MyCity » Ambulanta -> Arhiva Ambulante » Nesto mi koristi 25% procesora stalno , a ne znam sta ?

Nesto mi koristi 25% procesora stalno , a ne znam sta ?

Napisano na dan: 18.12.2009

Nesto mi koristi 25% procesora stalno , a ne znam sta ?
Sledeća strana Pagination

Idi na vrh

Poslao: 18 Dec 2009 02:58
Idi na vrh
offline
  • Pridružio: 29 Sep 2008
  • Poruke: 39
  • Gde živiš: Sta te briga ?

Napisano: 18 Dec 2009 0:53

Od danas mi je computer usage odjednom skocio na 25% i tu stoji , nije mi jasno zasto , sve sto sam koristio sam ugasio , a i dalje je problem isti ... Ne koristim nista , a procesor na 25% ? Pocelo je da se desava od kad mi je KIS 2007 detektovao sledeci virus :
backdoor.win32.bredolab.bnq
Kliknuo sam na delete i posle mozda 20 minuta se opet pojavilo i opet sam kliknuo na delete i vise nije izlazilo ali je procesor i dalje bio na 25% ...

Evo i slike :

Da napomenem da mi ovaj program GMER nije radio , sve je stalo i morao sam restart dva puta pa sam uzeo drugi program koji je naveden.



DDS (Ver_09-12-01.01) - NTFSx86
Run by Dule at 23:32:07.32 on 17/12/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1314 [GMT 1:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\IC\Card Reader Driver v1.9e2\Disk_Monitor.exe
C:\WINDOWS\SYSTEM32\SRPSKEY.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\AveDesk\AVEDESK.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\UpTime 2000\Uptime.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Dule\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = local
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 6\PCSuite.exe" -onlytray
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe"
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [AVEDESK] "c:\program files\avedesk\AVEDESK.EXE"
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [AdobeBridge]
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Disk Monitor] c:\program files\ic\card reader driver v1.9e2\Disk_Monitor.exe
mRun: [NBKeyScan] "c:\program files\nero\nero 7\nero backitup\NBKeyScan.exe"
mRun: [srpskey] c:\windows\system32\SRPSKEY.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\dule\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\dule\startm~1\programs\startup\shortc~1.lnk - c:\program files\uptime 2000\Uptime.exe
StartupFolder: c:\documents and settings\dule\start menu\programs\startup\siszyd32.exe
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 7.0\ie_banner_deny.htm
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: Open using &Advanced JPEG Compressor - c:\program files\advanced jpeg compressor\ajcieex.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 7.0\SCIEPlgn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {7A953F4A-841C-4A4C-A7C1-40566070ECC2} - hxxp://sit.sezampro.rs/includes/DigitalkSIPCab.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
TCP: {C907C1F8-8569-465A-A64F-95DA2F95A5A8} = 77.105.0.18,77.105.0.19
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dule\applic~1\mozilla\firefox\profiles\ngsbpfua.default\
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2007-4-28 112144]
R1 klif;Klif;c:\windows\system32\drivers\klif.sys [2007-6-27 194320]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 81688]
R2 AVP;Kaspersky Internet Security 7.0;c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe [2007-6-28 218376]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-9-19 24652]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2008-5-12 38656]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-4-4 24344]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2009-3-1 1527900]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-14 34448]

=============== Created Last 30 ================

2009-12-17 20:00:27 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2009-12-17 20:00:21 16 ----a-w- c:\docume~1\dule\applic~1\fvgqad.dat
2009-12-17 20:00:15 4 ----a-w- c:\docume~1\dule\applic~1\avdrn.dat
2009-11-28 10:35:19 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-11-28 10:35:18 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-11-28 10:35:17 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

==================== Find3M ====================

3427-09-25 21:40:30 58480 ----a-w- c:\windows\fonts\LBLACK.TTF
2009-12-17 22:32:12 263456 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-17 21:52:24 32 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-17 21:18:25 946532 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-12-17 21:18:25 10044192 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2008-07-15 22:09:24 2003456 ----a-w- c:\program files\common files\Boris RED.msi
2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2007-12-17 12:43:00 27648 --sh--w- c:\windows\system32\Smab0.dll
2008-05-12 02:20:30 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051220080513\index.dat

============= FINISH: 23:32:47.21 ===============





mycity.rs/must-login.png
mycity.rs/must-login.png

Dopuna: 18 Dec 2009 0:59



Dopuna: 18 Dec 2009 2:58

Evo jos necega zanimljivog , ovaj proces koristi 100% racunar , a nevidljiv je na obicnom tast manager-u ...

Poslao: 18 Dec 2009 23:09
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi The Avenger na Desktop.
Raspakuj arhivu u neki folder

Dvoklikom pokreni avenger.exe

Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa:

Files to delete:
c:\documents and settings\dule\start menu\programs\startup\siszyd32.exe
c:\windows\system32\fjhdyfhsn.bat
c:\docume~1\dule\applic~1\fvgqad.dat
c:\docume~1\dule\applic~1\avdrn.dat

Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti

Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja

Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u
Iskopiraj sadržaj dobijenog loga u temu na forumu.

MyCity » Ambulanta -> Arhiva Ambulante » Nesto mi koristi 25% procesora stalno , a ne znam sta ?

Ko je trenutno na forumu
 

Ukupno su 1073 korisnika na forumu :: 54 registrovanih, 8 sakrivenih i 1011 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, AC-DC, Apok, bankulen, bladesu, Bluper, bojcistv, cavatina, darkangel, debeli, djboj, DonRumataEstorski, FOX, GenZee, ikan, Istman, Ivica1102, Krvava Devetka, Kubovac, laki_bb, Lubica, mean_machine, mile23, milenko crazy north, milutin134, mnn2, MrNo, nenad81, nuke92, Oscar2, Petarvu, procesor, RJ, sasakrajina, slonic_tonic, solic, SR-3m, Srki94, Srle993, Steeeefan, Tas011, Torpedo964, Trpe Grozni, tubular, Tvrtko I, vathra, Vatreni Zmaj, vladaa012, Volkhov-M, vukovi, W123, wolf431, zzapNDjuric99, šumar bk2