Results 1 to 3 of 3

Thread: System and IEPLORE.EXE hogging CPU processes

  1. #1
    Junior Member
    Join Date
    May 2004
    Location
    Greene, NY
    Posts
    2

    System and IEPLORE.EXE hogging CPU processes

    Problem occurs when browsing using Interent Explorer, system and IEXPLORE.EXE will split CPU usage 50/50 or 60/40. Browsing is agonizingly slow and i know for a fact it isnt my cable connection.

    Logfile of HijackThis v1.97.7
    Scan saved at 12:36:46 PM, on 5/2/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\PFWShared\cfgintpr.exe
    C:\WINNT\System32\svchost.exe
    C:\iFtpSvc\iftpsvc.exe
    C:\Program Files2\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files2\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINNT\system32\Microsoft\Crypto\ISA\FireDaemon. EXE
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\PROGRA~2\Serv-U\SERVUD~1.EXE
    C:\WINNT\System32\tcpsvcs.exe
    C:\WINNT\System32\snmp.exe
    C:\PROGRA~2\NORTON~1\SPEEDD~1\nopdb.exe
    C:\WINNT\system32\stisvc.exe
    C:\Program Files2\TPF4\umxagent.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\SymTray.exe
    C:\WINNT\system32\atiptaxx.exe
    C:\Program Files2\DU Meter\DUMETER.EXE
    C:\WINNT\system32\ezSP_Px.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINNT\wt\updater\wcmdmgr.exe
    C:\Program Files\WheresJames\StartupMgr\StartupMgr.exe
    C:\Program Files2\Yahoo!\Messenger\ymsgr_tray.exe
    C:\WINNT\explorer.exe
    C:\WINNT\system32\taskmgr.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\WINNT\system32\Microsoft\Crypto\ISA\svhost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.earthlink.net/~phantomht
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.earthlink.net/~phantomht"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\k8idrc6c.slt\prefs.j s)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\k8idrc6c.slt\prefs.j s)
    O2 - BHO: BabeIE - {00000000-0000-0000-0000-000000000000} - (no file)
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files2\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\googletoolbar1.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files2\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {BF55256A-3B3B-11D2-B05B-000001145917} - C:\Program Files\Common Files\PFWShared\weaddon.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files2\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\googletoolbar1.dll
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
    O4 - HKLM\..\Run: [DU Meter] C:\Program Files2\DU Meter\DUMETER.EXE
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINNT\system32\ezSP_Px.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKCU\..\Run: [WheresJames Startup Manager] C:\Program Files\WheresJames\StartupMgr\StartupMgr.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files2\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Google Search - res://c:\winnt\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\winnt\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\winnt\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\winnt\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\winnt\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: ATI TV (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O16 - DPF: symsupportutil - https://www-secure.symantec.com/tech...upportutil.CAB
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Sha...in/AvSniff.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    O16 - DPF: {82202BE7-C56A-487E-9E55-D84BDC1A5776} (AnarkClient Class) - http://install.anark.com/client/vers...n/AMClient.cab
    O16 - DPF: {8522F9B3-38C5-4AA4-AE40-7401F1BBC851} - http://216.65.38.226/Download_Plugin.exe
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {94837F90-A2CA-4A8A-9DA0-B5438EC563EA} (WildTangent Active Launcher) - http://install.wildtangent.com/cda/i...ncherSetup.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...718.4393287037
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/Sha.../bin/cabsa.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A11A61AC-4756-4019-97C2-15B8B25BD11C}: NameServer = 192.168.0.1

    Any idea's or need any screenshots?

  2. #2
    Junior Member
    Join Date
    May 2004
    Location
    Greene, NY
    Posts
    2

    additional info

    i've already [over last 2 months] run ad-aware numerous times, have updated my Nortons virus definitions weekly and tried Trend Micro's and Tiny's online virus scans, .... all to no avail.

  3. #3
    Member
    Join Date
    Dec 2003
    Location
    Anywhere you're not.
    Posts
    122
    Are you using Norton Internet Security? If so, try disabling it and see if that helps. If it doesn't, reenable it and try scanning SVCHOST.EXE in your windows/system32/ directory. Those are really the only ideas I have right now. . .oh, also, maybe try disabling system recovery. . .? I dunno. . .could help. . .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •