CPU Usage 100% but nothing is open.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

jackattack363

Thread Starter
Joined
May 12, 2007
Messages
27
Hey everyone,
I am returning to this site after you helped me through my vundo virus with a new and worse problem. My computer cannot perform the simplest tasks without becoming horribly choppy and laggy. When I open a new program my computer will start lagging for up to 15 minutes before it finally calms down. When i checked what was hogging my CPU in procexp.exe it said that Hardware Interrupts were using over 50% of my total! I then went and unplugged my mouse and keyboard and after about 5 minutes the percentage went down, but I think that is just because the computer was not loading any new programs therefore the Usage went down naturally. PLEASE HELP!!! I want my computer back to normal! Here's a HJT log thanks again.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14:15, on 2007-07-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\CachemanXP\CachemanXP.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\locator.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\HJT\HiJackThis_v2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Jack\LOCALS~1\Temp\Rar$EX00.859\procexp.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\Get-Torrent\TorrentManager.dll
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [cornborerecthide] C:\Documents and Settings\All Users\Application Data\campenccornbore\bike skip.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DartAdmin] C:\DOCUME~1\Jack\APPLIC~1\bashfunkdata\forkthe.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBF27806-AB1C-4F15-985E-616A8F29266B}: NameServer = 68.87.77.130,68.87.72.130
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\PROGRA~1\CachemanXP\CachemanXP.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

--
End of file - 4735 bytes
 
Joined
Sep 7, 2004
Messages
49,014
Please Download NoLop to your desktop from

http://www.thespykiller.co.uk/index...be028538366e8b644d0e9fd&action=tpmod;dl=get16

First close any other programs you have running as this will require a reboot
· Double click NoLop.exe to run it
· Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
· When scanning is finished you will be prompted to reboot only if infected, Click OK
· Now click the "REBOOT" Button.
· A Message should popup from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HijackThis log
·
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download http://www.boletrice.com/downloads/mscomctl.ocx to your system32 folder then rerun the program
===============

Download Superantispyware (SAS) free home version

http://www.superantispyware.com/superantispywarefreevspro.html

Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me with a new HijackThis log.

This will take some time!!!!!!!!
 

jackattack363

Thread Starter
Joined
May 12, 2007
Messages
27
Ok the NoLop.exe said nothing was wrong but the SAS said i had Lop virus. Its taking a really long time... especially on all my music. Ill post that log asap.
 

jackattack363

Thread Starter
Joined
May 12, 2007
Messages
27
Omg I started the SAS scan and it picked up like 50 different viruses in the first 40 mins then slowed to a halt. I left my computer alone for awhile and my stupid brother came around and spammed next and finish and cleaned all the viruses off before I could get a log. So I'm running another scan to get a partial log for you... hope this helps! Heres the LOP log.

NoLop! Log by Skate_Punk_21

Please Note: any existing old logs will have now been renamed to NoLop!OLD.log

Fix running from: C:\Documents and Settings\Jack\Desktop
[2007-07-06]
[02:14:05]

---Infection Files Found/Removed---
NO INFECTION FILES FOUND - Cleaning Aborted.

---Listing AppData sub directories---

C:\Documents and Settings\Admin\Application Data\Adobe
C:\Documents and Settings\Admin\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Admin\Application Data\Aim
C:\Documents and Settings\Admin\Application Data\Ati
C:\Documents and Settings\Admin\Application Data\Ati Mmc -- EMPTY Directory
C:\Documents and Settings\Admin\Application Data\Comodo
C:\Documents and Settings\Admin\Application Data\Gtek
C:\Documents and Settings\Admin\Application Data\Identities
C:\Documents and Settings\Admin\Application Data\Macromedia
C:\Documents and Settings\Admin\Application Data\Microsoft
C:\Documents and Settings\Admin\Application Data\Mozilla
C:\Documents and Settings\Admin\Application Data\Sun
C:\Documents and Settings\Admin\Application Data\Webroot
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Adobe Systems
C:\Documents and Settings\All Users\Application Data\Aol
C:\Documents and Settings\All Users\Application Data\Aol Downloads
C:\Documents and Settings\All Users\Application Data\Aol Ocp
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Ati Mmc
C:\Documents and Settings\All Users\Application Data\Campenccornbore
C:\Documents and Settings\All Users\Application Data\Comodo
C:\Documents and Settings\All Users\Application Data\Dvd Shrink
C:\Documents and Settings\All Users\Application Data\Frisk Software
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\Gtek
C:\Documents and Settings\All Users\Application Data\Hewlett-packard
C:\Documents and Settings\All Users\Application Data\Macromedia
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Renguard
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Superantispyware.com
C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Gtek
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Jack\Application Data\Acccore
C:\Documents and Settings\Jack\Application Data\Adobe
C:\Documents and Settings\Jack\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Jack\Application Data\Aim
C:\Documents and Settings\Jack\Application Data\Apple Computer
C:\Documents and Settings\Jack\Application Data\Ati
C:\Documents and Settings\Jack\Application Data\Ati Mmc -- EMPTY Directory
C:\Documents and Settings\Jack\Application Data\Bashfunkdata -- EMPTY Directory
C:\Documents and Settings\Jack\Application Data\Bearshare
C:\Documents and Settings\Jack\Application Data\Comodo
C:\Documents and Settings\Jack\Application Data\Creative
C:\Documents and Settings\Jack\Application Data\Dvdcss
C:\Documents and Settings\Jack\Application Data\Get-torrent
C:\Documents and Settings\Jack\Application Data\Google
C:\Documents and Settings\Jack\Application Data\Gtek
C:\Documents and Settings\Jack\Application Data\Hamachi
C:\Documents and Settings\Jack\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Jack\Application Data\Identities
C:\Documents and Settings\Jack\Application Data\Leadertech
C:\Documents and Settings\Jack\Application Data\Macromedia
C:\Documents and Settings\Jack\Application Data\Microsoft
C:\Documents and Settings\Jack\Application Data\Mozilla
C:\Documents and Settings\Jack\Application Data\Musicmatch
C:\Documents and Settings\Jack\Application Data\Opera -- EMPTY Directory
C:\Documents and Settings\Jack\Application Data\Pc Tools
C:\Documents and Settings\Jack\Application Data\Smartdraw
C:\Documents and Settings\Jack\Application Data\Smartdraw Image Plugin
C:\Documents and Settings\Jack\Application Data\Sun
C:\Documents and Settings\Jack\Application Data\Superantispyware.com
C:\Documents and Settings\Jack\Application Data\Teamspeak2
C:\Documents and Settings\Jack\Application Data\Ventrilo
C:\Documents and Settings\Jack\Application Data\Viewpoint
C:\Documents and Settings\Jack\Application Data\Vlc
C:\Documents and Settings\Jack\Application Data\Webshots
C:\Documents and Settings\Jack\Application Data\Xfire
C:\Documents and Settings\Jack\Application Data\{27abead9-b7c4-4994-891f-48f5f48861fa}
C:\Documents and Settings\Localservice\Application Data\Adobe
C:\Documents and Settings\Localservice\Application Data\Macromedia
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
 

jackattack363

Thread Starter
Joined
May 12, 2007
Messages
27
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14:39, on 2007-07-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\CachemanXP\CachemanXP.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\locator.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HiJackThis_v2.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBF27806-AB1C-4F15-985E-616A8F29266B}: NameServer = 68.87.77.130,68.87.72.130
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\PROGRA~1\CachemanXP\CachemanXP.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

--
End of file - 4973 bytes
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

No members online now.
Top