CPU problem, na prazno cepa skoro max :: Pc Klinika ~ Doktori za vas kompjuter

Evo dva shota iz task manager-a i log fajlovi ComboFix-a i HiJackThis-a
Juce sam primetio da mi komp mnogo odjednom usporio, otvorim ja task kad imam sta da vidim...
Danas mi je bio upaljen samo, ali samo winamp i firefox a CPU je bio na 100% :frown:
Nemojte se ljutiti ako je vec bila slicna tema, nemam zivaca da proveravam

ComboFix log:

ComboFix 08-03-01.3 - King Kong 2008-03-08 18:23:51.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.679 [GMT -8:00]
Running from: D:\Programi\Antivirusi i Fix programs\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-02-09 to 2008-03-09 )))))))))))))))))))))))))))))))
.

2008-03-08 18:04 . 2008-03-08 18:04 <DIR> d-------- C:\Program Files\Hot CPU Tester Pro 4 LE
2008-03-08 15:08 . 2008-03-08 15:08 <DIR> d-------- C:\Program Files\Network Stumbler
2008-03-08 01:31 . 2008-03-08 01:31 1,353,016 --a------ C:\WINDOWS\system32\vete.dll
2008-03-08 00:10 . 2008-03-08 00:10 0 --------- C:\WINDOWS\WB.ini
2008-03-08 00:07 . 2008-03-08 00:07 <DIR> d-------- C:\Program Files\Stardock
2008-03-08 00:07 . 2007-07-11 14:06 42,672 --------- C:\WINDOWS\system32\wbsys.dll
2008-03-07 23:47 . 2008-03-07 23:47 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-03-07 14:25 . 2008-03-07 14:25 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-03-07 00:23 . 2008-03-08 17:24 <DIR> d-------- C:\Documents and Settings\King Kong\Incomplete
2008-03-07 00:22 . 2008-03-08 17:24 <DIR> d-------- C:\Documents and Settings\King Kong\Application Data\LimeWire
2008-03-06 23:28 . 2008-03-06 23:28 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-06 23:28 . 2008-03-06 23:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-05 23:54 . 2008-03-05 23:54 268 --ah----- C:\sqmdata19.sqm
2008-03-05 23:54 . 2008-03-05 23:54 244 --ah----- C:\sqmnoopt19.sqm
2008-03-05 18:16 . 2008-03-05 18:16 268 --ah----- C:\sqmdata18.sqm
2008-03-05 18:16 . 2008-03-05 18:16 244 --ah----- C:\sqmnoopt18.sqm
2008-03-05 11:34 . 2008-03-05 11:34 268 --ah----- C:\sqmdata17.sqm
2008-03-05 11:34 . 2008-03-05 11:34 244 --ah----- C:\sqmnoopt17.sqm
2008-03-04 23:33 . 2008-03-04 23:33 268 --ah----- C:\sqmdata16.sqm
2008-03-04 23:33 . 2008-03-04 23:33 244 --ah----- C:\sqmnoopt16.sqm
2008-03-04 19:33 . 2008-03-04 19:33 268 --ah----- C:\sqmdata15.sqm
2008-03-04 19:33 . 2008-03-04 19:33 244 --ah----- C:\sqmnoopt15.sqm
2008-03-03 22:47 . 2008-03-03 22:47 268 --ah----- C:\sqmdata14.sqm
2008-03-03 22:47 . 2008-03-03 22:47 244 --ah----- C:\sqmnoopt14.sqm
2008-03-02 14:19 . 2008-03-02 14:19 268 --ah----- C:\sqmdata13.sqm
2008-03-02 14:19 . 2008-03-02 14:19 244 --ah----- C:\sqmnoopt13.sqm
2008-03-02 07:06 . 2008-03-02 07:06 <DIR> d-------- C:\Program Files\CCleaner
2008-03-01 21:47 . 2008-03-01 21:47 268 --ah----- C:\sqmdata12.sqm
2008-03-01 21:47 . 2008-03-01 21:47 244 --ah----- C:\sqmnoopt12.sqm
2008-03-01 12:35 . 2008-03-01 12:35 268 --ah----- C:\sqmdata11.sqm
2008-03-01 12:35 . 2008-03-01 12:35 244 --ah----- C:\sqmnoopt11.sqm
2008-03-01 12:18 . 2008-03-01 12:18 <DIR> d-------- C:\Program Files\VSTplugins
2008-03-01 12:18 . 2008-03-01 12:18 <DIR> d-------- C:\Documents and Settings\King Kong\Application Data\Publish Providers
2008-03-01 12:16 . 2008-03-01 12:16 <DIR> d-------- C:\Documents and Settings\King Kong\Application Data\Sony
2008-03-01 12:15 . 2008-03-01 12:15 <DIR> d-------- C:\Program Files\Sony
2008-03-01 12:13 . 2008-03-01 12:14 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-03-01 12:12 . 2008-03-01 12:12 <DIR> d-------- C:\Program Files\Sony Setup
2008-03-01 10:33 . 2008-03-01 10:33 <DIR> d-------- C:\WINDOWS\nview
2008-03-01 10:33 . 2007-11-19 18:42 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-03-01 10:33 . 2008-03-01 10:35 162,001 --a------ C:\WINDOWS\system32\nvapps.xml
2008-03-01 10:33 . 2007-11-19 18:42 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-03-01 10:33 . 2008-03-08 11:49 268 --ah----- C:\sqmdata10.sqm
2008-03-01 10:33 . 2008-03-08 11:49 244 --ah----- C:\sqmnoopt10.sqm
2008-03-01 10:32 . 2008-03-01 10:32 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-03-01 10:32 . 2008-03-01 10:32 <DIR> d-------- C:\NVIDIA
2008-03-01 10:32 . 2007-11-19 19:55 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-03-01 10:24 . 2008-03-08 02:28 268 --ah----- C:\sqmdata09.sqm
2008-03-01 10:24 . 2008-03-08 02:28 244 --ah----- C:\sqmnoopt09.sqm
2008-03-01 09:40 . 2008-03-07 16:59 292 --ah----- C:\sqmdata08.sqm
2008-03-01 09:40 . 2008-03-07 16:59 244 --ah----- C:\sqmnoopt08.sqm
2008-03-01 09:27 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-03-01 09:27 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-03-01 09:11 . 2008-03-08 11:57 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-03-01 08:46 . 2008-03-07 14:21 268 --ah----- C:\sqmdata07.sqm
2008-03-01 08:46 . 2008-03-07 14:21 244 --ah----- C:\sqmnoopt07.sqm
2008-03-01 06:20 . 2008-03-01 06:20 <DIR> d-------- C:\Program Files\Windows Live
2008-03-01 06:20 . 2008-03-01 06:20 <DIR> d-------- C:\Program Files\LimeWire
2008-03-01 06:18 . 2008-03-01 06:18 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-01 06:16 . 2008-03-01 06:17 <DIR> d-------- C:\Program Files\Microsoft VM
2008-03-01 06:16 . 2008-03-01 06:16 <DIR> d-------- C:\Program Files\Java
2008-03-01 06:16 . 2008-03-01 06:16 <DIR> d-------- C:\Program Files\Common Files\Java
2008-03-01 06:16 . 2005-08-26 18:14 49,265 --a------ C:\WINDOWS\system32\jpicpl32.cpl
2008-03-01 06:15 . 2008-03-01 06:15 <DIR> d-------- C:\Programme
2008-03-01 06:14 . 2008-03-01 06:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-01 06:14 . 2008-03-01 06:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-03-01 06:14 . 2008-03-01 06:14 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-01 06:14 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-03-01 06:10 . 2008-03-01 06:14 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-03-01 06:10 . 2008-03-01 06:10 <DIR> d-------- C:\Documents and Settings\King Kong\Application Data\TuneUp Software
2008-03-01 05:50 . 2008-03-01 05:50 <DIR> d-------- C:\Program Files\VisualTaskTips
2008-03-01 05:50 . 2008-03-01 05:50 <DIR> d-------- C:\Program Files\styler
2008-03-01 05:50 . 2004-08-03 14:56 218,624 --a------ C:\WINDOWS\system32\uxtheme.backup
2008-03-01 05:46 . 2008-03-01 05:50 <DIR> d-------- C:\WINDOWS\VistaMizer
2008-03-01 05:42 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-03-01 05:40 . 2003-08-05 18:43 159,744 -ra------ C:\WINDOWS\system32\drivers\Fasttx2k.sys
2008-03-01 05:40 . 2003-06-19 23:06 118,784 -ra------ C:\WINDOWS\system32\ptipbmf.dll
2008-03-01 05:38 . 2004-02-26 02:40 14,225,408 -ra------ C:\WINDOWS\system32\ALSNDMGR.CPL
2008-03-01 05:37 . 2004-08-18 15:21 189,568 -ra------ C:\WINDOWS\system32\drivers\yk51x86.sys
2008-03-01 05:36 . 2000-03-28 22:17 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-03-01 05:36 . 2008-03-01 05:36 3,627 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-03-01 05:18 . 2008-03-07 14:21 268 --ah----- C:\sqmdata06.sqm
2008-03-01 05:18 . 2008-03-07 14:21 244 --ah----- C:\sqmnoopt06.sqm
2008-03-01 05:06 . 2008-03-07 00:18 268 --ah----- C:\sqmdata05.sqm
2008-03-01 05:06 . 2008-03-07 00:18 244 --ah----- C:\sqmnoopt05.sqm
2008-03-01 03:58 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-03-01 03:57 . 2008-03-01 03:57 <DIR> d-------- C:\Program Files\Microsoft Works
2008-03-01 03:56 . 2008-03-01 03:56 <DIR> d-------- C:\Program Files\MSBuild
2008-03-01 03:53 . 2008-03-01 03:56 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-03-01 03:52 . 2008-03-01 03:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-01 03:51 . 2008-03-01 03:51 <DIR> dr-h----- C:\MSOCache
2008-03-01 03:46 . 2008-03-06 09:41 268 --ah----- C:\sqmdata01.sqm
2008-03-01 03:46 . 2008-03-06 09:41 244 --ah----- C:\sqmnoopt01.sqm
2008-03-01 03:43 . 2008-03-01 03:43 <DIR> d-------- C:\Program Files\Alcohol Soft
2008-03-01 03:43 . 2005-04-25 10:43 159,616 --a------ C:\WINDOWS\system32\drivers\Vax347b.sys
2008-03-01 03:43 . 2004-04-30 09:33 5,248 --a------ C:\WINDOWS\system32\drivers\Vax347s.sys
2008-03-01 03:40 . 2008-03-01 03:40 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-03-01 03:40 . 2008-03-01 03:40 <DIR> d-------- C:\Program Files\Ahead
2008-03-01 03:40 . 2004-07-26 16:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-03-01 03:40 . 2004-07-26 16:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-03-01 03:40 . 2004-07-26 16:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-08 09:30 896,472 ----a-w C:\WINDOWS\system32\drivers\vetmonnt.sys
2008-03-08 09:30 114,856 ----a-w C:\WINDOWS\system32\drivers\vetfddnt.sys
2008-03-01 14:17 155,995 ----a-w C:\WINDOWS\java\Packages\W0JV1VTN.ZIP
2008-03-01 13:50 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-03-01 12:37 --------- d-----w C:\Documents and Settings\King Kong\Application Data\MailFrontier
2008-03-01 12:31 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-01 12:27 --------- d-----w C:\Program Files\Zone Labs
.

------- Sigcheck -------

99945674c9445809f48cb0357d725a80 C:\WINDOWS\system32\wininet.dll
----a-w 801,280 2004-08-03 22:56:48 C:\WINDOWS\system32\wininet.dll
-c--a-w 801,280 2004-08-03 22:56:48 C:\WINDOWS\system32\dllcache\wininet.dll
----a-w 656,384 2004-08-03 22:56:48 C:\WINDOWS\VistaMizer\old\wininet.dll

55aca85eb80e2155e20211aaaddd711a C:\WINDOWS\system32\winlogon.exe
----a-w 541,696 2004-08-03 22:56:58 C:\WINDOWS\system32\winlogon.exe
-c--a-w 541,696 2004-08-03 22:56:58 C:\WINDOWS\system32\dllcache\winlogon.exe
----a-w 502,272 2004-08-03 22:56:58 C:\WINDOWS\VistaMizer\old\winlogon.exe

98bc2dc6cfc30b7a3501bcf884fa5dc3 C:\WINDOWS\system32\ntkrnlpa.exe
----a-w 2,178,560 2004-08-03 23:05:44 C:\WINDOWS\system32\ntkrnlpa.exe
----a-w 2,015,232 2004-08-03 23:05:44 C:\WINDOWS\VistaMizer\old\ntkrnlpa.exe

70b7388bddb9fa71b1e29a051ab78627 C:\WINDOWS\system32\ntoskrnl.exe
----a-w 2,311,680 2004-08-03 21:18:32 C:\WINDOWS\system32\ntoskrnl.exe
----a-w 2,148,352 2004-08-03 21:18:32 C:\WINDOWS\VistaMizer\old\ntoskrnl.exe

b708561748cea933f50f4dd5c1951755 C:\WINDOWS\explorer.exe
----a-w 1,550,336 2004-08-03 22:56:50 C:\WINDOWS\explorer.exe
-c--a-w 1,550,336 2004-08-03 22:56:50 C:\WINDOWS\system32\dllcache\explorer.exe
----a-w 1,032,192 2004-08-03 22:56:50 C:\WINDOWS\VistaMizer\old\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-07 15:34 3739672]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:34 128000]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 14:56 25088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-02-26 00:53 65024 C:\WINDOWS\SOUNDMAN.EXE]
"Ptipbmf"="ptipbmf.dll" [2003-06-19 23:06 118784 C:\WINDOWS\system32\ptipbmf.dll]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 18:14 36975]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-11-19 18:42 8523776]
"nwiz"="nwiz.exe" [2007-11-19 18:42 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-11-19 18:42 81920]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
VisualTaskTips.lnk - C:\Program Files\VisualTaskTips\VisualTaskTips.exe [2006-07-31 03:33:50 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Zone Labs Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"D:\\Games\\Sierra\\FEAR\\FEAR.exe"=

R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-03 14:56]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-01 06:14]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e0d6778-e7af-11dc-8006-0011d8571702}]
\Shell\Auto\command - H:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-03-08 03:19:49 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-08 18:27:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\WINDOWS\system32\LIBEAY32_0.9.6l.dll

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.2180]
-> C:\Program Files\VisualTaskTips\VttHooks.dll
.
Completion time: 2008-03-08 18:28:39
ComboFix-quarantined-files.txt 2008-03-09 02:28:28
ComboFix2.txt 2008-03-09 00:19:25
ComboFix3.txt 2008-03-01 18:24:14

Fajlovi prikačeni uz poruku (kliknite na slike za punu veličinu)

(31.4 KB, 388x377)

(52.67 KB, 388x373)