Explorer_1.exe use up 50% cpu
explorer_1.exe shown in my task manager and it consume about 50% of cpu. what can i do to fix it??
January 10th, 2014 9:11pm
Check http://processchecker.com/file/explorer.1.exe.html
http://www.herdprotect.com/explorer_1.exe-fda5acaddcdcf7d24b97f502bc359769b753a3a2.aspx
Free Windows Admin Tool Kit Click here and download it now
January 10th, 2014 9:13pm
HJ
Its malware run Malwarebytes
Please download the free version of Malwarebytes.Update it immediately.
Do a full system scan
Let us know the results at the end.
http://www.malwarebytes.org/products
January 10th, 2014 9:14pm
this is my result
Memory Modules Detected: 1C:\Users\User\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
Registry Keys Detected: 1
HKCR\thunder (Trojan.Agent) -> No action taken.
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\User\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
C:\Users\User\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\User\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.
Files Detected: 10
C:\Program Files (x86)\Common Files\Thunder Network\Kankan\ThunderFW.exe (Trojan.Downloader) -> No action taken.
C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.222_1111\ThunderFW.exe (Trojan.Downloader) -> No action taken.
C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1\1.1.2.223_1111\ThunderFW.exe (Trojan.Downloader) -> No action taken.
C:\Program Files (x86)\GreyGray\GreyGrayBHO.dll (PUP.Optional.Greygray.A) -> No action taken.
C:\Program Files (x86)\Thunder Network\Thunder\tp\ThunderFW.exe (Trojan.Downloader) -> No action taken.
C:\Program Files (x86)\Thunder Network\Xmp\TP\ThunderFW.exe (Trojan.Downloader) -> No action taken.
C:\Windows\explorer_2.exe (PUP.Optional.BitCoinMiner) -> No action taken.
C:\Users\User\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\User\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\User\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2014 4:23am
HJ
You ran it in scan only mode. You need to run it in scan and repair.
January 11th, 2014 4:36am
HJ
You might want to start by reading the instructions with Malwarebytes. I don't have it installed on this machine and cannot install it here. If the instructions don't help try Googlin
January 11th, 2014 5:01am
Do you mean that I should delete the files after scan?
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2014 5:03am
Yes.
January 11th, 2014 4:47pm
Hi,
Tried the Malwarebytes solution but it does not work.
Even after deleting all the PUPs found by Malwarebytes the process explorer_1.exe is visible in the task manager and it consumes up to 45-50% of the CPU.
Sorry it was not helpful.
Free Windows Admin Tool Kit Click here and download it now
February 17th, 2014 6:33am
This topic is archived. No further replies will be accepted.
Other recent topics
