Crazy High CPU Usage * All processes

Hello people!



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
Run by admin at 21:07:25 on 2013-09-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2811.2083 [GMT 1:00]
.
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
uRun: [AdobeBridge] <no file>
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\admin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\admin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PROCES~1.LNK - C:\Users\admin\Desktop\ProcessExplorer\procexp.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 62.244.176.176
TCP: Interfaces\{E0022CBD-C743-4742-885E-0E0517A14F50} : DHCPNameServer = 62.244.176.176
TCP: Interfaces\{E0022CBD-C743-4742-885E-0E0517A14F50}\2427968747F6E6D2055726C69636 : DHCPNameServer = 193.63.88.11 128.86.249.14
TCP: Interfaces\{E0022CBD-C743-4742-885E-0E0517A14F50}\55073747169627370224162702259647A797 : DHCPNameServer = 10.0.0.2
TCP: Interfaces\{E0022CBD-C743-4742-885E-0E0517A14F50}\6796277696E6D65646961663339383038333 : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\windows\syswow64\guard32.dll c:\progra~2\sprote~1\sprote~1.dll C:\Windows\SysWOW64\guard32.dll
SSODL: WebCheck - <orphaned>
IFEO: taskmgr.exe - "C:\USERS\ADMIN\DESKTOP\PROCESSEXPLORER\PROCEXP.EXE"
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: taskmgr.exe - "C:\USERS\ADMIN\DESKTOP\PROCESSEXPLORER\PROCEXP.EXE"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5pww9dag.default-1376066898848\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL -
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\admin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-08-10 15:15; {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}; C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5pww9dag.default-1376066898848\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
.
============= SERVICES / DRIVERS ===============
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-9-11 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-9-11 38144]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2013-5-29 91368]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2013-5-29 122088]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2013-5-29 109288]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2013-5-29 114920]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2013-5-29 95464]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2013-5-29 119016]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2013-5-29 305896]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2013-5-29 118504]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2013-5-29 114920]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2013-5-29 246504]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2013-5-29 106216]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2013-5-28 205544]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 NanoServiceMain;Panda Cloud Antivirus Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-7-17 140768]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-7-22 1900728]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2013-5-28 168680]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2013-7-17 122600]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2013-5-28 124648]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2013-5-29 137448]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-7-8 37344]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-8-28 46136]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-4-6 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-8-28 103536]
R3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-9-2 58808]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-8-28 56448]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2013-8-9 0]
S3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416]
S3 PSINReg;PSINReg;C:\Windows\System32\drivers\PSINReg.sys [2013-5-28 105704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-15 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-1-14 31800]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-6 232992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-15 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-26 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-6 202752]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
S4 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2013-5-29 69864]
S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S4 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-5 824688]
.
=============== Created Last 30 ================
.
2013-09-02 19:24:01 58808 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2013-08-31 21:09:10 -------- d-----w- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2013-08-28 17:20:49 -------- d-----w- C:\Users\admin\AppData\Local\AMD
2013-08-28 16:35:46 -------- d-----w- C:\ProgramData\AMD
2013-08-28 16:29:17 -------- d-----w- C:\Program Files (x86)\AMD APP
2013-08-28 16:28:55 56448 ----a-w- C:\Windows\System32\drivers\usbfilter.sys
2013-08-28 16:20:54 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2013-08-28 15:19:10 103536 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2013-08-28 15:03:08 443040 ----a-w- C:\Windows\System32\athihvs.dll
2013-08-28 12:11:38 -------- d--h--w- C:\ProgramData\Common Files
2013-08-28 12:11:08 -------- d-----w- C:\Program Files (x86)\SlimDrivers
2013-08-27 21:56:49 -------- d-----w- C:\Program Files\ATI Technologies
2013-08-27 20:10:42 -------- d-----w- C:\Users\admin\AppData\Local\SlimWare Utilities Inc
2013-08-27 18:45:20 -------- d-----w- C:\Users\admin\AppData\Local\DriverHub
2013-08-27 16:36:48 -------- d-----w- C:\Program Files (x86)\Belarc
2013-08-27 15:19:05 -------- d-----w- C:\Users\admin\AppData\Local\Toshiba Corporation
2013-08-26 17:34:09 -------- d-----w- C:\MGtools
2013-08-25 18:58:55 -------- d-----w- C:\Windows\pss
2013-08-25 16:40:34 -------- d-----w- C:\Program Files (x86)\SpeedFan
2013-08-20 05:52:17 9460976 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4548EBDD-72BF-4351-89A2-B3F1A665678C}\mpengine.dll
2013-08-15 13:50:03 8192 ----a-w- C:\Windows\SysWow64\pythoncomloader32.dll
2013-08-15 13:50:03 371712 ----a-w- C:\Windows\SysWow64\pythoncom32.dll
2013-08-15 13:50:03 104448 ----a-w- C:\Windows\SysWow64\pywintypes32.dll
2013-08-15 13:07:19 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-08-15 13:07:19 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-08-15 13:07:19 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-08-15 13:07:18 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-08-15 13:07:18 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2013-08-15 13:07:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-08-15 13:07:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-08-15 13:07:12 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-08-15 13:07:12 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-08-15 10:33:26 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-15 10:33:24 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-08-15 10:33:24 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-08-15 10:33:24 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-15 10:33:23 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-08-15 10:33:23 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-08-15 10:33:23 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-08-15 10:33:23 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-08-15 10:27:50 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-08-15 10:27:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-08-15 10:27:20 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-08-15 10:27:19 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-08-15 10:27:00 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-08-15 10:27:00 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-08-15 10:26:49 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-15 10:26:48 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-15 10:26:47 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-15 10:26:46 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-15 10:26:45 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-15 10:26:45 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-15 10:26:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-15 10:26:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-15 10:26:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-15 10:26:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-15 10:26:40 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-15 10:26:11 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-08-15 10:25:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-08-14 06:51:13 5856 ----a-w- C:\ProgramData\NanoRepository.bin
2013-08-10 12:47:05 -------- d-----w- C:\Program Files (x86)\Mozilla_Firefox
2013-08-09 20:10:10 0 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
2013-08-09 16:26:43 -------- d-----w- C:\ProgramData\HitmanPro
2013-08-09 15:44:01 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-08-09 15:44:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-09 13:11:20 -------- d-----w- C:\Users\admin\AppData\Roaming\Panda Security
2013-08-09 12:56:03 -------- d-----w- C:\ProgramData\Panda Security
2013-08-09 12:55:49 -------- d-----w- C:\Program Files (x86)\Panda Security
2013-08-08 21:06:34 -------- d-----w- C:\ProgramData\Licenses
2013-08-08 20:32:20 -------- d-----w- C:\Users\admin\AppData\Local\Microsoft Corporation
2013-08-08 15:43:57 -------- d-----w- C:\Users\admin\.get_iplayer
2013-08-08 15:43:28 -------- d-----w- C:\ProgramData\get_iplayer
2013-08-08 15:43:28 -------- d-----w- C:\Program Files (x86)\get_iplayer
2013-08-07 09:57:57 -------- d-----w- C:\Users\admin\AppData\Roaming\BBCiPlayerDesktop
2013-08-06 21:25:41 -------- d-----w- C:\Users\admin\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
.
==================== Find3M ====================
.
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-17 11:39:05 122600 ----a-w- C:\Windows\System32\drivers\PSINFile.sys
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-04 09:17:56 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-04 09:17:54 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-07-04 09:17:54 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-13 12:45:08 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2013-06-13 12:45:08 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-06-13 04:50:32 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-06-13 04:50:32 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-06-05 12:05:18 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2010-11-11 15:34:12 201728 ----a-w- C:\Program Files\hjsplit.exe
.
============= FINISH: 21:09:33.37 ===============




Firstly, please note that

I don't have windows installation disc.

See my other thread for attachments for more info about the BSOD procedure.
http://www.techsupportforum.com/foru...rt-707833.html


And there's something wrong with my laptop internal organs because when tilt it, it freezes. If I push back the laptop screen it freezes too (I suspect there's a short near the battery or where the screen attaches to the base. BUT THAT'S ANOTHER STORY because If I treat my laptop with care and love nothing happens, functions correctly. Nothing to worry, CPU Usage is rather normal.

High CPU usage cause
But I once run out of battery, and laptop went to hibernate mode. When I plugged it back and lifted the screen it crashed two times.

The first crash gave me a BSOD code error but didn't gave me a chance to take notes because it crashed/freezed again right away giving me a scary random screen that it looked like my laptop was totally screwed up. Then I switch it off and then tried to start Windows but I failed. I had turned it off again and fortunately I made it to Windows in normal mode, and everything looked normal except that my CPU usage went high as a kite and has been acting up like crazy since then. It tends to stay at 100% even with one or two processes (say Opera browser + Process Explorer) and it keeps bouncing (both user and kernel).

Err...Did I told you about my Botnet(?) thingy problem?
I discovered about a month ago a suspicious program which was happily installed on a root folder. I found out it is a program that could be use for either botnet attacks or to spy on me! I don't know how come or when I got it as I surf with great care! Anyway, I run the antivirus, deleted it and got rid of all malware/virus crap. Since then my antivirus (Panda Cloud Antivirus Free) and Anti-malware (Malwarebytes) hadn't detected anything suspicious.

Ok, back to my high CPU Usage!
I have been trying to fix this for over a week now! Solutions/fixes I have tried so far:
- Run antivirus/malwarebytes (I even watched and followed a Mark Russinovich video about tips on how to hunt down for viruses with sysinternals tools),
- Run verifier,
- Updated/remove old drivers,
- Disk repaired,
- Sfc /scannow-ed,
- Powercfg /hibernate-ed,
- Windows Upgrade Advisor-ed,
- Stopped services,
- Clean booted,
- Mem tested,
- Chkdsk /r-ed,
- Logged with different user account,
- Speedfan tested (three fans show 0RPM or maybe they were not detected),
- Disallowed files to be indexed on c:\,
- Tried Bios update (but is already up-to-date)...

In Safe Mode CPU Usage is normal (low <5%)
In Safe Mode with Networking, is normal too (low <5%)
In Normal mode CPU usage is 30-100%


Usual suspects?
I suspect there's problem in one or more Microsoft services at one or various svchost.exe. Maybe some Windows system files got corrupted (I don't have a CD to reinstall Windows 7) or there's a virus in there. Or maybe this is a hardware problem. Perhaps fans aren't working (speed fan show 0RPM for three fans). But if fans aren't working, how come Safe Modes are giving me low CPU usages?

Please someone have a look at my zip file and give me a hand or shed some light on my problem. Many thanks in advance!






MY SYSTEM

OS - Vista/ Windows 7 ?
Windows 7 Home Premium (x64) Service Pack 1 (build 7601)

· x86 (32-bit) or x64 ?
x64

· What was original installed OS on system?
Windows 7 Home Premium (x64) Service Pack 1 (build 7601)

· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)?
I purchased it from retailer.

· Age of system (hardware)
3 years.

· Age of OS installation - have you re-installed the OS?
3 years.

· CPU
2.20 gigahertz AMD V120
128 kilobyte primary memory cache
512 kilobyte secondary memory cache
64-bit ready
Not hyper-threaded

· Video Card
ATI Mobility Radeon HD 4200 Series [Display adapter]

· MotherBoard
Board: TOSHIBA Portable PC Base Board Version
Bus Clock: 200 megahertz
BIOS: Insyde Corp. 1.70 01/27/2011

· Power Supply - brand & wattage
Toshiba
AC 100V-240V 1.5A 50-60Hz
DC 19V 3.42A

· System Manufacturer
TOSHIBA Satellite C650D

· Exact model number (if laptop, check label on bottom)
PSC16E-00E007EN

Attached Files

ark_attach.zip (6.3 KB)