Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Explorer.exe - Cpu 99% - Helpppp !


  • This topic is locked This topic is locked
6 replies to this topic

#1 mrjonie

mrjonie

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 27 May 2007 - 12:38 AM

HI Friends,

For the past couple of days Im trying to fix this issue with my system. Iam having an Win XP Home Edition with XP2. Everything was going fine , and couple of days back I started getting this issue. My explorer.exe was taking 99% CPU time , so iam not able to work in it.

I have the latest of Norton System works installed and nothing is shown in the system scan. Its occassionally finding some trojan or other virus in some tmp files.

Also I tried with SpyBot Search and Destroy, which also couldnt find any issse other than some spyware.

Here shown is the log from Hijackthis application. Pls have a look at it and let me know if there is any issue with any of the information given in the log.

===============================================================================

Logfile of HijackThis v1.99.1
Scan saved at 1:13:55 AM, on 5/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\John\Desktop\HT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windows\System32\wsaupdater.exe,
O3 - Toolbar: Norton Personal Firewall 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\Downloaded Program Files\SbCIe028.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.insightbb.com
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://access.salliemae.com/dana-cached/se...perSetupSP1.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


Thanks
John

BC AdBot (Login to Remove)

 


#2 GoTwins

GoTwins

  • Members
  • 84 posts
  • OFFLINE
  •  
  • Location:Behind you
  • Local time:10:54 PM

Posted 27 May 2007 - 01:25 AM

My McAffee was what was slowing my computer down, and I thought it was a virus or spyware or malware, maybe you should look into that?

Maybe I'm wrong, someone else here can give a better answer?

Also, I found this forum, you could read into it:

http://www.suggestafix.com/index.php?showtopic=21680

Do a google search, there seems to be some other people with the same problem.

#3 Commander Gman

Commander Gman

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 27 May 2007 - 01:33 AM

hmmm...did you install anything lately?

Norton

is known to be a resource hog but not sure if this is related to the problem
if you want,uninstall it and see if it changes anything
But i suggest you look into what GoTwins' link and check those first :thumbsup:

My McAffee was what was slowing my computer down, and I thought it was a virus or spyware or malware

McAfee is not a rogue/bogus anti-malware product
Always refer to the list: The List :flowers:

Edited by Commander Gman, 27 May 2007 - 01:38 AM.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#4 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:08:54 PM

Posted 27 May 2007 - 02:06 AM

This is adware, please make no further suggestions or fixes in this thread. mrjonie, please make no changes to your computer until the hijack this log can be moved into the correct forum. Only follow directions given you by one of the Hijack this team members or a moderator.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#5 Commander Gman

Commander Gman

  • Members
  • 1,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 27 May 2007 - 02:13 AM

hmmm.....
i found something eyecatching:
http://www.file.net/process/sbcie028.dll.html
indeed you must go :thumbsup:
disregard my request in my above mentioned post

Edited by Commander Gman, 27 May 2007 - 02:14 AM.

Motherboard: MSI P35 Neo-F (Socket 775 LGA) Processor: Intel Core 2 Quad Q6600 @ 2.40 Ghz Kentsfield Chipset: Intel P35 Graphics Card: Nvidia Geforce GT 440 Memory: 2x 2GB DDR2 800 RAM Storage: 1x IDE 80GB, 1x SATA II 500 GB, 1x External 500GB HD Power Supply: 600W Power supply Monitor: Dual screen set-up Casing: Mini-ATX Fan(s): 1x 80mm silent fan OS: Windows XP SP3


#6 mrjonie

mrjonie
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 27 May 2007 - 08:57 AM

Today morning when i opened the system, this issue was not coming (explorer using 0% CPU time), after a while, say 1 hr , it starts taking 99% CPU time. Dont know whats the issue here.

I know I set this property to 0

[HKEY_CLASSES_ROOT\SystemFileAssociations\.avi\shellex\PropertyHandler]

and removed this entry

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}]

Apart from that I don't remember doing anything else.

Hey also I installed Security Task Manager and found these two dll's as part of running process, which I don't think is related to Windows.

C:\Windows\System32\geebb.dll
C:\Windows\System32\gebbbba.dll


Also I am facing another problem for the past couple of years. My mac is booting very slow. THe time taken to show the desktop is too much , after clicking the user, its taking 3-4 minutes to show the desktop, which I dont think is correct. Iam having a P4 , Win xp 700MB RAM machine, which is good enough to load OS at fair amount of time.


Any Help /feedback/pointers appreciated. !!!

Thanks
John

Edited by mrjonie, 27 May 2007 - 09:07 AM.


#7 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:09:54 PM

Posted 27 May 2007 - 09:55 AM

This is not the proper place to request help about a HJT log. Please create a fresh log and post it in the HJT Forum where you can receive expert advise from a trained HJT Team Member.
Please review and follow the instruction in the "Preparation Guide For Use Before Posting A Hijackthis Log".
This topic is CLOSED!

Edited by acklan, 27 May 2007 - 09:55 AM.

"2007 & 2008 Windows Shell/User Award"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users