| Author |
Message
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
 #1
 09 Jan 2010 12:53 iexplorer.exe zuzycie procesora 100% |
|
|
|
Tak jak w temacie, jak to usunąć? Straszeni mi to spowalnia komputer, a wyłączanie tego codziennie to jest męka, proszę o pomoc.
|
|
| Back to top |
|
 |
Joker.
Poziom 20
Joined: 01 Sep 2004
Posts: 961
Location: Tarnów
|
|
| Back to top |
|
|
Aszloch
Poziom 18
Joined: 23 Jan 2009
Posts: 520
Location: Moskva
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#4
09 Jan 2010 13:39 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
To jest log :
| Quote: |
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:37:53, on 2010-01-09
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Windows\shvmdll.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Asprate\Tibia Multi IP Changer\Tibia MULTI-ip changer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Active X] C:\WINDOWS\system32\windrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [RegUp Software] C:\Windows\shvmdll.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
--
End of file - 3661 bytes
|
a z tym hd tune co musze zrobic ?
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
|
| Back to top |
|
|
Google
|
| #
09 Jan 2010 13:50 |
|
|
|
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#6
09 Jan 2010 13:54 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
no przeczytałem to .. mogli byscie napisac co i jak mam zrobic ?
|
|
| Back to top |
|
|
Google
|
| #
09 Jan 2010 13:54 |
|
|
|
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
#7
09 Jan 2010 13:57 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
Sciagnij podane programy, przeskanuj, usun co znajda. Nastepnie sciagnij otl oraz gmer i z nich daj logi na forum w zalaczniku. W razie problemow masz chyba dostep do internetu oraz wyszukiwarki, opisow jest pelno.
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#8
09 Jan 2010 14:02 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
a moglbys podac nazwy tych programow ktore sa mi bardo potrzebne do tego problemu ?? czy musze wszystkie sciagac ?
|
|
| Back to top |
|
|
Aszloch
Poziom 18
Joined: 23 Jan 2009
Posts: 520
Location: Moskva
|
#9
09 Jan 2010 14:07 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
Kolega Kolobos Napisał Ci przecież! Jak nie chcesz się stosować do porad to w końcu nie obejdzie się bez reinstalacji systemu.
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
#10
09 Jan 2010 14:10 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
:arrow: kozer12
Przeciez dostales link, chyba mozesz go sam przeczytac ze zrozumieniem?!
| Quote: |
W przypadku infekcji należy najpierw przeskanować system przy pomocy:
Dr.Web CureIt oraz Malwarebytes Anti-Malware. |
| Quote: |
Wymagane logi to:
Dla Windows 2000, XP, Vista, 7: OTL oraz GMER. |
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#11
09 Jan 2010 14:15 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
GMER pokazal mi to :
| Quote: |
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-09 14:13:35
Windows 5.1.2600 Dodatek Service Pack 3
Running: kjbyfmge.exe; Driver: C:\DOCUME~1\Piotrek\USTAWI~1\Temp\uwtdqpod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
|
A to z otl :
| Description: |
|
Download |
| Filename: |
OTL.Txt |
| Contents: |
|
| Filesize: |
250.17 KB |
| Punkty: |
0.00 |
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
#12
09 Jan 2010 14:24 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
Wklej to do OTL i nacisnij Run Fix:
:OTL
PRC - [2010-01-02 14:37:42 | 00,246,795 | ---- | M] () -- C:\WINDOWS\shvmdll.exe
O4 - HKLM..\Run: [Windows Active X] C:\WINDOWS\system32\windrv.exe ( )
O4 - HKCU..\Run: [RegUp Software] C:\WINDOWS\shvmdll.exe ()
O33 - MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\Shell\AutoRun\command - "" = G:\opdux.exe -- File not found
O33 - MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\Shell\open\Command - "" = G:\opdux.exe -- File not found
:Files
C:\WINDOWS\System32\windrv.exe
C:\WINDOWS\shvmdll.exe
:Commands
[emptytemp]
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#13
09 Jan 2010 14:45 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
wyskoczylo to :
Error: Unable to interpret <GMER 1.0.15.15281 - http://www.gmer.net> in the current context!
Error: Unable to interpret <Rootkit quick scan 2010-01-09 14:13:35> in the current context!
Error: Unable to interpret <Windows 5.1.2600 Dodatek Service Pack 3> in the current context!
Error: Unable to interpret <Running: kjbyfmge.exe; Driver: C:\DOCUME~1\Piotrek\USTAWI~1\Temp\uwtdqpod.sys> in the current context!
Error: Unable to interpret <---- Devices - GMER 1.0.15 ----> in the current context!
Error: Unable to interpret <AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)> in the current context!
Error: Unable to interpret <AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)> in the current context!
Error: Unable to interpret <AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)> in the current context!
Error: Unable to interpret <AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)> in the current context!
Error: Unable to interpret <AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)> in the current context!
Error: Unable to interpret <AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)> in the current context!
Error: Unable to interpret <AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)> in the current context!
Error: Unable to interpret <---- EOF - GMER 1.0.15 ----> in the current context!
a te files tez musze do otl ?
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
#14
09 Jan 2010 14:49 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
Dlaczego wklejasz do OTL log z gmera?! Masz wkleic to co podalem, a to co Ci sie podoba.
To masz wkleic:
| Code: |
:OTL
PRC - [2010-01-02 14:37:42 | 00,246,795 | ---- | M] () -- C:\WINDOWS\shvmdll.exe
O4 - HKLM..\Run: [Windows Active X] C:\WINDOWS\system32\windrv.exe ( )
O4 - HKCU..\Run: [RegUp Software] C:\WINDOWS\shvmdll.exe ()
O33 - MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\Shell\AutoRun\command - "" = G:\opdux.exe -- File not found
O33 - MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\Shell\open\Command - "" = G:\opdux.exe -- File not found
:Files
C:\WINDOWS\System32\windrv.exe
C:\WINDOWS\shvmdll.exe
:Commands
[emptytemp] |
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#15
09 Jan 2010 14:55 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
przepraszam to chyba przez pomylke teraz wyskoczylo to :
Error: Unable to interpret <PRC - [2010-01-02 14:37:42 | 00,246,795 | ---- | M] () -- C:\WINDOWS\shvmdll.exe> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Windows Active X] C:\WINDOWS\system32\windrv.exe ( )> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [RegUp Software] C:\WINDOWS\shvmdll.exe ()> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\Shell\AutoRun\command - "" = G:\opdux.exe -- File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\Shell\open\Command - "" = G:\opdux.exe -- File not found> in the current context!
========== FILES ==========
C:\WINDOWS\System32\windrv.exe moved successfully.
C:\WINDOWS\shvmdll.exe moved successfully.
OTL by OldTimer - Version 3.1.22.0 log created on 01092010_145459
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
#16
09 Jan 2010 15:03 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
Wklej jeszcze raz to co podalem do otl tym razem z :OTL na poczatku! Eh, ze tez skopiowanie tekstu sprawia Ci az taki problem..
|
|
| Back to top |
|
|
Google
|
| #
09 Jan 2010 15:03 |
|
|
|
|
|
| Back to top |
|
|
kozer12
Poziom 10
Joined: 09 Jan 2010
Posts: 55
Location: Białystok
|
#17
09 Jan 2010 15:27 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
========== OTL ==========
Process shvmdll.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Active X deleted successfully.
File C:\WINDOWS\system32\windrv.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RegUp Software deleted successfully.
File C:\WINDOWS\shvmdll.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02343476-f977-11de-a2b0-000b6aa73c47}\ not found.
File G:\opdux.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02343476-f977-11de-a2b0-000b6aa73c47}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02343476-f977-11de-a2b0-000b6aa73c47}\ not found.
File G:\opdux.exe not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\windrv.exe not found.
File\Folder C:\WINDOWS\shvmdll.exe not found.
OTL by OldTimer - Version 3.1.22.0 log created on 01092010_151150
Dodano po 14 [minuty]:
dobrze juz jest nei ma i explorer
|
|
| Back to top |
|
|
Kolobos
Poziom 26
Joined: 13 Jun 2003
Posts: 26228
Location: Warszawa
|
#18
09 Jan 2010 15:28 Re: iexplorer.exe zuzycie procesora 100% |
|
|
|
Wybierz w OTL CleanUp i to wszystko.
|
|
| Back to top |
|
|
