My computer is exhibiting several very bad symptoms. I'm trying to avoid reformatting the disk, because right now it's running so slow I won't be able to save off any of my data files. If I can just fix the problems long enough to save the data, I could then do a complete System Recovery.

Here's the main symptoms:
> System runs very slow
> Can't drag and drop files
> No start/task bar at the bottom of the screen
> Certain system tools (System Restore, User Account Manager, etc) can be started, but they just open a blank window and hang

Other important information:
Checking TaskManager shows one of the "svchost.exe" processes using 99% of the CPU (there's usually two other instances of svchost.exe also running, but using 0% CPU). I've done a process check on the svchost.exe that is hogging the CPU, and it shows that it is supporting the Remote Procedure Call (RPC) service. I assume that RPC is critical to the Windows OS because whenever I try to end this svchost.exe process I get a "system shut down in 60 seconds" message.

Other background info:
The computer no longer has internet access; so any debug software I need to load is via a flash-ROM. The computer had been using a wireless PC card to access the internet via a wireless router in my houes. The computer did not have any WEP/WPA encryption set-up on it (bad idea I guess) so is often "saw" other networks in the area. Don't know if this is realted or not.

Finally, below is the HijackThis log that I just ran. I know this not the malware forum, but I was not sure if this problem was really a malware issue:

Logfile of HijackThis v1.99.1
Scan saved at 11:42:15 AM, on 4/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ShStatEXE] "c:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - Startup: AutoTBar.exe
O4 - Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SMC2802W 54 Mbps WLAN Utility.lnk = C:\Program Files\SMC\SMC2802W 54 Mbps WLAN Utility\SMCUTIL.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/act...l_v1-0-3-17.cab
O16 - DPF: {89F9AA82-9B9F-4D1C-A637-33388558FAAC} (AutoImport1_5_9.GW_Import_Control) - http://echo.lemoyne.edu/events/echo...ccuweb1_5_9.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/so...tiveXPlugin.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - c:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - c:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe

Can you boot into Safe Mode?
Does this change anything?

Another possibility is to put your Hard Drive on another computer as a slave to copy off your data.

As to HijackThis I see a few unneccessary items but nothing outstanding although I am not an expert reader. If you want an expert reading then:

please follow owen's Instructions and then post your log in the Spyware, Adware, Viruses and HijackThis Logs section (Not Here).

Booting in safe mode does not change anything. Still have svchost.exe running at 99%. I've had one other forum tell me the log does not look bad. Perhaps it's not a virus, but a curruption problem.

Do you have an XP CD?
If so you can try to run sfc /scannow to repair any system files.
Insert CD & from setup choose Exit but leave in the drive. Then go to start/run & type in; sfc /scannow
more details here:
http://www.updatexp.com/scannow-sfc.html

Also could try running a disk scan:
start > run > cmd
in the new window type chkdsk/f
when prompted to run on boot choose Y & reboot
this will check for & fix any disk errors.

Open Regedit and see if you have this key : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole

It should be present and populated with several entries. If not, import one from a known good machine.

Are you over the network?
I would suggest to assign new lower priority to the process first. Right click it in the task manager and select the priority as below normal. Wait for couple of seconds. Might be its dependent on some other process as well. On delayin it would make the other process unresponsive for sometime and you'd come to know the fault. You can also add up the cpu time column in the task mgr by selecting it under VIEW menu.
If its not interfering with anything. Make the process go above normal priority. Wait.. most pro'lly it will complete itself n would be normal if it doesnt then your pc would hang or shutdown. Dont panic restart.

If all of this doesnt help, get yourself process watcher which shows you which program/application/interface is using the process. That will give you good idea as to why svchost is being triggered and who is using it. Just disable the program interface then. :-)