procesor naprazdno na 50%

roocoX · Napísal **roocoX**: 07.10.2009 16:46

dobry den prajem, prosim poradte ak viete. pravdepodobne som dostal nejaky "rootkit alebo spyware" lebo uz druhy den mi nieco naprazdno zatazuje procesor na 50% a to aj ked mam vypnute skoro vsetky procesy. mal som avast a aj tak som to schytal. ked som dal kontrolu PC tak nasiel 1 virus,viac nic a procesor vzdy okolo 50%.. pomoze tu nejaky free ANTI-daco? alebo len reinstal windows, ktory dufam ze pomoze.. skuste odpisat

Jaro · Napísal **Jaro**: 07.10.2009 16:50

aky je nazov procesu ktory CPU vytazuje?

roocoX · Napísal autor témy **roocoX**: 07.10.2009 17:29

Jaro píše:

aky je nazov procesu ktory CPU vytazuje?

prave ze neviem lebo ked som skoro vsetky porusil ostali len tie ktore sa nedali zrusit a exploler

pitimir · Napísal **pitimir**: 07.10.2009 17:58

No medzi spyware a rootkitom je velky rozdiel

Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.

roocoX · Napísal autor témy **roocoX**: 07.10.2009 18:54

no tu je jeden:

Citácia:

DDS (Ver_09-09-29.01) - NTFSx86
Run by Lucas at 18:47:38,82 on st 07. 10. 2009
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.3067.2034 [GMT 2:00]

SP: Antispyware *disabled* (Updated) {721F25CC-1700-4BDF-B88C-7EECE9D72521}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Lucas\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Lucas\Desktop\dds.pif
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Podpora odkazu pro Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Software Informer] "c:\program files\software informer\softinfo.exe" -autorun
uRun: [DU Meter] c:\program files\du meter\DUMeter.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
StartupFolder: c:\users\lucas\appdata\roaming\micros~1\windows\startm~1\programs\startup\speedfan.lnk - c:\program files\speedfan\speedfan.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Prevziať pomocou FDM - file://c:\program files\free download manager\dllink.htm
IE: Prevziať video pomocou FDM - file://c:\program files\free download manager\dlfvideo.htm
IE: Prevziať vybrané pomocou FDM - file://c:\program files\free download manager\dlselected.htm
IE: Prevziať všetko pomocou FDM - file://c:\program files\free download manager\dlall.htm
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
TCP: {2D57BD76-FC5B-4A61-83F0-F3EC8E2CA822} = 195.146.128.60,195.146.130.59

================= FIREFOX ===================

FF - ProfilePath - c:\users\lucas\appdata\roaming\mozilla\firefox\profiles\o7qf6781.default\
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-16 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-16 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-9-16 53328]
R2 DUMeterSvc;DU Meter Service;c:\program files\du meter\DUMeterSvc.exe [2009-9-20 1382672]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20);c:\windows\system32\drivers\L1E62x86.sys [2009-6-20 47104]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

