Computer Support Forum

Windows 8.1 x64 Werfault.exe leaves crash process in suspended mode with no running threads, unable to end process !

Question: Windows 8.1 x64 Werfault.exe leaves crash process in suspended mode with no running threads, unable to end process !

We religiously track Windows Application fault events in our environment.

Recently we have noticed that when, Word 2013 x86 version (15.0.4823.1000, 15.0.4805.1001) running on Windows 8.1 x64, crashes due to corrupted heap, we find suspended winword process that have no running threads. the ccorrupt heap crashes are of
the type exception c0000374 in Ntdll.dll at offset 0x000e6054. We have two different situations in which we can trigger a crash that will produce the corrupted heap.

The problem is after the App crash the Windows Error Reporting service, attaches the WerFault.exe to the crashed process and saves the WER Dump file. The problem is after this process is finished we are left with Winword.exe process that are in suspended
state. They are not visible in the TaskManager but they show-up in Procexp, these process have no running threads and the End task or end task tree have no impact. The only way to exit the suspended process is to log off the user session.

The suspended Winword.exe process cause problems when we re-launch a clean word, we have an add-in that detect's the suspended Winword and will not run.

On a test machine we disabled the WER service and of course we no longer see suspended threads, this is not an option for use because stopping the WER service stops logging of all Application Fault event ID 1000 and Application hang 1001 entries from the Application
log.

We also tried to exclude Winword from the WER service by using HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\ExcludedApplications. The result is WER does not save any dumps for the crashing Winword process but it still attaches
the crashing process.

Any thoughts ?

More replies
Relevance 100%
Preferred Solution: Windows 8.1 x64 Werfault.exe leaves crash process in suspended mode with no running threads, unable to end process !

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 75.69%

A few weeks ago I began to have a problem when shutting down Windows XP (SP1): Often the shutdown process is halted with a window saying "MCI Command Handling Error"...it can't end a program, and I have to click "End now" to get the computer to resume its shutdown. Sometimes this happens more than once. Had no success in figuring this out, UNTIL! I've discovered it's linked to another problem:

If I close Outlook Express, it leaves a process running. Task Manager (Processes) reveals that "msimn.exe" is still running, with zero CPU usage, and mem usage of around 10k. If I open and close OE five times, I end up with five "msimn.exe" processes in Task Manager.

If I close all these processes before I shutdown the computer, I don't get the MCI Command Handling Error.

Anyone have any idea what to do? I tried the MS Knowledge base and found nothing.
 

Answer:Closing Outlook Exp leaves residual process running.

15 more replies
Relevance 93.48%

What 's the matter with this content shows when I tried to turn on my laptop?"The upgrade process has been suspended because your battery charge is too low. Please plug in a power source; the process will continue when the charge is more than 25%"

More replies
Relevance 92.66%

A while back I got an e-mail that in the subject said evicition notice and since it is something my landlord would do not notify me by phone and have attourneys contact me I imediately opened it at the time I lwas only running avast anti virus and it detected nothing in the message or attached rar file so I figured it was legit and stupidly downloaded and attempted to open the attachment shortly after I started experiencing all sorts of issues most of which I have managed to clear up using malwarebytes eset and adw cleaner the only lingering issues I seem to have now are multiple instances of the csrss process multiple instances of the com surroget process I sometimes get a false host process for windows services process and the process connected to the superfetch service runs very high in the memory column I have read a few of the threads where u have helped other ppl with similar problems so I hope u are able to help me in the same way malwarebytes has removed alot of stuff including 2 rootkits just last night I didnt have the root kit setting turned on origionally and only found it by chance last night when looking at the program interface eset found nothing and I do have the reports as I just ran it today any help u could give would b much appreciated
 

Answer:Multiple csrs process, com surroget process & fluxuating cpu usage superfetch running very high

I also have multiple host precess for windows services that are not connected to any service and do not appear in the process list where they should and when I end them it opens multple com surroget processes on top of the 2 that I already have so I wind up with 3 sometimes 4 com surroget processes and one that appears then goes away periodically eset detectsdetects nothing malwarebytes on the other hand detects 2 rootki

threat type location

Cidox.J.vbr phyical sector master boot sector on volume #0

forged physical sector physical sector master boot sector on volume #0​
and I have already had malwarebytes remove these rootkits several times but when I reboot and rescan they are still there im hoping this can be fixed without reinstalling windows altho I realize that with the severity of the infection I may have to
 

77 more replies
Relevance 92.66%

Occasionally my IE 11 Process will become suspended. When this happens I can still use the IE window I have open but many other things stop working correctly. I've attached a screen capture from Process Explorer to show you what it looks like. I've noticed several other processes becoming suspended such as ShellExperienceHost, Search and several others. I have no idea why they are becoming suspended. I'm running Windows 10x64 Pro on a Sager NP 7378, i7 4710 processor, 16 GB of RAM...

Any ideas what's causing this?

 

More replies
Relevance 87.74%

hi
I am using IE 6 sp 2 on win xp sp 2, It was good untill yesterday,
then suddenly I am unable to open IE, where as i can see the
iexplore.exe running in the task manager.
If i click IE icon again, one more iexplore.exe process has started
in tast manager but the browser is not opening.
These multiple processes of iexplore is consuming who of my CPU time.
And this is affecting other applications like mcafee, yahoo
messenger. same symptoms are found for those applications too.
CPU is getting consumed 99% without any application being opened.

And when i restarted the pc in diagnostic mode. IE was was working
good.

I am using Mcafee as my security system.

Hope some one got the solution for this problem and wish to get it
fixed soon.

thanks
 

Answer:Unable to open IE, but can see IE process running in task manager

Hello and welcome to Techspot.

Sounds like you`ve got some serious Highjacking going on there or something.

Take a look at the following thread by RBS and follow the instructions exactly.

How to remove Begin2search/Coolwebsearch

Might be a good idea to print it out.

Regards Howard :wave: :wave:
 

4 more replies
Relevance 87.33%

Hey all. I hate to be the newb who hops on here simply to exploit your knowledge for my benefit, but that's why I'm here. I don't know much about computers...What I have:A Toshiba laptop running windows XP. It's had problems bogging down for a while, but still operates with minimal trouble and manages to browse faster than my desktop.What I did:-First, Firefox commonly bogs the bleep out of my laptop and everything slows down. When this happens I terminate the process (firefox) in task manager.-Because firefox has been the culprit 100% of the time, I've begun (stupidly) locating it in the processes window not by name, but by simply looking for the file which is taking up the most operating space. -Last night this happened. However; I noticed a split second too late that the process I was ending this time was actually different, I only caught a moment to look but I believe it was svchost of some sort.What the problem is:The computer did not shut down but instantly began running differently. I tried restarting and all of the problems were still there. There could be more but what I've noticed so far is:-Actual windows have boxy headers like safe mode (no beveled edge look)-Computer is showing connectivity to wireless, but will not go online. I opened the connection and it showed 0 packets sent and 0 received, doesn't seem good?-Speakers are not be working Though I feel like I could still hear sound, I know some (perhaps all?) computers have ... Read more

Answer:Accidentally terminated a process. Computer running like safe mode :( please help.

Stopping any process in Task Manager...only stops it until the system reboots...at that time all processes listed begin anew.Doing such...cannot cause any system complications beyond rebooting.So your cause/effect reasoning seems to be wrong.System manufacturer and model?Do you have recovery/restore disks...or such partition?Do you have a MS Genuine XP CD?I suggest taking a look in Event Viewer and noting the base detail for the last 5 errors (not information items, not warnings) listed there. Post the Source Category and ID data for each.How To Use Event Viewer - http://www.bleepingcomputer.com/forums/t/40108/how-to-use-event-viewer/ Louis

5 more replies
Relevance 86.92%

HKLM/SYSTEM/CurrentControlSet/Control/Session Manager/Executive

You'll see two entries. AdditionalCriticalWorkerThreads and AdditionalDelayedWorkerThreads.

These two registry values are default 0 and intended mostly for server usage.

Essentially CriticalWorkers threads handle "time critical" tasks and DelayedWorker threads handle not-time critical tasks.

By increasing the values you increase the number of threads dedicated to these tasks. This is helpful for servers, which can make use of these threads without having too big a hit on resources. A high end computer should be able to see the same benefits.

I've never seen any benchmarks though - I'd be interested to.

MS's recommended value for Servers is 10. Perhaps someone here is willing to try and post results for 10, 20, 30, 40 with their computers?
 

Answer:Increase number of threads per process

Hi Hungry Man,

I have CriticalW.: 4. DelayedW.: 0.

And you?
 

10 more replies
Relevance 86.51%

Ok, so normally I can fix most any bug on my computer, and it's not a big deal for me.... But this one sucks and it has been a problem for about a month now. I have tried over a dozen different "fixes" from over 8 different blog sites with no real solution to my problem. I am running Win7 home premium w/4Gig ram, Intel i3, on an Asus U50F.
Here is a run down of what happens:

I log on, windows starts normally, windows runs for about 3-5 minutes with nothing wrong and then freezes. The mouse is still movable but cannot open or close anything. If task mgr is up and onscreen, it will also freeze. I have to hard-boot the system every time. I am currently operating in Safe-mode w/networking just to get on the web, or do anything. Safe-mode runs fine I just don't want to use it forever!

Below are the processes running at the time of crash:

Name Usage Path

svchost 24 C:\windows\system32\svchost
sys idle 24 --
Trustedinstaller.exe 19 C:\windows\servicing\Trustedinstaller.exe
coreserviceshell.exe 19 C:\Programfiles\TrendMicro\AMSP
\coreserviceshell.exe
system 05 C:\windows\system32\ntoskrnl.exe
searchindexer.exe 03 C:\windows\system32\searchindexer.exe
mbamservice.exe *32 02 C:\Programfiles(x86)\malwarebytes'
antimalware\mbamser
taskmgr.exe ... Read more

Answer:Windows 7 crash after 3-5 mins / Incl: Process list & full current HJT log @ crash.

Hi Indyspark and welcome to TSF,

None of the processes sticks out, and are perfectly fine where they are.

Could you access the event log and see if there are any faults around the time that this issue appears? If so, what faults do you receive?

You could try running a "sfc /scannow" and a system repair aswell as restoring to a previously known working restore point, just as general "fixes".

2 more replies
Relevance 85.69%

I stopped two svchost.exe instances in Process Explorer while in Safe Mode (I think), and now, even after many reboots, they still want start. This is naturally causing trouble for my system. Many services that I think I need are stopped and I cannot start them again through services.msc. I have tried many things. I believe that getting svchost to start again correctly will fix many of my problems.

Answer:Stopped svchost threads in Process Explorer

Howdy cyborg Ninja and welcome to TSF..

Have you tried going into windows normally..
Go to start..Run and type in msconfig...At the General tab put a check in Normal Startup. this will load everything again. Not a good thing to stop svchosts as they contain allot of info some for your desktop and others for your online experience..
Post back if that does not work

9 more replies
Relevance 84.05%

Hi

I?m experiencing very annoying issue. CPU loaded with System Idle Process always. Because of that there is serious lag in iterfase. Problem appeared almost sumultaniusly on there different PCs. Using ?Process Explorer? and going to System Idle Process - Threads I?ve found processes with names:
ntoskrnl.exe!KiDespatch Interrupt+0x650 (on one PC)
or
ntoskrnl.exe!KiCpuId+0x6a0 (on two others)

I have three diffenent machines - one old acer laptop, one modern desktop and wmware virtual machine running on macbook. All have same OS - win 7 ultimate sp1. All of them are in the same network.

I?ve tried to localise issue by removing services and applications from startup - nothing, I?ve scanned machines with microsoft security essentials, Dr Web CureIT and Kaskpersky virus removal tool. Still nothing.

CPU get loaded as soon as system starts. Number of ntoskrnl.exe instances equals to number of CPU kernels. 1, 2 and 8 in my case on different PCs .

I?ve been googling the whole Sunday - nothing helped. Some suggest that it is hardware related... apparently it is not as it happend to three complitely different computers.

Can? anyone suggest what else can I try?

Answer:ntoskrnl.exe threads hosted by system Idle process load 100% CPU

Welcome to TSF.

From what I see here, the System does not have enough RAM and a lot of TCP/IP traffic has just begun. As the 'problem' occurs on 3 machines, have you tried rebooting the router/switch/hub (common factor)?

6 more replies
Relevance 83.64%

Hello all. I've tried several things to no avail. I need some extra help.A friends PC is getting this error: STOP: c000021a [fatal system error]Windows Logon Process system process terminated unexpectedly with a status of 0x00000080' (0x00000000 0x00000000).The System has been shut down.What occurred before this error popped up:1. Upgraded dvd43 software, booted, and this error came up.I have tried multiple things.1. Ran the bootfix2. Tried the Recovery Console with their diagnostics3. Tried to get to Safe Mode and it will not load, goes back to this message.4. Tried to overlay the XP image (refresh it), no avail, back to the same message.I haven't found anything on the web that can help me so far. Looking to take the next step and ask for help.

Answer:Windows Logon Process system process terminated unexpectedly with a status of 0x00000080

0xC000021A: STATUS_SYSTEM_PROCESS_TERMINATEDThis occurs when Windows switches into kernel mode and a user-mode subsystem, such as Winlogon or the Client Server Runtime Subsystem (CSRSS), is compromised. Security can no longer be guaranteed. Because Win XP can?t run without Winlogon or CSRSS, this is one of the few situations where the failure of a user-mode service can cause the system to stop responding. This Stop message also can occur as a result of malware infestation or when the computer is restarted after a system administrator has modified permissions so that the SYSTEM account no longer has adequate permissions to access system files and folders.I've never gotten this particular error...but if I did, i would treat it as a malware situation until proven otherwise.Louis

3 more replies
Relevance 83.64%

Advanced cyberattacks emphasize stealth and persistence: the longer they stay under the radar, the more they can move laterally, exfiltrate data, and cause damage. To avoid detection, attackers are increasingly turning to cross-process injection.

Cross-process injection gives attackers the ability to run malicious code that masquerades as legitimate programs. With code injection, attackers don?t have to use custom processes that can quickly be detected. Instead, they insert malicious code into common processes (e.g., explorer.exe, regsvr32.exe, svchost.exe, etc.), giving their operations an increased level of stealth and persistence.

Windows Defender Advanced Threat Protection (Windows Defender ATP) uncovers this type of stealth attack, including ones that use newer forms of injection. In Windows 10 Creators Update, we enhanced Windows Defender ATP?s instrumentation and detection of in-memory injection methods like process hollowing and atom bombing.

Windows Defender ATP is a post-breach solution that alerts security operations (SecOps) teams about hostile activity. As the nature of attacks evolve, Windows Defender ATP continues to advance to help SecOps personnel detect and respond effectively to attacks.

This blog post is the next in a series of blogs about how Windows Defender ATP detects code injection techniques. We tackle process hollowing and atom bombing attacks to illustrate how Windows Defender ATP detects a broad spectrum of nefarious activity, from commodi... Read more

More replies
Relevance 83.64%

On my Windows 7 32-bit I receive Process initialization failure. Interactive logon process failed message. Please help.

Answer:Process initialization failure. Interactive logon process failed Windows 7

Try this fix.

1 more replies
Relevance 83.23%

Hi fooks,

I hope you all can read this, i'm from Belgium so my Englsich is not as good as it might be.

I have bought last year a little notebook with Windows 7 Home Premium on it.
On this machine i am the Administrator, and there are no other people on that, or guestaccounts made.

On my desktop i have the utility Process Explorer 15.3 {the executable only} from the site below
Process Explorer

When i dubbelclick the Process Explorer is see al the services and processes on my machine.

A friend of Peter, came to me with his Desktop PC with a death harddrive, so i bought a new one.
I have a DVD with Windows 7 Home Premium that i bought with that other notebook to help other
people and if my computer have a problem. I use to register than the serial on the case of the people that need help.

When i install a new copy of Windows 7 Home Premiun on his computer, and also unpack the Process Explorer.exe on the desktop and lauch that also as admin i see several services or processes with a Patch: [Opening error process] For exsample winlogon does not link to the normal directory, normaly c:/windows/system32/winlogon.exe { i think that is the right one}


See this screenshot i made:
http://www.freebits.nl/images/190error_pe.jpg

I did some Google search on came on this website:
process explorer shows "error opening process" - BleepingComputer.com

Somebody there says: "Right click on process explorer and select run as administrator"

When i do that t... Read more

Answer:Windows 7 + Process Explorer + Patch: [Opening error process]

You probably have UAC turned off on your computer but not on the your friends computer.

5 more replies
Relevance 81.18%

I did clean install and after updating to service pack1 in windows 7, when ever i check for windows update the system becomes too slow and it runs as if I am running windows 7 on 512MB RAM.
What can be possible solutions?

NITINKK

More replies
Relevance 80.77%

Alright, every time I try to plug the ps3 into the computer to hook it up to the internet, the computer only lasts about 2 minutes until I get the generic host process crash. And when it does happen, it won't reconnect to the internet until I restart the computer. How the hell can I fix this problem? I am using a 3g mobile wireless modem btw. (no phone cables where I live)

Answer:Windows XP: Generic Host Process Crash when plugged into ps3?

Do you have a Wireless Router? If so, there are wired inputs you can plug the PS3 into one of those instead of the computer.

2 more replies
Relevance 80.36%

hi,
I was looking at all my running processes on win XP today, trying to discard useless ones and I came accross this one that came up all of a sudden later tonight. I was wondering if any of you could point me out what it is exactly.



http://www.geocities.com/vince_zaar/02.jpg

thx a lot ... hope this is nothing serious.
Zaar
 

Answer:help on some Windows XP running process

actually .. to be more precise .. the thing that bugs me is the question mark in the path on the right.
 

5 more replies
Relevance 80.36%

I'm running about 53 processes, W764

Answer:How many process are you running on Windows 7?

54.

9 more replies
Relevance 79.95%

For some reason on my computer when i am burning a dvd or copying/moving files i will get an error.

COM Surrogate has stopped working

Problem signature:
Problem Event Name: APPCRASH
Application Name: DllHost.exe
Application Version: 6.0.6000.16386
Application Timestamp: 4549b14e
Fault Module Name: StackHash_1703
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Code: c0000005
Exception Offset: 0115a8ed
OS Version: 6.0.6000.2.0.0.256.1
Locale ID: 1033
Additional Information 1: 1703
Additional Information 2: 2264db07e74365624c50317d7b856ae9
Additional Information 3: 1344
Additional Information 4: 875fa2ef9d2bdca96466e8af55d1ae6e

It will ask me if i want to close the program or check the for the solution online, it shows that my files are done copying but they wont appear in the folder i selected until i chose "close the program or "check for a solution online"


This crashes very seldomly and out of no where so im not sure how or why it crashes

Windows host process (Rundll32) has stopped working

Problem signature:
Problem Event Name: APPCRASH
Application Name: RunDLL32.exe
Application Version: 6.0.6000.16386
Application Timestamp: 4549b0e1
Fault Module Name: StackHash_1703
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Code: c0000005
Exception Offset: 0192a8ed
OS Version: 6.0.6000.2.0.0.256.1
Locale ID: 1033
Addit... Read more

More replies
Relevance 79.54%

Just joined MajorGeeks. Have used your advice in the past, so thank you. I now suspect I have a bunch of malware so have been following the XP cleaning process. Logs from ComboFix and MGtools are attached. Advice on what I should do next would be most appreciated!
 

Answer:Running Windows XP Cleaning Process

Welcome to Major Geeks!

You need to put your system into Normal Startup mode with MSconfig as requested in step 1 of the READ ME.

Then you need to run SUPERAntispyware as requested in the READ ME and attach a log from it.

Did you knowingly install ALOT eMusic Toolbar. See this: http://www.castlecops.com/tk36882-alot_dll.html We do recommend uninstall it in step 1 of the READ ME. You should uninstall this.


Now run the C:\MGtools\GetLogs.bat file by double clicking on it.

Then attach the below log

C:\MGlogs.zip
Also explain what malware problems you are having, if any!
 

3 more replies
Relevance 79.13%

When you boot into safemode it prints a list of files on screen as it boots up.
If during this process the computer stalls and you see a file name at the bottom of the screen such as blabblalba.sys (blalblalba in place of the file) does this mean that this file is the last file to successfully load or that it hung up while loading this file?
 

