mmmmthrice

I have been having difficulty with my computer for a while; for some reason my explorer.exe goes up really high. my explorer.exe can go up with 350,000kb usage (mostly its in the 100,000's). When this happens I click on a folder and it takes a minute or two to respond. I've been searching everywhere and this problem usually people say is spyware. I have run AV viruscheck and many other online checkers, adaware constantly, spybot and i defrag constantly. There doesnt seem to be any virus's or much spyware according to my viral crap. here is my task bar: http://www.geocities.com/eyes_behind/taskbar.JPG (the explorer.exe usually is a lot higher but when it gets that bad i cant get a screenshot)

here is my hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 11:41:16 AM, on 9/25/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Web\dvdps.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\OVComS.exe
C:\WINDOWS\system32\rmctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andrue\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://mail.yahoo.com/
O2 - BHO: CATLEvents Object - {2527BEEF-1B3C-4D3B-98F0-7F3C1EB910A0} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\cbdonib.dat
O2 - BHO: CATLEvents Object - {446CF8A5-617E-4D91-95AE-AE78CE0D06AF} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\systun.dat
O2 - BHO: (no name) - {68132581-10F2-416E-B188-4E648075325A} - (no file)
O2 - BHO: CATLEvents Object - {98BC949B-3D81-4750-836F-4BC57BD032EE} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\cipat.dat
O2 - BHO: CATLEvents Object - {BB54DE33-E539-4749-BFAC-CC49617E8F2A} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\spdvd.dat
O2 - BHO: CATLEvents Object - {ED5ABC42-8E4F-4C39-9972-F0CF619D672F} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\yalpksat.dat
O2 - BHO: CATLEvents Object - {FF4D5071-EE0E-4DCA-BC1C-D776B0F2276E} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\spw.dat
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO
Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program
Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program
Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common
Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program
Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program
Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [*cjpeg] C:\WINDOWS\addins\cjpeg.exe
O4 - HKLM\..\Run: [*basmc] C:\WINDOWS\basmc.exe
O4 - HKLM\..\Run: [*regvga] C:\WINDOWS\regvga.exe
O4 - HKLM\..\Run: [*dllreg] C:\WINDOWS\Cursors\dllreg.exe
O4 - HKLM\..\Run: [*taskplay] C:\WINDOWS\java\Packages\taskplay.exe
O4 - HKLM\..\Run: [*loginet] C:\WINDOWS\addins\loginet.exe
O4 - HKLM\..\Run: [*nutsys] C:\WINDOWS\security\nutsys.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\RunOnce: [*dvdps] C:\WINDOWS\Web\dvdps.exe rerun
O4 - HKLM\..\RunOnce: [Panda_cleaner_135450]
C:\WINDOWS\system32\ActiveScan\pavdr.exe 135450
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm
Clock\citrusac.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: Konfabulator.lnk = C:\Program
Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program
Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21}
- C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 -
http://download.games.yahoo.com/game...s/y/pote_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control)
- http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://www.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: dvdps - C:\DOCUME~1\Andrue\LOCALS~1\Temp\spdvd.dat
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner -
C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia
Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner -
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -
Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe

someone please help, school is starting and i cant use my computer if it is like this

[-0MEGA-]

when its that high, do you have many windows open, or is it like that when you first boot up? If worst comes to worst, you can re-install windows and see if that helps.

__________________
Desktop // Laptop
Core 2 Quad Q9550 @ 4.0GHz // Core 2 Duo P8400 2.26GHz
Asus Rampage Formula X48 // Intel PM45
ATI 4870X2 2GB GDDR5 // 512MB GDDR3 9800M GTS
4GB (2x 2GB) DDR2 940 // 4GB DDR3 800
750GB SATAII w/32MB // 200GB SATAII 7200RPM
Creative SB X-Fi Titanium Fatal1ty
SilverStone 750W +12V@60A
3DMark06: 21391 // 9179

mmmmthrice

It can go that high with no windows open. Nothing responds sometimes so I have to force close explorer.exe and then I cant use my taskbar.

ViperGTS19801

Sucks. Looks like a memory leak somewhere. Try going through the Add/Remove Programs wizard and remove Inthernet Explorer from your windows Components, then reinstall it.

Or, be smart/lazy all at once and go get Firefox.

__________________
Intel Balck Server Chassis
(4) Intel Xeon EM64T 3.4 Irwindale Processors
(2) GeForce 7800 GTX in SLi config
12GB Corsair XMS2 RAM
PC Power & Cooling 850W Power Supply
SAMSUNG 323T-BK Black 32" LCD Monitor

Buzz1927

You got an old version of the vundo trojan. Download this tool and run it, if you still have problems post a new Hijackthis log in Computer Security.

__________________
The Grim Reaper - Son of Glyndwr
"To Hell or Connacht" may you burn in Hell tonight!

ack

Yea, get firefox!!!

__________________
http://www.ack-network.com -great hosting, software, and advanced computer techniques.

kevinw27

I think he is talking about Windows Explorer ie the desktop, not the web browser.