Archived from groups: microsoft.public.windowsxp.general (
More info?)
I don't think HijackThis will find anything. Like I said I think it is a
Rootkit. You ca try either of these:
http://www.diamondcs.com.au/index.php?page=asviewer
But again Rootkits can even fool these. The guy from SysInternals has an
app that is supposed to identfy Rootkits but it didn't help me when I had
the issue:
http://www.sysinternals.com/utilities/rootkitrevealer.html
The best way to see what may be going on is to hook up to your machine from
another computer in your network and attach remotely to its registry. Then
you look in the services under here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
And you may have to ask us but you should see a Service out of the ordinary.
Here is more information on the subject:
http://research.microsoft.com/rootkit/
--
George Hester
_________________________________
"Rock" <rock@mail.nospam.net> wrote in message
news:um#OkRdrFHA.2540@TK2MSFTNGP09.phx.gbl...
> paul wrote:
>
> > It's hours later now and the cpu is back to 100%
> > I guess it is a reinstall after all if there are no other suggestions
> >
> >
> > "George Hester" <hesterloli@hotmail.com> wrote in message
> > news:%23Wi6SvbrFHA.3264@TK2MSFTNGP12.phx.gbl...
> >
> >>Yes I wasn't sure. Normally in the case I mentioned the CPU ususage
would
> >>have been always high. It would not have flutuated. But I thought it
> >>would
> >>be better to err on the side I took because of what you mentioned. Yes
if
> >>the CD-ROM was not connected correctly this would happen. But I would
> >>have
> >>expected you to see a loss of that drive. In any case glad you solved
it.
> >>
> >>--
> >>George Hester
> >>_________________________________
> >>"paul" <paul@nowhere.com> wrote in message
> >>news:4d3Re.27014$Bc2.5765@trnddc06...
> >>
> >>>I just found out that the CDROM drive was not reading disks.
> >>>After disconnecting it, the CPU is back to normal.
> >>>
> >>>
> >>>"paul" <paul@nowhere.com> wrote in message
> >>>news:d53Re.27013$Bc2.11885@trnddc06...
> >>>
> >>>>Hi George,
> >>>>
> >>>>There is no activity on my internet connection.
> >>>>I plan to upgrade my mobo soon so will reinstall clean as you suggest.
> >>>>Thanks!
> >>>>
> >>>>"George Hester" <hesterloli@hotmail.com> wrote in message
> >>>>news:%2338wClZrFHA.1204@TK2MSFTNGP15.phx.gbl...
> >>>>
> >>>>>Not normally no. There is an excutable that is waylaying your
> >>
> >>Explorer.
> >>
> >>>>>As
> >>>>>far as know this is in an indication of what is called a root kit or
> >>>>>to
> >>>>>bring it down to the jist of the matter a kernel corruption. You
need
> >>
> >>to
> >>
> >>>>>be
> >>>>>careful because you may be sending out e-mails and not know it. My
> >>>>>suggestion is to reinstall and never browse the Net with any level of
> >>>>>permissions beyond a highly disabled user except at sites you are
> >>>>>familiar
> >>>>>with. The fact that the Anti-Spyware applications may show nothing
> >>
> >>wrong
> >>
> >>>>>means nothing here.
> >>>>>
> >>>>>--
> >>>>>George Hester
> >>>>>_________________________________
> >>>>>"paul" <paul@nowhere.com> wrote in message
> >>>>>news:Q52Re.22124$yv2.6374@trnddc04...
> >>>>>
> >>>>>>This is a P4 1.7ghz Windows XP SP2.
> >>>>>>
> >>>>>>Possibly unrelated but worth mentioning. Two days ago I began seeing
> >>>>>
> >>>>>browser
> >>>>>
> >>>>>>hijacks to two websites.
> >>>>>>First was always "trafficexplorer.com" then would jump to
> >>>>>>"antispyware.winantivirus.com".
> >>>>>>As suggested in a previous thread, I ran spybot s&d, adaware, MS A/S
> >>
> >>and
> >>
> >>>>>>Norton A/V all in safe mode.
> >>>>>>Some repairs were made and I have not seen the browser hijack return
> >>>>>>yet.
> >>>>>>
> >>>>>>Intermittantly the machine just goes into 100% CPU showing
> >>
> >>EXPLORER.EXE
> >>
> >>>>>>as
> >>>>>>the culprit.
> >>>>>>As best I can tell this is the desktop.
> >>>>>>
> >>>>>>I did add a new LCD display (Envision 9410) and the 64MB video card
> >>
> >>has
> >>
> >>>>>the
> >>>>>
> >>>>>>monitor running in its native mode of 1280x1024 @ 60hz.
> >>>>>>
> >>>>>>Can the display (or adapter) settings have anything to do with my
> >>>>>>EXPLORER.EXE being at 100% CPU?
> >>>>>>
> >>>>>>Paul D
> >>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>
> >
> >
>
> Download and run HijackThis and post the log to one of the specialty
> forums, _not_ this one.
>
> HijackThis
>
http://www.majorgeeks.com/download.php?det=3155
>
> Forums to Interpret HijackThis Logs:
>
> http://www.spywareinfo.com/forums/
>
http://forum.aumha.org/viewforum.php?f=30
> http://forums.tomcoyote.org/
> http://www.wilderssecurity.com/
>
>
> --
> Rock
> MS MVP Windows - Shell/User
>