=============== Created Last 30 ================

2009-10-07 16:10 <DIR> --d----- c:\users\lucas\appdata\roaming\Antispyware
2009-10-04 19:45 <DIR> --d----- c:\programdata\Adobe
2009-10-04 10:56 <DIR> --d----- c:\users\lucas\Office Genuine Advantage
2009-10-03 12:52 <DIR> --d----- c:\programdata\Office Genuine Advantage
2009-10-03 10:04 195,440 -------- c:\windows\system32\MpSigStub.exe
2009-10-01 19:36 <DIR> --d----- c:\program files\VirtualDJ
2009-09-29 11:15 2,562 a------- c:\windows\diagwrn.xml
2009-09-29 11:15 1,908 a------- c:\windows\diagerr.xml
2009-09-29 10:57 <DIR> --d----- c:\users\lucas\appdata\roaming\Canneverbe_Limited
2009-09-29 10:57 <DIR> --d----- c:\programdata\Canneverbe Limited
2009-09-29 10:57 <DIR> --d----- c:\progra~2\Canneverbe Limited
2009-09-29 10:47 <DIR> --d----- c:\program files\Astonsoft
2009-09-27 09:49 <DIR> --d----- c:\windows\PCHEALTH
2009-09-27 09:48 <DIR> --d----- c:\programdata\Microsoft Help
2009-09-27 08:44 <DIR> --d----- c:\program files\Avago-HP
2009-09-25 17:15 <DIR> --d----- c:\program files\AP Tuner
2009-09-25 17:10 <DIR> --d----- C:\DS
2009-09-25 16:49 <DIR> --d----- c:\program files\GuitarTab Synth
2009-09-22 19:39 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-09-22 19:39 <DIR> --d----- c:\users\lucas\appdata\roaming\DAEMON Tools Lite
2009-09-21 20:17 80,936 a------- c:\windows\system32\drivers\btwavdt.sys
2009-09-21 20:17 80,424 a------- c:\windows\system32\drivers\btwaudio.sys
2009-09-21 20:17 16,168 a------- c:\windows\system32\drivers\btwrchid.sys
2009-09-21 20:17 233,472 a------- c:\windows\system32\BtwRSupport.dll
2009-09-21 20:17 <DIR> --d----- c:\windows\system32\es-MX
2009-09-21 20:17 <DIR> --d----- c:\windows\system32\es-AR
2009-09-21 20:00 <DIR> --d----- c:\users\lucas\Bluetooth Software
2009-09-21 20:00 <DIR> --d----- c:\program files\WIDCOMM
2009-09-20 21:09 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-09-20 18:20 118 a------- c:\windows\system32\temp_0000_65-19.aok
2009-09-20 18:20 <DIR> --d----- C:\OutputFolder
2009-09-20 18:19 119 a------- c:\windows\system32\test.aok
2009-09-20 18:18 258,048 a------- c:\windows\system32\GplMpgDec.ax
2009-09-20 18:18 129,024 a------- c:\windows\system32\AVERM.dll
2009-09-20 18:18 28,672 a------- c:\windows\system32\AVEQT.dll
2009-09-20 18:18 <DIR> --d----- c:\program files\Allok Video to MP4 Converter
2009-09-20 00:37 <DIR> --d----- c:\users\lucas\appdata\roaming\Software Informer
2009-09-20 00:37 <DIR> --d----- c:\programdata\FreeDownloadManager.ORG
2009-09-20 00:37 <DIR> --d----- c:\progra~2\FreeDownloadManager.ORG
2009-09-19 20:12 553 a------- c:\windows\USetup.iss
2009-09-19 20:11 290,816 a------- c:\windows\RTKVADDA.EXE
2009-09-19 20:11 1,694 a------- c:\windows\RtDefLvl.ini
2009-09-19 20:11 <DIR> --d----- c:\program files\Realtek
2009-09-19 20:08 520,192 a------- c:\windows\RtlExUpd.dll
2009-09-19 19:59 83 a------- c:\windows\QtZgAcer.UNI
2009-09-19 19:59 <DIR> --d----- c:\program files\Launch Manager
2009-09-19 18:59 53,248 a------- c:\windows\system32\CSVer.dll
2009-09-19 18:13 <DIR> --d----- c:\windows\system32\ENU
2009-09-19 18:13 1,034,776 a------- c:\windows\system32\imsmudlg.exe
2009-09-19 18:13 <DIR> --d----- c:\windows\system32\Lang
2009-09-19 18:13 <DIR> --d----- C:\Intel
2009-09-19 18:13 317,464 a------- c:\windows\system32\drivers\iaStor.sys
2009-09-19 10:54 485,920 a------- c:\windows\system32\nvuninst.exe
2009-09-18 20:22 257,449,776 a------- c:\windows\MEMORY.DMP
2009-09-18 15:30 <DIR> --d----- c:\programdata\NVIDIA
2009-09-18 15:05 <DIR> --d----- c:\program files\Richard Burns Rally
2009-09-18 14:51 <DIR> --d----- c:\program files\Software Informer
2009-09-18 14:51 <DIR> --d----- c:\users\lucas\appdata\roaming\Free Download Manager
2009-09-18 14:51 <DIR> --d----- c:\program files\Free Download Manager
2009-09-17 21:37 <DIR> --d----- c:\program files\Lavalys
2009-09-17 20:44 <DIR> --d----- c:\program files\Motherboard Monitor 5
2009-09-17 17:07 <DIR> --d----- c:\programdata\Hagel Technologies
2009-09-17 17:07 <DIR> --d----- c:\progra~2\Hagel Technologies
2009-09-17 17:07 <DIR> --d----- c:\program files\DU Meter
2009-09-17 16:18 <DIR> --d----- c:\windows\system32\appmgmt
2009-09-17 15:51 <DIR> --dsh--- c:\windows\Installer
2009-09-17 15:30 0 a---h--- c:\windows\system32\drivers\Msft_User_tcwbf_01_09_00.Wdf
2009-09-17 15:30 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01009.Wdf
2009-09-17 15:30 <DIR> --d----- c:\program files\Protector Suite
2009-09-17 01:03 <DIR> --d----- c:\program files\SpeedFan
2009-09-17 01:03 45 a------- c:\windows\system32\initdebug.nfo
2009-09-17 00:41 <DIR> --d----- c:\programdata\Real
2009-09-17 00:41 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-09-17 00:06 171,136 a--shr-- C:\w7ldr
2009-09-16 22:24 1,060,864 a------- c:\windows\system32\MFC71.dll
2009-09-16 22:24 499,712 a------- c:\windows\system32\MSVCP71.dll
2009-09-16 22:24 348,160 a------- c:\windows\system32\MSVCR71.dll
2009-09-16 22:24 53,328 a------- c:\windows\system32\drivers\aswMonFlt.sys
2009-09-16 22:24 <DIR> --d----- c:\users\lucas\appdata\roaming\AIMP
2009-09-16 22:24 <DIR> --d----- c:\program files\AIMP2
2009-09-16 21:55 <DIR> --d----- c:\program files\The KMPlayer
2009-09-16 21:49 <DIR> --d----- c:\windows\Panther
2009-09-16 21:48 8,192 a--shr-- C:\BOOTSECT.BAK
2009-09-16 21:48 383,562 a--shr-- C:\bootmgr
2009-09-16 21:48 <DIR> --dsh--- C:\Boot
2009-09-16 21:14 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-09-16 21:14 <DIR> --d----- c:\program files\Synaptics
2009-09-16 21:10 319,456 a------- c:\windows\DIFxAPI.dll
2009-09-16 21:10 520 a------- c:\windows\system32\drivers\RTEQEX1.dat
2009-09-16 21:10 520 a------- c:\windows\system32\drivers\RTEQEX0.dat
2009-09-16 21:10 8 a------- c:\windows\system32\drivers\rtkhdaud.dat
2009-09-16 21:10 315,392 a------- c:\windows\HideWin.exe
2009-09-16 21:03 1,445,734 a------- c:\windows\system32\PerfStringBackup.INI
2009-09-16 21:03 <DIR> --d----- c:\windows\system32\wbem\Performance
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Soubory cookie
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Poslední
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Okolní tiskárny
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Okolní síť
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Šablony
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Nabídka Start
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Dokumenty
2009-09-16 21:00 <DIR> --dsh--- c:\users\lucas\Data aplikací
2009-09-16 21:00 <DIR> --d----- c:\users\Lucas
2009-09-16 21:00 <DIR> --dsh--- C:\Recovery
2009-09-16 21:00 <DIR> --dsh--- c:\programdata\Plocha
2009-09-16 21:00 <DIR> --dsh--- c:\programdata\Oblíbené položky
2009-09-16 21:00 <DIR> --dsh--- c:\programdata\Šablony
2009-09-16 21:00 <DIR> --dsh--- c:\programdata\Nabídka Start
2009-09-16 21:00 <DIR> --dsh--- c:\programdata\Dokumenty
2009-09-16 21:00 <DIR> --dsh--- c:\programdata\Data aplikací
2009-09-16 21:00 <DIR> --dsh--- c:\progra~2\Plocha
2009-09-16 21:00 <DIR> --dsh--- c:\progra~2\Oblíbené položky
2009-09-16 21:00 <DIR> --dsh--- c:\progra~2\Šablony
2009-09-16 21:00 <DIR> --dsh--- c:\progra~2\Nabídka Start
2009-09-16 21:00 <DIR> --dsh--- c:\progra~2\Dokumenty
2009-09-16 21:00 <DIR> --dsh--- c:\progra~2\Data aplikací
2009-09-16 20:52 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-09-16 18:33 1,060,424 a------- c:\windows\system32\WdfCoInstaller01000.dll
2009-09-16 18:33 151,552 a------- c:\windows\system32\SynTPAPI.dll
2009-09-16 18:33 110,592 a------- c:\windows\system32\SynTPCo4.dll
2009-09-16 18:33 200,704 a------- c:\windows\system32\SynCtrl.dll
2009-09-16 18:33 199,472 a------- c:\windows\system32\drivers\SynTP.sys
2009-09-16 18:33 163,840 a------- c:\windows\system32\SynCOM.dll
2009-09-16 18:32 1,044,992 a------- c:\windows\system32\nvapi.dll
2009-09-16 18:32 795,104 a------- c:\windows\system32\dpinst.exe

