Duże użycie procesora

[dariuszszczaw]

witam, mam problem z komputerem stacjonarnym, niedawno go sformatowalem. windows 7 home basic. komputer czasem chodzi dobrze a czasem sie tnie i uzycie procesora nawet gdy nic nie robie wynosi 90-100%. Komputer ciagle sie muli, przy przegladaniu internetu youtube i czymkolwiek.

 

wstawiam wyniki skanowania programem combofix.

 

dodam ze jestem kompletnie zielony jezeli chodzi o komputery

prosze o pomoc

 

pozdrawiam

 

GMER 2.0.18444 - http://www.gmer.net

Rootkit scan 2013-01-20 12:08:41

Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1600BB-56RDA0 rev.20.00K20 149,05GB

Running: yyo392n6.exe; Driver: C:\Users\damian\AppData\Local\Temp\awrdrpog.sys

 

 

---- User code sections - GMER 2.0 ----

 

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExW + 17 00000000758e1401 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!EnumProcessModules + 17 00000000758e1419 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 17 00000000758e1431 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 42 00000000758e144a 2 bytes [8E, 75]

.text ... * 9

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!EnumDeviceDrivers + 17 00000000758e14dd 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameA + 17 00000000758e14f5 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSetEx + 17 00000000758e150d 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameW + 17 00000000758e1525 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameW + 17 00000000758e153d 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!EnumProcesses + 17 00000000758e1555 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetProcessMemoryInfo + 17 00000000758e156d 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetPerformanceInfo + 17 00000000758e1585 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSet + 17 00000000758e159d 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameA + 17 00000000758e15b5 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExA + 17 00000000758e15cd 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 20 00000000758e16b2 2 bytes [8E, 75]

.text C:\Users\damian\Desktop\OTL.exe[3996] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 31 00000000758e16bd 2 bytes [8E, 75]

 

---- Threads - GMER 2.0 ----

 

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:372] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:376] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:384] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:388] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:400] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:404] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:424] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:440] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:452] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:460] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:464] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:504] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:516] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:528] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:540] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:552] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:568] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3596] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3600] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3604] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3608] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3612] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3616] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3620] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3624] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3628] 000007feffb06290

Thread C:\PROGRA~2\AVG\AVG2013\avgrsa.exe [364:3632] 000007feffb06290

Thread [676:704] 000007fefcbd3d64

Thread [676:708] 000007fefcbd3b04

Thread [676:712] 000007fefcc34be4

Thread [676:716] 000007fefcc33ff0

Thread [676:728] 000007fefcc34be4

Thread [676:740] 000007fefcbd42c8

Thread [676:752] 000007fefcbd42c8

Thread [676:348] 000007fefcc34be4

Thread [676:2932] 000007fefcc34be4

Thread [676:3212] 000007fefcbd42c8

Thread C:\Windows\System32\svchost.exe [572:1084] 000007fefb09f440

Thread C:\Windows\System32\svchost.exe [572:1100] 000007fefb016204

Thread C:\Windows\System32\svchost.exe [572:1240] 000007fefa962070

Thread C:\Windows\System32\svchost.exe [572:1244] 000007fefa6b5440

Thread C:\Windows\System32\svchost.exe [572:4048] 000007fef44c6b8c

Thread C:\Windows\System32\svchost.exe [572:4036] 000007fef44c1d88

Thread C:\Windows\System32\svchost.exe [572:1368] 000007fefa6b3130

Thread C:\Windows\system32\svchost.exe [836:1336] 000007fefa3b1a50

Thread C:\Windows\system32\svchost.exe [836:2080] 000007fef85f84d8

Thread C:\Windows\system32\svchost.exe [836:2188] 000007fef85b23a8

Thread C:\Windows\system32\svchost.exe [836:2248] 000007fef86b0c20

Thread C:\Windows\system32\svchost.exe [836:2280] 000007fef78c94a8

Thread C:\Windows\system32\svchost.exe [836:3876] 000007feee84506c

Thread C:\Windows\system32\svchost.exe [836:3880] 000007fef7d71c20

Thread C:\Windows\system32\svchost.exe [836:3884] 000007fef7d71c20

Thread C:\Windows\system32\svchost.exe [836:3696] 000007fef98c5124

Thread C:\Windows\system32\svchost.exe [836:3324] 000007fef7604164

Thread C:\Windows\system32\svchost.exe [1216:1264] 000007fefa923260

Thread C:\Windows\system32\svchost.exe [1216:1272] 000007fefa923aac

Thread C:\Windows\system32\svchost.exe [1216:1276] 000007fefa923864

Thread C:\Windows\system32\svchost.exe [1216:1280] 000007fefa9246d0

Thread C:\Windows\system32\svchost.exe [1216:1760] 000007fef9a0f978

Thread C:\Windows\system32\svchost.exe [1216:1180] 000007fef8f683e8

Thread C:\Windows\system32\svchost.exe [1216:1172] 000007fef8f683e8

Thread C:\Windows\system32\svchost.exe [1216:2152] 000007fef7d23f0c

Thread C:\Windows\system32\svchost.exe [1216:2156] 000007fef7c61a38

Thread C:\Windows\system32\svchost.exe [1216:2160] 000007fef7a55388

Thread C:\Windows\system32\svchost.exe [1216:2168] 000007fef7a37738

Thread C:\Windows\system32\svchost.exe [1216:2184] 000007fef79c1f90

Thread C:\Windows\system32\svchost.exe [1216:3392] 000007fef365fdf0

Thread C:\Windows\system32\svchost.exe [1216:3508] 000007fefa923980

Thread C:\Windows\system32\svchost.exe [1216:172] 000007fef98c5124

Thread C:\Windows\system32\svchost.exe [1216:1668] 000007fef9bd5470

Thread C:\Windows\System32\spoolsv.exe [1352:2120] 000007fef7d610c8

Thread C:\Windows\System32\spoolsv.exe [1352:2172] 000007fef7c36144

Thread C:\Windows\System32\spoolsv.exe [1352:2192] 000007fef7985fd0

Thread C:\Windows\System32\spoolsv.exe [1352:2196] 000007fef78a3438

Thread C:\Windows\System32\spoolsv.exe [1352:2200] 000007fef79863ec

Thread C:\Windows\System32\spoolsv.exe [1352:2212] 000007fef9285e5c

Thread C:\Windows\System32\spoolsv.exe [1352:2216] 000007fef956484c

Thread C:\Windows\system32\svchost.exe [1388:1432] 000007fefc611a70

Thread C:\Windows\system32\svchost.exe [1388:1436] 000007fefc611a70

Thread C:\Windows\system32\svchost.exe [1388:1448] 000007fefc611a70

Thread C:\Windows\system32\svchost.exe [1388:1460] 000007fefa102920

Thread C:\Windows\system32\svchost.exe [1388:1488] 000007fefa115840

Thread C:\Windows\system32\svchost.exe [1388:1496] 000007fefa11e680

Thread C:\Windows\system32\svchost.exe [1388:1500] 000007fefa109140

Thread C:\Windows\system32\svchost.exe [1388:1820] 000007fef9b73060

Thread C:\Windows\system32\svchost.exe [1388:3148] 000007fef9b75570

Thread C:\Windows\system32\svchost.exe [1388:3372] 000007fef2192888

Thread C:\Windows\system32\svchost.exe [1388:3384] 000007fef2032940

Thread C:\Windows\system32\svchost.exe [1388:356] 000007fef2192a40

Thread C:\Windows\system32\taskhost.exe [1584:1628] 000007fef9fd2740

Thread C:\Windows\system32\taskhost.exe [1584:1660] 000007fef9fb1f38

Thread C:\Windows\system32\taskhost.exe [1584:1896] 000007fef9c11010

Thread C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [1704:1984] 0000000071997620

Thread C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [1704:2012] 00000000719a9100

Thread C:\Program Files\Windows Sidebar\sidebar.exe [2476:3560] 000007fef87c1e30

Thread C:\Program Files\Windows Sidebar\sidebar.exe [2476:3564] 000007fef87c1e30

Thread C:\Program Files\Windows Sidebar\sidebar.exe [2476:3568] 000007fef87c1e30

Thread C:\Program Files\Windows Sidebar\sidebar.exe [2476:3572] 000007fef87c1e30

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1756:2292] 0000000077167587

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1756:3844] 0000000070d30cb3

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1756:3848] 0000000077ae2e3e

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1756:2484] 0000000077ae3e59

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1756:3256] 0000000077ae3e59

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1756:1960] 0000000077ae3e59

Thread C:\Windows\system32\svchost.exe [2024:2748] 000007fef44f5f30

Thread C:\Windows\system32\svchost.exe [2024:3728] 000007fef14a8470

Thread C:\Windows\system32\svchost.exe [2024:3724] 000007fef14b2418

---- Processes - GMER 2.0 ----

 

Library ? (*** suspicious ***) @ C:\Windows\system32\csrss.exe [620] 000007fefcab0000

Library ? (*** suspicious ***) @ [676] 0000000049cd0000

Library ? (*** suspicious ***) @ C:\Windows\system32\lsass.exe [776] 000007fefecf0000

Library ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [572] 000007fefcb90000

Library ? (*** suspicious ***) @ C:\Windows\System32\svchost.exe [680] 000007fefaaa0000

Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [836] 000007fefa470000

Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1216] 000007fefcaa0000

Library ? (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [1352] 000007fefaa70000

Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1388] 000007fefa1d0000

Library ? (*** suspicious ***) @ C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [1504] 0000000073db0000

Library ? (*** suspicious ***) @ C:\Windows\system32\taskhost.exe [1584] 000007fefcaa0000

Library ? (*** suspicious ***) @ C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [1704] 0000000076c80000

Library ? (*** suspicious ***) @ C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [1768] 0000000073b40000

Library ? (*** suspicious ***) @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2032] 000007fef8df0000

Library ? (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2476] 000007fefec60000

Library ? (*** suspicious ***) @ C:\Windows\system32\SearchIndexer.exe [2492] 000007fefaaa0000

Library ? (*** suspicious ***) @ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [1480] 000007fef4610000

Library ? (*** suspicious ***) @ C:\Windows\system32\svchost.exe [2024] 000007fefecf0000

Library ? (*** suspicious ***) @ C:\Windows\system32\taskhost.exe [3208] 000007fefc5c0000

 

---- EOF - GMER 2.0 ----

asd.txt

OTL.Txt

Extras.Txt

[picasso]

dariuszszczaw, zasady działu: KLIK. Temat doprowadzam do porządku i formy jaka powinna być tu od pierwszego posta. Gdy nikt jeszcze nie odpisał, używa się opcję Edytuj, zamiast pisać post pod postem. Na temat używania ComboFix: KLIK. Użyty niepotrzebnie, tylko wymęczony system. I należy go prawidłowo odinstalować. Klawisz z flagą Windows + R i w polu Uruchom wklej komendę:

 

C:\Users\damian\Desktop\ComboFix.exe /uninstall

 

 

witam, mam problem z komputerem stacjonarnym, niedawno go sformatowalem. windows 7 home basic. komputer czasem chodzi dobrze a czasem sie tnie i uzycie procesora nawet gdy nic nie robie wynosi 90-100%

 

Oznak infekcji brak. Temat przenoszę do działu Windows 7.

 

1. Pierwsza rzecz do sprawdzenia to oprogramowanie zabezpieczające, tu AVG. Wiarygodny test: pełna deinstalacja tymczasowa, by stwierdzić, czy program ma coś do rzeczy. Tylko deinstalacja odcina wszystkie czynności antywirusa.

 

2. Odinstaluj zbędne paski Ask Toolbar, Bing Bar.

 

3. Do wykonania pełna aktualizacja Windows, nie ma SP1 + IE9:

 

64bit- Home Basic Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)

 

 

 

.

[dariuszszczaw]

przegladam strony w google chrome, ciagle uzycie procesora okolo 100%, zrobilem to co pisales i nie pomoglo

[picasso]

Ale co konkretnie wykonałeś? Czy tylko w Google Chrome to się objawia? Jak sprawy się mają np. w systemowym Internet Explorer? Jeśli problem tyczy tylko Google, wg skanu w Google Chrome są następujące dodatki:

 

========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Ask Toolbar = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.14.33467_0\
CHR - Extension: Dokumenty Google = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\
CHR - Extension: Marlies Dekkers = C:\Users\damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm\2_0\

 

Wejdź do ustawień przeglądarki i w Rozszerzeniach odinstaluj Ask Toolbar (o ile już nie zniknął przez główną deinstalację), wyłącz pozostałe niedomyślne, przeładuj przeglądarkę i sprawdź co się dzieje.

 

 

PS. "pisałeś" = jestem kobietą.

 

 

.

[dariuszszczaw]

przepraszam:) w internet Explorer tez muli, ale jak wylacze przeglagarki uzycie procesora ostro spada. sa duze problemy z ogladamiem filmow, ciagle sie tna na youtube. dopiero sam wylaczyl mi sie komputer.

 

odinstalowalem AVG, ask tooblar,combofix i bing bar

 

kilka dni temu formatowalem komputer, po formacie mam okolo pol dysku zajete nie wiem dlaczego.