CPU constantly at 100%, no virus(?), no odd processes running, need help.

[Dead Reckon]

For the record, I posted this in hardware because I am not entirely sure this isn't a hardware issue. I hope my motherboard isn't going to crap (I don't have money to replace the blasted thing and I've only got a Pentium 4 3.0GHz socket 478 system w/ a gig of RAM and a 512MB 7300GT AGP 8X GPU as a backup. Its about as useful for gaming as this rig has become.

Alright so today I noticed my CPU has been pulling a balancing act between the two cores, leveling out at about 100% load, its REALLY annoying, however, its not crippling basic usage, just gaming, and any other resource intensive program. I have a Core 2 Duo E4500 and the cores are sharing the load like a couple drunken jugglers. But it seems to be fine for now. I dunno which'll go first, the CPU or my sanity. I've been trying to fix this off and on for most of the day.

Anyway, here's the hijack this report:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:22:10 PM, on 12/23/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\AirPlus G DWL-G510\AirGCFG.exe
C:\Program Files\EVEREST Ultimate Edition\everest.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link AirPlus G DWL-G510] C:\Program Files\D-Link\AirPlus G DWL-G510\AirGCFG.exe
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 2067 bytes


As you can see, nada, nothing strange, nothing that doesn't belong, and most of all, simply nothing that has caused this before. I am absolutely baffled. On top of this, I get an error that the windows installer won't initialize since this happened. I don't remember the exact code but a lot of stuff won't install/uninstall now, I thought it was a virus, ran AVG, nothing but some tracking cookies.

To be honest, I am completely baffled as to what is causing this, but its driving me nuts, I would be more concerned about it but I think a format would fix it; However, I do NOT want to have to reinstall windows XP, my CPU is only running at about 99F, so I don't have to worry about it burning out from the load, but I'd still like to have this resolved as fast as possible. Thanks for any help you can provide.

[Broni]

You don't run any AV program?
If so, I'm not sure about your computer being clean....

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.

[Dead Reckon]

AVG 8.5, I run that, I don't have it setup for live scanning, it drives me nuts and lags performance.

Here's that Proc explorer report:

Process   PID   CPU   Description   Company Name
System Idle Process   0   48.44      
 Interrupts   n/a      Hardware Interrupts   
 DPCs   n/a      Deferred Procedure Calls   
 System   4   50.00      
  smss.exe   932      Windows NT Session Manager   Microsoft Corporation
   csrss.exe   984      Client Server Runtime Process   Microsoft Corporation
   winlogon.exe   1012      Windows NT Logon Application   Microsoft Corporation
    services.exe   1056      Services and Controller app   Microsoft Corporation
     svchost.exe   1252      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   1340      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   1392      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   1744      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   536      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   1572      Generic Host Process for Win32 Services   Microsoft Corporation
    lsass.exe   1068      LSA Shell (Export Version)   Microsoft Corporation
explorer.exe   916      Windows Explorer   Microsoft Corporation
 WZCSLDR2.exe   1384      ANIWZCS2 launcher for Windows.   Wireless Service
 AirGCFG.exe   1492      D-Link Wireless LAN Monitor   D-Link
 everest.exe   636   0.78   EVEREST Ultimate Edition   Lavalys, Inc.
 wmplayer.exe   660      Windows Media Player   Microsoft Corporation
 firefox.exe   3956   0.78   Firefox   Mozilla Corporation
 procexp.exe   2612      Sysinternals Process Explorer   Sysinternals - www.sysinternals.com
avgrsx.exe   904      AVG Resident Shield Service   AVG Technologies CZ, s.r.o.

[Broni]

AVG 8.5, I run that, I don't have it setup for live scanning, it drives me nuts and lags performance.

Well, AVG is rather known for that.
In any case, as you can see from the log, its process is running anyway.
Anyway, you can't be without AV program.
system process is taking 50% of your CPU cycles.
Unfortunately, it can be almost anything, making system process running high, software, or hardware.

This is what I propose.
Uninstall AVG, using AVG Remover: http://www.avg.com/us-en/download-tools

Get one of these:

- Avira free antivirus: http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html
- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

- free Comodo Internet Security (firewall + AV): http://www.personalfirewall.comodo.com/
NOTE. During installation, Comodo will also allow you to install AV only, or firewall only, if you prefer to combine one Comodo product with some other product.

If you decide to install Avast, or Avira, make sure, Windows firewall is turned on, or use Comodo firewall..
If you decide to install Comodo Internet Security, or just Comodo firewall, make sure, Windows firewall is turned off.

IMPORTANT! Make sure, you use only ONE antivirus, and ONE firewall.

When done, post another PE log.

[Dead Reckon]

Working on downloading/installing the software, I'm not a fan of Avast, but, *censored* if I can fix this. I can't believe I didn't see that the system and system idle process where using that much of my CPU, this makes no sense. I'll upload a new report as soon as I install Comodo and/or Avast

[Dead Reckon]

Oh *censored*, I was afraid of this, I think the System process has been hijacked, but how the *censored* does that just happen? I haven't installed anything.

The firewall told me the System process is trying to broadcast to this:

http://en.wikipedia.org/wiki/NBName

Bad, very, very, very, very bad. *self censors cussing*...

I, of course, with my new god powers over packets, blocked it. 

Anyway, that report... thing...

Process   PID   CPU   Description   Company Name
System Idle Process   0   50.00      
 Interrupts   n/a   0.78   Hardware Interrupts   
 DPCs   n/a      Deferred Procedure Calls   
 System   4   49.22      
  smss.exe   972      Windows NT Session Manager   Microsoft Corporation
   csrss.exe   1024      Client Server Runtime Process   Microsoft Corporation
   winlogon.exe   1052      Windows NT Logon Application   Microsoft Corporation
    services.exe   1096      Services and Controller app   Microsoft Corporation
     svchost.exe   1296      Generic Host Process for Win32 Services   Microsoft Corporation
     cmdagent.exe   1384      COMODO Internet Security   COMODO
     svchost.exe   1468      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   1596      Generic Host Process for Win32 Services   Microsoft Corporation
     svchost.exe   1848      Generic Host Process for Win32 Services   Microsoft Corporation
     msiexec.exe   1912      Windows® installer   Microsoft Corporation
     wdfmgr.exe   1968      Windows User Mode Driver Manager   Microsoft Corporation
     svchost.exe   780      Generic Host Process for Win32 Services   Microsoft Corporation
    lsass.exe   1108      LSA Shell (Export Version)   Microsoft Corporation
explorer.exe   1364      Windows Explorer   Microsoft Corporation
 WZCSLDR2.exe   1960      ANIWZCS2 launcher for Windows.   Wireless Service
 AirGCFG.exe   2020      D-Link Wireless LAN Monitor   D-Link
 cfp.exe   2028      COMODO Internet Security   COMODO
 firefox.exe   1492      Firefox   Mozilla Corporation
 everest.exe   632      EVEREST Ultimate Edition   Lavalys, Inc.
 procexp.exe   932      Sysinternals Process Explorer   Sysinternals - www.sysinternals.com

[Dead Reckon]

'Nother note, I'm updating the Comodo's built in antivirus, gonna use it to see if i can't root out this cancerous annoyance that has somehow wormed its way onto my drive. I'm just glad its not a key logger or some such. I would also like to note that the computer has been hanging on shutdowns since the problem emerged, I forgot to mention this 'til the last reboot. I think its just idling blasting god knows where with packets. I installed a packet sniffer, WireShark, I've heard its good, I can't find anything unusual but there is a flood of packets long enough to make my head explode... I think it might be attacking... Google...

[Broni]

System idle process is CPU NOT used, so it should be as high as possible.
System process is your problem.

i can't root out this cancerous annoyance that has somehow wormed its way onto my drive

Explain, please. Are you aware of some infection?