Saved Bookmarks
| 1. |
Solve : Critical error and 100% cpu usage? |
|
Answer» Double-click FindAWF.exe to start the tool. There was a line here but it had nothing under it.Re-read my instructions... Quote Click below the line and paste the following list of folders to be removed.Follow the rest.I hit 3 then enter and this is what came up: Copy the list of folders to be removed then click BELOW THE LINE and paste the list by pressing Ctrl+V IMPORTANT - REMOVE ALL QUOTES !! No Filenames and no trailing slash! When done, close this file and click YES to save the changes. _______________________________________ __________ Under the line i clicked and pasted this: C:\Program Files\Google\googletoolbar3user.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe" I then closed it and it asked me if i wanted to save the changes and i hit yes. This is the log: Find AWF report by noahdfear ©2006 Version 1.40 Option 3 run successfully The current date is: Sat 03/08/2008 The current time is: 13:00:02.64 bak folders found ~~~~~~~~~~~ Directory of C:\PROGRA~1\MESSEN~1\BAK 0 File(s) 0 bytes Directory of C:\PROGRA~1\GOOGLE\GOOGLE~1\BAK 07/07/2007 04:49 PM 68,856 GoogleToolbarNotifier.exe 1 File(s) 68,856 bytes Directory of C:\PROGRA~1\SKYPE\PHONE\BAK 0 File(s) 0 bytes Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ 52272 Feb 15 2007 "C:\Program Files\Google\googletoolbar3user.exe" 138168 Feb 15 2007 "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" 68856 Jul 7 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe" end of report I apologize...my typo...the line should read: C:\Program Files\Google\GoogleToolbarNotifier\bak Please, try again.OK i copied: C:\Program Files\Google\GoogleToolbarNotifier\bak Below the line and this is the log: Find AWF report by noahdfear ©2006 Version 1.40 Option 3 run successfully The current date is: Sat 03/08/2008 The current time is: 13:17:18.18 bak folders found ~~~~~~~~~~~ Directory of C:\PROGRA~1\MESSEN~1\BAK 0 File(s) 0 bytes Directory of C:\PROGRA~1\SKYPE\PHONE\BAK 0 File(s) 0 bytes Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ end of report I also wanted to add i am not sure what we are doing since this goes way beyond my knowledge but my computer seem to be running alot better. I have been on line all morning with full graphics and I have yet to have a single freeze. My moniter has yet to turn off as well. I dont want to jump the gun but so far so good this morning. Again i want to say thanks again for all your help. Good. The log is clean. Double-click the FindAWF icon once again. Use the following option: Press 4 then Enter to reset domain zones When the program returns to the MAIN menu, use the following option: Press E then Enter to EXIT Make sure, all open windows are closed. Open Windows Explorer, go to the HJT directory and right click on the HijackThis.exe file. Choose Rename and click in the title box. Hit the Enter key to clear what`s there and rename HijackThis.exe to Broni.exe. Right click on the Broni.exe file and choose Send to desktop, to create shortcut. Go to Desktop, double click on Broni.exe, and post its log.Scan saved at 1:53:22 PM, on 3/8/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\PESTPA~1\PPMemCheck.exe C:\PROGRA~1\PESTPA~1\CookiePatrol.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: ADOBE PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - EXTRA context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195187880125 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - https://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6890 bytes I had some trouble with this one. I hope i did it right. I apologize for my ignorance but i am not sure where the HJT directory is. I changed the name like you asked but i changed it from my list of programs. When i right clickd it after i changed the name, i didn't see an option to move to desktop so i dragged it there. It didn't look right so i took my program on the desktop and changed the name there to.I wasn't clear enough. I wanted you to go to C:\Program Files\Trend Micro\HijackThis folder, and rename HijackThis.exe file, but it doesn't matter, because your HJT log is CLEAN! One, non-important entry we want to clean.... Open HJT, and checkmark this entry: - O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) Click "Fix checked". Now... Download, and install CCleaner: http://www.ccleaner.com/download/builds. Get "Slim" version. Read CCleaner instruction here: http://www.jahewi.nl/ccleaner/ccleaner.html, and run CCleaner Let me know, how the computer is doing.Its doing great:) Thanks again for all your help. I am not sure how a site like this exists for free but i sure am glad for it:) Super! BTW...it's not free...the bill is in the mail! ...just kidding...LOL |
|