Windows explorer 100% CPU usage!

Computing.Net > Forums > Security and Virus > Windows explorer 100% CPU usage!

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Windows explorer 100% CPU usage!

Name: Bjenk Ellefsen
Date: February 11, 2004 at 09:37:47 Pacific
OS: WinXP
CPU/Ram: 1GB

Comment:

That's it. I reached the limits of my resources. I cant' figure this out. When I launch windows explorer cpu usage goes to 100% and my system slows down to a crawl. Same with control panel. I found that there was roings in my system and I proceeded to clean it from the registry and deletd all files related to it. The problem is still there!!!
I have spybot, adaware, NAV, spyblaster, cwdshredder... I dunno what to do now. So here's my Hijackthis log if anyone could spare the time and help me out.
Logfile of HijackThis v1.97.7
Scan saved at 12:17:36, on 11/02/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\CTHELPER.exe
C:\Java\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPHipm09.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Bjenk\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamespot.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {ED041010-6397-429B-B090-265DF1B12FA8} - C:\WINDOWS\o19x.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRA~1\DAP\dapiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Java\bin\jusched.exe
O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton AntiVirus\BootWarn.exe /a
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BootWarn] C:\Program Files\Norton SystemWorks\Norton AntiVirus\BootWarn.exe /a
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {69432678-2906-2705-1128-068943397621} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} - http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Sponsored Link

Ads by Google

Response Number 1

Name: Wombat
Date: February 11, 2004 at 13:05:04 Pacific

Reply:

Here you go...
www.spywareinfo.com/~merijn/htlogtutorial.html#r
Iligitimi non carborundum est

Response Number 2

Name: burino
Date: February 17, 2004 at 09:10:00 Pacific

Reply:

Hi, i have the same problem on W2K EN SP4. I tried reinstall video drivers, HDD drivers, SP4, network drivers, checked for virusses, adaware, spybot, but nothing help me. If i try to access to network share or run control panel -> explorer.exe has CPU usage 100%. Do you have any idea?

Response Number 3

Name: mademan
Date: February 17, 2004 at 20:24:13 Pacific

Reply:

I have the same problem until feb14 04
I really don't know what to do.
I have norton workshop04, adaware, spybot, etc.
I cannot open Windows explorer, control panel & searching
I need help pleeeeaaaassse!!

Response Number 4

Name: ratty23955
Date: February 18, 2004 at 02:12:04 Pacific

Reply:

I had the same problem. I ran Hijack This and discovered the following line:-
02-BHO;(NoName)-{26539B01-8D44-4FC4-ADCO-AB1B9-7FOF865} C:\WINNT\oTbNu0k3.dll
I did a google search for this dll file and there were no references to it on the entire internet. I removed the line in HijackThis and rebooted. PROBLEM SOLVED!
You have a line in your HijackThis log as follows:-
O2 - BHO: (no name) - {ED041010-6397-429B-B090-265DF1B12FA8} - C:\WINDOWS\o19x.dll
I did a google search for o19x.dll and the only page it's mentioned on is this one.
I wonder if a virus or piece of adware has created this randomly-named dll file for you?
I would delete the line in HijackThis (making sure you have it set to take a backup of the line first, just in case things go pear-shaped) and re boot.
If this fixes it, delete o19x.dll and you're done.
Hope this works,
Dave R

Response Number 5

Name: ha3el
Date: March 8, 2004 at 05:36:29 Pacific

Reply:

Hi, I am having the same problem as of yesterday. When running HijackThis (v1.97.7)my logfile showed same things. I deleted all the 02s and 010s as instructed by another site but this has not worked and am still having the prob.
The info i found was on a forum:- www.computercops.biz/modules.php?name=Forums&file=viewtopic&p=91900 which instructs you among other things to check in C:\windows\system32 to find whether you have msg118.dll or msguard.dll and provides a link to something called 118kill if they are present. (Ensure your folder options are set to show hidden and system files and to show extensions).
Unfortunately this obviously isnt the cause of my probs as these files are not in my sys32 but the info seemed to solve the prob for the other bloke. I hope this is of help to someone.
If anyone has any info or ideas as to cause of my probs please please please email me as i am seriously at a loss and really need my computer for stuff!!!!
here is my logfile incase anyone can help:-
Logfile of HijackThis v1.97.7
Scan saved at 13:25:47, on 08/03/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Directory 2 for lspfix[1].zip\LSPFix.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://go.microsoft.com/fwlink/?LinkId=488
R3 - Default URLSearchHook is missing
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Messenger\ycomp.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38017.2502777778
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FDD5D4C-D747-422F-BC1A-2417E6C2A010}: NameServer = 192.168.0.1
Thanx,
Hazel

bootmgr is missing windows 7 c:\windows\system32 descargar gratis kocom kdc - 100 hi speed usb controller download free uli PCMCIA10/100 Pentax El-100 hdd driver+wd sed delete first line vi remove empty lines sed remove duplicate lines	perl remove blank lines sed usage cpu usage calculation expect usage unix cpu usage cpu usage unix Unix CPU usage aix process cpu usage vmstat cpu usage set present working directory PS1
See More

Response Number 6

Name: xenia
Date: March 12, 2004 at 07:06:22 Pacific

Reply:

I have the same problem, my CPU is all taken over by iexplore.exe or outlook.exe. I did the HijackThis scan, and checked it, but I do not see what is causing the problem. Here is the copy. Any ideas???
Logfile of HijackThis v1.97.7
Scan saved at 16:00:36, on 12.3.2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\Grisoft\avgamsvr.exe
C:\PROGRA~1\Grisoft\avgcc.exe
C:\PROGRA~1\Grisoft\avgemc.exe
C:\Program Files\MSN Messenger\MsnMsgr.exe
C:\PROGRA~1\Grisoft\avgupsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\Documents and Settings\Macey\Programy\HijackThis.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.exe
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\avgemc.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GoogleToolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GoogleToolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GoogleToolbar.dll/cmcache.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GoogleToolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\WINDOWS\GoogleToolbar.dll/cmtrans.html
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://www.toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38054.5834375
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Response Number 7

Name: c4actbe
Date: March 12, 2004 at 15:58:13 Pacific

Reply:

you're looking in the wrong place.
100% of CPU usage by explorer is caused by one of your .AVI files.
explorer is trying to read info from AVI file, which might be damaged or missing (it is not nessecerily means the file would not play).
The ultimate solution
To correct the misbehavior in Windows XP, remove the following registry key.
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850D C73E}\InProcServer32"
This will prevent Explorer from loading shmedia.dll in response to file property queries on these files. This will not effect your ability to play files, get file attributes, or even view thumbnails. I really think Microsoft is trying to make sure people only use mpeg.
hope this will help.

<center>MEC STATION DELUXE
First Linux-based, widescreen portable, multimedia player. 20-80Gb HD, 6.5" 16:9 screen.
http://www.mecstation.com</center>

Response Number 8

Name: c4actbe
Date: March 12, 2004 at 16:00:30 Pacific

Reply:

you're looking in the wrong place.
100% of CPU usage by explorer is caused by one of your .AVI files.
explorer is trying to read info from AVI file, which might be damaged or missing (it is not nessecerily means the file would not play).
The ultimate solution
To correct the misbehavior in Windows XP, remove the following registry key.
"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850D C73E}\InProcServer32"
This will prevent Explorer from loading shmedia.dll in response to file property queries on these files. This will not effect your ability to play files, get file attributes, or even view thumbnails. I really think Microsoft is trying to make sure people only use mpeg.
hope this will help.
Dmitri
MEC STATION DELUXE
First Linux-based, widescreen, portable, multimedia player. 20-80Gb HD, 6.5" 16:9 screen.
http://www.mecstation.com

Response Number 9

Name: bipolar
Date: March 13, 2004 at 21:48:12 Pacific

Reply:

Try searching for tXEKLo5.dll in your windows directory. It plagued my explorer.exe for weeks and none of the other tips from anything helped. Then I used debug, and found this dll giving me an access violation every time I would try to open any folder in windows. let me know if this helps.
bipolarklepto@yahoo.com

Response Number 10

Name: ha3el
Date: March 15, 2004 at 06:35:39 Pacific

Reply:

i exausted google looking for solutions which i never found, and couldnt find anyone else on any forums etc who knew any real answers to fix it so in end i just backed up what i needed and formatted. - if in doubt just give up!!
anyhow for anyone else who comes to same conclusion i have a file recovery program in case you lose summat you need. email for a copy.

Response Number 11

Name: jurjen
Date: March 17, 2004 at 15:46:51 Pacific

Reply:

Hello
I have the same problem, my CPU is all taken over by explore.exe. I did the HijackThis scan, and checked it, but I do not see what is causing the problem. Here is the copy. Any ideas???
Logfile of HijackThis v1.97.7
Scan saved at 0:42:44, on 18-3-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
F:\Program Files\MicroStar\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\CTsvcCDA.exe
F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.exe
F:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.exe
C:\WINDOWS\System32\nvsvc32.exe
F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
F:\program files\KMaestro\KMaestro.exe
C:\WINDOWS\System32\PL15Co2K.exe
F:\program files\Webshots\WebshotsTray.exe
C:\Program Files\Messenger\msmsgs.exe
F:\program files\xchat\xchat.exe
F:\program files\Mco\Mcov23b.exe
F:\program files\Flash FXP\flashfxp.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
f:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\Jurjen\LOCALS~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Mod by JDJ
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.exe /run
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [KeyMaestro] F:\program files\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HI-SPEED USB DEVICE Coinstaller] PL15Co2K.exe
O4 - Startup: Webshots.lnk = F:\program files\Webshots\WebshotsTray.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Send To &Bluetooth - F:\Program Files\MicroStar\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: @btrez.dll,-4015 (HKLM)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37884.5410416667
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/12119/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF486B67-8A8C-4F34-86E9-CE6F84BBBD72}: NameServer = 1.1.1.10

Response Number 12

Name: hunter123
Date: March 21, 2004 at 04:13:06 Pacific

Reply:

i had the same problem!!
!!empty your windows\system32\spool\printer file (make a backup) it realy helped 4 me!!!! :-)

Sponsored Link

Ads by Google

Complaint Filed Against S...

Trojan Remover update

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: Windows explorer 100% CPU usage!

100% cpu usage

Summary

www.computing.net/answers/security/100-cpu-usage/27214.html

100%CPU usage + Norton not working

Summary

www.computing.net/answers/security/100cpu-usage-norton-not-working/7593.html

Constant 100% CPU usage

Summary

www.computing.net/answers/security/constant-100-cpu-usage/14421.html

From the Geek Dictionary
p0w3d - The complete destruction of your opponent(s).

Ask a Question!

Weekly Poll
Do you think Comcast should have bought NBC?

Poll Finishes In 6 Days.
Discuss in The Lounge
Poll History

Recent Posts
vista/xp/win7 problem

chess titans

2 adapters only connect to half of networks

I need a driver

hp pavilion a705w won't boot up

All Awaiting Reply

Tom's News
Nintendo DS Flash Cards are Legal Says Judge

Go Retro: Dragon's Lair Confirmed for iPhone

Sony's PSPgo May Get External UMD Reader

Report: Teen Internet Addicts Likely to Self-Harm

Violent Games Still Marketed to Kids, Says FTC

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE