Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cpu 100% and usb's not working


  • This topic is locked This topic is locked
3 replies to this topic

#1 freeflo

freeflo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 27 August 2009 - 10:04 AM

Hi

Was using my laptop with a usb internet connection and all of a sudden the computer froze. When I restarted it, it kept saying that it my usb device had malfunctioned. But the modem still works on my friend's laptop. The cpu is now stuck at 100%, but task manager doesn't show any obvious culprit. It won't connect to any other usb devices now either. Otherwise it runs, but of course, very very slowly.

Was using Avast and zone alarm. Have done a system restore, cleaned out the system registry using isyscleaner, cleared out firefox private data and cookies, ran a virus scan using avast and have downloaded and run a adaware and malwarebytes scan. Nuthin.

The only other thing I can say is that I am currently in northern India, and its monsoon, so there is a bit of moisture and static electricity around which can sometimes stuff around with laptops. Pulled out my battery and discharged the power using the power on button, but no luck there.

Suspect an attack from the net, perhaps assisted by some nastie from a friends usb stick. I scan and clean em all, but you never know.

Any help/advice really appreciated.

Here is my DDS log:


DDS (Ver_09-07-30.01) - FAT32x86
Run by Free Sunderland at 19:39:59.59 on Thu 27/08/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.145 [GMT 5.5:30]

AV: avast! antivirus 4.8.1335 [VPS 090826-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
SVCHOST.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\NMSAccessU.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\CNAB3RPK.EXE
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Documents and Settings\Free Sunderland\Desktop\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IndicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe
mRun: [<NO NAME>]
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [AGRSMMSG] AGRSMMSG.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\freesu~1\applic~1\mozilla\firefox\profiles\wolyv6cv.default\
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - plugin: c:\documents and settings\free sunderland\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\free sunderland\local settings\application data\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-08-27 19:00 <DIR> --d----- c:\docume~1\freesu~1\applic~1\Malwarebytes
2009-08-27 18:59 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-27 18:59 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-27 18:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-27 18:59 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-27 18:42 15,688 a------- c:\windows\system32\lsdelete.exe
2009-08-27 18:09 <DIR> --d-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-27 18:07 <DIR> --d----- c:\program files\Lavasoft
2009-08-27 15:03 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-08-13 14:24 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll
2009-08-13 14:05 128,512 -------- c:\windows\system32\dllcache\dhtmled.ocx
2009-08-05 14:31 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll

==================== Find3M ====================

2009-08-27 18:24 4,997,152 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-08-27 18:24 63,764 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-08-05 14:31 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-25 11:12 25,992 a------- c:\windows\system32\pgdfgsvc.exe
2009-07-18 21:35 3,069,440 -------- c:\windows\system32\dllcache\mshtml.dll
2009-07-18 21:35 1,509,888 -------- c:\windows\system32\dllcache\shdocvw.dll
2009-07-18 00:31 58,880 a------- c:\windows\system32\atl.dll
2009-07-18 00:31 58,880 -------- c:\windows\system32\dllcache\atl.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\dllcache\wmpdxm.dll
2009-07-13 10:08 5,537,792 a------- c:\windows\system32\dllcache\wmp.dll
2009-06-26 22:20 666,624 a------- c:\windows\system32\wininet.dll
2009-06-26 22:20 666,624 -------- c:\windows\system32\dllcache\wininet.dll
2009-06-26 22:20 620,032 -------- c:\windows\system32\dllcache\urlmon.dll
2009-06-26 22:20 81,920 a------- c:\windows\system32\ieencode.dll
2009-06-26 22:20 81,920 -------- c:\windows\system32\dllcache\ieencode.dll
2009-06-16 20:06 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 20:06 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 20:06 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 20:06 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-12 18:01 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 18:01 76,288 a------- c:\windows\system32\telnet.exe
2009-06-12 18:01 80,896 -------- c:\windows\system32\dllcache\tlntsess.exe
2009-06-12 18:01 76,288 -------- c:\windows\system32\dllcache\telnet.exe
2009-06-10 19:43 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 19:43 84,992 -------- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 11:44 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-10 11:44 132,096 -------- c:\windows\system32\dllcache\wkssvc.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\dllcache\mstscax.dll
2009-06-04 00:39 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-04 00:39 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2008-10-10 21:40 1,406 a------- c:\program files\DEISL1.ISU
2008-01-07 21:37 244 a------- c:\program files\readme.txt
2008-01-07 05:35 13,285 a------- c:\program files\diary-2008.AZZ
2007-01-25 03:52 65,536 a------- c:\program files\common files\NMSAccessU.exe
1997-08-04 00:19 21,190 a------- c:\program files\POD.HLP
1997-08-03 22:37 250,176 a------- c:\program files\POD.EXE
1997-08-02 00:53 3,012,421 a------- c:\program files\POD.OWS
2008-04-14 05:42 73,728 a--sh--- c:\windows\registeredpackages\{dd90d410-1823-43eb-9a16-a2331bf08799}$backup$\system\wmplayer.exe

============= FINISH: 19:53:29.86 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 freeflo

freeflo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 28 August 2009 - 08:53 AM

ok, managed to find an 8gig dvd and get a 6 month old back up image of my c drive partition onto it, then the image onto the d drive in my computer and used acronis to restore my c drive.

Problem with the cpu remains! FFFFFFlipping heck! So, perhaps its not a malware problem then, unless it is possible for that to jump straight into my c drive from my partitioned d drive on boot up and do all its damage once more!

#3 freeflo

freeflo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:42 AM

Posted 30 August 2009 - 12:35 PM

ok, just to confirm, no advice needed anymore. spent a fair bit of time reformatting and the like and after getting it back "half working" again (cpu 100% and no usb drives) I suspect i have fried something inside my computer related to the usbs. some indian friends who have been helping out will send it to a mate to look at it, but I reckon its a gonner, so have ordered myself a sweet little netbook to tide myself over.... ...might have to pump up the magnification in my specs too, we'll see.

ok, so enough talking to myself. out.

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 33,301 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:12 PM

Posted 04 September 2009 - 12:41 PM

I'm sorry we were unable to get to you sooner, but we have a huge number of folks requesting assistance and a limited number of volunteers to help.

This topic shall now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :thumbup2:

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users