Help
Results 1 to 3 of 3

Thread: Help

  1. #1
    Registered User
    Join Date
    Jun 2007
    Posts
    1

    Help

    ok so i have this problem with my explorer shooting to 100 percent and then when that stops winlogon does help and here goes some scan logs and files and stuff

    Process PID CPU Description Company Name
    explorer.exe 896 95.78 Windows Explorer Microsoft Corporation
    procexp.exe 1000 2.05 Sysinternals Process Explorer Sysinternals
    Interrupts n/a 0.91 Hardware Interrupts
    csrss.exe 176 0.57 Client Server Runtime Process Microsoft Corporation
    services.exe 248 0.34 Services and Controller app Microsoft Corporation
    winlogon.exe 200 0.11 Windows NT Logon Application Microsoft Corporation
    svchost.exe 472 0.11 Generic Host Process for Win32 Services Microsoft Corporation
    DPCs n/a 0.11 Deferred Procedure Calls
    wmiprvse.exe 1084 WMI Microsoft Corporation
    System Idle Process 0
    System 4
    svchost.exe 428 Generic Host Process for Win32 Services Microsoft Corporation
    smss.exe 128 Windows NT Session Manager Microsoft Corporation
    netsh.exe 648 Network Command Shell Microsoft Corporation
    lsass.exe 260 LSA Shell (Export Version) Microsoft Corporation

    Process: explorer.exe Pid: 896

    Type Name
    Desktop \Default
    Directory \KnownDlls
    Directory \Windows
    Directory \BaseNamedObjects
    Event \BaseNamedObjects\crypt32LogoffEvent
    Event \BaseNamedObjects\{DD13730A-FBA1-4f91-AB25-7FEB0563D33B}
    Event \BaseNamedObjects\{9EF939C4-EA79-4c30-9F2C-16D0C5E3D158}
    Event \BaseNamedObjects\{DD13730A-FBA1-4f91-AB25-7FEB0563D33B}
    Event \BaseNamedObjects\DN_DNS_Event
    Event \BaseNamedObjects\{F7EE3DF8-A9D0-47f2-9494-4DDE0B2F0475}
    Event \BaseNamedObjects\__d3323sada
    File C:\Documents and Settings\Shade
    File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
    File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
    File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
    File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
    File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805
    File \Device\KsecDD
    File C:\WINDOWS\system32\awvutts.dll
    File C:\Documents and Settings\Shade\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    File C:\Documents and Settings\Shade\Cookies\index.dat
    File C:\Documents and Settings\Shade\Local Settings\History\History.IE5\index.dat
    Key HKLM
    Key HKCU
    Key HKCU\Software\Classes
    Key HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings
    Key HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer
    Key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer
    KeyedEvent \KernelObjects\CritSecOutOfMemoryEvent
    Mutant \BaseNamedObjects\{110C2C76-4576-4de3-9A31-C757489AD2E0}
    Mutant \BaseNamedObjects\{B8FD9F6C-AA0E-4fc3-A239-1C9A0CD80D47}
    Mutant \BaseNamedObjects\{415FFF32-F6B2-4078-806E-814C06ADAA7A}
    Mutant \BaseNamedObjects\wqewqlkujiofhdsgsgwtc
    Mutant \BaseNamedObjects\ExplorerIsShellMutex
    Mutant \BaseNamedObjects\_!MSFTHISTORY!_
    Mutant \BaseNamedObjects\c:!documents and settings!shade!local settings!temporary internet files!content.ie5!
    Mutant \BaseNamedObjects\c:!documents and settings!shade!cookies!
    Mutant \BaseNamedObjects\c:!documents and settings!shade!local settings!history!history.ie5!
    Mutant \BaseNamedObjects\WininetStartupMutex
    Section \BaseNamedObjects\{48987F99-2E2A-494e-ADD5-32B053821C47}
    Section \BaseNamedObjects\{5F46BF13-2D42-48e0-84FA-4D2B5AB977D8}
    Section \BaseNamedObjects\C:_Documents and Settings_Shade_Local Settings_Temporary Internet Files_Content.IE5_index.dat_376832
    Section \BaseNamedObjects\C:_Documents and Settings_Shade_Cookies_index.dat_65536
    Section \BaseNamedObjects\C:_Documents and Settings_Shade_Local Settings_History_History.IE5_index.dat_327680
    Semaphore \BaseNamedObjects\shell.{210A4BA0-3AEA-1069-A2D9-08002B30309D}
    Thread explorer.exe(896): 932
    Thread explorer.exe(896): 944
    Thread explorer.exe(896): 948
    WindowStation \Windows\WindowStations\WinSta0
    WindowStation \Windows\WindowStations\WinSta0

    Process PID CPU Description Company Name
    System Idle Process 0 70.19
    procexp.exe 2072 17.31 Sysinternals Process Explorer Sysinternals
    svchost.exe 148 3.85 Generic Host Process for Win32 Services Microsoft Corporation
    DPCs n/a 2.88 Deferred Procedure Calls
    procexp.exe 2008 1.92 Sysinternals Process Explorer Sysinternals
    System 4 0.96
    iexplore.exe 2548 0.96 Internet Explorer Microsoft Corporation
    explorer.exe 1424 0.96 Windows Explorer Microsoft Corporation
    csrss.exe 560 0.96 Client Server Runtime Process Microsoft Corporation
    winlogon.exe 584 Windows NT Logon Application Microsoft Corporation
    winfx32.exe 228
    tcpipmon.exe 264
    tcpipmon.exe 448
    svgiuoo.exe 116
    svchost.exe 832 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 920 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 808 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 1100 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 172 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 488 Generic Host Process for Win32 Services Microsoft Corporation
    spoolsv.exe 1652 Spooler SubSystem App Microsoft Corporation
    smss.exe 512 Windows NT Session Manager Microsoft Corporation
    services.exe 632 Services and Controller app Microsoft Corporation
    lsass.exe 644 LSA Shell (Export Version) Microsoft Corporation
    LEXPPS.EXE 1660 LEXPPS.EXE Lexmark International, Inc.
    LEXBCES.EXE 1560 LexBce Service Lexmark International, Inc.
    Isass.exe 472
    ipmon.exe 980 IP Monitor Microsoft Corporation
    ipmon.exe 1324 IP Monitor Microsoft Corporation
    Interrupts n/a Hardware Interrupts
    host.exe 252
    csrs.exe 248
    BullGuardUpdate.exe 1940 BullGuard LiveUpdate Service BullGuard Software
    aoltsmon.exe 1884 AOL TopSpeed(TM) Monitor America Online, Inc
    aoltpspd.exe 1952 AOL TopSpeed(TM) America Online Inc
    AOLacsd.exe 1816 AOL Connectivity Service AOL LLC

    Process PID CPU Description Company Name
    System Idle Process 0
    Interrupts n/a 0.31 Hardware Interrupts
    DPCs n/a 0.31 Deferred Procedure Calls
    System 4 0.08
    smss.exe 512 Windows NT Session Manager Microsoft Corporation
    csrss.exe 560 0.61 Client Server Runtime Process Microsoft Corporation
    winlogon.exe 584 94.08 Windows NT Logon Application Microsoft Corporation
    services.exe 632 0.14 Services and Controller app Microsoft Corporation
    svchost.exe 808 Generic Host Process for Win32 Services Microsoft Corporation
    wmiprvse.exe 2104 WMI Microsoft Corporation
    GoogleToolbarNotifier.exe 3488 GoogleToolbarNotifier Google Inc.
    wmiprvse.exe 1724 0.04 WMI Microsoft Corporation
    iexplore.exe 1608 0.04 Internet Explorer Microsoft Corporation
    svchost.exe 832 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 948 Generic Host Process for Win32 Services Microsoft Corporation
    svchost.exe 1068 Generic Host Process for Win32 Services Microsoft Corporation
    LEXBCES.EXE 1512 0.04 LexBce Service Lexmark International, Inc.
    LEXPPS.EXE 1584 LEXPPS.EXE Lexmark International, Inc.
    spoolsv.exe 1580 Spooler SubSystem App Microsoft Corporation
    AOLacsd.exe 1844 AOL Connectivity Service AOL LLC
    Apache.exe 1932
    Apache.exe 2004
    BullGuardUpdate.exe 1980 0.06 BullGuard LiveUpdate Service BullGuard Software
    iPodService.exe 2660 iPodService Module Apple Computer, Inc.
    aoltsmon.exe 2484 0.02 AOL TopSpeed(TM) Monitor America Online, Inc
    aoltpspd.exe 2720 AOL TopSpeed(TM) America Online Inc
    aoltpspd.exe 2284
    svchost.exe 2796 Generic Host Process for Win32 Services Microsoft Corporation
    lsass.exe 644 0.06 LSA Shell (Export Version) Microsoft Corporation
    explorer.exe 404 0.92 Windows Explorer Microsoft Corporation
    procexp.exe 1100 2.89 Sysinternals Process Explorer Sysinternals
    cmd.exe 956 Windows Command Processor Microsoft Corporation
    procexp.exe 2280 0.10 Sysinternals Process Explorer Sysinternals
    AOLSP Scheduler.exe 468 0.02 AOLSP Scheduler
    iTunesHelper.exe 292 iTunesHelper Module Apple Computer, Inc.
    eqmshgos.exe 496 0.02
    csrs.exe 648 0.10
    kygpfvty.exe 2516 0.02
    Isass.exe 2072 0.12
    firefox.exe 2512 0.06 Firefox Mozilla Corporation

  2. #2
    Driver Terrier NooNoo's Avatar
    Join Date
    Dec 2000
    Location
    UK
    Posts
    31,824
    Welcome to Windrivers...

    Isass.exe is a virus not to be confused with Lsass.exe

    Note that this virus can turn off your anti-virus and your firewall. Get an online virus check, if you can... http://housecall.trendmicro.com
    Failing that, back up and reload from scratch. Then run a good virus checker on your backups before you load them back on.

    You should also request a name change for this forum, the name you have chosen is likely to ensure you get ignored. Request the name change by using the contact us link at the bottom of the page
    Last edited by NooNoo; June 1st, 2007 at 12:39 PM.
    Never, ever approach a computer saying or even thinking "I will just do this quickly."

  3. #3
    Registered User
    Join Date
    Dec 2003
    Posts
    87
    after you get it cleaned up...if you don't have one already first thing when you get back on the internet...find and install a good internet security program..so this won't happen again. I noticed you have aol...don't depend on it the security programs are notorious...bullgaurd..if you paid for it, get your money back...go to the major guys(kaspersky, Trend Micro,CA too name a few) and try the trail versions till you can find something better that will protect you

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •