svchost.exe zpomaluje pocitac

[MisakBobes]

Prosim o radu...
Zatezuje mi procesor na temer 100%. Nevim, ktere procesy zakazat.
Posilam log:

Logfile of HijackThis v1.99.1
Scan saved at 17:38:25, on 26. 1. 2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\michal\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 194.228.32.3:1050
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Alcohol.exe Autorun] C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe /startup
O4 - HKLM\..\Run: [Fix-It AV] C:\PROGRA~1\VCOM\Fix-It\MemCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Stáhnout webovou stránku Free Download Managerem - file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CW App KB R9 - https://www.mojebanka.cz/jars/cwapp.cab
O16 - DPF: IB App KB R9 - https://www.mojebanka.cz/jars/ibapp.cab
O16 - DPF: KTPro SP KB R9 - https://www.mojebanka.cz/jars/ktpsp.cab
O16 - DPF: SH App KB R9 - https://www.mojebanka.cz/jars/shapp.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... _load.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9275630882
O17 - HKLM\System\CCS\Services\Tcpip\..\{9233DF00-B06B-49B8-BD17-AAF93EBB95FA}: NameServer = 213.192.23.33,158.194.120.2
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Program Files\Autodesk\Inventor Professional 10\Bin\HSPCLPRO10.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Fix-It Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

[Baron Prášil]

žádný viry

fixni jenom zbytečnosti
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

jinak omezit počet programů po spuštění můžeš tak,že do start>spustit napíšeš msconfig a ok
a v záložce Po spuštění je odškrtej

[MisakBobes]

Diky,ale pak nechapu, proc mi to po spusteni asi tak 5 minut totalne zpomali PC?

[Baron Prášil]

no vono tam toho běží docela dost

[kreso]

mam rovnaky problem tento debilny proces mi po strate asi 5 minut zatazuje cely pc na 100 % a setko ide ako posrane ale nastastie potom sa ukludni a vsetko ide normal

[jcdenton12]

mam rovnaky problem tento debilny proces mi po strate asi 5 minut zatazuje cely pc na 100 % a setko ide ako posrane ale nastastie potom sa ukludni a vsetko ide normal

ten problem sa prejavuje aj u mna ale nepodarilo sa mi ho eliminovat
taktiez sa neprejavuje pravidelne ale subjektivne sa mi zda ze sa prejavil po aktualizacii z webu MS
ale poslednych par tyzdnov nastastie klud

[Nick]

me to tajy vytezuje na 100procent a jedina sance je to sestrelit jinak to neprestane a nevim proc to tak blbne

[Vector]

skuste tento soubor C:\PROGRA~1\VCOM\Fix-It\mxtask.exe proskenovat na www.virustotal.com ten se mi nezda co tam napise vlozte sem

[janikjan]

mne to robilo, ked som mal zapnute automaticke aktualizacie...

[seuss]

mám úplně ten samej problém s počítačem v práci. Pěkně mě to štve, co to sakra ten schvost dělá, že mi na 5 minut totálně zamzrne PC. Zkoušel jsem všechno možný, ale pořád to dělá. Ten PC byl OK, tohle se stalo ze dne na den a od tý doby mě to pořád ser*. mužete mi někdo prosím říct, proč se to děje a jak to odstranit??

[Baron Prášil]

a jak ti to máme říct,když o tom kompu vůbec nic nevíme?

založ si vlastní téma a do něho

Vlož log z HijackThis.
HijackThis stahneš tady-
http://www.bleepingcomputer.com/files/M ... ckThis.zip
rozbal do vlastní složky,spusť,klikni na "Do a system scan and save a logfile"
Vygenerovaný texťák zkopíruj tam

[seuss]

Tady to je...

Kód: Vybrat vše

Logfile of HijackThis v1.99.1
Scan saved at 13:16:16, on 4.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\SVRemote\USB20Remote.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Thunderbird\thunderbird.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [auto__hloader__key] C:\WINDOWS\system32\hloader_exe.exe
O4 - HKLM\..\Run: [auto__antiav__key] C:\WINDOWS\system32\antiav_exe.exe
O4 - HKLM\..\Run: [FreeWebTel] C:\Program Files\Elthe\elthe.exe
O4 - HKLM\..\Run: [key2] C:\WINDOWS\system32\winlog.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SVRemote] c:\Program Files\SVRemote\USB20Remote.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [auto__hloader__key] C:\WINDOWS\system32\hloader_exe.exe
O4 - HKCU\..\Run: [auto__antiav__key] C:\WINDOWS\system32\antiav_exe.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [key2] C:\WINDOWS\system32\winlog.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDTV2.1\MediaDetector.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://www.listicka.cz/toolbar.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126717290827
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138717317343
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C854C4D1-ED53-4B1F-AA45-783B3CF3315C} (DacomUpload Control) - http://program.webhard.co.kr/Plus/active_upload/DacomUpload.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

[likc]

hm, hezky zavirovany.

fixni
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [auto__hloader__key] C:\WINDOWS\system32\hloader_exe.exe
O4 - HKLM\..\Run: [auto__antiav__key] C:\WINDOWS\system32\antiav_exe.exe
O4 - HKLM\..\Run: [FreeWebTel] C:\Program Files\Elthe\elthe.exe
O4 - HKLM\..\Run: [key2] C:\WINDOWS\system32\winlog.exe
O4 - HKCU\..\Run: [auto__hloader__key] C:\WINDOWS\system32\hloader_exe.exe
O4 - HKCU\..\Run: [auto__antiav__key] C:\WINDOWS\system32\antiav_exe.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [key2] C:\WINDOWS\system32\winlog.exe

pak posli dalsi log. jestli je to pryc a treba jeste vybouchame nejaky zbytecnosti.
Nainstaluj antispyware a firewall

[seuss]

hm, hezky zavirovany.

fixni
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [auto__hloader__key] C:\WINDOWS\system32\hloader_exe.exe
O4 - HKLM\..\Run: [auto__antiav__key] C:\WINDOWS\system32\antiav_exe.exe
O4 - HKLM\..\Run: [FreeWebTel] C:\Program Files\Elthe\elthe.exe
O4 - HKLM\..\Run: [key2] C:\WINDOWS\system32\winlog.exe
O4 - HKCU\..\Run: [auto__hloader__key] C:\WINDOWS\system32\hloader_exe.exe
O4 - HKCU\..\Run: [auto__antiav__key] C:\WINDOWS\system32\antiav_exe.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [key2] C:\WINDOWS\system32\winlog.exe

pak posli dalsi log. jestli je to pryc a treba jeste vybouchame nejaky zbytecnosti.
Nainstaluj antispyware a firewall

je to počítač v práci, takže s tím nic moc dělat nechci a ani nemám důvod, tedka mě to akorát hodně vždycky štve, proto to tedka řeším.. Moc díky, fixnu to, zkusím ještě projet antivirem apod a hodím sem další log..

[KAR]

Tak ten problem mam taky zacalo to po instalaci nejake zaplaty na windows, jinak komp mam cistej

[oyza]

z moji zkusenosti, kdy v kompu zalohuju data useru pri reinstalech atp a jejich disky davam do supliku, ze to dela prave disk. svchost vytezuje procak pri spusteni 100% a po nejake to spadne. doporucuju zkontrolovat nastaveni a pripojeni disku. je-li jich vic, odpojit base a postupne pripojovat a testnout...

[KAR]

Tak sem zakazal windows update (mel sem nastaveny automaticky upozornovani na nove zaplaty) a problem je pryc.

[seuss]

mužete se prosím někdo mrknout na tenhle log, jestli je všechno ok...? dekuju

Kód: Vybrat vše

Logfile of HijackThis v1.99.1
Scan saved at 8:54:00, on 7.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Nod32\nod32kui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
F:\Programs\Skype\Skype.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
F:\Programs\Cigler\LockServMngr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Programs\Matlab\webserver\bin\win32\matlabserver.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nod32\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Programs\Skype\Plugin Manager\SkypePM.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Programs\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\DOCUME~1\Tony\LOCALS~1\Temp\_tc1\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Nod32\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CORSAIR_PLUtil] C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "F:\Programs\Skype\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Tony\Data aplikací\Mozilla\Firefox\Profiles\2p9547qc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Tony\Data aplikací\Mozilla\Firefox\Profiles/2p9547qc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - Global Startup: Správa síťových klíčů.lnk = F:\Programs\Cigler\LockServMngr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/en_US/DjVuControl_en_US.cab
O16 - DPF: {3190CE28-0B6E-4133-A7D3-87D29CB92120} (ToolbarInetInstall Control) - http://www.listicka.cz/toolbar.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121885303421
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} - http://www.tbcode.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://adis.mfcr.cz/adis/jepo/epo/bin/capicom.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://arcade.icq.com/carlo/zuma/popcaploader_v5.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LockServer (LckServer) - Unknown owner - F:\Programs\Cigler\lockserv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - F:\Programs\Matlab\webserver\bin\win32\matlabserver.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Nod32\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

[Baron Prášil]

otestuj toto
F:\Programs\Matlab\webserver\bin\win32\matlabserver.exe
tady
http://www.virustotal.com/flash/index_en.html

fix
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Tony\Data aplikací\Mozilla\Firefox\Profiles\2p9547qc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Tony\Data aplikací\Mozilla\Firefox\Profiles/2p9547qc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)

pošli výsledek testu

[seuss]

otestuj toto
F:\Programs\Matlab\webserver\bin\win32\matlabserver.exe
tady
http://www.virustotal.com/flash/index_en.html

fix
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Tony\Data aplikací\Mozilla\Firefox\Profiles\2p9547qc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Tony\Data aplikací\Mozilla\Firefox\Profiles/2p9547qc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)

pošli výsledek testu

děkuju... fixnul jsem cos napsal, otestoval ten soubor:

Kód: Vybrat vše

AhnLab-V3	2007.4.7.0	04.06.2007	no virus found
AntiVir	7.3.1.48	04.06.2007	no virus found
Authentium	4.93.8	04.06.2007	no virus found
Avast	4.7.936.0	04.06.2007	no virus found
AVG	7.5.0.447	04.07.2007	no virus found
BitDefender	7.2	04.07.2007	no virus found
CAT-QuickHeal	9.00	04.06.2007	no virus found
ClamAV	devel-20070312	04.07.2007	no virus found
DrWeb	4.33	04.06.2007	no virus found
eSafe	7.0.15.0	04.06.2007	no virus found
eTrust-Vet	30.7.3549	04.06.2007	no virus found
Ewido	4.0	04.07.2007	no virus found
FileAdvisor	1	04.07.2007	no virus found
Fortinet	2.85.0.0	04.07.2007	suspicious
F-Prot	4.3.1.45	04.04.2007	no virus found
F-Secure	6.70.13030.0	04.06.2007	no virus found
Ikarus	T3.1.1.3	04.07.2007	no virus found
Kaspersky	4.0.2.24	04.07.2007	no virus found
McAfee	5003	04.06.2007	no virus found
Microsoft	1.2405	04.07.2007	no virus found
NOD32v2	2172	04.07.2007	no virus found
Norman	5.80.02	04.05.2007	no virus found
Panda	9.0.0.4	04.06.2007	no virus found
Prevx1	V2	04.07.2007	no virus found
Sophos	4.16.0	04.06.2007	no virus found
Sunbelt	2.2.907.0	04.07.2007	no virus found
Symantec	10	04.07.2007	no virus found
TheHacker	6.1.6.085	04.04.2007	no virus found
VBA32	3.11.3	04.06.2007	no virus found
VirusBuster	4.3.7:9	04.06.2007	no virus found
Webwasher-Gateway	6.0.1	04.07.2007	no virus found

to je ale v pohodě, jestli znáš matlab, tak asi víš co je to za soubor..