TechSpot

IE/Yahoo messenger use 100% CPU as soon as I try to open any site

By fintian
Mar 6, 2008
  1. Hi All,

    my IE hangs my computer by using up 100% CPU whenever I try to open any webpage. I have run the hijackthis utility and attached the log file to this post.
    (Also, yahoo messenger takes up 100% CPU when ever its open. both these problems started happening around the same time).

    Any suggestions on how to fix this would be greatly appreciated.

    Thanks!!
     
  2. kritius

    kritius TS Guru Posts: 2,084

    Hi fintian,

    Welcome to TechSpot, I think that you would be best following all the logs HERE.

    Follow all the steps exactly as they are written and post back the three requested logs as attachments.

    There are a couple of things in your log that dont look great so it would be in your best interest to follow these instructions.

    Good luck.
     
  3. fintian

    fintian TS Rookie Topic Starter

    Updated with logs

    Hi Kritius,

    Thanks a lot for the link.
    I have gone through all the information and steps provided on these links.

    In the whole process, no tool gave my any indication of any problem, but again, I am no expert. So, I will leave that for experts to figure out.

    In the meantime, the problem that I am facing persists.
    Anything other than Mozilla Firefox and Skype on my laptop that tries to connect to internet (IE, Yahoo Messenger, Adobe Updater etc) eats up all my CPU cycles (99%), leaving my laptop stuck with no control over it.

    Hope these logs give some clue.

    Thanks for all the help.!!
     
  4. jobeard

    jobeard TS Ambassador Posts: 9,315   +618

    C:\Program Files\BLAT\Blat.exe
    O4 - HKLM\..\Run: [Broadcom Like Air Tray] C:\Program Files\BLAT\Blat.exe

    blat.exe description

    blat.exe is a process belonging to a legitimate console-based program used to send e-mails. This process can be used maliciously and has been known to be bundled with viruses such as the Backdoor.Danrit. If unaccounted for, this process should be removed immediately.​

    these look suspicious
    O4 - HKUS\S-1-5-21-1039729616-1467765255-1947940980-20399\..\RunOnce: [Profile] C:\Temp\profile.cmd (User '?')
    O4 - HKUS\S-1-5-21-1039729616-1467765255-1947940980-32271\..\RunOnce: [Profile] C:\Temp\profile.cmd (User '?')

    did you install
    O23 - Service: Rational Cred Manager (cccredmgr) - Unknown owner - C:\Program Files\Rational\ClearCase\bin\cccredmgr.exe​
    If not, then take steps to remove the programs located at C:\Program Files\Rational

    Your AVG Anti-Spyware needs to be configured to take actions for things discovered, eg:
    :mozilla.111:C:\Documents and Settings\mfasi\Application Data\Mozilla\Firefox\Profiles\mfasi\cookies.txt -> TrackingCookie.2o7 : No action taken.
    This is just a cookie, but you're going to want to act upon anything discovered

    ComboFix has evidence that you have run VundoFix
    and there are residuals from it and perhaps other things that may need attention:
    \Temp\Perflib_Perfdata_7fc.dat
    \WINDOWS\system32\tmp.reg
    \Temp\hsperfdata_mfasi
    \Temp\VBE
    \Temp\plugtmp-3 and -1

    you have Remote Desktop enabled and port 3389 is open
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:mad:xpsp2res.dll,-22009​
    did you intend this?

    you need this VundoFix to remove
    scanning hidden files ...

    C:\WINDOWS\system32\drivers\DGAPIMon.sys 98816 bytes executable
    C:\WINDOWS\system32\drivers\DGBUSMon.sys 38656 bytes executable
    C:\WINDOWS\system32\drivers\DGRule.sys 88960 bytes executable
    C:\WINDOWS\system32\drivers\DGTDIMon.sys 142592 bytes executable
    C:\WINDOWS\system32\drivers\DGCotMan.sys 111872 bytes executable
    C:\WINDOWS\system32\drivers\dgdmk.sys 239744 bytes executable
    C:\WINDOWS\system32\drivers\dgdmkl.sys 194816 bytes executable
    C:\WINDOWS\system32\drivers\dgds.sys 149760 bytes executable
    C:\WINDOWS\system32\drivers\dgdsl.sys 158336 bytes executable
    C:\WINDOWS\system32\drivers\dgdt.sys 104320 bytes executable
    C:\WINDOWS\system32\drivers\dgdtl.sys 103808 bytes executable
    C:\WINDOWS\system32\drivers\dgfiltr.sys 59904 bytes executable
    C:\WINDOWS\system32\drivers\DGFSMon.sys 79360 bytes executable
    C:\WINDOWS\system32\drivers\DGKPMail.sys 26624 bytes executable
    C:\WINDOWS\system32\drivers\DGMaster.sys 366720 bytes executable
    C:\WINDOWS\system32\drivers\dgrec.sys 32256 bytes executable
    C:\WINDOWS\system32\drivers\DGRoot.sys 81024 bytes executable​
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...