Help with Browser. It freezes and take 100% CPU

[swipx]

For the last 2 days, I cannot browse using IE. When I open IE, it just hangs (I waiting as long as 15 minutes) and seems to take 100% of the CPU on the machine. If I also have AIM running, it will also take 100% of the CPU (well 50% each if they are both running) and AIM will eventually crash. I suspect it is the same issue since AIM probably uses IE to display its small adds at the top.

Attached is a hijackthis log for review.

Also recently installed iTunes for and iPod -- could this be an issue?

Update: Also, did run a full Nortan Anti virus scan and a full Addaware scan. The same systoms also occur when using MS Outlook espically when replying to email which opens MS Word.

Thanks

 

[Peddant]

This post has been removed.

 

[swipx]

any ideas for my problem?

 

[Peddant]

Can you get a friend to download this http://www.mozilla.com/firefox/ and copy it to your machine ? Then you might be able to download,update and run this http://www.microsoft.com/athome/security/spyware/software/default.mspx and this http://www.ewido.net/en/download/ in SAFE MODE http://www.pchell.com/support/safemode.shtml
Magazine CDs have usually got firefox on them as well.You could also try deleting/uninstalling anything related to gambling ie partypoker,activex microgaming.com.They`re almost always BAD things.

 

[spike2020]

hey
if possible (to reduce CPU usage) exit EVERY program in you sys tray (disconnect from the net!!!!) proggies such as AIM,msn Yahoo Firewall and Anti-virus... (hence dont connect to the net)
Wait a couple of minutes and then try IE. if you can access 'Tools' - 'options' open that
click the delete temporary internet files. (check the box delete all offline content) and say OK
My 512 ram 2800 CPU hangs when doing this so do be patient and if you have never done this - bake a cake lol.
IF that goes to plan this will speed up IE a treat

Spike

 

[swipx]

Thanks, but you missed the problem. Its not that IE is slow due to using 100% of the CPU. It just doesn't work at all. This is a new problem created by some virus or spywhere. IE or any app that needs to display web pages including AIM, MS Outlook, PartyPoker, Quicken, MS Word, GoogleDesktop, starts the 100% CPU ussage as soon as the need to display the page arrises in the app. Closing the app usually stops the 100% CPU.

 

[Peddant]

I still think it might be worth a shot to get Firefox on there somehow.You should use it in the future anyway.It`s a zillion times safer than IE.

 

[PFJ]

Hi Swipx & all,

I have a similar problem with my 2000Pro OS Dell that developed the day I broke up for the holidays. Since then I've tried in vain to remedy the problem. Because I'm attached to a sever there a admin issues that get in the way.
I am very well protected with a barrage of AV/Malware detectors but this virus got through:kb021119.exe which launches a W32.ISFC virus. I can see WINSFC.exe popping up in the processes constantly which I take to be part of the virus.
I didn't realise this until I ran the Registry Fix which detected hundreds of DLL & LNK problems which I asked it to repair. Oh NO!! Yes. I helped the virus further because now I have tons of missing DLLs etc and because the CPU is running at 100% it keeps crashing my AV software. The Symantec corp edition keeps trying to load but it reports that files are missing.

Perhaps you have the same virus? It was only detected on the day I got it i.e. 23/12/2005 so maybe your NAV is not up to date.

Regards

PFJ

 

[kirock]

Run HJT again and fix the following:

O15 - Trusted Zone: http://pwa.csbems.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
Fix ALL O16 - DPF: entries, no matter WHAT names they have
Fix ALL O1 entries, such as:
O1 - Hosts: 216.130.185.143 websearch.com
O1 - Hosts: 127.0.0.xx whatever
including these in your listings:
O1 - Hosts: 172.27.250.39 csdevrclr01
O1 - Hosts: 172.27.245.36 csbprjdns013
O1 - Hosts: 172.27.246.36 csprjwb102
O1 - Hosts: 172.27.245.35 csprjdb101

Below is my HJT scan, after the C:\xxx stuff.

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

NOTE the difference, I have alot less stuff running in my IE and Firefox. But you definately must "fix" the above stuff I mentioned.

Cheers.