Help me please 100% cpu usage

i just formatted my pc because my cpu was taking 100% and that causes lag with my games and end up at 4 fps.
but after i formatted my pc it was still there.
its not taking 100% all the time its taking 100% every 10 minutes or maybe less.
winlogon.exe is taking the 100% usage.

ill add my hijackthis file.
Logfile of HijackThis v1.98.2
Scan saved at 15:52:28, on 24-10-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\WINDOWS\soundman.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Steam\Steam.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\PROGRA~1\NTS\WANADO~1\app\pppoeservice.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] D:\Steam\Steam.exe -silent
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Gelijkwaardige pagina's - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098401421888

I hope someone can help me since its not taking 100% cpu all the time.

updated hijackthis:

Logfile of HijackThis v1.98.2
Scan saved at 22:35:19, on 24-10-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Steam\Steam.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\PROGRA~1\NTS\WANADO~1\app\pppoeservice.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\regsvr32.exe
C:\HJT\HijackThis.exe

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098401421888

Can it be an hardware problem or is there someting wrong with the hijackthis scan.

Hi paradoxinus,

This is related to your DSL service right?

C:\PROGRA~1\NTS\WANADO~1\app\pppoeservice.exe

Other than that, your log is clean.

However, You are seriously behind on Windows Updates. This leaves your computer open to many threats. You will just get infected again if you don't install these!

Please update Windows and Internet Explorer. Download each critical update one by one, rebooting when necessary.. Repeat this until you get the message "no critical updates available".

http://windowsupdate.microsoft.com/

Tom

Hi Tom,
yes this is related to my internet connection
C:\PROGRA~1\NTS\WANADO~1\app\pppoeservice.exe

and i will update all
thx

So does winlogon.exe still use 100% of you CPU cycles? It should stay pretty close to 0 most of the time.

Tom

Its still using 100% sometimes its very strange.
And it also only comes when i play counterstrike.
Its there 2 min and its gone and i can play like 10 min again and then its there again 2 min.

Logfile of HijackThis v1.98.2
Scan saved at 16:01:45, on 29-10-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\PROGRA~1\NTS\WANADO~1\app\pppoeservice.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\mIRC\mirc.exe
D:\Steam\Steam.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\FlashFXP\flashfxp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.packetnews.com/
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [UpConfgVer] "C:\Program Files\Panda Software\Panda Antivirus Platinum\UpgConf.exe" /v:7.05.07
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098401421888

Uninstall Panda Antivirus, thats a HUGE resource hog, and poorly written Anti virus software.

It runs in 4 parts,

First part, makes sure its not removed (runs 2 win services to do this)
Constantly monitors anything that closes one of the programs and then pops up a chinese/japenese dialog box with a reboot thing in it.

Second Part, firewall, which if your on dsl is pointless. Only point of a software fire wall is to stop your computer from requesting things on the internet (your dsl modem has a firewall built into it) [pointless resource hog] oh and Panda doesn't actively ask for "access to the web" for diff things.

Third Part, Update Manager - Checks every 30 min for updates, then prompts you at your set interval. Also a high resource hog [like 7,000 K ]

Fourth Part - Virus Scanner, doesn't scan Active X scripts...



Best bet - Uninstall it, goto www.grisoft.com - and get AVG... its better than panda - uses less resources too.

Also in your hijaak this log

2 questionable entries.

This is questionable because i don't recognize it.. =)
O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent

This is questionable because it is not part of windows, and its running in the windows directory..
1) not part of original windows
2) stand alone program?
3) seems sneaky trying to hide it with all the windows executables..
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe

RobSBG,


I know of no broadband modems that have a firewall built into it.
Are you thinking of a router per chance? To be on a broadband connection without a firewall or a packet filtering router is just leaving the door open for hackers, trojans and the like!!!


Steam is a legimate program:

Valve Software's STEAM broadband game client. Steam is Valve's new way of getting games into your hands ASAP. Games like Half-Life, Counter-Strike, and Counter-Strike: Condition Zero are all being made available through Steam. Steam games are automatically kept up-to-date with the latest content and revisions. Steam also includes an instant-message client which even works while you're in-game.

Tom

Most DSL Modems have web gui at 192.168.0.1, where you can setup not only your connection but your

firewall
dmz hosting
ip address (static/dynamic/PPOE/etc)
Lan settings (ip of the box etc - subnet)
dhcp if router (multiple rj-45 plugs)



actiontec/linksys/belkin/paradigm all have these panels, can't think of any that don't.

some are on different ip's consult user manual.

Ok I stand corrected, but I see not all DSL modems I looked up have NAT built into them.

I still wouldn't disable the firewall. It's an added layer of protection. It blocks unwanted incoming and outgoing traffic.

Tom

Hi paradoxinus,

Your log is clean. Your problem is not related to malware on your system. You really don't have many startup programs in your log, so I don't believe that is your problem.

You might check the minimum specs your game requires and check if your system is up to the task.

These are tools that will help keep you from getting infected:

SpywareBlaster prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests. Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox. Restricts the actions of potentially dangerous sites in InternetExplorer.

http://www.javacoolsoftware.com/spywareblaster.html

SpywareGuard provides a real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

http://www.wilderssecurity.net/spywareguard.html

IE-SPYAD puts over 4000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer

http://mvps.org/winhelp2002/hosts.htm

All are very small free programs. Occasionally check for updates.

Check for updates for Windows and Internet Explorer every week or so. Download each critical update one by one, rebooting when necessary.. Repeat this until you get the message "no critical updates available" http://windowsupdate.microsoft.com/

Please take a minute to read: So how did I get infected in the first place?

http://forums.net-integration.net/i...?showtopic=3051

Tom

The panda crap, I would remove and actually use something like zone alarm or something if you were going to use a software firewall.

Panda crap = huge resource hog,

zone alarm (although i don't use it) isn't near the hog