MyCity » Ambulanta -> Arhiva Ambulante » CPU usage ponovo na 100

CPU usage ponovo na 100

Napisano na dan: 10.12.2013

CPU usage ponovo na 100
Sledeća strana Pagination

Idi na vrh

Poslao: 10 Dec 2013 23:35
Idi na vrh
offline
  • Nikola
  • Pridružio: 14 Apr 2012
  • Poruke: 73
  • Gde živiš: Vranje

Nakon zavrsene igre League of Legends,CPU usage se podigo na 100 posto.Restartovao sam racunar ali opet ista situacija.Pokrenuo sam racunar u safe modu da bih skenirao kompjuter da vidim da li ima virusa ali isve je ok.

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
Run by Admin at 23:30:07 on 2013-12-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.814 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com
mStart Page = hxxp://www.google.com
uProxyOverride = <local>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Pando Media Booster] "c:\program files\pando networks\media booster\PMB.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [LightShot] c:\documents and settings\admin\local settings\application data\skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
dRunOnce: [IE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1361114128109
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361114250156
TCP: NameServer = 192.168.1.20
TCP: Interfaces\{474469B3-E6C7-433A-9D82-644F089F9F54} : DHCPNameServer = 192.168.1.20
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\r2s9uh53.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchiseasy.info/?pid=1387&r=2013/08/29&hid=7640868774777668260&lg=EN&cc=RS&unqvl=33&l=1&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://websearch.searchiseasy.info/?pid=1387&r=2013/08/29&hid=7640868774777668260&lg=EN&cc=RS&unqvl=33&l=1&q=
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\winamp detect\npwachk.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1204144.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1205146.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-12 49944]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-12 178304]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-20 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-20 403440]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-20 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-12 70384]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-20 50344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-1 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-1 701512]
S2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-2-17 1684736]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2013-2-17 103040]
S3 DCamUSBSTK016;STK016 Camera;c:\windows\system32\drivers\STK016W2.sys [2013-4-8 99476]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [2012-1-11 32000]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-1 22856]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2012-2-22 22400]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\razer\razer game booster\driver\WinRing0.sys [2012-11-13 14416]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== File Associations ===============
.
ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1"
ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2013-12-09 12:19:49 -------- d-----w- c:\documents and settings\admin\application data\AVAST Software
2013-11-27 16:18:55 278528 -c----w- c:\windows\system32\dllcache\oakley.dll
2013-11-27 16:18:49 287744 -c----w- c:\windows\system32\dllcache\gdi32.dll
.
==================== Find3M ====================
.
2013-12-10 09:53:32 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-10 09:53:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 12:11:05 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-09 12:11:05 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-09 12:11:05 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-09 12:11:04 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-09 12:11:04 43152 ----a-w- c:\windows\avastSS.scr
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:25:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:25:02 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:24:17 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57:59 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 05:50:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 05:29:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 23:31:00.73 ===============




mycity.rs/must-login.png

Poslao: 11 Dec 2013 10:40
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.

Ukoliko dobijes sledecu poruku:
Would you like to download latest Avast! virus definitions?
Klikni na dugme Yes i pricekaj da se proces preuzimanja definicija zavrsi.

Proveri da je pod AV Scan: izabrana opcija QuickScan

Klikni na Scan.

Kada zavrsi skeniranje ( Scan finished successfully ) klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

Poslao: 11 Dec 2013 23:25
Idi na vrh
offline
  • Nikola
  • Pridružio: 14 Apr 2012
  • Poruke: 73
  • Gde živiš: Vranje

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-11 23:01:34
-----------------------------
23:01:34.920 OS Version: Windows 5.1.2600 Service Pack 3
23:01:34.920 Number of processors: 1 586 0x1601
23:01:34.920 ComputerName: HOME-1684A99A5A UserName: Admin
23:01:37.076 Initialize success
23:01:46.498 AVAST engine defs: 13121100
23:02:03.295 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
23:02:03.295 Disk 0 Vendor: Maxtor_4D040H2 DAH017K0 Size: 38146MB BusType: 3
23:02:03.373 Disk 0 MBR read successfully
23:02:03.373 Disk 0 MBR scan
23:02:03.513 Disk 0 Windows XP default MBR code
23:02:03.513 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 20002 MB offset 63
23:02:03.529 Disk 0 Partition - 00 0F Extended LBA 18135 MB offset 40965750
23:02:03.545 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 18135 MB offset 40965813
23:02:03.560 Disk 0 scanning sectors +78108030
23:02:03.779 Disk 0 scanning C:\WINDOWS\system32\drivers
23:02:17.779 Service scanning
23:02:38.592 Modules scanning
23:02:52.279 Disk 0 trace - called modules:
23:02:52.295 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
23:02:52.310 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8635cab8]
23:02:52.310 3 CLASSPNP.SYS[f761cfd7] -> nt!IofCallDriver -> \Device\0000006d[0x863e3c80]
23:02:52.326 5 ACPI.sys[f74b3620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x863e3d98]
23:02:52.779 AVAST engine scan C:\WINDOWS
23:02:59.232 AVAST engine scan C:\WINDOWS\system32
23:05:52.795 AVAST engine scan C:\WINDOWS\system32\drivers
23:06:05.685 AVAST engine scan C:\Documents and Settings\Admin
23:19:47.904 AVAST engine scan C:\Documents and Settings\All Users
23:24:00.279 Scan finished successfully
23:24:31.779 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Desktop\MBR.dat"
23:24:31.795 The log file has been saved successfully to "C:\Documents and Settings\Admin\Desktop\aswMBR.txt"

Poslao: 12 Dec 2013 13:41
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pozdrav,
Postavljeni logovi ne ukazuju na znakove aktivnog malware-a. Smatram da bi i dublja provera bila gubljenje vremena. Ono sto logovi pokazuju jesu ostatci PUP softvera, tacnije zaostale vrednosti u registryju. AdwCleaner bi to trebao da pocisti.

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

Poslao: 13 Dec 2013 12:52
Idi na vrh
offline
  • Nikola
  • Pridružio: 14 Apr 2012
  • Poruke: 73
  • Gde živiš: Vranje

Pozdrav,dobro je sto nema malware-a.

mycity.rs/must-login.png

Poslao: 13 Dec 2013 14:22
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

U principu to je to. Mozes ukloniti alate.


Ponovo pokreni AdwCleaner
Klikni na dugme [Uninstall] i pricekaj da se postupak deinstalacije zavrsi.


-----------------------------


Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Alat ce ukloniti sve koriscene alate u ovoj temi...
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

Nije potrebno dostavljati izvestaj.

Poslao: 13 Dec 2013 18:22
Idi na vrh
offline
  • Nikola
  • Pridružio: 14 Apr 2012
  • Poruke: 73
  • Gde živiš: Vranje

Hvala puno na pomoci,nadam se da vise necu imati problema sa ovim.Hvala jos jednom,pozdrav!Najbolji ste!!!

MyCity » Ambulanta -> Arhiva Ambulante » CPU usage ponovo na 100

Ko je trenutno na forumu
 

Ukupno su 868 korisnika na forumu :: 1 registrovan, 1 sakriven i 866 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: TBF1D