Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Closed Thread
 
Thread Tools Search this Thread Display Modes
 
Old 04-24-2007, 12:09 AM   #1
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Exclamation 100% cpu usage, cant seem to figure out whats wrong

Hello, my name is Jessie, I am having some trouble figuring out what is going on with my computer. No matter what I do or try my computer is always running at 100% cpu usage making even the most easy tasks very difficult to complete. I have logs of several scans, I will first include my hijack this log, then I will post the combofix log. So far I have just been looking at other threads and trying following the directions given.


As far as I can tell all the scans I have completed have only come up with minor problems usually just tracking cookies. I just defragmented my computer yesterday it took all night. right now I am in the middle of a Dr. Web antivirus scan. I will post those results when I get them.


If anyone could take a look and at least point me in the right direction.

Thanks in advance...really! tongue.gif

Hijack this log----

Logfile of HijackThis v1.99.1
Scan saved at 1:46:05 PM, on 4/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Picasa2\Picasa2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = actsvr.comcastonline.com:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = actsvr.comcastonline.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{776E4811-DEA4-43C4-B190-50683E459383}: NameServer = 68.87.72.130,68.87.77.130
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

-------------------------
__________________

cubbygrl21 is offline  
Old 04-24-2007, 12:14 AM   #2
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Default Re: 100% cpu usage, cant seem to figure out whats wrong

combofix log-------



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\vbzip11.dll


((((((((((((((((((((((((((((((( Files Created from 2007-03-23 to 2007-04-23 ))))))))))))))))))))))))))))))))))


2007-04-23 15:07 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-23 15:07 <DIR> d-------- C:\WINDOWS\LastGood
2007-04-23 01:21 <DIR> d-------- C:\Program Files\Uniblue
2007-04-23 01:06 <DIR> d-------- C:\Program Files\LIUtilities
2007-04-21 22:00 <DIR> d-------- C:\Program Files\Picasa2
2007-04-20 20:35 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
2007-04-20 20:34 <DIR> d-------- C:\Program Files\Lavasoft
2007-04-20 20:32 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-19 22:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-04-19 21:58 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\SUPERAntiSpyware.com
2007-04-19 18:57 75,088 --a------ C:\WINDOWS\system32\drivers\tmtdi.sys
2007-04-19 18:57 32,528 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys
2007-04-19 18:57 288,848 --a------ C:\WINDOWS\system32\drivers\TM_CFW.sys
2007-04-19 18:57 199,440 --a------ C:\WINDOWS\system32\drivers\tmxpflt.sys
2007-04-19 18:57 111,888 --a------ C:\WINDOWS\system32\drivers\tm_mbd_c.sys
2007-04-19 18:57 1,052,472 --a------ C:\WINDOWS\system32\drivers\vsapint.sys
2007-04-19 18:55 <DIR> d-------- C:\Program Files\Trend Micro
2007-04-19 00:25 <DIR> d-------- C:\info
2007-04-18 22:18 <DIR> d-------- C:\WINDOWS\system32\drivers\AU_Backup
2007-04-18 22:15 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trend Micro
2007-04-18 19:45 102,800 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-04-18 19:42 <DIR> d-------- C:\DOCUME~1\ADMINI~1\.housecall6.6
2007-04-13 17:36 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\MySpace
2007-04-08 03:06 64,512 --a------ C:\WINDOWS\system32\PTPITCP.dll
2007-04-08 03:06 307,200 --a------ C:\WINDOWS\system32\KPDPM.dll
2007-04-08 03:06 229,376 --a------ C:\WINDOWS\system32\KPDPMUI.dll
2007-04-08 03:06 <DIR> d-------- C:\WINDOWS\system32\BWKDLogs
2007-04-08 03:05 <DIR> d-------- C:\Program Files\Common Files\Kodak
2007-04-08 03:04 <DIR> d-------- C:\WINDOWS\system32\color
2007-04-08 02:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
2007-04-08 02:26 <DIR> d-------- C:\Program Files\Kodak
2007-04-07 17:54 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-03-29 00:25 <DIR> d-------- C:\Program Files\iTunes
2007-03-28 23:04 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))


2007-04-23 17:39 -------- d-------- C:\Program Files\apoint
2007-04-23 13:46 5785 --a------ C:\Program Files\hijackthis.log
2007-04-23 01:22 -------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\uniblue
2007-04-23 01:04 -------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\utorrent
2007-04-23 00:21 -------- d-------- C:\Program Files\pcpitstop
2007-04-21 22:00 -------- d-------- C:\Program Files\google
2007-04-18 21:58 -------- d-------- C:\Program Files\Common Files\symantec shared
2007-04-14 12:23 -------- d--h----- C:\Program Files\installshield installation information
2007-03-29 00:25 -------- d-------- C:\Program Files\ipod
2007-03-29 00:22 -------- d-------- C:\Program Files\quicktime
2007-03-29 00:00 -------- d-------- C:\Program Files\apple software update
2007-03-21 14:48 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-03-17 17:25 -------- d-------- C:\Program Files\slimserver
2007-03-17 08:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-08 10:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-04 20:53 -------- d-------- C:\Program Files\dellconnect
2007-03-03 21:10 -------- d-------- C:\Program Files\registryfix
2007-03-03 21:07 -------- d-------- C:\Program Files\eusing free registry cleaner
2007-02-09 12:05 69368 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\gdipfontcachev1.dat
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-01-31 21:17 3287 --a------ C:\WINDOWS\mozver.dat
2007-01-27 01:38 552 --a------ C:\WINDOWS\system32\d3d8caps.dat


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
"IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 2007\\pccguide.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoViewOnDrive"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\run]

HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
"backup"="C:\\WINDOWS\\pss\\Kodak EasyShare software.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Kodak\\KODAKE~1\\bin\\EAS YSH~1.EXE -hx"
"item"="Kodak EasyShare software"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SlimServer Tray Tool.lnk]
"backup"="C:\\WINDOWS\\pss\\SlimServer Tray Tool.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\SLIMSE~1\\SlimTray.ex e "
"item"="SlimServer Tray Tool"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize Scheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="PCPOptimize"
"hkey"="HKLM"
"command"="C:\\Program Files\\PCPitstop\\Optimize\\PCPOptimize.exe -boot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCPitstop Disk MD Registration Reminder]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="Reminder"
"hkey"="HKLM"
"command"="C:\\Program Files\\PCPitstop\\Disk MD\\Reminder.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="SpyEraser"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Uniblue\\SpyEraser\\SpyEraser.exe\" -m"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
"item"="utorrent"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\uTorrent\\utorrent.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vsmon"=dword:00000003
"iPod Service"=dword:00000003
"aspnet_state"=dword:00000003
"LiveUpdate"=dword:00000003
"ose"=dword:00000003
"CLTNetCnService"=dword:00000002
"Automatic LiveUpdate Scheduler"=dword:00000002
"slimsvc"=dword:00000002
"IDriverT"=dword:00000003
"Adobe LM Service"=dword:00000003
"NBService"=dword:00000003
"gusvc"=dword:00000003

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{7f20ec10-cac0-11db-b92a-806d6172696f}]
Shell\AutoRun\command D:\Setup.exe


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Uniblue SpyEraser Nag.job
C:\WINDOWS\tasks\Uniblue SpyEraser.job
__________________

cubbygrl21 is offline  
Old 04-24-2007, 12:15 AM   #3
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Default Re: 100% cpu usage, cant seem to figure out whats wrong

this is the rest of the combofix log

************************************************** ******************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-23 20:13:54
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
cubbygrl21 is offline  
Old 04-24-2007, 05:04 AM   #4
Daemon Poster
 
Steff's Avatar
 
Join Date: Sep 2006
Posts: 1,435
Send a message via MSN to Steff
Default Re: 100% cpu usage, cant seem to figure out whats wrong

whats running in your proccesses? anything that you can see thats demanding?
__________________
hi, i like eggs.
Steff is offline  
Old 04-24-2007, 06:10 AM   #5
Golden Master
 
Raffaz's Avatar
 
Join Date: Sep 2006
Posts: 6,798
Send a message via AIM to Raffaz Send a message via MSN to Raffaz Send a message via Yahoo to Raffaz
Default Re: 100% cpu usage, cant seem to figure out whats wrong

Your hijack this log isnt bad, there are 2 entries that can be fixed but i doubt they are the cause of your problems, here they are if you wanna sort them.

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

Do what steff said and post back
Raffaz is offline  
Old 04-24-2007, 09:35 AM   #6
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: 100% cpu usage, cant seem to figure out whats wrong

Are you by any chance in the Chicago area and using comcast as your provider?



Anyways, what I would recommend doing is cut and paste/ or upload the log file to http://www.hijackthis.de/


See *ALL* the output for yourself. Very neat. I double checked your log file for hijack this and you have nothing unsafe on your system at least what HIJACK this detected that is.


Since, hijack this didnt detect anything at this point I would recommend downloading;

registryprot 2.0
http://www.diamondcs.com.au/index.php?page=regprot

a-squared Anti-Malware 2.1
http://www.emsisoft.com/en/


rescan your system.

PS open command prompt and issue the command systeminfo post results. 'Possibly' a memory issue or could be malicious code.
0x0161 is offline  
Old 04-24-2007, 01:22 PM   #7
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Default Re: 100% cpu usage, cant seem to figure out whats wrong

hey as far as what Steff was curious about, it really can be any process using all the cpu. Even if I have it in safe mode with less than 20 processes running it still runs at 100%. Right now firefox is at anywhere from 40- to 80. Appoint is from about 10-30 or so. and so on. I have done a bunch of scans of the running processes, I have even searched all of them online looking at what they are. They all seem to be legitimate. Lets say though, I eliminated the firefox process, then another would just take the lead. I am really stumped.



0x0161

I am in fact in Chicago, and use Comcast I hate comcast.


I will upload my hijack this log, and then download those two programs and post the results asap!

thanks again for your help. I just cant figure out what it wrong.
cubbygrl21 is offline  
Old 04-24-2007, 01:33 PM   #8
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Default Re: 100% cpu usage, cant seem to figure out whats wrong

I just uploaded my hijack this log to that website, wow, thats a realy nice site. It cam up pretty clean, there were a couple entries

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

it said Possibly nasty! According to our database this process runs normally in c:\programme\dell\quickset\! Check if you know this process and arrange a viruscheck where required. This entry was classified from our visitors as good."

C:\Program Files\Apoint\Apntex.exe

Possibly nasty! According to our database this process runs normally in c:\programme\apoint2k\! Check if you know this process and arrange a viruscheck where required.


That was pretty much it.

I will now download those two programs and run the scans and post the logs. thanks again guys!
cubbygrl21 is offline  
Old 04-24-2007, 01:44 PM   #9
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Default Re: 100% cpu usage, cant seem to figure out whats wrong

I am doing the regsitryport program, I am not really sure how I am supposed to know whats good and what isn't I am just going by what I have seen before. Not really sure though. I am going to try the other program
cubbygrl21 is offline  
Old 04-24-2007, 02:34 PM   #10
Solid State Member
 
Join Date: Apr 2007
Posts: 17
Smile Re: 100% cpu usage, cant seem to figure out whats wrong

Host Name: JDAWWG
OS Name: Microsoft Windows XP Professional
OS Version: 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Uniprocessor Free
Registered Owner: jessica davis
Registered Organization: student
Product ID: 76487-OEM-0011903-00102
Original Install Date: 8/19/2006, 18:55:14 PM
System Up Time: 1 Days, 1 Hours, 27 Minutes, 53 Seconds
System Manufacturer: Dell Computer Corporation
System Model: Inspiron 600m
System type: X86-based PC
Processor(s): 1 Processor(s) Installed.
[01]: x86 Family 6 Model 13 Stepping 6 GenuineIntel ~
591 Mhz
BIOS Version: DELL - 27d5061d
Windows Directory: C:\WINDOWS
System Directory: C:\WINDOWS\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (GMT-06:00) Central Time (US & Canada)
Total Physical Memory: 1,023 MB
Available Physical Memory: 88 MB
Virtual Memory: Max Size: 2,048 MB
Virtual Memory: Available: 2,008 MB
Virtual Memory: In Use: 40 MB
Page File Location(s): C:\pagefile.sys
Domain: MSHOME
Logon Server: \\JDAWWG
Hotfix(s): 185 Hotfix(s) Installed.
[01]: File 1
[02]: File 1
[03]: File 1
[04]: File 1
[05]: File 1
[06]: File 1
[07]: File 1
[08]: File 1
[09]: File 1
[10]: File 1
[11]: File 1
[12]: File 1
[13]: File 1
[14]: File 1
[15]: File 1
[16]: File 1
[17]: File 1
[18]: File 1
[19]: File 1
[20]: File 1
[21]: File 1
[22]: File 1
[23]: File 1
[24]: File 1
[25]: File 1
[26]: File 1
[27]: File 1
[28]: File 1
[29]: File 1
[30]: File 1
[31]: File 1
[32]: File 1
[33]: File 1
[34]: File 1
[35]: File 1
[36]: File 1
[37]: File 1
[38]: File 1
[39]: File 1
[40]: File 1
[41]: File 1
[42]: File 1
[43]: File 1
[44]: File 1
[45]: File 1
[46]: File 1
[47]: File 1
[48]: File 1
[49]: File 1
[50]: File 1
[51]: File 1
[52]: File 1
[53]: File 1
[54]: File 1
[55]: File 1
[56]: File 1
[57]: File 1
[58]: File 1
[59]: File 1
[60]: File 1
[61]: File 1
[62]: File 1
[63]: File 1
[64]: File 1
[65]: File 1
[66]: File 1
[67]: File 1
[68]: File 1
[69]: File 1
[70]: File 1
[71]: File 1
[72]: File 1
[73]: File 1
[74]: File 1
[75]: File 1
[76]: File 1
[77]: File 1
[78]: File 1
[79]: File 1
[80]: File 1
[81]: File 1
[82]: File 1
[83]: File 1
[84]: File 1
[85]: File 1
[86]: File 1
[87]: File 1
[88]: File 1
[89]: File 1
[90]: Q147222
[91]: Q927978
[92]: IDNMitigationAPIs - Update
[93]: NLSDownlevelMapping - Update
[94]: KB925398_WMP64
[95]: KB917734_WMP9
[96]: KB923689
[97]: KB873339 - Update
[98]: KB885835 - Update
[99]: KB885836 - Update
[100]: KB885884 - Update
[101]: KB886185 - Update
[102]: KB887472 - Update
[103]: KB888302 - Update
[104]: KB890046 - Update
[105]: KB890859 - Update
[106]: KB891781 - Update
[107]: KB893756 - Update
[108]: KB893803v2 - Update
[109]: KB894391 - Update
[110]: KB896358 - Update
[111]: KB896423 - Update
[112]: KB896424 - Update
[113]: KB896428 - Update
[114]: KB898461 - Update
[115]: KB899587 - Update
[116]: KB899589 - Update
[117]: KB899591 - Update
[118]: KB900485 - Update
[119]: KB900725 - Update
[120]: KB901017 - Update
[121]: KB901214 - Update
[122]: KB902400 - Update
[123]: KB904706 - Update
[124]: KB904942 - Update
[125]: KB905414 - Update
[126]: KB905749 - Update
[127]: KB908519 - Update
[128]: KB908531 - Update
[129]: KB910437 - Update
[130]: KB911280 - Update
[131]: KB911562 - Update
[132]: KB911567 - Update
[133]: KB911927 - Update
__________________

cubbygrl21 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 06:55 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0