Computer Hope

Software => Computer viruses and spyware => Topic started by: paudashlake on March 02, 2009, 02:41:08 PM

Title: Vista ultimate excessive cpu usage
Post by: paudashlake on March 02, 2009, 02:41:08 PM
I just bought Vista Ultimate yesterday.  Installed just fine.  With one problem....  Even idle, it is always using at least 25% cpu.  The program using it is always different.  But most of the time is it svchost.  Any idears?

i have an amd phenom 9600 2.3ghz
4gb ram
windows vista ultimate sp1
avast antivirus
comodo firewall


i am doing the removal  guide at the moment.  Will post logs soon.

(broni told me to start this topic in here)
Title: Re: Vista ultimate excessive cpu usage
Post by: paudashlake on March 02, 2009, 04:02:19 PM
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/01/2009 at 06:00 PM

Application Version : 4.25.1014

Core Rules Database Version : 3781
Trace Rules Database Version: 1739

Scan type       : Complete Scan
Total Scan Time : 00:30:29

Memory items scanned      : 805
Memory threats detected   : 0
Registry items scanned    : 6320
Registry threats detected : 0
File items scanned        : 63623
File threats detected     : 0


that is superantispyware
Title: Re: Vista ultimate excessive cpu usage
Post by: paudashlake on March 02, 2009, 04:06:07 PM
Malwarebytes' Anti-Malware 1.34
Database version: 1814
Windows 6.0.6001 Service Pack 1

3/02/2009 4:22:24 PM
mbam-log-2009-03-02 (16-22-23).txt

Scan type: Full Scan (C:\|)
Objects scanned: 30629
Time elapsed: 11 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

that is mbam
Title: Re: Vista ultimate excessive cpu usage
Post by: paudashlake on March 02, 2009, 07:19:49 PM
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:40 PM, on 2/28/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\GIGABYTE\I-Cool\icool.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O13 - Gopher Prefix:
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 4287 bytes


hijack this.

One problem with this though...When I was running the scan, it said it couldn't access the HOST.  What is this?  Is it a problem?
Title: Re: Vista ultimate excessive cpu usage
Post by: Broni on March 02, 2009, 07:29:17 PM
Hey, evil.
I just wanted to make sure, the computer is clean, and I don't see anything here, so you may want to lock this thread.
Title: Re: Vista ultimate excessive cpu usage
Post by: paudashlake on March 02, 2009, 07:34:28 PM
well what now broni?
Title: Re: Vista ultimate excessive cpu usage
Post by: Broni on March 02, 2009, 07:37:17 PM
Check the other thread.
Title: Re: Vista ultimate excessive cpu usage
Post by: evilfantasy on March 02, 2009, 10:23:44 PM
No problem and thanks for picking it back up :)

Quote
One problem with this though...When I was running the scan, it said it couldn't access the HOST.  What is this?  Is it a problem?

You have to right click HJT and Run as Administrator with Vista or it won't work right.