High CPU Usage
Results 1 to 14 of 14

Thread: High CPU Usage

Threaded View

  1. March 8th, 2006, 02:33 PM #1
    hmmm's Avatar
    hmmm
    hmmm is offline Virtual Intern
    Join Date
    Mar 2002
    Location
    Dilham, The UK
    Posts
    412

    High CPU Usage

    Task Manager shows that my System Idle Process is running in 80s and 90s.
    As soon as I open a program CPU of that particular program goes sky high. For instance at the moment I am listening some music via WMP and the CPU is running between 10-15. But if I try to open another program CPU will rocket. And obviously it will take long time to open.
    This behavior has only started recently. No software were installed apart from windows critical updates.

    I have Windows Defender, Spy Bot Search and Destroy, Spywareblaster, Ad-Aware se Personal, Crap Cleaner and Avg 7.1.375. They all are updated and checked.

    Dunedin from XP Forum tried to help me tremendously hard for me but no vail. So I am over here.


    Adware Alert found below but ubless I pay it will not remove them.



    Downloaded SpySweeper, run it and found below. But unless you buy it it will not remove them



    I tried Panda (please see below)It will not remove anything unless you buy it.
    Incident Status Location
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\twh8rmwy.default\cookies.txt[]
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt[]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt[82763522]
    Dialerialer.Gen Not disinfected C:\WINDOWS\system32\UKVideo2-uninstall.exe


    PestPetrol only found "limewire" and "Adware.sqwire". This program will not remove anything either unless it is purchased.


    I downloaded, updated Ewido and did a full scan.
    Here is the full result.
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 18:24:42, 08/03/2006
    + Report-Checksum: F8028C8B

    + Scan result:

    :mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\twh8rmwy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.9:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\twh8rmwy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.8:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.9:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.11:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.12:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.13:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.14:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.15:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.38:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
    :mozilla.39:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
    :mozilla.40:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.41:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.42:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.43:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.44:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.50:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.57:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.75:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.77:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.85:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.86:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.87:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.88:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.89:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.90:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.93:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.95:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\083ybjjh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup

    ::Report End
    As you will see I think they were all cookies.


    I would appreciate your help if you can please.
    Thank you.

    Also please find my HijackThis Log.

    Logfile of HijackThis v1.99.1
    Scan saved at 20:41:47, on 08/03/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Creative\ShareDLL\CtNotify.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\MWSnap\MWSnap.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\Program Files\Creative\ShareDLL\MediaDet.Exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\System32\E_S00RP2.EXE
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\system32\LckFldService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Active CPU\acpu.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\DOCUME~1\ergin\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.co.uk/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    O1 - Hosts: 62.189.6.85 _sip._tls.sip5.phoneserve.com
    O1 - Hosts: 62.189.6.85 _sip._ssl.sip5.phoneserve.com
    O1 - Hosts: 62.189.6.86 _sip._tls.sip6.phoneserve.com
    O1 - Hosts: 62.189.6.86 _sip._ssl.sip6.phoneserve.com
    O1 - Hosts: 62.189.6.93 _sip._tls.sip7.phoneserve.com
    O1 - Hosts: 62.189.6.93 _sip._ssl.sip7.phoneserve.com
    O1 - Hosts: 62.189.6.78 _sip._tls.sip1.callserve.com
    O1 - Hosts: 62.189.6.78 _sip._ssl.sip1.callserve.com
    O1 - Hosts: 62.189.6.79 _sip._tls.sip2.callserve.com
    O1 - Hosts: 62.189.6.79 _sip._ssl.sip2.callserve.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Popup Manager - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\System32\E_S186.tmp"
    O4 - HKCU\..\Run: [MWSnap] "C:\Program Files\MWSnap\MWSnap.exe"
    O4 - Startup: SeePrompt.lnk = C:\Program Files\See-Prompt\SeePrompt.exe
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
    O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/game...ts/y/at0_x.cab
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/CTSUEng.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {48C20DEE-B00A-11D4-9B2F-0060975D990E} (Hi2Lobby Class) - http://212.122.148.211/lobby/atlclient.cab
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe
    O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - http://moneymanager.egg.com/activex/accounttracking.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
    O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.my-etrust.com/Support/Pes...r/pestscan.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120066434830
    O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/de.../GoogleNav.cab
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europ...vex/hcImpl.cab
    O16 - DPF: {7380B862-BA18-4529-8972-C66B82AA5D1D} (AccountTracking Class) - http://moneymanager.egg.com/customer...nttracking.cab
    O16 - DPF: {78960E0E-0B0C-11D4-8997-00104BD12D94} (AV Class) - http://www.pcpitstop.com/antivirus/PCPAV.CAB
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.dll
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0EC4A2F7-74B8-4E0B-878A-D7853CAE135A}: NameServer = 212.175.13.113,212.175.13.114
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: EPSON V3 Service2(02) (EPSON_PM_RPCV2_02) - SEIKO EPSON CORPORATION - C:\WINDOWS\System32\E_S00RP2.EXE
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    Last edited by hmmm; March 8th, 2006 at 02:47 PM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules