Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

svchost.exe vytěžuje CPU na 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

svchost.exe vytěžuje CPU na 100%

#1 Příspěvek od The Bull »

Dobrý den,
po zapnutí počítače a přihlášení se na účet začne svchost.exe vytěžovat CPU na 100% (což samozřejmě rapidně spomaluje počítač a jeho aplikace) i když se na počítači nic nedělá. Všimnul jsem si, že v ''Po spuštění'' se mi objevil siszyd32.exe. Dočetl jsem se, že to způsobuje on tak jsem se ho pokusil ručně vymazat, což ovšem nejde. Prosím o pomoc, jsem v těchto věcech neznalý.
Děkuji

Přikládám Log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by David at 2009-12-30 09:59:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (9%) free of 114 GB
Total RAM: 1023 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:01:22, on 30.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\David.OEM-049D5A1E60F\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {a55f9c95-2bb1-4ea2-bc77-dfaab78832ce} - C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [sysgif32] C:\WINDOWS\TEMP\~TME.tmp
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: siszyd32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: stáhnout odkaz s použitím bitcometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: stáhnout všechna videa s použitím bitcometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: stáhnout všechny odkazy s použitím bitcometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2028529843
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service (autodesk licensing service) - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: ICQ Service (icq service) - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA (pnkbstra) - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB (pnkbstrb) - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 9186 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-10 1484056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-10-11 321312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
QIPBHO Class - C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-10-05 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360]
"EPSON Stylus CX3600 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE [2004-03-04 98304]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2007-10-04 307200]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-12-23 2033432]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
"sysgif32"=C:\WINDOWS\TEMP\~TME.tmp [2009-12-29 15360]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^David.OEM-049D5A1E60F^Nabídka Start^Programy^Po spuštění^siszyd32.exe]
C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe [2008-04-14 23040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^David.OEM-049D5A1E60F^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění
siszyd32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-10 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe"="C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe:*:Disabled:Foxit PDF Editor, the first REAL editor for PDF files!"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\David.OEM-049D5A1E60F\Plocha\WoW-BurningCrusade-enUS-Installer-downloader.exe"="C:\Documents and Settings\David.OEM-049D5A1E60F\Plocha\WoW-BurningCrusade-enUS-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\PC_StarWars Battlefront 2 -(rip)-(ToeD)\GameData\BattlefrontII.exe"="C:\Program Files\PC_StarWars Battlefront 2 -(rip)-(ToeD)\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\Documents and Settings\David.OEM-049D5A1E60F\Plocha\Age of Empires\Empires.exe"="C:\Documents and Settings\David.OEM-049D5A1E60F\Plocha\Age of Empires\Empires.exe:*:Enabled:Age of Empires"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Left 4 Dead\left4dead.exe"="C:\Program Files\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"C:\Program Files\Microsoft Games\Motocross Madness 2\MCM2.EXE"="C:\Program Files\Microsoft Games\Motocross Madness 2\MCM2.EXE:*:Disabled:Microsoft® Motocross Madness 2"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Codemasters\Operation Flashpoint\FlashpointResistance.exe"="C:\Program Files\Codemasters\Operation Flashpoint\FlashpointResistance.exe:*:Enabled:Operation Flashpoint"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\RESIDENT EVIL 5\RE5DX9.EXE"="C:\Program Files\RESIDENT EVIL 5\RE5DX9.EXE:*:Disabled:RESIDENT EVIL 5"
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe"="C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"C:\Program Files\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2fb.exe"="C:\Program Files\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2fb.exe:*:Enabled:il2fb"
"C:\WINDOWS\Temp\~TME.tmp"="C:\WINDOWS\Temp\~TME.tmp:*:Enabled:services"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-12-29 12:14:48 ----D---- C:\Program Files\trend micro
2009-12-29 12:14:47 ----D---- C:\rsit
2009-12-29 11:32:39 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-12-28 21:56:06 ----HDC---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-12-28 21:51:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Lavasoft
2009-12-28 19:55:27 ----D---- C:\Program Files\HiJackThis
2009-12-28 18:46:34 ----D---- C:\Program Files\Disk Cleaner
2009-12-28 16:11:11 ----D---- C:\Program Files\RegCleaner
2009-12-27 17:56:54 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-27 17:56:54 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-27 17:56:53 ----A---- C:\WINDOWS\system32\java.exe
2009-12-24 19:53:01 ----D---- C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\CoSoSys
2009-12-20 08:52:58 ----D---- C:\Program Files\Cenega Czech
2009-12-15 14:24:07 ----RA---- C:\WINDOWS\system32\xmltok.dll
2009-12-15 14:24:07 ----RA---- C:\WINDOWS\system32\xmlparse.dll
2009-12-15 14:24:07 ----RA---- C:\WINDOWS\system32\xmlinst.exe
2009-12-15 14:24:06 ----RA---- C:\WINDOWS\system32\VB5DB.DLL
2009-12-15 14:24:06 ----RA---- C:\WINDOWS\system32\msxml3a.dll
2009-12-15 14:23:29 ----D---- C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\ubi.com
2009-12-15 14:23:28 ----A---- C:\WINDOWS\patchw32.dll
2009-12-15 14:23:25 ----D---- C:\Program Files\ubi.com
2009-12-15 14:23:25 ----D---- C:\Program Files\Common Files\PocketSoft
2009-12-15 14:17:26 ----D---- C:\Program Files\Ubi Soft
2009-12-10 17:51:44 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll

======List of files/folders modified in the last 1 months======

2009-12-30 09:55:58 ----D---- C:\WINDOWS\Temp
2009-12-30 09:38:37 ----D---- C:\Program Files\Mozilla Firefox
2009-12-30 09:36:45 ----SH---- C:\boot.ini
2009-12-30 09:36:45 ----A---- C:\WINDOWS\win.ini
2009-12-30 09:36:45 ----A---- C:\WINDOWS\system.ini
2009-12-30 09:24:17 ----SD---- C:\WINDOWS\Tasks
2009-12-30 09:21:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-29 20:59:28 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-29 20:36:00 ----D---- C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\Skype
2009-12-29 20:34:53 ----D---- C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\skypePM
2009-12-29 15:56:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-29 15:56:07 ----D---- C:\Program Files\Internet Explorer
2009-12-29 15:56:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-29 15:56:01 ----D---- C:\WINDOWS\system32
2009-12-29 12:14:48 ----RAD---- C:\Program Files
2009-12-29 10:49:17 ----D---- C:\WINDOWS\system32\config
2009-12-28 22:13:32 ----D---- C:\WINDOWS
2009-12-28 22:08:21 ----D---- C:\WINDOWS\system32\drivers
2009-12-28 22:08:10 ----HD---- C:\WINDOWS\inf
2009-12-28 22:06:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-28 21:55:48 ----SHD---- C:\WINDOWS\Installer
2009-12-28 21:51:56 ----D---- C:\Program Files\Lavasoft
2009-12-28 21:51:01 ----D---- C:\WINDOWS\WinSxS
2009-12-28 21:22:24 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-28 20:33:44 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-28 17:29:50 ----D---- C:\WINDOWS\Debug
2009-12-28 17:29:47 ----D---- C:\WINDOWS\Minidump
2009-12-28 15:53:29 ----D---- C:\WINDOWS\pss
2009-12-27 18:11:49 ----D---- C:\AisaCasi
2009-12-27 17:56:52 ----D---- C:\Program Files\Java
2009-12-27 17:54:19 ----D---- C:\WINDOWS\Prefetch
2009-12-21 12:04:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\avg9
2009-12-15 16:18:40 ----D---- C:\Program Files\Total Video Player
2009-12-15 14:23:25 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-15 14:23:25 ----D---- C:\Program Files\Common Files
2009-12-14 14:34:00 ----A---- C:\WINDOWS\LEXICON.INI
2009-12-12 15:09:37 ----D---- C:\Program Files\EA GAMES
2009-12-12 13:57:18 ----D---- C:\WINDOWS\system32\DirectX
2009-12-07 18:30:28 ----D---- C:\Documents and Settings
2009-12-06 14:04:53 ----D---- C:\Downloads

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-10 333192]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-10 28424]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-10 360584]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 ithsgt;ithsgt; C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2009-04-05 162432]
R2 lilsgt;lilsgt; C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2009-04-05 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2003-07-30 77465]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-10-01 594048]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
S1 63287d5a;63287d5a; C:\WINDOWS\System32\drivers\63287d5a.sys []
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\DAVID~1.OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 entech;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-30 602112]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-11-10 906520]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-10 285392]
R2 icq service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 javaquickstarterservice;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 pnkbstra;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-10-30 66872]
R2 pnkbstrb;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-10-30 103736]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-28 1181328]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 autodesk licensing service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-10-16 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 nettcpportsharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: svchost.exe vytěžuje CPU na 100%

#2 Příspěvek od stell »

zdravim
:arrow:
Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
C:\WINDOWS\TEMP\~TME.tmp
C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe
C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe


:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"sysgif32"=-
"MSConfig"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^David.OEM-049D5A1E60F^Nabídka Start^Programy^Po spuštění^siszyd32.exe]

:services
63287d5a
javaquickstarterservice

:commands
[purity]
[emptytemp]
[ClearAllRestorePoints]
[resethosts]
[start explorer]
[Reboot]
:arrow:
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

Re: svchost.exe vytěžuje CPU na 100%

#3 Příspěvek od The Bull »

Omlouvám se že to trvalo tak dlouho, ale ten Malwarebytes.... mi skenoval 13 hodin :!:

Zde log z OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
C:\WINDOWS\TEMP\~TME.tmp moved successfully.
File move failed. C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysgif32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSConfig deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^David.OEM-049D5A1E60F^Nabídka Start^Programy^Po spuštění^siszyd32.exe\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service 63287d5a stopped successfully!
Service 63287d5a deleted successfully!
Service javaquickstarterservice stopped successfully!
Service javaquickstarterservice deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: All Users.WINDOWS

User: David
->Temp folder emptied: 2415814 bytes
->Temporary Internet Files folder emptied: 844537771 bytes

User: David.OEM-049D5A1E60F
->Temp folder emptied: 1354731 bytes
->Temporary Internet Files folder emptied: 3487268 bytes
->Java cache emptied: 1912167 bytes
->FireFox cache emptied: 89769434 bytes

User: DAVID~1~OEM

User: Dawid

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService.NT AUTHORITY.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

User: NetworkService.NT AUTHORITY.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: OemUser
->Temp folder emptied: 18266848 bytes
->Temporary Internet Files folder emptied: 18562284 bytes

User: OemUser.OEM-049D5A1E60F
->Temp folder emptied: 635135867 bytes
->Temporary Internet Files folder emptied: 66358247 bytes

User: pc
->Temp folder emptied: 208630947 bytes
->Temporary Internet Files folder emptied: 92735621 bytes

User: Richard

User: Ruth

User: Ruth.OEM-049D5A1E60F
->Temp folder emptied: 1877998 bytes
->Temporary Internet Files folder emptied: 231427229 bytes
->Java cache emptied: 39518852 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134153 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
Windows Temp folder emptied: 1961222 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 542002790 bytes

Total Files Cleaned = 2 673.00 mb


Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.4.0 log created on 12302009_104411

Files moved on Reboot...
File move failed. C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: svchost.exe vytěžuje CPU na 100%

#4 Příspěvek od stell »

:shock: 13 hodin ?/a kde je log??
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

Re: svchost.exe vytěžuje CPU na 100%

#5 Příspěvek od The Bull »

Zde log z MBAM:

Internet Explorer 6.0.2900.5512

31.12.2009 5:50:58
mbam-log-2009-12-31 (05-50-40).txt

Typ kontroly: Kompletní kontrola (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Zkontrolované objekty: 364781
Uplynulý čas: 12 hour(s), 51 minute(s), 3 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 2
Infikované adresáře: 44
Infikované soubory: 530

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.

Infikované adresáře:
C:\Documents and Settings\David\Data aplikací\ShoppingReport (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\db (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\dwld (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\report (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\res1 (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\IESkins (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOL (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOL\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOL\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\ustat (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad (Adware.Zango) -> No action taken.
C:\Program Files\AntispyStorm (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\AntispyStorm\logs (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\MySearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.ShopperReports) -> No action taken.
C:\WINDOWS\system32\netrax06 (Trojan.Agent) -> No action taken.

Infikované soubory:
C:\Documents and Settings\Dawid\Local Settings\Data aplikací\Opera\Opera\profile\cache4\temporary_download\install_flash_player.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopper) -> No action taken.
C:\System Volume Information\_restore{15CADFD7-1BCC-4DE9-86F2-C515EF77406A}\RP16\A0003498.dll (Adware.Seekmo) -> No action taken.
C:\System Volume Information\_restore{15CADFD7-1BCC-4DE9-86F2-C515EF77406A}\RP16\A0003499.dll (Adware.ShoppingReports) -> No action taken.
C:\System Volume Information\_restore{15CADFD7-1BCC-4DE9-86F2-C515EF77406A}\RP16\A0003500.dll (Adware.Seekmo) -> No action taken.
C:\WINDOWS\system32\drivers\ajwsmwn.sys (Rootkit.Agent) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte10_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte11_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte12_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte13_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte14_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte19_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte20_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte21_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030104_emte9_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\030203lib_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102angel_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102bigluf_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102bigsmile_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102birthday_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102cheers_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102flo_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102good_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102jump_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102king_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102lough_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102luf_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102smiled_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102smile_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102sor_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102thanx_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\033102uhu_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\040103ahh_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\040103wow_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\040104_emi2_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\042102_1134_112_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\050103big_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\050103gig_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\050103hm_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\050103nomail_emoti_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\050103norm_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema15_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema16_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema17_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema18_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema19_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema20_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema21_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema24_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema25_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema26_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema30_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema33_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\060104_ema34_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\062802hippi_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\062802jumpie_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\080402argh_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\080402oops_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\080402ouch_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\082502no_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\082502yes_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_boring1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_confused_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_fantastic_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_feel_better_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_gimme_break_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_heehee_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_hlopaet_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_ign_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_lol_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_no_comment_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_peace_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_smashing_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\avatar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\blocked.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\blocked2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\block_sm.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\block_sm2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\block_smli.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\block_smli2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_add-but.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_back-but.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_left_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_left_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_middle_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_middle_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_right_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\btn_right_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\buttondir.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\components.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\css2_main.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\css2_pagingmodule.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\css2_topbuttons.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\css_cattree.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\css_flashpreview.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\cursors.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\delete.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\edit_clear_sound.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\edit_fs.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\edit_select.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\email-t1-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\email-temp-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\estatationery.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\flashpatch.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\flashpreview.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\fs3.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\hotbar_promo.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_checked_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_close_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_close_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_edit_preview.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_edit_send.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_flash_preview.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_recently_used.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_remove_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_remove_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_sand-clock2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_tell_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_tell_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_tree_null.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_unchecked_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\img_barlayout.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\img_barlayout2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\img_barlayout4.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\img_corner_left.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\img_local_logo.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_basetemplate.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_hbgroups.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_hbobject3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_hbobjectset3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_hotbarwrapper.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_texts3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\js2_xmltree3nf.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\layout.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\linkpathlegal.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\n.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\nav_bb_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\nav_b_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\nav_ff_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\nav_f_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\sales_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\searchbtn.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\submit.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_bg.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_bga.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_bgia.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_l.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_la.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_lia.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_r.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_ra.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tab_ria.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\treedata_animations.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\treedata_backgrounds.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\treedata_ecards.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\treedata_emoticons.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\treedata_notifiers.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\treedata_text.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tree_dots.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tree_minus.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\tree_plus.gif (Adware.Zango) -> No action taken.

