Utilizamos Cookies de terceros para generar estadísticas de audiencia y mostrar publicidad personalizada analizando tu navegación. Si sigues navegando estarás aceptando su uso. Más información X
PortadaForo AyudaTutoriales
InicioForosForo Windows XP

Svchost.exe consume 100% CPU
victormaji
2007-09-13 18:34 - Respuestas: 18 - Tema nº: 2468610

Características: Windows XP Home, Intel Core 2 Duo. 250 Gb. de disco duro.

Hace aproximadamente un mes comencé a notar el ordenador muy lento. Tardaba en procesar cualquier cosa. Veo que tengo el Svchos.exe a tope. Hay dos concretamente uno de usuario y otro de System. El caso es que dificulta mucho cualquier operación con el ordenador. He leido en foros y habla desde troyanos, virus, hasta problemas propios de windows. ¿Me podéis ayudar?

Posibles soluciones:
Svchost.exe consume 100% cpuSvchost.exe consume 100% cpu
Winlogon.exe consume el 100% de cpuWinlogon.exe consume el 100% de cpu
Explorer me consume 100% cpuExplorer me consume 100% cpu
Svchost consume 50% de cpuSvchost consume 50% de cpu
Iexplorer.exe consume 100% del cpuIexplorer.exe consume 100% del cpu
tordanxa

Re: Svchost.exe consume 100% CPU - 2007-09-13 18:38 - Respuesta 2

Pasa a tu ordenador tu antivirus (o uno online: Panda Activescan ; ESET Online Scanner; F-Secure Online Scanner ;
Kaspersky Online Scanner ) y los siguientes programas actualizados y en modo a prueba de fallos:

SUPERAntispyware
Ad-aware (pack de lenguajes )
AVG AntiSpyware

El Ad-Aware pásalo con la opción Realizar exploración completa del sistema

Limpia el ordenador de archivos y entradas de registro innecesarias con alguno de estos programas:

EasyCleaner, ccleaner o Disk Cleaner
Regcleaner o el Regseeker

Y si aún así no has solucionado el problema el
HijackThis

En este último programa debes de hacer lo siguiente:
1.- Descarga el programa
2.- Crea una carpeta con su nombre y mete en ella el archivo Hijackthis.exe
3.- Haz doble clic en dicho archivo
4.- Selecciona la opción scan and save log
5.- Se abrirá una ventana y el bloc de notas. Pega el contenido de este último aquí.

Saludos
victormaji

Re: Svchost.exe consume 100% CPU - 2007-09-16 22:30 - Respuesta 3

Hola, muchas gracias por tu respuesta. He pasado todo lo que me has dicho. Antivirus Nod32, que no ha detectado nada, el panda en linea detectó y eliminó un gusano y el Kaspersky que detectó varias cosas. Te envio el log. de este último. Pasé también los antiespias y limpiaron varias infecciones. Limpié también el registro, con el EasyCleaner.
SIGUE el problema. Son tres los procesos que se van repartiendo la CPU hasta consumirla entera Service.exe, Winlogon.exe y Svchost.exe. Te envio el reporte del HijacThis por si me puedes ayudar.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:40:16, on 16/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


El log del karspesky es el siguiente:

KASPERSKY ONLINE SCANNER REPORT
Sunday, September 16, 2007 5:55:18 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 16/09/2007
Kaspersky Anti-Virus database records: 419309


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics
Total number of scanned objects 196738
Number of viruses found 11
Number of infected objects 116
Number of suspicious objects 12
Duration of the scan process 01:13:51

Infected Object Name Virus Name Last Action
C:\DRIVERS\PAND2006\PAND2006.EXE Infected: Email-Worm.Win32.Mixor.a skipped

C:\DRIVERS\CHIPSET\610IGPXP.EXE Infected: Email-Worm.Win32.Mixor.a skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\H48D0C87.log Infected: Trojan.Win32.Tiny.f skipped

C:\WINDOWS\system32\H5D80618.log Infected: Trojan.Win32.Tiny.f skipped

C:\WINDOWS\system32\MS15D806.CPL Infected: Trojan.Win32.Tiny.f skipped

C:\WINDOWS\system32\MS548D0C.CPL Infected: Trojan.Win32.Tiny.f skipped

C:\WINDOWS\system32\H0795A32.log Infected: Trojan.Win32.Tiny.f skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\RavTime.log Object is locked skipped

C:\WINDOWS\system32\H6E688BD.log Infected: Trojan.Win32.Tiny.f skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\CSC\00000001 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchSmartSearch.zip/notepad32.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchSmartSearch.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC13.zip/dload.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC13.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC19.zip/olehelp.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC19.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC22.zip/y.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC22.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC33.zip/kernels64.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC33.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC35.zip/winmuse.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC35.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\victor\NTUSER.DAT.LOG Object is locked skipped

C:\Documents and Settings\victor\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\victor\Local Settings\History\History.IE5\MSHist012007091620070917\index.dat Object is locked skipped

C:\Documents and Settings\victor\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\victor\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\victor\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\victor\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\victor\ntuser.dat Object is locked skipped

C:\Documents and Settings\kuka\Local Settings\Temporary Internet Files\Content.IE5\JXPUMTS0\1019129[1].js Infected: Trojan-Downloader.JS.Agent.nx skipped

C:\Documents and Settings\kuka\Local Settings\Temporary Internet Files\Content.IE5\2IJ9PNLF\stats[1].htm Infected: Trojan-Downloader.VBS.Agent.n skipped

C:\Program Files\Common Files\System\MS548D0C.DLL Object is locked skipped

C:\Program Files\ESET\infected\XB00TYAA.NQF Infected: Trojan-Downloader.Win32.Small.dam skipped

C:\Program Files\ESET\infected\EWN2SHAA.NQF Infected: Trojan-PSW.Win32.Nilage.apx skipped

C:\Program Files\ESET\infected\0F4ZMABA.NQF/data0018/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\0F4ZMABA.NQF/data0018/data0003 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\0F4ZMABA.NQF/data0018/data0004 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\0F4ZMABA.NQF/data0018 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\0F4ZMABA.NQF NSIS: infected - 4 skipped

C:\Program Files\ESET\infected\0F4ZMABA.NQF PE-Crypt.XorPE: infected - 4 skipped

C:\Program Files\ESET\infected\MO44FLDA.NQF/data0018/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\MO44FLDA.NQF/data0018/data0003 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\MO44FLDA.NQF/data0018/data0004 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\MO44FLDA.NQF/data0018 Infected: not-a-virus:AdWare.Win32.180Solutions.ay skipped

C:\Program Files\ESET\infected\MO44FLDA.NQF NSIS: infected - 4 skipped

C:\Program Files\ESET\infected\MO44FLDA.NQF PE-Crypt.XorPE: infected - 4 skipped

C:\Program Files\15D80618\2634170B.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\Program Files\548D0C87\2634170B.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\Program Files\16E688BD\2634170B.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP206\A0029523.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP206\A0030526.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP208\A0031526.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP210\A0032528.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP214\A0033527.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP217\A0033704.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP217\A0033710.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP222\A0034115.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP230\A0034555.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP235\A0035108.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP235\A0035121.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP240\A0035300.exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP240\A0035301.exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP248\A0036121.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP257\A0037201.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP261\A0037319.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP265\A0037603.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP266\A0037775.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP266\A0037829.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP266\A0037830.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP266\A0038042.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP266\A0038043.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP267\A0038108.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP267\A0038109.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP267\A0038145.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP267\A0038146.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP269\A0038450.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP269\A0039145.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP269\A0039150.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP270\A0040145.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP270\A0040152.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040166.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040169.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040213.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040214.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040222.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040227.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040234.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP271\A0040235.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP276\A0040407.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP276\A0040408.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP277\A0040429.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP277\A0040432.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP278\A0040448.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP278\A0040462.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP278\A0040463.CPL Infected: Trojan.Win32.Tiny.f skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP278\A0040716.CPL Infected: Trojan.Win32.Tiny.f skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP278\A0041814.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP278\A0041815.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0041819.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0041840.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0041841.CPL Infected: Trojan.Win32.Tiny.f skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042093.CPL Infected: Trojan.Win32.Tiny.f skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042536.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042537.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042538.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042539.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042544.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042547.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042551.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042664.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042716.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042939.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042951.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0042994.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0043026.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0043067.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP279\A0043083.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP287\A0043594.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP287\A0044539.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP288\A0044551.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP288\A0044586.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP288\A0044694.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP288\A0044717.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP290\A0044790.exe Infected: P2P-Worm.Win32.Kapucen.b skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP290\A0045717.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP291\A0046721.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP293\A0046790.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP294\A0046835.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP294\A0046836.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP294\A0046854.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP294\A0046855.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP294\A0047856.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP294\A0047857.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP295\A0047924.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP295\A0047927.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP295\A0048926.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP295\A0048927.DLL Infected: Trojan-PSW.Win32.Small.br skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP297\change.log Object is locked skipped

C:\System Volume Information\_restore{8B806CA5-FF36-4028-A023-92874EED0BB5}\RP297\A0048966.DLL Infected: Trojan-PSW.Win32.Small.br skipped

Scan process completed.
tordanxa

Re: Svchost.exe consume 100% CPU - 2007-09-16 22:32 - Respuesta 4

El log del hijackthis no está completo.

Deshabilita restaurar sistema

saludos
victormaji

Re: Svchost.exe consume 100% CPU - 2007-09-16 23:34 - Respuesta 5

Te envio de nuevo el fichero. Muchas gracias por tu ayuda

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:32:51, on 16/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.beep.es
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://es.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://es.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://es.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://es.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://es.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://es.search.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WindowsServicesStartup] C:\DOCUME~1\victor\LOCALS~1\Temp\svchost.exe 1
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicio rápido de Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Abrir en nueva ficha de fondo - res://C:\Program Files\Windows Live Toolbar\Components\es-es\msntabres.dll.mui/229?da469be940ba4af791bba4de9e684bdc
O8 - Extra context menu item: Abrir en nueva ficha en primer plano - res://C:\Program Files\Windows Live Toolbar\Components\es-es\msntabres.dll.mui/230?da469be940ba4af791bba4de9e684bdc
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.beep.es
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


End of file - 8924 bytes
Página:1 Siguiente

Respuestas relacionadas:

Explorer.exe consume el 50% de uso de cpuExplorer.exe consume el 50% de uso de cpuForo
Problema explorer.exe consume 100% cpuProblema explorer.exe consume 100% cpuForo
Explorer.exe, me consume toda la cpuExplorer.exe, me consume toda la cpuForo
Service.exe consume mucha cpuService.exe consume mucha cpuForo
Svchost.exe consume mucho cpu...Svchost.exe consume mucho cpu...Foro
Explorer.exe consume + del 90% de los recursosExplorer.exe consume + del 90% de los recursosForo
Recursos que consume aresRecursos que consume aresForo
El explorer consume muchisima cpuEl explorer consume muchisima cpuForo
Outlook me consume toda la ramOutlook me consume toda la ramForo
Cuanta energia consume una pc??Cuanta energia consume una pc??Foro
InicioSecciones
^ SubirAviso legal
Política Privacidad
Configurarequipos28 Abril 2024