Please help...

[jpdodge150]

I've been fighting this problem for a long time and now it just got worse. It seems that my cpu is always running high, at least 50%. I downloaded process explorer and it shows system (and just like the task manager) it shows everything is ok but yet it's still running between 35-60%. Just awhile ago my system started lagging real bad, just typing something is a nightmare. Now its showing i'm running 100% and HOT. Once again opened process explorer shows eveyrthing thats listed is calm but yet now the explorer.exe is doing the same thing and they are both doing it at the same time! I've let my system sit but doesn't ever clear up. Even after 30min some start up programs are just loading up. I don't understand why I can't find whats causing this mess. I've ran multiple antivirus, spyware, malware, and I ran combofix a couple of times. They all may find a couple of bugs but nothing bad and either way they get wiped off. I even bit my tounge and decided to do a clean install, did a slow format and fresh install and in the end get the same result. Forgot to mention when the System tab would spike to 50% it seemed to be triggered when watching video's, like YouTube for a prolong period of time. But after shutting down the browser it would clear up after a few and be fine for another while longer. But then it grew to being almost all the time and now I have the System tab and explorer.exe that are doing the same thing at the same time constantly, and yet I can break them down and it shows nothing running that hard constantly. Sorry for the long write up, i'm just tired and frustrated and don't know where to turn. I'm also sorry if anything is misspelled for I an barely see what i'm typing because its so slow. Thanks!

 

[johnb35]

It's sound like its a hardware/software issue. If you want if you have any logs from malwarebytes or hijackthis we can look them over.

 

[jpdodge150]

It's sound like its a hardware/software issue. If you want if you have any logs from malwarebytes or hijackthis we can look them over.

I know how to run the hijackthis, so I will download and run it right now and post the results up. Thanks!

 

[jpdodge150]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:53:14 PM, on 12/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\D-Link\DWA-552 revA\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\D-Link\DWA-552 revA\wirelesscm.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\qoeapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-552 revA\wirelesscm.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Joseph\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\Program Files\D-Link\DWA-552 revA\acs.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\DWA-552 revA\jswpsapi.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 9703 bytes

 

[johnb35]

I do not see anything bad in that log. However there could be something hidden.

Please download and run combofix. Please click on the Bleeping computer link not the forospyware one.

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

However you will have to wait to download it as the file is getting fixed. Check back now and then to see if it can be downloaded. Also please follow the instructions on that page and then once the scan is complete post the log that it displays back here.

 

[jpdodge150]

I will give combofix another try but its offline right now, i'll post an update as soon as I get it done.

 

[S.T.A.R.S.]

LoL I know this will sound stupid but.....have you checked how your ventilators works and is your hardware very hot???
If one of these 2 or both is true,then its the hardware issue,not the software issue.I mean after all you did say that you have reinstalled Windows lol...

 

[ganzey]

LoL I know this will sound stupid but.....have you checked how your ventilators works and is your hardware very hot???
If one of these 2 or both is true,then its the hardware issue,not the software issue.I mean after all you did say that you have reinstalled Windows lol...

that wouldnt cause high cpu usage, just high temps

 

[ganzey]

do this, press ctrl alt del to open task manager, then click on the CPU column and it will show what programs are using what percentage of your computer resources. this should help narrow it down.

EDITlease post your computers spec so we can help fix this problem

 

[jpdodge150]

do this, press ctrl alt del to open task manager, then click on the CPU column and it will show what programs are using what percentage of your computer resources. this should help narrow it down.

EDITlease post your computers spec so we can help fix this problem

That is actually the problem, the task manager doesn't break down the system nor the explorer.exe far enough, it just shows they are each running to high when at idle. Which is why I downloaded Sysinternals Process Explorer to help break them down further. However, it doesn't show any process using anything at idle. I am starting to believe it may be more related to my processor temp. I've been doing my best to monitor it and it's running way to hot. The temp is alarmingly hanging around 83C. The problem now is I can't get it to cool down. I've got the best heat sink and fan assembly I could find for this setup before getting into the wet systems, which I'm not going to do. As far as the system specs goes i'll have to dig up a little more info. I built and rebuilt this machine within the last 2 years however the processor is still original and its about 5 years or so old. I know the mobo is a foxconn 965 series, which was the only mb I could find to replace my old board that died and still be compatible with the same parts. But I have to look up the true specs . Most of the drivers are built in, including the video. Its just interesting that it just starting running like this out of the blue. The problem seems to build up, the longer the machine runs the worse it gets. Which is why I think its more related to my processor running to long at such a high temp , but like I said, I'm cooling it the best I can which its still no where near enough. Its not overclocked however, foxconn does have have a way to overclock automatically, but its all set on default and shouldn't be engaged. I'm still waiting for combofix to get back online, but I i'm sure its related to my processor which might be dying. This is the third mobo i've used with this processor. I'm not new to building systems, I've gone through this box several times including cleaning and putting new thermal paste on the processor. Nothing seems to help. Cpu rpm are still the same, so I know the fan should still be running the same since new. I've got two fans bringing in cool air and one big fan at the top exhausting the hot air. I finally broke down and left the case wide open and it helped a tiny bit but still there is something wrong.

