetasw.ax"
    + "JetAudio Audio Writer"    "DirectShow Audio Writer for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetawt.ax"
    + "JetAudio AVI Reader"    "DirectShow AVI Spliiter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetavi.ax"
    + "JetAudio AVI Splitter"    "DirectShow AVI Spliiter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetavi.ax"
    + "JetAudio FLV Reader"    "DirectShow FLV Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetflv.ax"
    + "JetAudio FLV Splitter"    "DirectShow FLV Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetflv.ax"
    + "JetAudio MKV Reader"    "DirectShow Matroska Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmkv.ax"
    + "JetAudio MKV Splitter"    "DirectShow Matroska Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmkv.ax"
    + "JetAudio MP4 Reader"    "DirectShow MP4 Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmp4.ax"
    + "JetAudio MP4 Splitter"    "DirectShow MP4 Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmp4.ax"
    + "JetAudio MPEG Decoder"    "DirectShow MPEG Decoder for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpgd.ax"
    + "JetAudio MPEG4 Video Source"    "DirectShow MP4 Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmp4.ax"
    + "JetAudio MPEG4 Video Splitter"    "DirectShow MP4 Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmp4.ax"
    + "JetAudio MPG Reader"    "DirectShow MPG Spliiter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpg.ax"
    + "JetAudio MPG Splitter"    "DirectShow MPG Spliiter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpg.ax"
    + "JetAudio OGM Reader"    "DirectShow OGM Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetogm.ax"
    + "JetAudio OGM Splitter"    "DirectShow OGM Splitter for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetogm.ax"
    + "JetAudio Sound Effector V3"    "Sound Processing DirectShow Filter for jetAudio"    "JetAudio, Inc."    "c:\program files\common files\cowon\jetsfx3.ax"
    + "JetAudio Sound Effector V4"    "DirectShow Sound Effector for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetsfx4.ax"
    + "JetAudio Subtitle Processor"    "DirectShow Subtitle Display Filter for JetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetdsd.ax"
    + "JetAudio Video Decoder"    "DirectShow Video Decoder for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpvd.ax"
    + "JetAudio Video Decoder (DXVA)"    "H.264/VC-1 DXVA video decoder"    "JetAudio, Inc."    "c:\program files\common files\cowon\jetmpvdx.ax"
    + "JetAudio Video Encoder"    "JetAudio Video Encoder for DirectShow"    "JetAudio"    "c:\program files\common files\cowon\jetmpvx.ax"
    + "JetAudio Video Writer"    "DirectShow Video Writer for jetAudio"    "JetAudio"    "c:\program files\common files\cowon\jetmpgx.ax"
    + "Moonlight H.264 Video Decoder"    "Moonlight H264 Video Decoder"    "Moonlight Cordless Ltd."    "c:\program files\sopcast\codec\h264dec.ax"
    + "MPC - RealAudio Decoder"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files\real alternative\realmediasplitter.ax"
    + "MPC - RealMedia Source"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files\real alternative\realmediasplitter.ax"
    + "MPC - RealMedia Splitter"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files\real alternative\realmediasplitter.ax"
    + "MPC - RealVideo Decoder"    "RealMedia Splitter"    "MPC-HC Team"    "c:\program files\real alternative\realmediasplitter.ax"
    + "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
    + "MPEG2 TS Source"    ""    ""    "c:\program files\intervideo\common\bin\mpgtsrdr.ax"
    + "muvee Music Analyser"    "Music Analyser Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
    + "muvee Video Analyser"    "Video Analyser Filter for muvee autoProducer"    "muvee Technologies Pte Ltd"    "c:\program files\common files\muvee technologies\030625\mvvanalyse.ax"
    + "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "Time Regulator"    "TimeRegulator"    "cyberlink"    "c:\program files\cyberlink\powerproducer\avi_audtr.ax"
    + "Time Regulator"    "TimeRegulator"    "cyberlink"    "c:\program files\cyberlink\shared files\avi_audtr.ax"
    + "TTL2 Decompressor"    ""    ""    "c:\program files\sopcast\codec\ttl2dec.dll"
    + "TTL2 DecompressorRGB"    ""    ""    "c:\program files\sopcast\codec\ttl2dec.dll"
    + "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
    + "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
    + "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"

    12. května 2011 15:12
  • Tak jsem nastartoval XPcka a:
    - msseces.exe mi bezi jako child procesu Explorer.exe a ne pod svchostem
    -vlastni MsMpEng.exe bezi jako samostatna sluzba

    MP

    13. května 2011 10:39
    Moderátor
  • 1. Ve vypisech jsem zatim nenasel nic podstatneho.

    2. Zkusil bych cisty start - pres msconfig bych nejdrive zrusil veskere startovani nastavenych sluzeb a postupne bych pridaval sluzby od msseces pocinaje. (Pred tim bych jeste vycistil IE (Delete Browsing History.) a http://support.microsoft.com/kb/310747/cs )

    3. Pro MS SE funguje podpora, takze bych problem adresoval i na technickou podporu https://support.microsoftsecurityessentials.com/Default.aspx?scrx=1&st=1&wfxredirect=1

     

    15. května 2011 15:38
    Moderátor
  • Zapnul jsem desktop a taky mám msseces.exe jako potomka explorer.exe

    Co by to mohlo znamenat, že na notebooku je to jinak?

    Na desktopu je msmpeng.exe potomek services.exe

    16. května 2011 14:01
  • Děkuji za odpověď, o ten čistý start se pokusím, až budu mít trochu více času. Určitě je toto dobrý způsob, jak přijít na to, která služba tento můj problém způsobuje.
    16. května 2011 14:03