MyCity » Ambulanta -> Arhiva Ambulante » Upotreba CPU 98%?

Upotreba CPU 98%?

Napisano na dan: 14.11.2007
1

Upotreba CPU 98%?
Sledeća strana Pagination

Idi na vrh

Poslao: 14 Nov 2007 00:00
Idi na vrh
offline
  • Pridružio: 31 Okt 2007
  • Poruke: 115
  • Gde živiš: Black Hole

Veliki pozdrav opet!
Nakon zadnjih intervencija,do veceras je sve bilo OK,medjutim trenutno mi upotreba CPU divlja iako nista ne radim na kompu i ventilator me izludjuje uporedo non-stop radeci!

Malo sam citao po pretrazivacima za neke file-ove koje mi trenutno pokazuje da upotrebljavaju CPU ali na zalost nisam nasao odgovor,a i dalje sistem pokazuje upotrebu 98%???

Fileovi (neuobicajeni meni) koji se pokazuju da koriste CPU trenutno su:

1. vsmon.exe
2. svrchost.exe (dva koriste CPU,od njih 7 postojecih)
3. Isass.exe
4. System

Pomagajte molim Vas!



Poslao: 14 Nov 2007 11:53
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

skunk ::svrchost.exe
Sad ja treba da gledam u pasulj da li si ti napravio grešku u pisanju (svchost je MS legitiman fajl) ili ti je ipak PC zaražen ?

No way..

Ajde lepo (pošto ti nije prvi put) podseti se kako se otvara tema u ovom delu foruma, postupi po uputstvima, pa pričamo dalje..



Poslao: 14 Nov 2007 22:53
Idi na vrh
offline
  • Pridružio: 31 Okt 2007
  • Poruke: 115
  • Gde živiš: Black Hole

Moja greska sto ne pojasnih detaljno,na zalost!
Pao sistem,ipak je bio zarazen ocigledno,ali uspio sam repear odraditi nekako,ali na kraju uspijesno!
Ipak hvala i ako moze samo pojasnjenja za ove file-ove sta je to ustvari:

1. vsmon.exe
2. svrchost.exe
3. Isass.exe
4. System

i za svrchost.exe: koliko je normalno da ih ima aktivnih na procesima,negdje sam procitao da ih ne smije biti vise od 5,a kod mene ih ima aktivnih 7 ???

Hvala jos jednom unaprijed!

Poslao: 14 Nov 2007 23:00
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

1. Isass.exe ili Lsass.exe?
2. svrchost.exe ili svchost.exe?
3. broj svchost-ova zavisi od toga koliko imas pokrenutih servisa na kompu.
4. System nije proces, to je koren svih procesa
5. vsmon.exe - ZoneAlarm

Nisi postavio HijackThis log, a nama je pokvarena carobna kugla...

Poslao: 14 Nov 2007 23:07
Idi na vrh
offline
  • Pridružio: 31 Okt 2007
  • Poruke: 115
  • Gde živiš: Black Hole

Sorry, svchost.exe je u pitanju!Sta ti servisi podrazumijevaju,npr.?

Isas.exe je ne L- za sta je to?
Za ovaj vsmon.exe sam negdje procitao da moze biti virus takodjer,da li je to moguce?

Hvala!

Poslao: 14 Nov 2007 23:08
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Aman, postavi vec jednom HijackThis log Smile

Poslao: 14 Nov 2007 23:56
Idi na vrh
offline
  • Pridružio: 31 Okt 2007
  • Poruke: 115
  • Gde živiš: Black Hole

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:08:46, on 14/11/2007
Platform: Windows XP SP2 (WinNT)
MSIE: Internet Explorer v7.00
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Program Files\Packard Bell\SrvCDEject.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Azureus\Azureus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe"
O4 - HKLM\..\Run: [NECHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: msnmsgr.lnk = C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Startup: zlclient.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\beuk.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [Link mogu videti samo ulogovani korisnici]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Link mogu videti samo ulogovani korisnici]
O17 - HKLM\System\CCS\Services\Tcpip\..\{905279FD-2B8E-4217-B9A4-43034847B80A}: NameServer = 194.154.192.101,194.154.192.102
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 10167 bytes

Dopuna: 14 Nov 2007 23:56

Evo ja postavio?

Poslao: 15 Nov 2007 00:57
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Ovo što si postavio je čisto.

Poslao: 15 Nov 2007 21:06
Idi na vrh
offline
  • Pridružio: 31 Okt 2007
  • Poruke: 115
  • Gde živiš: Black Hole

Onda sam izgleda uspio sa Repeare-om i ciscenjem!
U svakom slucaju hvala Vam i ako moze jos samo ovo pojasnjenje:

" svchost.exe je u pitanju!Sta ti servisi podrazumijevaju,npr.?

Isas.exe je u pitanju,ne L!Za sta je to i sta je to ustvari?
Za ovaj vsmon.exe sam negdje procitao da moze biti virus takodjer,da li je to moguce?

Hvala jos jednom!

Poslao: 15 Nov 2007 21:33
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

svchost.exe
[Link mogu videti samo ulogovani korisnici]

vsmon.exe ti pripada Zone Alarm firewall-u i pokreće se sa putanje
C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Kako svaki fajl (nebitno kako se on zvao) može biti maliciozan, bitno je odakle se startuje. Ovaj ima legitimnu putanju i to je to. Bez AV, možeš da proveriš fajl preko desnog klika > izabereš Properties i vidiš ko je "potpisao" fajl kao proizvođač. Ako je windowsov onda ti piše Microsoft ako je neke druge firme takođe piše o čemu se radi.

C:\WINDOWS\system32\lsass.exe kod tebe je legitiman windowsov fajl. Nemoj da praviš zabunu za slovima. Nije I (veliko) nego L (malo slovo) u pitanju.
Da ti ne bih prepričavao nešto o čemu je dosta puta već pisano kako ovde, tako i uopšte na netu isprati detaljno ovu temu i linkove sa nje.
[Link mogu videti samo ulogovani korisnici]

Pretražuj Zaštitu i čitaj.. Smile

Pozz

MyCity » Ambulanta -> Arhiva Ambulante » Upotreba CPU 98%?

Ko je trenutno na forumu
 

Ukupno su 943 korisnika na forumu :: 69 registrovanih, 8 sakrivenih i 866 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Akiro, Aleksa 3215, AleksSE, Apok, avijacija, bojankrstc, Bombarder, Brana01, brkan1, cemix, dak2, darkkran, dearg, dekan.m, djordje132, DJUNTA, Dogma21, doktor097, grunff2, GveX, havoc995, Hitri, HogarStrashni, ibssa, iceburn, Insan, jalos, Kajzer Soze, krca73, Lieutenant, littlebunny, Lotus, luka35, Mercury, Metanoja, Mi lao shu, miljannis, MILO-VAN, nextyamb, operniki, Paklenica, Parker, PoolbegD02, precan, Pv123, Pčelar, Qvazimodo, SamostalniReferent, Sevetar, Singidunumac, Smajser, sosko, Srna, suton, synergia, Tafocus, tanakadzo, Tas011, trajkoni018, TRZH92, vazduh, vidra boy, vjetar, vlado_pg, voja64, vukajlo71, yufighter, zmajbre, Zorge