1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

CPU Hogging, Low Disk Space Error, Strange blue box on desktop

Discussion in 'Windows XP' started by rich_mat_rix, Feb 2, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. rich_mat_rix

    rich_mat_rix Thread Starter

    Joined:
    Feb 2, 2007
    Messages:
    1
    Hi All,

    I've been having major problems with my PC over the last couple of weeks and I hoping someone out there can help me before I bite the bullet and format my hard drive. I have had 3 main problems:

    1. My CPU is often being hogged up to 100% by the system idle process and/or snmp.exe.

    2. I know my 15GB C: drive is half full but i'm getting Low Disk Space error messages saying that the drive is very low on disk space. When I check the space it shows as being full, yet when I reboot the drive is half empty again.

    3. When Windows XP loads up, there is a tiny blue dot in the top left corner of the desktop. I can click on it and drag it around and it actually appears to be a small vertical rectangle with a white square inside the lower half, which is similar to the edge of a program header bar, but apart from being able to move it around, I cannot get it to do anything else.

    Here is my Hijackthis log:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:13:11, on 02/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Gigabyte\ET5\GUI.exe
    C:\Program Files\TRIXX\TRIXX.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\regscan.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\cleanmgr.exe
    D:\Downloads\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
    O1 - Hosts: 66.98.148.65 auto.search.msn.com
    O1 - Hosts: 66.98.148.65 auto.search.msn.es
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [EasyTuneV] "C:\Program Files\Gigabyte\ET5\GUI.exe"
    O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OrderReminder] "C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe"
    O4 - HKLM\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\system32\regscan.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

    Please, someone help me before I throw my computer out the window!

    Rich
     
  2. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    I don't see any obvious problems in the scanlog.

    System Idle Process should be high -- the higher the better.

    Snmp Simple Network Management Protocol should not.

    This is not a default service but some applications can enable it.

    What you might do is run services.msc and locate that service. Double click it. If it is set to Automatic -- try setting it to Manual and reboot.

    If it is set to Manual -- disable it and reboot. See if any application "breaks".

    Determine whether the other problems occur in Safe Mode or in a Clean boot:

    CLEAN BOOT TROUBLESHOOTING technique XP

    First, restart in Safe Mode (tap the f8 key promptly on startup and choose the Safe Mode option from the boot menu).

    In Safe Mode –

    Run msconfig and select the "Services" tab. Check "Hide Microsoft Services" and then disable the rest. Also uncheck "load startup group" on the general page.

    See this link for detailed information:

    http://support.microsoft.com/default.aspx?scid=kb;EN-US;310353

    Now restart and test the issue at hand

    If no problems, run msconfig and recheck half the disabled items on the Services tab. Test again. If the problem recurs, UNcheck half the items you just checked to narrow down the culprit.

    If the problem didn't occur, check the other half, so all the Services are enabled -- proceed to do this on the startup tab as well.

    Get the idea? You want to isolate the problem to a specific startup if possible.

    Note: if you already have items unchecked under msconfig > startups and are in “selective” startup mode – you should note what these are before beginning. They will need to be de-selected again.
     
  3. GorinUngo

    GorinUngo

    Joined:
    Jul 22, 2007
    Messages:
    1
    I got the same little blue rectangle in my window. I've been searching the web for some answers but this post was the only thing I could find.

    Is there any news out there on what this could be?
     
  4. devil_himself

    devil_himself

    Joined:
    Apr 7, 2007
    Messages:
    4,910
    Can you show us a screenshot of the Blue rectangle
     
  5. Frank4d

    Frank4d Retired Trusted Advisor

    Joined:
    Sep 10, 2006
    Messages:
    9,126
    For the blue rectangle problem try this. Open Display Properties > Desktop tab > Customize Desktop button > Web tab. Delete all items in the Web pages window unless you put them there (except 'My Current Home Page' which is not deletable).

    Also, the log in post #1 contains a trojan that was not caught (not that it matters after five months). If the above doesn't fix your problem, consider posting a HijackThis log.
     
  6. berick

    berick

    Joined:
    Jul 25, 2007
    Messages:
    1
    The blue box is from LOP.COM, malware. I tried Windows Defender, and that did not find it. I then tried Spyware Doctor and it found it, with its free scan, but would not fix it without registration. It was worth the money to register this program and run it.

    I found this by doing a google on LOP.COM REMOVAL
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Hogging Disk Space
  1. ehbowen
    Replies:
    7
    Views:
    689
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/540561

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice