# (Resolved) pccguide.exe 100% of CPU resources



## ejsilk (Sep 20, 2004)

Help please!!
Im having a nightmare with PCGUIDE.EXE using 100% of my CPU resources.
Any advice will be greatly appreciated. Im including my Hijack log for you to look at.
Thanks

Logfile of HijackThis v1.98.2
Scan saved at 22:36:28, on 9/20/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MicroStar\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Trend Micro\Internet Security\PCClient.exe
C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\MicroStar\Bluetooth Software\BTTray.exe
C:\PROGRA~1\MicroStar\Bluetooth Software\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Internet Security\PCCGUIDE.EXE
C:\Documents and Settings\jnr\Desktop\Downloads\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ntlworld.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SmartFix] "C:\Program Files\SmartFix\smartfix.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKCU\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MicroStar\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MicroStar\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


----------



## eddie5659 (Mar 19, 2001)

Hiya and welcome

I've moved you to Security, where you should get more response 

eddie


----------



## LDTate (Aug 13, 2004)

Hello ejsilk.

This is what I suggest you do first.

Make sure you have the *up-to-date * versions of *Spybot * and *Ad-aware*. All are free and available below.

Download *Spybot*, *install * and *update*. Then download *Ad-aware*, *install,* and *update.*

Install the program and launch it.

*Spybot:*
Go to Start > Programs >Spybot > Search & Destroy and choose Spybot S&D

Close ALL windows except Spybot S&D
Click the button to *"Search for Updates" * and download and install the Updates.
Next click the button *"Check for Problems"* 
When Spybot is complete, it will be showing "RED" (RED) entries "BLACK" entries and "GREEN" (GREEN) entries in the window
Put a check mark beside the RED (RED) entries ONLY. 
Choose "*Fix Selected Problems*" and allow Spybot to fix the RED (RED) entries.

*Ad-Aware FULL SCAN:*

Install the program and launch it.

First in the main window look in the bottom right corner and click on Check for *updates * now then click Connect and download the latest reference files.

From main window :Click Start then under Select a scan Mode tick Perform full system scan.

Next *deselect* Search for negligible risk entries.

Now to scan just click the Next button.

When the scan is finished *mark everything * for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)

Before restart, *Empty * Recycle Bin.

Restart your computer.

Post a new HijackThis log.


----------



## ejsilk (Sep 20, 2004)

Thanks for your reply LDTATE.
The problem was a slight compatibility issue with Trend Micro Internet Security and FireFox. For some reason or another uninstalling FireFox will lock your pccguide.exe at 100% cpu resource. In the end trend emailed me a fix for the problem and said they are aware that some users have experienced this.
Once again many thanks LDTATE and eddie5659 for moving my post so I could get a reply.


----------



## eddie5659 (Mar 19, 2001)

Thats good to hear it all working again, I'll mark this one Resolved 

eddie


----------

