extremely high explorer.exe usage

mmmmthrice · Sep 25, 2005

I have been having difficulty with my computer for a while; for some reason my explorer.exe goes up really high. my explorer.exe can go up with 350,000kb usage (mostly its in the 100,000's). When this happens I click on a folder and it takes a minute or two to respond. I've been searching everywhere and this problem usually people say is spyware. I have run AV viruscheck and many other online checkers, adaware constantly, spybot and i defrag constantly. There doesnt seem to be any virus's or much spyware according to my viral crap. here is my task bar: http://www.geocities.com/eyes_behind/taskbar.JPG (the explorer.exe usually is a lot higher but when it gets that bad i cant get a screenshot)

here is my hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 11:41:16 AM, on 9/25/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Web\dvdps.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\OVComS.exe
C:\WINDOWS\system32\rmctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\lexpps.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andrue\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://mail.yahoo.com/
O2 - BHO: CATLEvents Object - {2527BEEF-1B3C-4D3B-98F0-7F3C1EB910A0} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\cbdonib.dat
O2 - BHO: CATLEvents Object - {446CF8A5-617E-4D91-95AE-AE78CE0D06AF} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\systun.dat
O2 - BHO: (no name) - {68132581-10F2-416E-B188-4E648075325A} - (no file)
O2 - BHO: CATLEvents Object - {98BC949B-3D81-4750-836F-4BC57BD032EE} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\cipat.dat
O2 - BHO: CATLEvents Object - {BB54DE33-E539-4749-BFAC-CC49617E8F2A} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\spdvd.dat
O2 - BHO: CATLEvents Object - {ED5ABC42-8E4F-4C39-9972-F0CF619D672F} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\yalpksat.dat
O2 - BHO: CATLEvents Object - {FF4D5071-EE0E-4DCA-BC1C-D776B0F2276E} -
C:\DOCUME~1\Andrue\LOCALS~1\Temp\spw.dat
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO
Printer A940\dlbabmgr.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program
Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program
Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common
Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program
Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program
Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [*cjpeg] C:\WINDOWS\addins\cjpeg.exe
O4 - HKLM\..\Run: [*basmc] C:\WINDOWS\basmc.exe
O4 - HKLM\..\Run: [*regvga] C:\WINDOWS\regvga.exe
O4 - HKLM\..\Run: [*dllreg] C:\WINDOWS\Cursors\dllreg.exe
O4 - HKLM\..\Run: [*taskplay] C:\WINDOWS\java\Packages\taskplay.exe
O4 - HKLM\..\Run: [*loginet] C:\WINDOWS\addins\loginet.exe
O4 - HKLM\..\Run: [*nutsys] C:\WINDOWS\security\nutsys.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\RunOnce: [*dvdps] C:\WINDOWS\Web\dvdps.exe rerun
O4 - HKLM\..\RunOnce: [Panda_cleaner_135450]
C:\WINDOWS\system32\ActiveScan\pavdr.exe 135450
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm
Clock\citrusac.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Startup: Konfabulator.lnk = C:\Program
Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program
Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21}
- C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 -
http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control)
- http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: dvdps - C:\DOCUME~1\Andrue\LOCALS~1\Temp\spdvd.dat
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner -
C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia
Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner -
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) -
Mcafee.com Corporation - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe

someone please help, school is starting and i cant use my computer if it is like this

Geoff · Sep 25, 2005

when its that high, do you have many windows open, or is it like that when you first boot up? If worst comes to worst, you can re-install windows and see if that helps.

mmmmthrice · Sep 26, 2005

It can go that high with no windows open. Nothing responds sometimes so I have to force close explorer.exe and then I cant use my taskbar.

ViperGTS19801 · Sep 26, 2005

Sucks. Looks like a memory leak somewhere. Try going through the Add/Remove Programs wizard and remove Inthernet Explorer from your windows Components, then reinstall it.

Or, be smart/lazy all at once and go get Firefox.

Buzz1927 · Sep 26, 2005

You got an old version of the vundo trojan. Download this tool and run it, if you still have problems post a new Hijackthis log in Computer Security.

ack · Sep 26, 2005

ViperGTS19801 said:
Sucks. Looks like a memory leak somewhere. Try going through the Add/Remove Programs wizard and remove Inthernet Explorer from your windows Components, then reinstall it.

Or, be smart/lazy all at once and go get Firefox.

Yea, get firefox!!!

kevinw27 · Sep 28, 2005

I think he is talking about Windows Explorer ie the desktop, not the web browser.

extremely high explorer.exe usage

mmmmthrice

New Member

Geoff

VIP Member

mmmmthrice

New Member

ViperGTS19801

New Member

Buzz1927

Digaredd

ack

New Member

kevinw27

New Member