svchost.exe 100% vytížený procesor

[Roli]

Tak poslední doladění.

Tohle fixni v HJT :

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k


Znovu spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe

:files 
C:\ComboFix.txt
C:\Qoobox  
C:\ComboFix 
C:\WINDOWS\system32\drivers\wcscd.sys
C:\WINDOWS\system32\lynnaz.exe 
C:\WINDOWS\system32\drivers\cdfss.sys   

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Regedit32"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]

:services
wcscd
cdfss

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

[MistX]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\ComboFix.txt moved successfully.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
File/Folder C:\ComboFix not found.
C:\WINDOWS\system32\drivers\wcscd.sys moved successfully.
C:\WINDOWS\system32\lynnaz.exe moved successfully.
File/Folder C:\WINDOWS\system32\drivers\cdfss.sys not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig\ deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named wcscd was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wcscd deleted successfully.
Error: No service named cdfss was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfss deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Charvi
->Temp folder emptied: 4368 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Mamka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Monika
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33279 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 11292010_223355

Files moved on Reboot...
File C:\Qoobox\BackEnv not found!

Registry entries deleted on Reboot...

[Roli]

Bezva, řekl bych že už máme konečně čisto.

Nyní by to chtělo nějaký ten antivir a trošku myslet při lezení po netu, protože to cos tam měl se normálně chytit nedá.

Také mi písni jestli jsou s PC ještě nějaké problémy.

[MistX]

Jeste zopakuji, ze to neni moje PC Uz jsem vcera PC predal majiteli s durazem jak se chovat na internetu. Nainstaloval jsem Microsoft antivir, ktery sam bez obtizi pouzivam Diky moc za pomoc. Mejte se pekne

[Roli]

Vím že to není tvoje PC a je dobře žes majitele poučili, protože takovouhle sbírku jsem fakt dlouho neviděl.

Jinak nemáš zač a kdyby zase něco dej vědět, měj se.