The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

Re: svchost.exe vytěžuje CPU na 100%

#6 Příspěvek od The Bull »

C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\1\zango_btn.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte10_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte11_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte12_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte13_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte14_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte19_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte20_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte21_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030104_emte9_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\030203lib_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102angel_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102bigluf_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102bigsmile_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102birthday_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102cheers_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102flo_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102good_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102jump_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102king_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102lough_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102luf_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102smiled_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102smile_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102sor_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102thanx_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\033102uhu_1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\040103ahh_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\040103wow_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\040104_emi2_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\042102_1134_112_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\050103big_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\050103gig_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\050103hm_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\050103nomail_emoti_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\050103norm_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema15_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema16_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema17_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema18_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema19_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema20_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema21_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema24_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema25_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema26_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema30_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema33_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\060104_ema34_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\062802hippi_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\062802jumpie_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\080402argh_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\080402oops_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\080402ouch_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\082502no_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\082502yes_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_boring1_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_confused_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_crying_ugly_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_fantastic_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_feel_better_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_gimme_break_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_heehee_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_hlopaet_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_ign_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_lol_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_no_comment_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_peace_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_smashing_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\110103_talk2thehand_prv.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\avatar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\blocked.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\blocked2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\block_sm.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\block_sm2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\block_smli.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\block_smli2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_add-but.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_back-but.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_left_cut_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_left_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_left_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_middle_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_middle_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_right_cut_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_right_enabled_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\btn_right_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\buttondir.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\components.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\css2_main.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\css2_pagingmodule.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\css2_topbuttons.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\css_cattree.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\css_flashpreview.css (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\cursors.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\delete.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\edit_clear_sound.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\edit_fs.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\edit_select.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\email-t1-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\email-temp-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\estatationery.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\flashpatch.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\flashpreview.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\fs3.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\hotbar_promo.htm (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_checked_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_close_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_close_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_edit_preview.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_edit_send.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_flash_preview.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_recently_used.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_remove_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_remove_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_sand-clock2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_tell_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_tell_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_tree_null.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_unchecked_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\icon_unchecked_pressed_1.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\img_barlayout.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\img_barlayout2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\img_barlayout4.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\img_corner_left.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\img_local_logo.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_basetemplate.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_hbgroups.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_hbobject3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_hbobjectset3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_hotbarwrapper.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_iteratorsandreaders3nf.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_pagingmoduleobj3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_texts3.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\js2_xmltree3nf.js (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\layout.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\linkpathlegal.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\n.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\nav_bb_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\nav_b_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\nav_ff_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\nav_f_2.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\sales_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\searchbtn.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\submit.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_bg.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_bga.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_bgia.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_l.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_la.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_lia.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_r.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_ra.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tab_ria.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\treedata_animations.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\treedata_backgrounds.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\treedata_ecards.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\treedata_emoticons.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\treedata_notifiers.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\treedata_text.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tree_dots.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tree_minus.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\tree_plus.gif (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\2\zango_btn.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\avatar.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\buttondir.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\code.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\cursors.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\email-temp-bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\hotbar_promo.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\images.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\layout.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\linkpathlegal.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\localcontent.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\sales_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\treexml.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\HostOI\static\DownLoad\zango_btn.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\1.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\218563.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\308917.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\3894588.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\763516.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\993316.sdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\domains.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\13562 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\159294 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\17362 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\20549 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\29115 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\31262 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\32171 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\32418 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\403305 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\42208 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\44228 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\4500 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\482360 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\54473 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\55725 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\61194 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\66908 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\748176 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\750039 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\82292 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\83216 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\93899 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\TooltipXML\94430 (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\dynamic\ustat\37b1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\avatar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\btntrans.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\btntrans1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\buttondir.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\components.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\cursors.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\default.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_categorize.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_comparison.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_favorites.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_Games.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_Hide.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_hsskin.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_jemster.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_new.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_premium.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_reun.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_ringtones.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_searchfor.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_searchgo.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_weather.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\editblbuttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\email-t1-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\ie_games_icon.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\ie_video.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\keywords.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\keywords1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\layout.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\sales_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\sdfmodifier.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\s_icons_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\t2_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\top7.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\Top7_theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\tsd_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\zango_btn.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\1\zango_ie_menu.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\avatar.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\btntrans.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\btntrans1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\buttondir.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\components.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\cursors.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\default.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_categorize.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_comparison.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_favorites.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_Games.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_Hide.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_hsskin.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_jemster.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_new.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_premium.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_reun.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_ringtones.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_searchfor.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_searchgo.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_weather.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\editblbuttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\email-t1-bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\ie_games_icon.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\ie_video.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\keywords.idx (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\keywords1.dat (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\layout.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\sales_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\sdfmodifier.xml (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\s_icons_buttons.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\t2_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\top7.cdf (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\Top7_theweb.mnu (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\tsd_bg.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\zango_btn.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\2\zango_ie_menu.res (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\avatar.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\buttondir.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\cursors.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\default.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\ie_video.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\keywords.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\keywords1.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\layout.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\top7.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip (Adware.Zango) -> No action taken.
C:\Documents and Settings\David\Data aplikací\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip (Adware.Zango) -> No action taken.
C:\Program Files\AntispyStorm\AntispyStorm.exe.MANIFEST (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\AntispyStorm\stat.bin (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\AntispyStorm\uninstall.log (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\AntispyStorm\logs\06.13.08_07_09_17.log (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\AntispyStorm\logs\06.13.08_15_14_45.log (Rogue.AntiSpyStorm) -> No action taken.
C:\Program Files\MySearch\bar\1.bin\MYSEARCHPLUGINPROXY.CLASS (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\1.bin\NPMYSRCH.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Cache\0164EA3D (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Cache\0164EE15 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Cache\0164F1BF.bmp (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Cache\0164F3E2.bmp (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\History\search (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\Cache\00070F5F (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MySearch\SrchAstt\Settings\prevcfg.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> No action taken.
C:\Documents and Settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\siszyd32.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\David.OEM-049D5A1E60F\Data aplikací\avdrn.dat (Malware.Trace) -> No action taken.
C:\Documents and Settings\LocalService.NT AUTHORITY.001\Data aplikací\fvgqad.dat (Malware.Trace) -> No action taken.
C:\Documents and Settings\NetworkService.NT AUTHORITY.001\Data aplikací\fvgqad.dat (Malware.Trace) -> No action taken.

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: svchost.exe vytěžuje CPU na 100%

#7 Příspěvek od stell »

Ok,daj zmazat vsetko programom,Malwarebytes,
Teraz dolezite,,Oprav rucne register>>BITS a WAUSERV>>navod<,
start>spustit napis regedit ok
http://www.viry.cz/forum/viewtopic.php? ... 2&start=15

pokracujes combofixom,
:arrow:
PROSIM CITAJTE POZORNE NAVODY!!!,

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe



Suhlasit instalacio Konzoly pre zotavenie (Recovery console)


- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;

A este raz >ANO<

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna

- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.

V případě detekce antiviru u ComboFixu se jedná o falešný poplach.



Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

Re: svchost.exe vytěžuje CPU na 100%

#8 Příspěvek od The Bull »

Zde je log z ComboFixu:

ComboFix 09-12-30.01 - David 31.12.2009 11:12:10.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.515 [GMT 1:00]
Spuštěný z: c:\documents and settings\David.OEM-049D5A1E60F\Plocha\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
C:\log.udt
c:\recycler\S-1-5-21-117609710-764733703-682003330-1003
c:\recycler\S-1-5-21-117609710-764733703-682003330-1005
c:\recycler\S-1-5-21-1645522239-1383384898-839522115-1003
c:\recycler\S-1-5-21-1645522239-1383384898-839522115-1006
c:\recycler\S-1-5-21-1645522239-1383384898-839522115-1007
c:\recycler\S-1-5-21-1645522239-1383384898-839522115-1008
c:\temp\1cb
c:\temp\1cb\syscheck.log
C:\Thumbs.db
c:\windows\system32\ieuinit.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-31 )))))))))))))))))))))))))))))))
.

2009-12-30 12:02 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 12:02 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-30 12:02 . 2009-12-31 04:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-30 09:44 . 2009-12-30 09:44 -------- d-----w- C:\_OTM
2009-12-29 11:14 . 2009-12-30 09:00 -------- d-----w- c:\program files\trend micro
2009-12-29 11:14 . 2009-12-29 11:15 -------- d-----w- C:\rsit
2009-12-29 10:32 . 2009-12-28 21:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-12-29 09:55 . 2009-12-29 09:55 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Plocha
2009-12-28 21:06 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-12-28 17:46 . 2009-12-28 17:49 -------- d-----w- c:\program files\Disk Cleaner
2009-12-28 15:11 . 2009-12-28 15:30 -------- d-----w- c:\program files\RegCleaner
2009-12-27 13:22 . 2009-12-31 10:29 714752 ----a-w- c:\windows\system32\drivers\ajwsmwn.sys
2009-12-20 07:52 . 2009-12-20 07:52 -------- d-----w- c:\program files\Cenega Czech
2009-12-15 13:24 . 2002-10-17 08:35 26096 ----a-r- c:\windows\system32\xmlinst.exe
2009-12-15 13:24 . 2000-03-17 05:21 36864 ----a-r- c:\windows\system32\xmlparse.dll
2009-12-15 13:24 . 2000-03-17 05:21 69632 ----a-r- c:\windows\system32\xmltok.dll
2009-12-15 13:24 . 2002-01-07 13:30 24576 ----a-r- c:\windows\system32\msxml3a.dll
2009-12-15 13:24 . 1998-06-17 22:00 89360 ----a-r- c:\windows\system32\VB5DB.DLL
2009-12-15 13:23 . 2001-07-30 17:03 185344 ----a-w- c:\windows\patchw32.dll
2009-12-15 13:23 . 2009-12-15 13:23 -------- d-----w- c:\program files\ubi.com
2009-12-15 13:23 . 2009-12-15 13:23 -------- d-----w- c:\program files\Common Files\PocketSoft
2009-12-15 13:17 . 2009-12-15 13:24 -------- d-----w- c:\program files\Ubi Soft
2009-12-10 16:51 . 2009-12-11 13:32 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 20:51 . 2006-08-03 08:55 -------- d-----w- c:\program files\Lavasoft
2009-12-27 16:56 . 2008-10-01 17:59 -------- d-----w- c:\program files\Java
2009-12-15 15:18 . 2009-11-12 19:16 -------- d-----w- c:\program files\Total Video Player
2009-12-15 13:23 . 2006-05-27 11:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-12 14:09 . 2009-05-14 13:30 -------- d-----w- c:\program files\EA GAMES
2009-12-12 13:58 . 2009-06-05 15:31 0 ----a-w- c:\windows\system32\drivers\63287d5a.sys
2009-11-22 18:41 . 2009-08-19 08:23 -------- d-----w- c:\program files\LucasArts
2009-11-22 18:30 . 2009-04-27 18:50 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-11-22 15:29 . 2009-01-08 08:59 -------- d-----w- c:\program files\ATI Technologies
2009-11-18 14:09 . 2009-02-16 19:16 -------- d-----w- c:\program files\Final Fantasy VII
2009-11-14 16:55 . 2006-10-21 07:00 -------- d-----w- c:\program files\Sierra
2009-11-13 13:16 . 2007-05-02 11:49 -------- d-----w- c:\program files\Codemasters
2009-11-10 14:05 . 2009-01-19 17:14 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-10 14:05 . 2009-01-19 17:14 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-10 14:05 . 2009-01-19 17:14 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-10 14:05 . 2009-01-19 17:14 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-11-10 14:05 . 2009-01-19 17:14 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-10 14:05 . 2009-01-19 17:13 -------- d-----w- c:\program files\AVG
2009-11-09 13:35 . 2008-12-10 13:54 -------- d-----w- c:\program files\QIP Infium
2009-11-07 15:24 . 2009-01-11 12:20 -------- d-----w- c:\program files\ICQ6Toolbar
2009-11-03 16:27 . 2009-11-03 16:27 -------- d-----w- c:\program files\Moderni vzhled
2009-11-03 16:05 . 2009-11-03 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-03 16:04 . 2007-01-12 15:49 -------- d-----r- c:\program files\Skype
2009-11-03 16:04 . 2007-01-12 15:49 -------- d-----w- c:\program files\Common Files\Skype
2009-11-01 19:18 . 2009-11-01 08:12 -------- d-----w- c:\program files\Fallout 3
2009-11-01 11:06 . 2001-10-25 14:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2009-11-01 11:06 . 2001-10-25 14:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2009-11-01 11:04 . 2009-11-01 11:04 -------- d-----w- c:\program files\Reference Assemblies
2009-11-01 10:50 . 2009-11-01 10:49 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-10-30 21:16 . 2009-10-30 21:16 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-30 21:15 . 2009-10-30 21:15 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-30 21:15 . 2009-10-30 21:15 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-11 03:17 . 2009-10-03 11:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-05 17:34 . 2009-11-09 13:37 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
2009-05-01 21:02 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 98304]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 307200]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-23 2033432]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-10 14:05 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^David.OEM-049D5A1E60F^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
2004-08-22 16:05 81920 ----a-w- c:\program files\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Codemasters\\Operation Flashpoint\\FlashpointResistance.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Ubi Soft\\IL-2 Sturmovik Forgotten Battles\\il2fb.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9506:TCP"= 9506:TCP:BitComet 9506 TCP
"9506:UDP"= 9506:UDP:BitComet 9506 UDP

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [19.1.2009 18:14 161800]
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [1.2.2009 11:56 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [1.2.2009 11:56 5248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [28.12.2009 22:06 64288]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19.1.2009 18:14 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19.1.2009 18:14 360584]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [10.11.2009 15:05 906520]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [10.11.2009 15:05 285392]
R2 icq service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [11.1.2009 13:20 222456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24.9.2009 12:17 1181328]
S3 cpuz130;cpuz130;\??\c:\docume~1\DAVID~1.OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\DAVID~1.OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - ajwsmwn
.
Obsah adresáře 'Naplánované úlohy'

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: stáhnout odkaz s použitím bitcometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: stáhnout všechna videa s použitím bitcometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: stáhnout všechny odkazy s použitím bitcometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\David.OEM-049D5A1E60F\Data aplikací\Mozilla\Firefox\Profiles\pdqk3mur.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-flashpoint - c:\program files\Codemasters\UnInstall.exe
AddRemove-installshield_{e48469cc-635e-4fd5-a122-1497c286d217} - c:\program files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe
AddRemove-{8bad4440-26d7-4a40-b844-066d2af3550c} - c:\program files\Two Worlds\Uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 11:28
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x863A0C98]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf78b6f28
\Driver\ACPI -> ACPI.sys @ 0xf77f3cb8
\Driver\atapi -> 0x863a0c98
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a8
ParseProcedure -> ntoskrnl.exe @ 0x8056c1d6
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a8
ParseProcedure -> ntoskrnl.exe @ 0x8056c1d6
NDIS: 3Com 3C920B-EMB-WNM Integrated Fast Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7561b0a
PacketIndicateHandler -> NDIS.sys @ 0xf756ca21
SendHandler -> NDIS.sys @ 0xf7561949
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ajwsmwn]

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\˙˙`_#*]
"DisplayName"=""
"DeviceDesc"=""
"ProviderName"=""
"MFG"="????????\02"
"ReinstallString"="??"
"DeviceInstanceIds"=multi:"s\\oemuser.oem-049d5a1e60f\\plocha\\drivers\\chipsetwin2k_xp\\smbusdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(576)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\AVG\AVG9\avgam.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2009-12-31 11:37:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-31 10:37

Před spuštěním: Volných bajtů: 17 950 601 216
Po spuštění: Volných bajtů: 17 945 665 536

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=optin

- - End Of File - - 73DA2FBD36C6E6B96AACE6EF7B3EBC4D

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: svchost.exe vytěžuje CPU na 100%

#9 Příspěvek od stell »

:arrow:
Odinstaluj progrm C:\Program Files\DAEMON Tools Lite i pokud mas jine emulatory mechanik, alcohol aspol.
http://www.duplexsecure.com/en/downloads
:arrow: Stahni dle ze stranek SPTD http://www.duplexsecure.com/en/downloads verzi dle sveho operacniho systemu. SPTD for Windows (32 bit) nebo (64b) na plochu
- spust
- zvol moznost Uninstall
- restart PC
:arrow: Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
File::
c:\windows\system32\drivers\ajwsmwn.sys
c:\windows\system32\drivers\63287d5a.sys
Driver::
icq service
DDS::
uDefault_Search_URL = hxxp://search.qip.ru
Extra::
FireFox::
FF - ProfilePath - c:\documents and settings\David.OEM-049D5A1E60F\Data aplikací\Mozilla\Firefox\Profiles\pdqk3mur.default\
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí
:arrow:
stiahnes specialnu verziu G-Mer
Special
uloz na plochu >>
Odpojiť sa od internetu a zatvor všetky otvorené programy,
Dočasne zakázať akékoľvek real-time aktívnej ochrany,
a spust>.prebehne kratky skan,,,
ak dostanes hlasku rootkit activity and asks if you want to run scan>>kliknes NO<<
a nastavis to takto
Obrázek

>> kliknes scan,<<
na konci skanu >>SAVE<< nazov das mojlog.txt>>uloz na plochu a log vloz sem,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

Re: svchost.exe vytěžuje CPU na 100%

#10 Příspěvek od The Bull »

Zde je Log z Combofixu:

ComboFix 09-12-30.01 - David 31.12.2009 13:05:21.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.463 [GMT 1:00]
Spuštěný z: c:\documents and settings\David.OEM-049D5A1E60F\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\David.OEM-049D5A1E60F\Plocha\CFScript.txt
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\windows\system32\drivers\63287d5a.sys"
"c:\windows\system32\drivers\ajwsmwn.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\63287d5a.sys
c:\windows\system32\drivers\ajwsmwn.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_icq_service
-------\Service_icq service
-------\Legacy_ajwsmwn
-------\Service_ajwsmwn


((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-31 )))))))))))))))))))))))))))))))
.

2009-12-30 12:02 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 12:02 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-30 12:02 . 2009-12-31 04:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-30 09:44 . 2009-12-30 09:44 -------- d-----w- C:\_OTM
2009-12-29 11:14 . 2009-12-30 09:00 -------- d-----w- c:\program files\trend micro
2009-12-29 11:14 . 2009-12-29 11:15 -------- d-----w- C:\rsit
2009-12-29 10:32 . 2009-12-28 21:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-12-29 09:55 . 2009-12-29 09:55 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Plocha
2009-12-28 21:06 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-12-28 17:46 . 2009-12-28 17:49 -------- d-----w- c:\program files\Disk Cleaner
2009-12-28 15:11 . 2009-12-28 15:30 -------- d-----w- c:\program files\RegCleaner
2009-12-20 07:52 . 2009-12-20 07:52 -------- d-----w- c:\program files\Cenega Czech
2009-12-15 13:24 . 2002-10-17 08:35 26096 ----a-r- c:\windows\system32\xmlinst.exe
2009-12-15 13:24 . 2000-03-17 05:21 36864 ----a-r- c:\windows\system32\xmlparse.dll
2009-12-15 13:24 . 2000-03-17 05:21 69632 ----a-r- c:\windows\system32\xmltok.dll
2009-12-15 13:24 . 2002-01-07 13:30 24576 ----a-r- c:\windows\system32\msxml3a.dll
2009-12-15 13:24 . 1998-06-17 22:00 89360 ----a-r- c:\windows\system32\VB5DB.DLL
2009-12-15 13:23 . 2001-07-30 17:03 185344 ----a-w- c:\windows\patchw32.dll
2009-12-15 13:23 . 2009-12-15 13:23 -------- d-----w- c:\program files\ubi.com
2009-12-15 13:23 . 2009-12-15 13:23 -------- d-----w- c:\program files\Common Files\PocketSoft
2009-12-15 13:17 . 2009-12-15 13:24 -------- d-----w- c:\program files\Ubi Soft
2009-12-10 16:51 . 2009-12-11 13:32 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-31 11:39 . 2009-02-01 10:56 -------- d-----w- c:\program files\D-Tools
2009-12-28 20:51 . 2006-08-03 08:55 -------- d-----w- c:\program files\Lavasoft
2009-12-27 16:56 . 2008-10-01 17:59 -------- d-----w- c:\program files\Java
2009-12-15 15:18 . 2009-11-12 19:16 -------- d-----w- c:\program files\Total Video Player
2009-12-15 13:23 . 2006-05-27 11:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-12 14:09 . 2009-05-14 13:30 -------- d-----w- c:\program files\EA GAMES
2009-11-22 18:41 . 2009-08-19 08:23 -------- d-----w- c:\program files\LucasArts
2009-11-22 18:30 . 2009-04-27 18:50 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-11-22 15:29 . 2009-01-08 08:59 -------- d-----w- c:\program files\ATI Technologies
2009-11-18 14:09 . 2009-02-16 19:16 -------- d-----w- c:\program files\Final Fantasy VII
2009-11-14 16:55 . 2006-10-21 07:00 -------- d-----w- c:\program files\Sierra
2009-11-13 13:16 . 2007-05-02 11:49 -------- d-----w- c:\program files\Codemasters
2009-11-10 14:05 . 2009-01-19 17:14 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-10 14:05 . 2009-01-19 17:14 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-10 14:05 . 2009-01-19 17:14 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-10 14:05 . 2009-01-19 17:14 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-11-10 14:05 . 2009-01-19 17:14 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-10 14:05 . 2009-01-19 17:13 -------- d-----w- c:\program files\AVG
2009-11-09 13:35 . 2008-12-10 13:54 -------- d-----w- c:\program files\QIP Infium
2009-11-07 15:24 . 2009-01-11 12:20 -------- d-----w- c:\program files\ICQ6Toolbar
2009-11-03 16:27 . 2009-11-03 16:27 -------- d-----w- c:\program files\Moderni vzhled
2009-11-03 16:05 . 2009-11-03 16:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-03 16:04 . 2007-01-12 15:49 -------- d-----r- c:\program files\Skype
2009-11-03 16:04 . 2007-01-12 15:49 -------- d-----w- c:\program files\Common Files\Skype
2009-11-01 19:18 . 2009-11-01 08:12 -------- d-----w- c:\program files\Fallout 3
2009-11-01 11:06 . 2001-10-25 14:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2009-11-01 11:06 . 2001-10-25 14:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2009-10-30 21:16 . 2009-10-30 21:16 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-30 21:15 . 2009-10-30 21:15 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-30 21:15 . 2009-10-30 21:15 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-11 03:17 . 2009-10-03 11:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-05 17:34 . 2009-11-09 13:37 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
2009-05-01 21:02 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360]
"EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 98304]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 307200]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-23 2033432]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-10 14:05 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^David.OEM-049D5A1E60F^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\David.OEM-049D5A1E60F\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Codemasters\\Operation Flashpoint\\FlashpointResistance.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Ubi Soft\\IL-2 Sturmovik Forgotten Battles\\il2fb.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9506:TCP"= 9506:TCP:BitComet 9506 TCP
"9506:UDP"= 9506:UDP:BitComet 9506 UDP

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [19.1.2009 18:14 161800]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [28.12.2009 22:06 64288]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19.1.2009 18:14 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19.1.2009 18:14 360584]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [10.11.2009 15:05 906520]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [10.11.2009 15:05 285392]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24.9.2009 12:17 1181328]
S3 cpuz130;cpuz130;\??\c:\docume~1\DAVID~1.OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\DAVID~1.OEM\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]

2009-12-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 21:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: stáhnout odkaz s použitím bitcometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: stáhnout všechna videa s použitím bitcometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: stáhnout všechny odkazy s použitím bitcometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\David.OEM-049D5A1E60F\Data aplikací\Mozilla\Firefox\Profiles\pdqk3mur.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-DAEMON Tools-1033 - c:\program files\D-Tools\daemon.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-31 13:20
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\˙˙`_#*]
"DisplayName"=""
"DeviceDesc"=""
"ProviderName"=""
"MFG"="????????\02"
"ReinstallString"="??"
"DeviceInstanceIds"=multi:"s\\oemuser.oem-049d5a1e60f\\plocha\\drivers\\chipsetwin2k_xp\\smbusdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(540)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2009-12-31 13:28:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-31 12:28
ComboFix2.txt 2009-12-31 10:37

Před spuštěním: Volných bajtů: 17 883 541 504
Po spuštění: Volných bajtů: 17 770 729 472

- - End Of File - - BC9C9C78AC27159E1149E427E5E02484



Zde je log z G-MER:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-31 20:19:05
Windows 5.1.2600 Service Pack 3
Running: y28w5fhd.exe; Driver: C:\DOCUME~1\DAVID~1.OEM\LOCALS~1\Temp\kgwyrkow.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF78C287E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF78C2BFE]

---- Kernel code sections - GMER 1.0.15 ----

? Combo-Fix.sys Systém nemůže nalézt uvedený soubor. !
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xF6A2A000, 0x1C5D38, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\ithsgt.sys section is writeable [0xA7D52300, 0x21770, 0xE8000020]
? C:\ComboFix\catchme.sys Systém nemůže nalézt uvedenou cestu. !
? C:\WINDOWS\system32\Drivers\PROCEXP113.SYS Systém nemůže nalézt uvedený soubor. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\usbstor \Device\0000006b sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\usbstor \Device\0000006c sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\usbstor \Device\0000006d sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\usbstor \Device\0000006e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\usbstor \Device\0000006f sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)

---- EOF - GMER 1.0.15 ----

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: svchost.exe vytěžuje CPU na 100%

#11 Příspěvek od stell »

ok,vsetko v poriadku
:arrow: Odinstaluj ComboFix - Start -> Spustit - ComboFix /Uninstall -> OK
:arrow: Stáhni, nainstaluj program CCleaner - http://www.ccleaner.com/download/downloadpage.aspx?f=2
- PravyKlik na kos-spustit ccleaner ->>>Cakas>>na cistenie,,
PravyKlik na kos-otvorit ccleaner-záložka Windows a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na záložku Aplikace a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na Registry, stiskni Hledej problémy, po dokončení skenování klikni na Opravit vybrané problémy,
-zvol Ano pro vytvoření zálohy, ulož nabídnutý soubor a klikni na Opravit všechny problémy,

Start-spustit-napis cleanmgr ok>>dalsie moznosti-obnova systemu-vycistit,,ok,,ok
:arrow: stiahni>>OTC
2x-kliknite OTC.exe.
Kliknite na tlačidlo CleanUp!
Vyberte Áno, ak
Otvorenie procesu čistenia?
zobrazí upozornenie.
Ak sa zobrazí výzva na reštartovanie počas čistenia, vyberte Áno.
Nástroj sám zmaže, keď to skončí, ak nie odstrániť .
Mozes nainstalovat Daemona ak potrebujes,ak nie neinstaluj,
Ak vsetko bude fungovat ako ma,, tot vse, :)
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

The Bull
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 pro 2009 12:19

Re: svchost.exe vytěžuje CPU na 100%

#12 Příspěvek od The Bull »

Mockrát děkuju, počítač šlape jak má :D :worship:

Uživatelský avatar
stell
VIP
VIP
Příspěvky: 5175
Registrován: 09 pro 2007 09:27
Bydliště: SK-REVUCA
Kontaktovat uživatele:

Re: svchost.exe vytěžuje CPU na 100%

#13 Příspěvek od stell »

:) nemas zaco,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
Obrázek
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!

Obrázek

Odpovědět