CPU Usage 100% (Please help)

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by daguerreo, Jan 3, 2005.

  1. daguerreo

    daguerreo Private E-2

    I have a CPU Usage 100% problem like many other people. I have performed basic virus/spyware/trojan removal. However, Adaware and Spybot have turned up nothing but Data miners and DSO exploits. The virus scans with Trend Micro, Symantec and Stinger also were clean. When I first turn on the computer everything is fine. After 10-20 minutes, the CPU usage spikes up to 100% and stays there (it may fall back to 0% if the computer is left alone overnight). This happens regardless if I'm connected to the internet, browsing, chatting, or doing nothing.

    The process that is near 100% is Rundll32.exe.

    This is a list of the DLLs being run by Rundll32.exe

    Image Name PID Modules
    ========================= ====== =============================================
    rundll32.exe 1176 ntdll.dll, kernel32.dll, msvcrt.dll,
    GDI32.dll, USER32.dll, IMAGEHLP.dll,
    ShimEng.dll, AcGenral.DLL, ADVAPI32.dll,
    RPCRT4.dll, WINMM.dll, ole32.dll,
    OLEAUT32.dll, MSACM32.dll, VERSION.dll,
    SHELL32.dll, SHLWAPI.dll, USERENV.dll,
    UxTheme.dll, LPK.DLL, USP10.dll,
    comctl32.dll, comctl32.dll, pwrmonit.dll,
    MFC42.DLL, setupapi.dll, powrprof.dll,
    tppwrw32.dll, MSCTF.dll, LgMsgHk.dll,
    MSVCP60.dll, LgWndHk.dll

    Computer Specifications:
    Thinkpad T41
    1.6 GHz Pentium M (Centrino)
    40 GB Hard Drive
    ATI Radeon 7500
    512 MB RAM

    Accessories:
    Logitech MX500 Mouse
    D-Link 4-Port USB 2.0 Hub
    HP OfficeJet 4215 Multi-function Printer

    Software:
    Windows XP
    Symantec Corporate Edition 8.0 (9.0 doesn't run correctly on my computer) - this is a University-licensed version
    Winamp v5.04
    AOL Instant Messenger (with DeadAIM plug-in)
    Windows Media Player
    RealPlayer 10.5
     
    daguerreo, Jan 3, 2005
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.


    After doing ALL of the above if you still have a problem:

    Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT
     
    chaslang, Jan 3, 2005
    #2
  3. daguerreo

    daguerreo Private E-2

    Here's the Hijack This logfile. However, my computer isn't at 100% usage right now. I can send another logfile when it hits 100%.
     

    Attached Files:

    daguerreo, Jan 3, 2005
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Do you know who added this line with the ProxyServer? Is it required by your ISP?
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 35.42.42.42


    Have HijackThis fix the below entry.
    O1 - Hosts: 64.91.255.87 www.dcsresearch.com
     
    chaslang, Jan 3, 2005
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds