Forum » Pomoč in nasveti » 100%Cpe + ostalo
100%Cpe + ostalo
inuasa ::
Zdravo!
Prejsnji teden sem po 14 dneh obnavljala norton antivirus definicion in od takrat je stanje sledeče:
ob zagonu računalnika je uporaba CPE-ja 100%.
Ugotovila sem, da to povzročata dmrss.exe in dsrss.exe.
Oba se nahajata v c:\Windows\system32\
Ko ročno zaklučim oba procesa dela normalno.
Kaj je to? A so to virusi al kaj? F-prot mi ga najde ko "file ki je lahko okužen z neznanim virusom ". Problem sem začsno rešila tako, da sem onemogočila izvajanje obeh z System Mechanicom. Sam me zanima, če obstaja kakšna bolj dolgoročna rešitev?
Obenem pa je nastal problem, da nikakor ne morem "updejtat" Nortonovega antivirusa (virus definitions). Tud ko grem na njihovo stran, mi je dosegljiva samo glavna stran, ostale strani "not found". Poskusila sem tudi z Pando, vendar se pojavi napaka na stani in je konec.
What to do?
Upam, da nisem bla predolga . Hvala za pomoč!
baj
Prejsnji teden sem po 14 dneh obnavljala norton antivirus definicion in od takrat je stanje sledeče:
ob zagonu računalnika je uporaba CPE-ja 100%.
Ugotovila sem, da to povzročata dmrss.exe in dsrss.exe.
Oba se nahajata v c:\Windows\system32\
Ko ročno zaklučim oba procesa dela normalno.
Kaj je to? A so to virusi al kaj? F-prot mi ga najde ko "file ki je lahko okužen z neznanim virusom ". Problem sem začsno rešila tako, da sem onemogočila izvajanje obeh z System Mechanicom. Sam me zanima, če obstaja kakšna bolj dolgoročna rešitev?
Obenem pa je nastal problem, da nikakor ne morem "updejtat" Nortonovega antivirusa (virus definitions). Tud ko grem na njihovo stran, mi je dosegljiva samo glavna stran, ostale strani "not found". Poskusila sem tudi z Pando, vendar se pojavi napaka na stani in je konec.
What to do?
Upam, da nisem bla predolga . Hvala za pomoč!
baj
inuasa ::
Oj!
Full prijazno od tebe, sam kakor je kaksna stran o virusih oz. antivirusi
sledi "page not found".
A je pametno, če jst ta dva fajla kr enostavno zbišem sz Nortonovim Uninstal Wizardom?
LP
Full prijazno od tebe, sam kakor je kaksna stran o virusih oz. antivirusi
sledi "page not found".
A je pametno, če jst ta dva fajla kr enostavno zbišem sz Nortonovim Uninstal Wizardom?
LP
Tugo ::
nisi napisal kater OS imaš!
upam, da ti tole pomaga...
Removing worms in Windows NT/2000/XP/2003
To remove the worm
Check the virus analysis for details on the worm and its removal.
Close down all programs.
Go to Start|Programs|Sophos Anti-Virus and run the 'Sophos Anti-Virus' program.
Select the 'Immediate' tab.
Go to Options|Configuration... select the 'Action' tab, tick 'Infected files', select 'Delete' then click 'OK'.
Click the 'Go' button on the toolbar to start the scan.
Delete the files. Run another scan to check it has gone.
Go back to Options|Configuration... select the 'Action' tab, then deselect 'Infected files' and 'Delete'. Click 'OK'.
Reboot and run a final scan to be certain it has gone.
If Sophos Anti-Virus cannot delete files because they are held open by the operating system, make a note of the names of the files, then do as follows.
Windows 2000/XP/2003
Download the most recent virus identity (IDE) files and save them to floppy disk. Write-protect the floppy disk.
Restart the computer in Safe Mode. Go to Start|Shut Down. Select Restart from the drop down list and click OK. Windows will restart. Press F8 when you see the following text at the bottom of the screen "For troubleshooting and advanced startup options for Windows 2000, press F8". In the Windows 2000 Advanced Options Menu select the third option 'Safe Mode with Command Prompt'.
Either run SAV32CLI from the Sophos CD or download an emergency copy of SAV32CLI on an uninfected computer, extract it and copy the enclosed files to a blank CD using a CD writer.
At the infected computer, place the CD in the CD drive (D: in this example) and the floppy disk with the IDEs in the floppy disk drive (A: in this example).
At the command prompt type
D:
to access the CD drive. If you are using the Sophos CD, type:
CD WIN32\I386\SAV32CLI
if you are using a SAV32CLI download disk, type:
CD SAV32CLI
Then type:
SAV32CLI -IDEDIR=A:\ -REMOVE -P=C:\LOGFILE.TXT
to remove the worm.
Before leaving Safe Mode edit any registry entries mentioned in the worm analysis recovery instructions.
If problems persist contact support.
copy/paste iz strani, ki jo je podal mare.
lp, T.
upam, da ti tole pomaga...
Removing worms in Windows NT/2000/XP/2003
To remove the worm
Check the virus analysis for details on the worm and its removal.
Close down all programs.
Go to Start|Programs|Sophos Anti-Virus and run the 'Sophos Anti-Virus' program.
Select the 'Immediate' tab.
Go to Options|Configuration... select the 'Action' tab, tick 'Infected files', select 'Delete' then click 'OK'.
Click the 'Go' button on the toolbar to start the scan.
Delete the files. Run another scan to check it has gone.
Go back to Options|Configuration... select the 'Action' tab, then deselect 'Infected files' and 'Delete'. Click 'OK'.
Reboot and run a final scan to be certain it has gone.
If Sophos Anti-Virus cannot delete files because they are held open by the operating system, make a note of the names of the files, then do as follows.
Windows 2000/XP/2003
Download the most recent virus identity (IDE) files and save them to floppy disk. Write-protect the floppy disk.
Restart the computer in Safe Mode. Go to Start|Shut Down. Select Restart from the drop down list and click OK. Windows will restart. Press F8 when you see the following text at the bottom of the screen "For troubleshooting and advanced startup options for Windows 2000, press F8". In the Windows 2000 Advanced Options Menu select the third option 'Safe Mode with Command Prompt'.
Either run SAV32CLI from the Sophos CD or download an emergency copy of SAV32CLI on an uninfected computer, extract it and copy the enclosed files to a blank CD using a CD writer.
At the infected computer, place the CD in the CD drive (D: in this example) and the floppy disk with the IDEs in the floppy disk drive (A: in this example).
At the command prompt type
D:
to access the CD drive. If you are using the Sophos CD, type:
CD WIN32\I386\SAV32CLI
if you are using a SAV32CLI download disk, type:
CD SAV32CLI
Then type:
SAV32CLI -IDEDIR=A:\ -REMOVE -P=C:\LOGFILE.TXT
to remove the worm.
Before leaving Safe Mode edit any registry entries mentioned in the worm analysis recovery instructions.
If problems persist contact support.
copy/paste iz strani, ki jo je podal mare.
lp, T.
K0K0 ::
Pojdi na " C:\WINDOWS\system32\drivers\etc" poišči file z imenom "hosts" ter ga odpri z beležnico. Sedaj boš spodaj videla povno spletnih naslovov antivirusnih strani ki jih je vnesel črv. Sedaj pa jih kar lepo pobriši! Sedaj bi ti spet moralo odpirat strani.Sedaj pa probi updejtat nortona al pa probi še s kakim drugim programom.
Sam tko da ne boš preveč zmedena en takole naj bi zgledal ko boš vse odvečno pobrisala:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
Sam tko da ne boš preveč zmedena en takole naj bi zgledal ko boš vse odvečno pobrisala:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
Zgodovina sprememb…
- spremenil: K0K0 ()
K0K0 ::
inuasha a ti zdej odpira strani?
Drgač pa za tvoj najnovejši problem
Najprej si potegneš dol orodje za odstranitev
http://securityresponse.symantec.com/avcenter/FxGaobot.exe
navodila za uporabo
1.Pojdi v safe mode
2. Zapri vse programe
3.Potegni ven kabeel za internet
4.Če uporabljaš win2000 ali xp moraš nujno odklopit sistem restore: desni klik na my computer (moj računalnik) > properties (lastnosti) > syistem restore > obkljukaj "turn of system restore on al drives"
Potem zalaufaj zadevo
Al pa če sam sistem restore odklopiš pa zalaufaš nortona.(mogoče pa bo)
Drgač pa za tvoj najnovejši problem
Najprej si potegneš dol orodje za odstranitev
http://securityresponse.symantec.com/avcenter/FxGaobot.exe
navodila za uporabo
1.Pojdi v safe mode
2. Zapri vse programe
3.Potegni ven kabeel za internet
4.Če uporabljaš win2000 ali xp moraš nujno odklopit sistem restore: desni klik na my computer (moj računalnik) > properties (lastnosti) > syistem restore > obkljukaj "turn of system restore on al drives"
Potem zalaufaj zadevo
Al pa če sam sistem restore odklopiš pa zalaufaš nortona.(mogoče pa bo)
inuasa ::
Hvala za nasvete, bom poskusla, tkoj k pridem domov, sem nareč študentka in med tednom nisem doma. Se javim, ko probam.
Hvala !
LPI
Hvala !
LPI
inuasa ::
SUPER!
Se globoko zahvaljujem Modremu Zobu, da mi je rešu problem, res v omenjenem fajlu je bil cel seznam strani. Zdaj mi odpira vse.
Glede virusa, pa mi ga je norton našu, vendar ga ni znal odstraniti, in ga je dal v karanteno - bolje nekaj kot nič.
Res hvala še enkrat za pomoč.
Lep pozdravček!
Se globoko zahvaljujem Modremu Zobu, da mi je rešu problem, res v omenjenem fajlu je bil cel seznam strani. Zdaj mi odpira vse.
Glede virusa, pa mi ga je norton našu, vendar ga ni znal odstraniti, in ga je dal v karanteno - bolje nekaj kot nič.
Res hvala še enkrat za pomoč.
Lep pozdravček!
postar_si ::
Jaz imam podoben problem. Samo da meni zaseda procesor 100% proces cidaemon.exe, ne nonstop ampak samo vsake toliko, kakor ga prime. Z googlom sem našel informacije da je to windowso proces, ki indeksira. Sem preluftal sistem tudi z antivirusnim programom, vendar ni nič našel. Kaj bi lahko bilo narobe?
K0K0 ::
Indexing Service
This service always has been a major resource hog. I NEVER recommend having this service enabled. Remove the function via the "Add / Remove Programs" icon in the control panel (Windows Setup Programs). It uses about 500 K to 2 MB in an idle state, not to mention the amount of memory and CPU resources it takes to INDEX the drives. I have had people (and witnessed it on other people's computers) report to me that the Indexing Service sometimes starts up EVEN while the system is NOT idle... as in the middle of a game. You may feel, as I do, that this is unacceptable. If your computer suddenly seems "sluggish," Indexing Service is usually the cause of it.
This service always has been a major resource hog. I NEVER recommend having this service enabled. Remove the function via the "Add / Remove Programs" icon in the control panel (Windows Setup Programs). It uses about 500 K to 2 MB in an idle state, not to mention the amount of memory and CPU resources it takes to INDEX the drives. I have had people (and witnessed it on other people's computers) report to me that the Indexing Service sometimes starts up EVEN while the system is NOT idle... as in the middle of a game. You may feel, as I do, that this is unacceptable. If your computer suddenly seems "sluggish," Indexing Service is usually the cause of it.
Vredno ogleda ...
Tema | Ogledi | Zadnje sporočilo | |
---|---|---|---|
Tema | Ogledi | Zadnje sporočilo | |
» | Computer infectedOddelek: Pomoč in nasveti | 1747 (1558) | boss-tech |
» | Kako naj odstranim Trojanca?Oddelek: Programska oprema | 2276 (2088) | knesz |
» | Mam neki zajebani virus/worm/spyware,... kateri Anti-Viruse disenejbla/briše njihoveOddelek: Programska oprema | 1199 (1076) | ivek12 |
» | fasu sm virus!Oddelek: Pomoč in nasveti | 1357 (1018) | baron21 |
» | Navapqwa.exe ???Oddelek: Pomoč in nasveti | 1893 (1673) | ScorpionX |