Headnazgul Posted August 16, 2006 Share Posted August 16, 2006 HiJackThis Log: Logfile of HijackThis v1.99.1 Scan saved at 10:18:11 PM, on 8/15/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss[Caution: Executable File] C:\WINDOWS\system32\winlogon[Caution: Executable File] C:\WINDOWS\system32\services[Caution: Executable File] C:\WINDOWS\system32\lsass[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Windows Defender\MsMpEng[Caution: Executable File] C:\WINDOWS\System32\svchost[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\EvtEng[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\ZcfgSvc[Caution: Executable File] C:\Program Files\AlienGUIse\wbload[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\S24EvMon[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\WLKeeper[Caution: Executable File] C:\WINDOWS\system32\brsvc01a[Caution: Executable File] C:\WINDOWS\system32\spoolsv[Caution: Executable File] C:\WINDOWS\system32\brss01a[Caution: Executable File] C:\WINDOWS\system32\Brmfrmps[Caution: Executable File] C:\WINDOWS\system32\CTsvcCDA[Caution: Executable File] C:\WINDOWS\eHome\ehRecvr[Caution: Executable File] C:\WINDOWS\eHome\ehSched[Caution: Executable File] C:\WINDOWS\system32\inetsrv\inetinfo[Caution: Executable File] c:\program files\mcafee.com\agent\mcdetect[Caution: Executable File] c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: Executable File] c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: Executable File] C:\WINDOWS\Explorer[Caution: Executable File] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm[Caution: Executable File] C:\PROGRA~1\McAfee.com\PERSON~1\MpfService[Caution: Executable File] C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC[Caution: Executable File] C:\WINDOWS\system32\nvsvc32[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\RegSrvc[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\ehome\ehtray[Caution: Executable File] C:\Program Files\Apoint\Apoint[Caution: Executable File] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: Executable File] C:\Program Files\Intel\Wireless\Bin\ifrmewrk[Caution: Executable File] C:\Program Files\Dell\QuickSet\quickset[Caution: Executable File] C:\Program Files\CyberLink\PowerDVD\DVDLauncher[Caution: Executable File] C:\PROGRA~1\Intel\Wireless\Bin\1XConfig[Caution: Executable File] C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: Executable File] C:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File] C:\Program Files\McAfee.com\VSO\mcvsshld[Caution: Executable File] C:\Program Files\McAfee.com\VSO\oasclnt[Caution: Executable File] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray[Caution: Executable File] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr[Caution: Executable File] C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET[Caution: Executable File] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol[Caution: Executable File] C:\WINDOWS\CTHELPER[Caution: Executable File] C:\Program Files\Common Files\AOL\1135380893\ee\AOLSoftware[Caution: Executable File] C:\Program Files\Microsoft IntelliPoint\point32[Caution: Executable File] C:\Program Files\ScanSoft\PaperPort\pptd40nt[Caution: Executable File] C:\WINDOWS\system32\dla\tfswctrl[Caution: Executable File] C:\Program Files\iTunes\iTunesHelper[Caution: Executable File] C:\Program Files\Windows Defender\MSASCui[Caution: Executable File] c:\progra~1\mcafee.com\vso\mcvsescn[Caution: Executable File] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: Executable File] C:\Program Files\Apoint\Apntex[Caution: Executable File] C:\Program Files\Digital Line Detect\DLG[Caution: Executable File] C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg[Caution: Executable File] C:\PROGRA~1\SHORTK~1\shklite[Caution: Executable File] C:\WINDOWS\system32\dllhost[Caution: Executable File] C:\Program Files\iPod\bin\iPodService[Caution: Executable File] C:\WINDOWS\eHome\ehmsas[Caution: Executable File] C:\PROGRA~1\McAfee.com\PERSON~1\Mp[bleep]ent[Caution: Executable File] c:\progra~1\mcafee.com\vso\mcvsftsn[Caution: Executable File] C:\Program Files\Messenger\msmsgs[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Windows Media Player\wmplayer[Caution: Executable File] C:\Documents and Settings\Devon Short\Desktop\runescape[Caution: Executable File] C:\Program Files\MSN Messenger\msnmsgr[Caution: Executable File] C:\Program Files\BitLord\BitLord[Caution: Executable File] C:\Program Files\mIRC\mirc[Caution: Executable File] C:\WINDOWS\system32\WISPTIS[Caution: Executable File] C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen[Caution: Executable File] C:\Documents and Settings\Devon Short\My Documents\My Downloads\ProcessExplorerNt\procexp[Caution: Executable File] C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop[Caution: Executable File] C:\DOCUME~1\DEVONS~1\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File] C:\DOCUME~1\DEVONS~1\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\Documents and Settings\Devon Short\Desktop\HijackThis[Caution: Executable File] C:\WINDOWS\system32\wuauclt[Caution: Executable File] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.meloco.com/index.php?i=e R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray[Caution: Executable File] O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint[Caution: Executable File] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /installquiet O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: Executable File] O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk[Caution: Executable File] /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset[Caution: Executable File] O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher[Caution: Executable File]" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM[Caution: Executable File] -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: Executable File]" -start O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr[Caution: Executable File]" /checktask O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File] O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate[Caution: Executable File] O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld[Caution: Executable File] O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt[Caution: Executable File] O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray[Caution: Executable File] O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr[Caution: Executable File] O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET[Caution: Executable File]" O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol[Caution: Executable File] /r O4 - HKLM\..\Run: [CTPerformanceUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\SB Performance Utility\CTPowUti[Caution: Executable File] O4 - HKLM\..\Run: [CTHelper] CTHELPER[Caution: Executable File] O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135380893\ee\AOLSoftware[Caution: Executable File] O4 - HKLM\..\Run: [TosGbWatcher] "C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher[Caution: Executable File]" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32[Caution: Executable File]" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate[Caution: Executable File]" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt[Caution: Executable File] O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch[Caution: Executable File] O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt[Caution: Executable File] O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen[Caution: Executable File] /autorun O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl[Caution: Executable File] O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]" -hide O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend[Caution: Executable File] O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt[Caution: Executable File]" /startup O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef[Caution: Executable File] O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: Executable File] /R O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen[Caution: Executable File] /nosplash O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File] O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: Executable File] O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Instant Wireless Configuration Utility.lnk = ? O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate[Caution: Executable File] O4 - Global Startup: ShortKeys Lite.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL[Caution: Executable File]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: Executable File] O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger[Caution: Executable File] O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger[Caution: Executable File] O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v ... b34246.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File] O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps[Caution: Executable File]" -service (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a[Caution: Executable File] O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA[Caution: Executable File] O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng[Caution: Executable File] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: Executable File] O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File] O23 - Service: McAfee WSC Integration (McDetect[Caution: Executable File]) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect[Caution: Executable File] O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: Executable File] O23 - Service: McAfee Task Scheduler (McTskshd[Caution: Executable File]) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: Executable File] O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr[Caution: Executable File]) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr[Caution: Executable File] O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService[Caution: Executable File] O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC[Caution: Executable File] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File] O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc[Caution: Executable File] O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon[Caution: Executable File] O23 - Service: WLANKEEPER - IntelÃÆââ¬Å¡Ãâî Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper[Caution: Executable File] Details of problem I am experiencing: Narrowing it down as much as possible I get this: Looking that "thread" or whatever up on the internet, the only words I could discern from the tech-mumbojumbo were "drivers" and "que". So I'm guessing the problem lies somewhere in there... I realize restarting my computer solves the problem, it has in the past, but I'm looking for a permanent solution. This is really frustrating. I can't play RS, I can't surf forums, I can barely type. Why even right now as I type this out, the computer is 10 to 20 characters behind my fingers. It took me nearly 30 minutes just to type this whole thing out, take the hijackthis log and copy it here, and take the screenies. That doesn't even include the 9 minute start-up for Photoshop to add explanations to the pictures. However fun watching the computer type by itself is, I want this fixed. Any help or information is greatly appreciated. Link to comment Share on other sites More sharing options...
LP Posted August 16, 2006 Share Posted August 16, 2006 WAY to many unnecessary processes/threads running. Link to comment Share on other sites More sharing options...
Headnazgul Posted August 16, 2006 Author Share Posted August 16, 2006 I run that many and more all the time without this problem. This just happens at random times for some reason. Why does all the CPU usage go to system instead of the individual programs? I'd think it would show more usage of the programs themselves than System. I've tried closing most the unnecessaries in the past though. They always open right back up so I just gave up and stopped trying. Only ones I close now are ones in the tasktray that I don't use. Link to comment Share on other sites More sharing options...
Greatsilverwyrm Posted August 16, 2006 Share Posted August 16, 2006 I run that many and more all the time without this problem. This just happens at random times for some reason. Why does all the CPU usage go to system instead of the individual programs? I'd think it would show more usage of the programs themselves than System. I've tried closing most the unnecessaries in the past though. They always open right back up so I just gave up and stopped trying. Only ones I close now are ones in the tasktray that I don't use. The ones that "open right back up" are likely spyware or some other sort of nasty. I've never encountered a legitimate system process that would reopen itself the way that nasties do. Link to comment Share on other sites More sharing options...
Anesthesia Posted August 16, 2006 Share Posted August 16, 2006 The ones that "open right back up" are likely spyware or some other sort of nasty. I've never encountered a legitimate system process that would reopen itself the way that nasties do. License services generally do, including the WGA crap. I've not read the rest of the thread but: Get Process Explorer from http://www.sysinternals.com (under process tools) and have a look to see which process is using the CPU so much. Some people are changed by being a moderator. I wouldn't be. Link to comment Share on other sites More sharing options...
Cruiser Posted August 16, 2006 Share Posted August 16, 2006 The ones that "open right back up" are likely spyware or some other sort of nasty. I've never encountered a legitimate system process that would reopen itself the way that nasties do. License services generally do, including the WGA crap. I've not read the rest of the thread but: Get Process Explorer from http://www.sysinternals.com (under process tools) and have a look to see which process is using the CPU so much. There are cracks for WGA floating around that remove it for you, along with manual instructions. He's also already using Process Explorer if you look at his screenshots. :P System using that much CPU time more than likely means you have a virus that's inserted itself into the system files, spyware, or your Windows install is just going down the tubes. Run virus and spyware scans and see what comes up. If nothing, you may want to take it in somewhere that will give you a more hands on diagnoses. Link to comment Share on other sites More sharing options...
Anesthesia Posted August 16, 2006 Share Posted August 16, 2006 He's also already using Process Explorer if you look at his screenshots. :P I hadn't even read all the first post ;) However, this just reinforces that anyone else reading this thread should get process explorer because it is just generally great. As for the WGA crack, we don't talk about that sort of thing here for fear of getting our bottoms smacked. I don't have it on my machine because I haven't installed SP2. Some people are changed by being a moderator. I wouldn't be. Link to comment Share on other sites More sharing options...
Headnazgul Posted August 16, 2006 Author Share Posted August 16, 2006 Get Process Explorer from http://www.sysinternals.com (under process tools) and have a look to see which process is using the CPU so much. I took some screen shots of what Process Explorer showed in my post :P. I've had it for awhile and it's helped in the past. But I'm posting this here because what's using all the CPU is "System". It's not even "System Idle Process", it's the actual "System" and I can't close it. I checked it's properties and found which "thread" (I dunno what a thread is) was using the most cpu, and its highlighted in the next pic. System using that much CPU time more than likely means you have a virus that's inserted itself into the system files, spyware, or your Windows install is just going down the tubes. Run virus and spyware scans and see what comes up. If nothing, you may want to take it in somewhere that will give you a more hands on diagnoses. I run a McAfee virus sweep almost every other night and nothing has come up. I'll run an Ad-Aware SE scan right now and see if it finds anything though. Thanks for the help everyone, hope I don't need to take it in though lol. Link to comment Share on other sites More sharing options...
LP Posted August 16, 2006 Share Posted August 16, 2006 @ the above post Do it in safe mode... Link to comment Share on other sites More sharing options...
Headnazgul Posted August 17, 2006 Author Share Posted August 17, 2006 Ok, I just finished scanning again with McAfee, Ad-Aware SE, AND Windows Defender, and nothing out of the ordinary was found. Link to comment Share on other sites More sharing options...
Sinkhan Posted August 17, 2006 Share Posted August 17, 2006 Get Spybot: SD to try and find anything that MS Defender and Ad-Aware might not have found, get ewido to get Trojans and Worms, get Root-Kit Revealer to find out if you have a rootkit, get Registry Mechanic and Tweaknow Registry Cleaner to fix up your registry, and then get CCleaner to wipe away some of the mess on your PC. And consider AntiVir Classic PersonalEdition (Free) as an antivirus program. It has slightly better detection rates. Something to fill my sig with until I find a replacement.Also check out my blug Link to comment Share on other sites More sharing options...
blade995 Posted August 17, 2006 Share Posted August 17, 2006 Get Spybot: SD to try and find anything that MS Defender and Ad-Aware might not have found, get ewido to get Trojans and Worms, get Root-Kit Revealer to find out if you have a rootkit, get Registry Mechanic and Tweaknow Registry Cleaner to fix up your registry, and then get CCleaner to wipe away some of the mess on your PC. And consider AntiVir Classic PersonalEdition (Free) as an antivirus program. It has slightly better detection rates. I want to see some proof of that over Mcafee, AVG, Nortan or any other major antivirus programs. Link to comment Share on other sites More sharing options...
Slingshot377 Posted August 21, 2006 Share Posted August 21, 2006 U need proof that anything worls better than norton? it sucks. I always have to manually delete the viruses because it does not do sh*t Link to comment Share on other sites More sharing options...
headshot007111 Posted August 21, 2006 Share Posted August 21, 2006 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k or "Dumprep" Kills the CPU (not literally) but it always causes my CPU usage to go to 95 to 100%. It usually comes up if i end task something that takes a few tries, i get 1 or 2 dumpreps and i get hardcore lag. Just end task anything called dumprep, if that doesnt help you probably have lots of spy/ad ware. ~Guide to Solo'ing the KBD~ 99 Cooking | 99 Firemaking | 99 Attack | 99 defense | 99 Hitpoints Link to comment Share on other sites More sharing options...
Albosky Posted August 21, 2006 Share Posted August 21, 2006 Firstly , dumprep wouldnt be listed in your task manager unless something just crashed Secondly, if it did happen to be running , Do NOT kill the process If you want to disable memory dumps on a system failure - Right click on My Computer, selecting Properties and then the Advanced tab. Click on the Settings button in 'Startup and Recovery'. In the bottom pane - under 'Write debugging information' - click on the down arrow and then select 'None' and click "OK" Killing a system process is a LAST resort , ALWAYS. I like to fart silently but deadly in movie theatersArd Choille says (11:41 PM):I wouldn't dare tell you what to do m'dear Link to comment Share on other sites More sharing options...
Cruiser Posted August 21, 2006 Share Posted August 21, 2006 U need proof that anything worls better than norton? it sucks. I always have to manually delete the viruses because it does not do sh*t Yes norton is a steaming pile of crap, yes it misses things, but so will all other anti-virus solutions if you get infected enough. It's just a fact of life on the net. The AV companies are playing a game of catchup every day of the year and can't know of every single virus that's released on the net. The programs themselves are reactive, so the virus/malware is already on your machine before you're even alerted. By then it could have installed itself in multiple places and replaced system files, royally owning your machine. If you don't have the common sense to not get infected in the first place and secure your box, the best AV program on the planet won't save you. This thread was dead for 4 days anyway. No need to bring it back up. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now