==================== Find3M ====================

2009-10-07 17:31 614,512 a------- c:\windows\system32\perfh005.dat
2009-10-07 17:31 118,684 a------- c:\windows\system32\perfc005.dat
2009-09-16 22:44 21,264 a------- c:\windows\system32\drivers\DKbFltr.sys
2009-09-16 22:44 207,368 a------- c:\windows\UNINST32.EXE
2009-09-16 22:44 56,080 a------- c:\windows\system32\QtBtLib.dll
2009-08-03 15:07 403,816 a------- c:\windows\system32\OGACheckControl.dll
2009-08-03 15:07 322,928 a------- c:\windows\system32\OGAAddin.dll
2009-08-03 15:07 230,768 a------- c:\windows\system32\OGAEXEC.exe
2009-07-15 01:54 10,854,400 a------- c:\windows\system32\nvoglv32.dll
2009-07-15 01:54 7,565,824 a------- c:\windows\system32\nvd3dum.dll
2009-07-15 01:54 3,287,040 a------- c:\windows\system32\nvwgf2um.dll
2009-07-15 01:54 2,169,376 a------- c:\windows\system32\nvcuvid.dll
2009-07-15 01:54 1,983,488 a------- c:\windows\system32\nvcuda.dll
2009-07-15 01:54 1,919,520 a------- c:\windows\system32\nvencodemft.dll
2009-07-15 01:54 1,706,528 a------- c:\windows\system32\nvcuvenc.dll
2009-07-15 01:54 485,920 a------- c:\windows\system32\nvudisp.exe
2009-07-15 01:54 252,448 a------- c:\windows\system32\nvdecodemft.dll
2009-07-15 01:54 151,552 a------- c:\windows\system32\nvcod157.dll
2009-07-15 01:54 151,552 a------- c:\windows\system32\nvcod.dll
2009-07-14 10:43 292,004 a------- c:\windows\system32\perfi005.dat
2009-07-14 10:43 292,004 a------- c:\windows\inf\perflib\0405\perfi.dat
2009-07-14 10:43 292,004 a------- c:\windows\inf\perflib\0405\perfh.dat
2009-07-14 10:43 36,232 a------- c:\windows\system32\perfd005.dat
2009-07-14 10:43 36,232 a------- c:\windows\inf\perflib\0405\perfd.dat
2009-07-14 10:43 36,232 a------- c:\windows\inf\perflib\0405\perfc.dat
2009-07-14 06:41 174 a--sh--- c:\program files\desktop.ini
2009-07-14 03:26 249,408 a------- c:\windows\system32\clfs.sys
2009-07-14 03:26 101,968 a------- c:\windows\system32\consent.exe
2009-07-14 03:26 2,217,536 a------- c:\windows\system32\bootres.dll
2009-07-14 03:26 21,584 a------- c:\windows\system32\BOOTVID.DLL
2009-07-14 03:24 1,073,152 a------- c:\windows\system32\Narrator.exe
2009-07-14 03:23 5,070,848 a------- c:\windows\system32\AuthFWSnapin.dll
2009-07-14 03:22 107,008 a------- c:\windows\system32\NAPHLPR.DLL
2009-07-14 03:22 46,080 a------- c:\windows\system32\NAPCRYPT.DLL
2009-07-14 03:20 3,954,768 a------- c:\windows\system32\ntkrnlpa.exe
2009-07-14 03:20 3,899,472 a------- c:\windows\system32\ntoskrnl.exe
2009-07-14 03:20 91,728 a------- c:\windows\system32\MigAutoPlay.exe
2009-07-14 03:20 470,608 a------- c:\windows\system32\mcupdate_GenuineIntel.dll
2009-07-14 03:20 31,824 a------- c:\windows\system32\mcupdate_AuthenticAMD.dll
2009-07-14 03:20 17,488 a------- c:\windows\system32\kdusb.dll
2009-07-14 03:20 16,960 a------- c:\windows\system32\kd1394.dll
2009-07-14 03:20 15,952 a------- c:\windows\system32\kdcom.dll
2009-07-14 03:20 194,640 a------- c:\windows\system32\halmacpi.dll
2009-07-14 03:20 137,296 a------- c:\windows\system32\halacpi.dll
2009-07-14 03:20 126,976 a------- c:\windows\system32\AuthFWWizFwk.dll
2009-07-14 03:19 22,096 a------- c:\windows\system32\streamci.dll
2009-07-14 03:19 52,816 a------- c:\windows\system32\PSHED.DLL
2009-07-14 03:17 690,888 a------- c:\windows\system32\ci.dll
2009-07-14 03:17 507,568 a------- c:\windows\system32\winload.exe
2009-07-14 03:17 442,920 a------- c:\windows\system32\winresume.exe
