CPU 100%+svchost+help

Jack06 · Příspěvek od **Jack06** » 24 bře 2008 19:05

Prosím pomozte mé cpu se občas vyšplhá až na 100% využítí CPU a necím co s tím
Zde je použítí vyjeté proces explorerem

Process	PID	CPU	Description	Company Name
System Idle Process	0			
 Interrupts	n/a	1.54	Hardware Interrupts	
 DPCs	n/a		Deferred Procedure Calls	
 System	4			
  smss.exe	604		Správce relací systému Windows NT	Microsoft Corporation
   csrss.exe	680		Client Server Runtime Process	Microsoft Corporation
   winlogon.exe	704		Windows NT Logon Application	Microsoft Corporation
    services.exe	748		Services and Controller app	Microsoft Corporation
     svchost.exe	912		Generic Host Process for Win32 Services	Microsoft Corporation
      CapabilityManager.exe	2040		Capability Manager	Popwire AB
      NMIndexStoreSvr.exe	432		Nero Home	Nero AG
      FxSvr2.exe	576		QuickCam Framework Server	Labtec Inc.
      Generic.exe	1452		Generic Device Management Executable.	Teleca Software Solutions
      epmworker.exe	2364		CAPI_Worker Module	Sony Ericsson Mobile Communications AB
      wmiprvse.exe	2892		WMI	Microsoft Corporation
     svchost.exe	968		Generic Host Process for Win32 Services	Microsoft Corporation
    svchost.exe	1068	89.23	Generic Host Process for Win32 Services	Microsoft Corporation
      wuauclt.exe	2904		Windows Update Automatic Updates	Microsoft Corporation
     svchost.exe	1112		Generic Host Process for Win32 Services	Microsoft Corporation
     svchost.exe	1200		Generic Host Process for Win32 Services	Microsoft Corporation
     spoolsv.exe	1628		Spooler SubSystem App	Microsoft Corporation
     AppleMobileDeviceService.exe	1704		Apple Mobile Device Service	Apple, Inc.
     mDNSResponder.exe	1796		Bonjour Service	Apple Inc.
     MDM.EXE	2008		Machine Debug Manager	Microsoft Corporation
     nod32krn.exe	2088		NOD32 Kernel Service	Eset 
     nvsvc32.exe	2128		NVIDIA Driver Helper Service, Version 71.25	NVIDIA Corporation
     StarWindService.exe	2672		StarWind iSCSI Target (Alcohol Edition)	Rocket Division Software
     svchost.exe	2712		Generic Host Process for Win32 Services	Microsoft Corporation
     iPodService.exe	3788		iPodService Module	Apple Inc.
     alg.exe	2756		Application Layer Gateway Service	Microsoft Corporation
    lsass.exe	760		LSA Shell (Export Version)	Microsoft Corporation
    taskmgr.exe	1388		Správce úloh	Microsoft Corporation
explorer.exe	1556		Průzkumník Windows	Microsoft Corporation
 LVCOMSX.EXE	1740		LVCom Server	Labtec Inc.
 LogiTray.exe	1748		ImageStudio Tray Application	Labtec Inc.
 remoterm.exe	1756		Remote Control Application	Pinnacle Systems
 rundll32.exe	1788		Run a DLL as an App	Microsoft Corporation
 cledx.exe	1820		Team H2O CLEDX	Team H2O
 mHotkey.exe	1828		Chicony Multimedia Driver	Chicony
 SOUNDMAN.EXE	1852		Realtek Sound Manager	Realtek Semiconductor Corp.
 nod32kui.exe	1868		NOD32 Control Center GUI	Eset 
 Application Launcher.exe	1896		Application Launcher	Sony Ericsson Mobile Communications AB
 jusched.exe	1912		Java(TM) Platform SE binary	Sun Microsystems, Inc.
 iTunesHelper.exe	1964		iTunesHelper Module	Apple Inc.
 ctfmon.exe	176		CTF Loader	Microsoft Corporation
 NMBgMonitor.exe	212		Nero Home	Nero AG
 StrongDC.exe	3360		StrongDC++	
 uTorrent.exe	2560			
 qip.exe	1524		Quiet Internet Pager	The Author of QIP
 Skype.exe	356		Skype. Take a deep breath 	Skype Technologies S.A.
  skypePM.exe	540		Skype Extras Manager	Skype Technologies
 firefox.exe	552		Firefox	Mozilla Corporation
 TOTALCMD.EXE	932		Total Commander 32 bit international version, file manager replacement for Windows	C. Ghisler & Co.
  xczoffbot.exe	3760			
  wmplayer.exe	1908	3.08	Windows Media Player	Microsoft Corporation
   setup_wm.exe	1128		Microsoft Windows Media Configuration Utility	Microsoft Corporation
 procexp.exe	1688	6.15	Sysinternals Process Explorer	Sysinternals - www.sysinternals.com

Baron Prášil · Příspěvek od **Baron Prášil** » 24 bře 2008 22:45

tak tě vítám v antivirové léčebně fóra PC-HELP

začal bych standardním vyšetřením na hijackthis. návod na něj mám v podpisu

Jack06 · Příspěvek od **Jack06** » 31 bře 2008 16:23

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:37, on 31.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Software\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Logitech\Video\LogiTray.exe
D:\Program Files\Pinnacle\PCTV Sat\Remote\Remoterm.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\mHotkey.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Software\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\PROGRA~1\Mozilla Firefox\firefox.exe
D:\Software\QIP\qip.exe
D:\Documents and Settings\Jack\Plocha\stahy\DC\StrongDC.exe
C:\totalcmd\TOTALCMD.EXE
D:\Program Files\Windows Media Player\wmplayer.exe
D:\Program Files\Windows Media Player\setup_wm.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Software\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Software\ICQToolbar\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\Software\ICQToolbar\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Software\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCTVRemote] D:\Program Files\Pinnacle\PCTV Sat\Remote\Remoterm.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [H2O] D:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Software\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Software\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [QIP2005] D:\Software\QIP\qip.exe
O4 - HKCU\..\Run: [FreeCall] "D:\Software\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: hamachi.lnk = D:\Games\Hamachi\hamachi.exe
O4 - Startup: OpenOffice.org 2.0.lnk = D:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\Software\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Software\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Software\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8258280765
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Software\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 8578 bytes

Baron Prášil · Příspěvek od **Baron Prášil** » 01 dub 2008 16:10

log je v pořádku. systém je špatně zabezpečen!

nainstaluj firewall
vyber si tady,doporučuju ZoneAlarm,Comodo nebo Ashampoo
návod na ZA http://www.kn.vutbr.cz/docs/conf/zonealarm/
na comodo http://www.nforce.cz/modules.php?name=N ... cle&sid=18
Ashampoo Firewall free + čeština

a nainstaluj taky antispyware s rezidentním štítem
Spyware Terminator nebo Spybot S&D
návod na ST http://www.viry.cz/forum/viewtopic.php?t=44730
návod na Spybot http://www.jaknato.com/index.php?clanek ... tne-slouzi
ten aktualizuj a proskenuj systém

sleduj taskmanagera nebo Process Explorer a zkus zjistit kterej proces ti vytěžuje CPU

též předpokládám,že jsi skenoval nodem-nějaké nálezy. udělej sken po restartu.

a dej vědět

PC-HELP.CZ

CNEWS

CPU 100%+svchost+help

CPU 100%+svchost+help

Re: CPU 100%+svchost+help

Re: CPU 100%+svchost+help

Re: CPU 100%+svchost+help