 

[S.T.A.R.S.]

High CPU CAN be caused by the high temperature.I have seen that for many times.Usually people would say that the high CPU is caused by some programs that are running wether in the foreground or in the background.Yes thats true.That usually IS the reason,but in your case I would say it's the high temperature.83C is WAY TO HIGH!!!!If you use your computer for a long time at that kind of temperature,your processor will burn and then you are F U C K E D UP...

You must find out WHAT is causing so high temperature.Wether some of your programs(usually not),ventilators or the processor itself.If you continue using your computer at the 83C,your processor will burn sooner or later...

 

[johnb35]

And where did you download this BETA??? Got a link?

Where's the log that it showed? There was no attachment.

oops. he must have deleted his post cause there was no attachment. Waiting to see if he fixes it.

 

[jpdodge150]

Combofix update and report

OK, so I finally got the combofix beta downloaded and did the scan. I would try to post the .txt report but the forum is saying that the file attachment exceeds whatever it was. So I don't know how to post it, I did scan through the report and it said no hidden files were found. But of course I don't really know what i'm looking for... I'm going to drive up to Austin to pick up a heatsink assembly for my machine to see if it helps bring down the heat since i'm still running too hot for whatever reason. It is running better as far as the task manger shows, the system is still hanging around 50% even with my complete protection shutdown. But everything else is calm at idle as it should be.

 

[jpdodge150]

And where did you download this BETA??? Got a link?

Where's the log that it showed? There was no attachment.

oops. he must have deleted his post cause there was no attachment. Waiting to see if he fixes it.

Lol sorry about that, didn't know you were watching... I got the beta link from their facebook page.

Here is the facebook page that they announced it on... http://www.facebook.com/pages/BleepingComputer/121623401752

I really need to stop editing this thing but another update, after the scan my cpu temp dropped like a rock, and suddenly my cpu idled down to 0%, going to to some experiments to see if I can isolate the problem...it may be a chain reaction due to my cpu not being able to cool down quick enough. As in the more load I put on it, the hotter it gets, and then the hotter it gets the harder it is to cool, which may cause my system to drag.

 

[johnb35]

You can either copy the log into multiple posts here or upload it to a file storing site and give me the link for it.

 

[jpdodge150]

You can either copy the log into multiple posts here or upload it to a file storing site and give me the link for it.

Here ya go...I hope this works!

http://www.4shared.com/file/175360215/f8420443/ComboFix.html

Also the scan must of caught something because after a few moments when it finally cooled down its running like a champ and it is finally idling and able to cool down but still running to warm. About 65-68C at idle now.

 

[johnb35]

Ok, it doesn't look like your problems are stemming from infections, cause I don't see anything in that log. You have a heat issue somewhere.

 

[jpdodge150]

Ok, it doesn't look like your problems are stemming from infections, cause I don't see anything in that log. You have a heat issue somewhere.

That's what I figured but I don't understand why after the scan it suddenly starting running like a champ. Its still running hot but it is at least finally able to idle like its supposed to. I'm leaving right now on my 120 mile (to and from) trip to frys electronics to pick up a nice heatsink and fan assembly they have. I will install it today sometime and post back with more updates once i'm up and running.

 

[jpdodge150]

Well didn't end up going to frys since they didn't have anything in stock at all. Good thing I called before going. I did find a place in town that had what I was looking for. Although it was a little more pricey, it was still worth it compared to paying for the amount of gas I was going to burn. I got it installed in no time at all and now i'm holding around 50C idle. I did a stress test and I didn't do it for very long since this isn't a gaming computer and I don't run anything heavy, I just wanted to make sure the heat-sink was doing its job. After about 5min the cpu held its ground around 68C, I believe it would have climb a bit higher but like I said, i'm not going to be running it that hard for that long. I've been keeping and eye on things even during my virus scans and such, I was holding a steady 53C. I will eventually be getting another machine, I just need this one to hold out a bit longer until I retire it. Also after getting everything cooled down with the new HS, my OS was still glitching and lagging just not as bad, so after a little investigating I found that my recently new install of my CA security system was causing my system to run very unstable. It was holding the explorer.exe usuage at 16% and would constantly spike to 80%. Whenever it spiked it would cause the system to hang for a split second which was why everything was so jittery. I wiped it off and switched back to avg and superanti-spyware. I also found a few malware after some thorough scanning. I know avg is a little more relaxed but it seems to work best and i've used them for some time now and haven't had any problems. Let me know if you have other suggestions. Thanks!

 

[johnb35]

What processor are you running? Is it a p4 or pentium d, they always ran hot.