2009-07-14 03:17 271,864 a------- c:\windows\system32\fveapi.dll
2009-07-14 03:17 249,680 a------- c:\windows\system32\bcryptprimitives.dll
2009-07-14 03:17 242,936 a------- c:\windows\system32\rsaenh.dll
2009-07-14 03:17 156,728 a------- c:\windows\system32\dssenh.dll
2009-07-14 03:17 102,448 a------- c:\windows\system32\wbem\Win32_Tpm.dll
2009-07-14 03:17 1,286,144 a------- c:\windows\system32\ntdll.dll
2009-07-14 03:17 143,936 a------- c:\windows\system32\basecsp.dll
2009-07-14 03:15 1,386,496 a------- c:\windows\system32\msxml6.dll
2009-07-14 03:14 493,568 a------- c:\windows\system32\BFE.DLL
2009-07-14 03:11 54,272 a------- c:\windows\system32\WsmRes.dll
2009-07-14 03:11 4,608 a------- c:\windows\system32\ws2help.dll
2009-07-14 03:11 12,625,408 a------- c:\windows\system32\wmploc.DLL
2009-07-14 03:11 5,120 a------- c:\windows\system32\wmi.dll
2009-07-14 03:11 2,048 a------- c:\windows\system32\wmerror.dll
2009-07-14 03:11 2,048 a------- c:\windows\system32\wbem\WmiApRes.dll
2009-07-14 03:11 6,656 a------- c:\windows\system32\wbem\WinMgmtR.dll
2009-07-14 03:11 1,536 a------- c:\windows\system32\winrsmgr.dll
2009-07-14 03:11 669,184 a------- c:\windows\system32\WFSR.dll
2009-07-14 03:10 2,560 a------- c:\windows\system32\uxlibres.dll
2009-07-14 03:10 1,164,800 a------- c:\windows\system32\UIRibbonRes.dll
2009-07-14 03:10 2,048 a------- c:\windows\system32\tzres.dll
2009-07-14 03:10 108,544 a------- c:\windows\system32\tapiui.dll
2009-07-14 03:10 7,168 a------- c:\windows\system32\spwizres.dll
2009-07-14 03:10 8,338,432 a------- c:\windows\system32\spwizimg.dll
2009-07-14 03:10 5,120 a------- c:\windows\system32\setupetw.dll
2009-07-14 03:10 2,560 a------- c:\windows\system32\sfc.dll
2009-07-14 03:10 68,608 a------- c:\windows\system32\nlsbres.dll
2009-07-14 03:08 6,917,120 a------- c:\windows\system32\NlsLexicons0c1a.dll
2009-07-14 03:07 18,944 a------- c:\windows\system32\netevent.dll
2009-07-14 03:06 48,128 a------- c:\windows\system32\mshtmler.dll
2009-07-14 03:05 3,072 a------- c:\windows\system32\icmp.dll
2009-07-14 03:05 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-07-14 03:05 925,184 a------- c:\windows\system32\FXSRESM.dll
2009-07-14 03:05 34,816 a------- c:\windows\system32\FXSCOMPOSERES.dll
2009-07-14 03:05 7,680 a------- c:\windows\system32\FXSEVENT.dll
2009-07-14 03:03 95,232 a------- c:\windows\system32\auditpolmsg.dll
2009-07-14 02:34 291,294 a------- c:\windows\system32\perfi009.dat
2009-07-14 02:34 291,294 a------- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 02:34 291,294 a------- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 02:34 31,548 a------- c:\windows\system32\perfd009.dat
2009-07-14 02:34 31,548 a------- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 02:34 31,548 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-07-14 02:02 151,552 a------- c:\windows\system32\rdpdd.dll
2009-07-14 02:01 223,232 a------- c:\windows\system32\wksprt.exe
2009-07-14 02:01 14,848 a------- c:\windows\system32\tsddd.dll
2009-07-14 02:01 26,624 a------- c:\windows\system32\RDPREFDD.dll
2009-07-14 01:29 213,504 a------- c:\windows\system32\vmicsvc.exe
2009-07-14 01:28 47,616 a------- c:\windows\system32\vmictimeprovider.dll
2009-07-14 01:28 113,664 a------- c:\windows\system32\IcCoinstall.dll
2009-07-14 01:28:45 A------- 113,664 c:\windows\system32\VmdCoinstall.dll
2009-06-10 23:26 9,633,792 a--shr-- c:\windows\fonts\StaticCache.dat

