explorer.exe causing CPU to run at 100%

[tweck]

My machine (Dell Dimension C521, AMD Athhlon 64 processor - 3200+, 2.00GHz,
3.43 GB RAM..Win XP Home, SP3) has suddenly gotten very slooooooooooooow when
trying to open any application or surf the net. When I open task manager,
the system is running at 100% with NO applications open. When I look at
Processes in the Task Manager window, it shows explorer.exe running steady at
99%. Sometimes it shows equal load on both administrator and the guest name,
both add up to 99%. Even with nothing running, it shows 99% CPU load AND my
wireless connection is constantly uploading/downloading. Killing the
wireless does nothing to reduce CPU load. I have tried windows update. I
have run my AV software (CA Security Center), plus AdAware, and SpyBot Search
and Destroy. Both spyware programs found some MalWare but cleaned everything
up.
Any help would be appreciated.

 

[Leonard Grey]

Malware remains on your computer and/or the cleanup procedures damaged
your system

The latter sometimes happens because it can be difficult to remove
deeply entrenched malware without causing damage.

Download HijackThis from www.trendsecure.com. Run it, save a log, and
post the log at one of the many sites that support HJT, such as
spywarewarrior.com, bleepingcomputer.com, and http://aumha.net -- but
not here. Within a day you'll have step-by-step advice from an expert on
cleaning up any malware infestations.

Even the best detection and removal software can't fix every malware
infection. If none of the above remove the infection, you may want to
show the computer to a professional. You might need to erase your hard
drive and start over.

 

[Gerry]

If you run SpyBot Search and Destroy again does it report further
Trojans and the like. If this is so it is indicative that you have yet
undetected malware letting new malware in.

Malwarebytes' Anti-Malware
1.32 -freeware (if you upgrade you pay).
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

Run Malwarebytes' in safe mode and turn off CA Security Center before
you do to avoid a conflict. Disregard the invitation on the web site
regarding the Regostry Optimiser -a Registry Optimiser is not a helpful
utitity.

What is the image name of the process producing high CPU usage? With
Explorer you will see the "children", those further down the tree. This
could help narrow down the source of the unexplained CPU usage.

Download Process Explorer.
For further information about Process Explorer see here:
http://www.microsoft.com/technet/sysinternals/SystemInformation/ProcessExplorer.mspx

It would be helpful if you could post the Command Line of the process
generating the excessive CPU usage. In Process Explorer place
cursor on Process and select Properties, Image.

--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~

 

[tryon]

I'd suggest you get Process Explorer from microsoft (free) like Gerry
suggested and look at what's really going on with your process as you'll
often find things hiding behind a process name.

Good luck as a really infected system is hard to recover from, except with
the usual complete reinstallation.

 

[tweck]

I am sorry guys, but some unexpected business travel has me away from the
machine until I return home this weekend. I will make a point of printing
the replies and following the guidance suggested here. I will post back my
findings as soon as possible. Again, thank you for your suggestions thus far.

 

[tweck]

Well, as suggested I ran Malwarebytes in Safe mode and it found 7 (thats
correct 7!) different Malware located on my machine (I found nothing with
AdAware or SpyBot Search and Destroy) and once cleaned up, the machine runs
GREAT! I only wish I could find a program that would tell me what to do to
get OPTIMAL performace out of the machine (it is kind of slow). But for now,
thanks to all the great suggestions!...You guys are a big help to those (like
me) who are not as knowlegeable.

 

[Gerry]

tweck

What exactly is slow?

Are there any errors in Event Viewer? Have a look in the System and
Application logs in Event Viewer for Errors and Warnings and post copies
here. Don't post any more than 48 hours ago.

You can access Event Viewer by selecting Start, Control Panel,
Administrative Tools, and Event Viewer. When researching the meaning of
the error, information regarding Event ID, Source and Description are
important.

HOW TO: View and Manage Event Logs in Event Viewer in Windows XP
http://support.microsoft.com/kb/308427/en-usA

A tip for posting copies of Error Reports! Run Event Viewer and double
click on the error you want to copy. In the window, which appears is a
button resembling two pages. Click the button and close Event Viewer.
Now start your message (email) and do a paste into the body of the
message. Make sure this is the first paste after exiting from Event
Viewer.

Are any devices malfunctioning? Select Start, All Programs, Accessories,
System Tools, System Information. Open Components under System Summary
and click on Problem Devices. Is anything listed there?

Are there any yellow question marks in Device Manager? Right click on
the My Computer icon on your Desktop and select Properties, Hardware,
Device Manager. If yes what is the Device Error code?

Select Start, All Programs, Accessories, System Tools, Disk
CleanUp to Empty your Recycle Bin and Remove Temporary Internet Files.
Also select Start, All Programs, accessories, System Tools, Disk
CleanUp, More Options, System Restore and remove all but the latest
System Restore point. Run Disk Defragmenter.


--



Hope this helps.

Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~