Dziwne uruchamianie xp, cpu 99, prosze o analize loga

kolpi · 11 Sierpień 2006 22:32

Sprawa wygląda następująco: po uruchomieniu xp system przycina się na jakieś kilka minut, pozniej znika wszystko z ekranu, wraca na pulpit i niby wszystko jest ok. Co ciekawe aplikacje exe są w procesach ale nie otwierają się okna tych programów. Chciałem zrobić loga w HiJackThis, w procesach mam że niby otworzono, ale żadne okno mi się nie pokazało a CPU rośnie do 99. Postanowiłem więc zrobić loga w SilentRunners, niby się otworzyło, ale po 20 minutach CPU tego procesu skoczyło do 99 i nie dokończyło robić loga.

a tu wykonany przed chwilą w programie Process Viewer:

avgnt.exe 3536 C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe Antivirus System Tray Tool 7.00.00.10. Copyright © 2006 Avira GmbH. All rights reserved. avguard.exe 3320 C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe Antivirus On-Access Service 7.00.00.29. Copyright © 1996-2006 AVIRA GmbH. All rights reserved. csrss.exe 532 C:\WINDOWS\system32\csrss.exe Client Server Runtime Process 5.1.2600.0. © Microsoft Corporation. All rights reserved. ctfmon.exe 1672 C:\WINDOWS\System32\ctfmon.exe CTF Loader 5.1.2600.0. © Microsoft Corporation. All rights reserved. explorer.exe 1440 C:\WINDOWS\explorer.exe Eksplorator Windows 6.00.2600.0000. © Microsoft Corporation. Wszelkie prawa zastrzeżone. Fmctrl.EXE 1572 C:\WINDOWS\System32\Fmctrl.EXE Fmctrl Multi-language 1, 0, 0, 1. Copyright © 1999 gg.exe 3796 C:\Program Files\Gadu-Gadu\gg.exe Gadu-Gadu - program glowny 7, 1, 0, 6. Copyright © 1999,2006 Gadu-Gadu Sp. z oo hpgs2wnd.exe 1604 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe hpgs2wnd 2,3,0,0\ 161. Copyright © 2001 hpgs2wnf.exe 1748 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe hpgs2wnf Module 2, 6, 0, 161. Copyright 2001 IEXPLORE.EXE 2332 C:\Program Files\Internet Explorer\IEXPLORE.EXE Internet Explorer 6.00.2600.0000. © Microsoft Corporation. Wszelkie prawa zastrzeżone. jusched.exe 1640 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe Java 2 Platform Standard Edition binary 5.0.60.5. Copyright © 2004 lsass.exe 620 C:\WINDOWS\system32\lsass.exe LSA Shell (Export Version) 5.1.2600.0. © Microsoft Corporation. All rights reserved. PrcView.exe 380 C:\Documents and Settings\ASMM\Pulpit\PrcView\PrcView.exe Process Viewer Application 5.2.12.1. Developed by Igor Nys 1995-2005 qttask.exe 1656 C:\Program Files\QuickTime\qttask.exe QuickTime Task QuickTime 7.0.2. Copyright Apple Computer, Inc. 1989-2005 sched.exe 3544 C:\Program Files\AntiVir PersonalEdition Classic\sched.exe Avira GmbH Scheduler 7.00.00.17. Copyright © 2006 Avira GmbH. All rights reserved. services.exe 600 C:\WINDOWS\system32\services.exe Usługi i aplikacja Kontroler 5.1.2600.0. © Microsoft Corporation. Wszelkie prawa zastrzeżone. smc.exe 1532 C:\Program Files\Sygate\SPF\smc.exe Sygate Agent Firewall 5.5.00.2710. Copyright © 1999 - 2004 Sygate Technologies, Inc. All rights reserved. smss.exe 476 C:\WINDOWS\System32\smss.exe Windows NT Session Manager 5.1.2600.0. © Microsoft Corporation. All rights reserved. spoolsv.exe 1276 C:\WINDOWS\system32\spoolsv.exe Spooler SubSystem App 5.1.2600.0. © Microsoft Corporation. All rights reserved. svchost.exe 784 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services 5.1.2600.0. © Microsoft Corporation. All rights reserved. svchost.exe 864 C:\WINDOWS\System32\svchost.exe Generic Host Process for Win32 Services 5.1.2600.0. © Microsoft Corporation. All rights reserved. svchost.exe 1072 C:\WINDOWS\System32\svchost.exe Generic Host Process for Win32 Services 5.1.2600.0. © Microsoft Corporation. All rights reserved. svchost.exe 1104 C:\WINDOWS\System32\svchost.exe Generic Host Process for Win32 Services 5.1.2600.0. © Microsoft Corporation. All rights reserved. svchost.exe 1856 C:\WINDOWS\System32\svchost.exe Generic Host Process for Win32 Services 5.1.2600.0. © Microsoft Corporation. All rights reserved. winlogon.exe 556 C:\WINDOWS\system32\winlogon.exe Aplikacja logowania systemu Windows NT 5.1.2600.0. © Microsoft Corporation. Wszelkie prawa zastrzeżone.

a to autoruns:

ctfmon.exe Microsoft Corporation C:\WINDOWS\System32\ctfmon.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run winshost.exe C:\WINDOWS\System32\winshost.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE Microsoft Corporation C:\WINDOWS\System32\CTFMON.EXE HKEY_USERS.Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SysTray.Exe Microsoft Corporation SysTray.Exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Fmctrl.EXE ForteMedia, Inc. Fmctrl.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run hpgs2wnd.exe Hewlett-Packard C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run winshost.exe C:\WINDOWS\System32\winshost.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run avgnt.exe Avira GmbH “C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run sysmon.exe C:\WINDOWS\System32\sysmon.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run jusched.exe Sun Microsystems, Inc. C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run smc.exe Sygate Technologies, Inc. C:\PROGRA~1\Sygate\SPF\smc.exe -startgui HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run qttask.exe Apple Computer, Inc. “C:\Program Files\QuickTime\qttask.exe” -atboottime HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run dumprep 0 -k %systemroot%\system32\dumprep 0 -k HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run explorer.exe Microsoft Corporation explorer.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon userinit.exe Microsoft Corporation C:\WINDOWS\system32\userinit.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon desktop.ini C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini desktop.ini C:\Documents and Settings\ASMM\Menu Start\Programy\Autostart\desktop.ini C:\Documents and Settings\ASMM\Menu Start\Programy\Autostart\desktop.ini DirectCD.exe Roxio “C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run firewall_anti.exe C:\WINDOWS\firewall_anti.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run InstaFinderK_inst.exe C:\Program Files\INSTAFINK\InstaFinderK_inst.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run iTunesHelper.exe “C:\Program Files\iTunes\iTunesHelper.exe” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run dumprep 0 -k %systemroot%\system32\dumprep 0 -k HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run msmsgs.exe Microsoft Corporation “C:\Program Files\Messenger\msmsgs.exe” /background HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NBJ.exe Ahead Software AG “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe” HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NeroCheck.exe Ahead Software Gmbh C:\WINDOWS\system32\NeroCheck.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run qttask.exe Apple Computer, Inc. “C:\Program Files\QuickTime\qttask.exe” -atboottime HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run seeve.exe C:\WINDOWS\seeve.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Skype.exe “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run smc.exe Sygate Technologies, Inc. C:\PROGRA~1\Sygate\SPF\smc.exe -startgui HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run taskdir.exe C:\WINDOWS\System32\taskdir.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run fsg_4203.exe “c:\windows\temp\adware\fsg_4203.exe” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Setup.exe F:\Setup.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run