VIRY.CZ

Spusťte OTL a do spodního okna vložte následující skript.

:OTL
SRV - File not found [Auto | Stopped] -- -- (avg9wd)
SRV - File not found [Auto | Stopped] -- -- (avg9emc)
O3 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Program Files\ICQLite\ICQLite.exe File not found
O15 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..Trusted Domains: localhost ([]http in Místní intranet)
O15 - HKU\S-1-5-21-484763869-343818398-839522115-1003\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: DirectAnimation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

All processes killed
========== OTL ==========
Service avg9wd stopped successfully!
Service avg9wd deleted successfully!
Service avg9emc stopped successfully!
Service avg9emc deleted successfully!
Registry value HKEY_USERS\S-1-5-21-484763869-343818398-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_USERS\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-484763869-343818398-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
File Animation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users.WINDOWS

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 43928 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Zdenek

User: Zdenek.ZDENEK-JG362RMG
->Temp folder emptied: 41782312 bytes
->Temporary Internet Files folder emptied: 41880824 bytes
->Java cache emptied: 880197 bytes
->FireFox cache emptied: 92831766 bytes
->Google Chrome cache emptied: 6300516 bytes
->Flash cache emptied: 10063 bytes

User: ZDENEK~1~ZDE

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 114796 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 55273739 bytes

Total Files Cleaned = 228,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users.WINDOWS

User: Default User.WINDOWS

User: LocalService.NT AUTHORITY.000

User: NetworkService.NT AUTHORITY.000

User: Zdenek

User: Zdenek.ZDENEK-JG362RMG
->Flash cache emptied: 0 bytes

User: ZDENEK~1~ZDE

Total Flash Files Cleaned = 0,00 mb

Unable to start service SRService!
D:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start service SrService!

OTL by OldTimer - Version 3.2.4.1 log created on 05162010_141701

Files\Folders moved on Reboot...
File move failed. D:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Jak to vypadá s PC

Zatím dobre

Nic se nedeje.. Asi vpořádku.
Dekuji

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

Hotovo.

V tom případě je to vše.

Tak moc dekuji

Nemáte zač

Tak jsem tu opět, PC se chová dobre, Comodo pracuje, ale občas se objeví tato hláska
Obrázek

vzhledem k tomu že jsem mel problem prave s svchost.exe, tak se to bojim povolit a zapamatovat,
takže povolim jen dočasne. Dá se zjistit jestli to mohu dovolit a zapamatovat?

Komunikaci můžete povolit.

Ano priste to povolím a mužete mi rici o co jde? Po rozkliknutí se tam objevila ta volba webbrowser ale nemusí to byt ono...

%SystemRoot%\System32\Svchost.exe spravuje služby.

Ano, ale me prave vytezoval nejaky schvhost PC na 100%, snad to byl jiny v task manageru jsou asi 4.

To byl svchost.exe v jiném umístění a to byl vir. Procesů svchost.exe může být spuštěno více.

VIRY.CZ

Problém s schvhost vytezuje PC na 100% kratce po startu..

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.

Re: Problém s schvhost vytezuje PC na 100% kratce po startu.