============= FINISH: 18:48:13,67 ===============

a tu druhy:

Citácia:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-09-29.01)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 16. 9. 2009 21:00:42
System Uptime: 10. 7. 2009 15:06:35 (2139 hours ago)

Motherboard: Acer, Inc. | | Makalu
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz | U2E1 | 2000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 140 GiB total, 106,44 GiB free.
D: is FIXED (NTFS) - 144 GiB total, 28,193 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP28: 27. 9. 2009 9:47:22 - Installed Microsoft Office Professional Plus 2007
RP29: 27. 9. 2009 10:38:30 - Windows Update
RP30: 29. 9. 2009 9:04:17 - Windows Update
RP31: 1. 10. 2009 22:47:10 - Windows Update
RP32: 3. 10. 2009 10:02:14 - Windows Update
RP33: 3. 10. 2009 10:03:48 - Windows Update
RP34: 3. 10. 2009 13:11:43 - Windows Update
RP35: 4. 10. 2009 19:44:41 - Nainstalováno: Adobe Reader 8 - Czech
RP36: 4. 10. 2009 20:31:28 - Odebráno: Adobe Reader 8 - Czech
RP37: 6. 10. 2009 21:58:51 - Operace obnovení
RP38: 7. 10. 2009 16:09:52 - Installed Antispyware
RP39: 7. 10. 2009 16:21:48 - Removed Antispyware

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8 - Czech
AIMP2
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)
Aktualizácia Microsoft Office Word 2007 Help (KB963665)
Allok Video to MP4 Converter 5.1.0626
AP Tuner 3.08
avast! Antivirus
CDBurnerXP
DeepBurner v1.6.0.198
DU Meter
EVEREST Ultimate Edition v5.02
Free Download Manager 3.0
Intel(R) Matrix Storage Manager
K-Lite Mega Codec Pack 4.1.7
Launch Manager
Microsoft Office Access MUI (Slovak) 2007
Microsoft Office Excel MUI (Slovak) 2007
Microsoft Office InfoPath MUI (Slovak) 2007
Microsoft Office Outlook MUI (Slovak) 2007
Microsoft Office PowerPoint MUI (Slovak) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Hungarian) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Slovak) 2007
Microsoft Office Publisher MUI (Slovak) 2007
Microsoft Office Shared MUI (Slovak) 2007
Microsoft Office Word MUI (Slovak) 2007
Mozilla Firefox (3.5.3)
NVIDIA Drivers
OGA Notifier 2.0.0048.0
PVSonyDll
Realtek High Definition Audio Driver
SpeedFan (remove only)
Synaptics Pointing Device Driver
The KMPlayer (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for Outlook 2007 Junk Email Filter (kb973514)
Virtual DJ - Atomix Productions
WIDCOMM Bluetooth Software 6.0.1.6400
Windows Media Player 12 with Toolbar 12.00
Windows Media Player Firefox Plugin
WinRAR archiver

==== End Of File ===========================

No posud co vidis a skus pomoct

pitimir · Napísal **pitimir**: 07.10.2009 19:08

Hovori ti nieco toto?

Kód:

c:\users\lucas\appdata\roaming\Antispyware

Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.

roocoX · Napísal autor témy **roocoX**: 07.10.2009 20:00

tak, naslo mi 4 malware, zmazal som ale procesor robi to iste co aj predtym.. da sa este s tym nieco robit? alebo ani boh uz nevie

Tu je ten vysledok:

Citácia:

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2775
Windows 6.1.7600

7. 10. 2009 19:53:27
mbam-log-2009-10-07 (19-53-27).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 175925
Uplynulý čas: 24 minute(s), 11 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
D:\System Volume Information\_restore{F9EC54DF-FD6E-4AF5-8ADD-00D645B1ACAA}\RP86\A0015156.exe (Malware.Packer.T) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{F9EC54DF-FD6E-4AF5-8ADD-00D645B1ACAA}\RP96\A0016843.exe (Malware.Packer.T) -> Quarantined and deleted successfully.
D:\DOWNLOAD\setup-trial.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Antispyware Scheduled Scan.job (Rogue.AntiSpyware) -> Quarantined and deleted successfully.

pitimir · Napísal **pitimir**: 07.10.2009 20:21

Da, coby nie

Prejdeme na dalsi nastroj...

Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!

Pokracovat budem moct az v piatok (aj to dufam), takze prosim o strpenie.

roocoX · Napísal autor témy **roocoX**: 07.10.2009 20:36

neostavalo mi nic len preinstalovat windows a chvala Bohu virus je prec. dik za tu ochotu, velmi sa mi paci tvoj pristup chciet pomoct. dufam ze budes taky ochotny aj nabuduce

pitimir · Napísal **pitimir**: 09.10.2009 19:16

Ak tu budem, tak preco nie

Je to moje hobby.

robbie · Napísal **robbie**: 21.10.2009 17:58

ahojte,
ja mma podobny problem. procesor mi ide v kludnom stave na 50 - 100%.
ako uz pitimir spomenul tak som to presiel tym malwerom,ale nepomohlo to.
pitimir - vedel by si mi poradit co dalej? vdaka

ked si spustim task manager tak jediny proces co mi berie vela - resp. 50% je UMonit.exe

pitimir · Napísal **pitimir**: 21.10.2009 18:35

Nazdar robbie: Hned na uvod jedna vystraha - NIKDY nie su dva PC uplne rovnake (SW (aj samotna infekcia) ci HW).

Preto neodporucam nic mazat utilitami, ktore su pouzite v inych problemoch, mozu tam byt pouzite v inom "vyzname", s inou f-ciou ako budes potrebovat ty. Snad je jasne, co som tym chcel povedat

A k tvojmu problemu: Zaloz si vlastny thread (kvoli prehladnosti) a opis tam svoj problem. Ja by som ho mal najst a postnut ti instrukcie ako dalej

procesor naprazdno na 50%

Podobné témy