HJT Log Check + CPU running 99% at idle

[mep916]

This is for a friend. The "system idle process" continually uses between 90-99% of the CPU with no noticeable programs running in the background. I'm posting the HJT log to make sure there's nothing funky that may be causing this issue. I googled it a bit and couldn't find an easy solution. His PC is running super-slow at the moment, and I recently did a clean install of XP. Any thoughts? Oh, I ran MBAM and it came up clean. I can post that long if needed.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:30:30 PM, on 5/9/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Shawn\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z022&form=ZGAPHP
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-21-602162358-1958367476-725345543-1002\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6053 bytes

 

[StrangleHold]

Didnt check your log. But the system idle process always runs high with no programs running. It really tells you how much % Idle time the CPU has. The more programs you have running the lower it goes.

 

[mep916]

Didnt check your log. But the system idle process always runs high with no programs running.

Okay, but the CPU itself is running full throttle without any programs running. I read a few other forums via a google search and they basically said the same thing you've said, so I guess that process is irrelevant. I don't understand why his CPU is running at 90% + with nothing running. It literally takes 3-5 minutes for firefox to open up.

 

[StrangleHold]

Yeah thats normal for the Idle process to be high when nothing it running. But not for the CPU to be at 90% with nothing running. Best to get johnb35 to check out the log.

 

[johnb35]

As Stranglehold as said, you want the system idle processes to be high when the system is idling. So if it takes firefox that long to open then there is either software or hardware issue here. What about Internet Explorer, does it work correctly? Did you do the fresh install, immediately install firefox and then try browsing? Windows updates installed? How long did it take to reinstall windows? I'm just trying to get an idea of whats actually been done. Is it an old hard drive? Maybe its dying. What about safe mode with networking, does it work correctly there? Lots of questions I know, but the answers would help determine what the issue could be.

Also what are the system specs as far as processor and memory installed.

Edit:: forgot to mention that there is one entry that shouldn't be there in the hjt log and not sure why it is if its a clean install of windows.

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

Have hijackthis fix that entry.

Also, is this a custom built machine or a store bought pc? Was a recovery cd used or microsoft install cd?

 

[mep916]

What about Internet Explorer, does it work correctly?

Haven't tried it, but I'll check it out.

Did you do the fresh install, immediately install firefox and then try browsing? Windows updates installed? How long did it take to reinstall windows?

Yes, I did a fresh install a couple months ago, installed all the latest updates and it ran fine. Installation time was normal for XP. He says the slowness started a couple weeks ago, so after running a MBAM scan and looking at a few other things, I checked the performance tab in the task manager and noticed the CPU throttling between 90-99%. I'm guessing that's why it's running so slow.

Is it an old hard drive?

Yup. I took it out of an old Dell because his previous hard drive failed.

What about safe mode with networking, does it work correctly there?

Don't know, I'll check it out though.

Also what are the system specs as far as processor and memory installed.

Also, is this a custom built machine or a store bought pc? Was a recovery cd used or microsoft install cd?

It's an emachines w3115

http://www.emachines.com/products/products.html?prod=W3115

It ships with Windows MCE 2005, but I didn't have the recovery disks, so I installed a copy of MCE I had myself. It was a clean install without all the junk and bloatware you'd get with a recovery CD. I downloaded most of the drivers off the emachines support page and the graphics drivers from the nvidia site.

 

[voyagerfan99]

I'd test the hard drive. It might be on its way out. How much RAM does it have?

Oh, and AVG is a bit bloaty. That might be what is causing the high CPU load as well.

 

[mep916]

How much RAM does it have?

On the product page, it says it ships with 512mb, but it shows 384mb when you check the system info in Windows. I'll have him double check the reading in the BIOS.

Oh, and AVG is a bit bloaty. That might be what is causing the high CPU load as well.

Well, I'd expect the CPU to run high during a system scan, but not while everything is at idle. I set AVG to scan once a week and the scan wasn't running when I noticed this. I'll call him and see if i can setup a teamviewer session. I'd like to see if the processor is still throttling high.

 

[voyagerfan99]

On the product page, it says it ships with 512mb, but it shows 384mb when you check the system info in Windows. I'll have him double check the reading in the BIOS.

That would be the onboard video eating up some of that RAM. And 512 is pretty low these days, even with XP.

 

[mep916]

That would be the onboard video eating up some of that RAM.

Ahh right. thank you sir.

And 512 is pretty low these days, even with XP.

Yeah, after I sort out this CPU issue I may have him pick up another 512mb stick. He doesn't do anything but internet browsing and zynga poker on facebook. I don't think he'll need much more than that.