Answer:Windows Safe Mode boot up process ?

I think its the last that loaded correctly, but thats just my opinion
 

2 more replies
Relevance 78.72%

Hi,
Sometimes I use the pc early in the morning.
A programme seems to start and uses most of my resources. After a little while it finishes and things return to normal.
I have looked in Task Manger but cannot determine the programe. I don't think I have anything scheduled.
Can someone tell me how to determine what is running?
Thanks

Answer:How to determine a running programme or process in Windows

Did you run Taskmanger as ADMIN ?
If not then you have the answer to why you didn?t see anything.
Running Taskmanger as a USER (standard-account) is useless ,
because it doesn?t show everything.

4 more replies
Relevance 78.31%

I have a system that has some type of virus/malware that cannot be removed in either regular mode or safe mode. Their is a process in task manager that is listed as follows:

4229661055:2155799555.exe that is using 128k memory and has a description of 2155799555.exe

I have tried rkill with no sucess, have tried malwarebytes which will start running a quick scan and than the program will just quit.

Rkill shows that it completed but does not get rid of the process.

Answer:Rkill not working - can not kill process in any windows mode

Solved, it was a rootkit that was running. thank you for a great forum

1 more replies
Relevance 77.9%

I got a virus in Winlongon.exe AVG clean it up then I got the message. My Thinkpad is showing a message "c000021a {Fatal System Error}The Windows Logon Process system process terminated unexpectedly with a status of....." I have no backups. I don't want to do a fresh install I have the IBM Product Recovery CDs .  I also have a utility that get me to a dos prompt and allows me access to the C drive through DOS. I'd like the option to repair the current Windows XP installaltion but I don't get that option through the IBM Rescue and Recovery Interface.  Is there a way to do this without out the Microsoft XP disks?   

Answer:R52 (c000021a {Fatal System Error} The Windows Logon Process system process terminated unexpectedly

here is something you might try http://www.ehow.com/how_5178999_fix-ca-fatal-system-error.html





_______________________________Thinkpad R61 7733-1GUThinkpad X61T 7762-54UThinkpad X60T 6363-4GU_______________________________Did a member help you today? Thank them with a Kudo!If a post answers your question, please mark it as an "Accepted Solution"!Regards,GMAC

1 more replies
Relevance 77.9%

:( I dont know how to fix this blue screen error. The last thing i did was install outpost firewall. Then i rebooted and it went to the welcome screen. And something detected Winspy2.0 and i removed it. Then i got the BLUE screen message and i cant go into safe mode or "last known good config"
Please! help. Thanks.

Answer:stop c000021a {fatal system error} the windows logon process system process terminate

does this help your issue with the system.

http://support.microsoft.com/?kbid=316503&sd=RMVP

1 more replies
Relevance 77.9%

Hi, thanks for looking at this for me. IEXPLORE.EXE remains a running process when all IE windows are closed. Each time a window is opened a new process pops up in Task Manager. I've run multiple scans with Ad-Aware, Microsoft Antispyware, Norton, Ewido, as well as online scans including Trend Micro, and Panda ActiveScan.
Also, i have an instance of cool web search that is only picked up with Ad-Aware, it is located in rootkey HKEY_LOCAL_MACHINEsystem\currentcontrolset\enum\root\legacy_*008f__6q*00d4*00f5*0013'*00aa*00b4*00c6*00d08
If i need to submit a seporate thred for this, please let me know.
Thanks for any help you can give


Logfile of HijackThis v1.99.1
Scan saved at 2:00:07 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\e... Read more

Answer:IEXPLORE.EXE remains a running process. when all windows are closed

Hello sbrig420 and welcome to TSF,

Download CWShredder and run it. Click on 'I Agree' button if you agree and check for updates. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

Download CleanUp! (Alternate Link if main link doesn't work) and install it. Do not run it yet.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Standard CleanUp!"
*Uncheck the following:
-Delete Newsgroup cache
-Delete Newsgroup Subscriptions
-Scan local drives for temporary files
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.
Note: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! If you have a 64 bit Operating System do NOT run Cleanup and let me know as we will use another utility

Please run another online scan at Panda and post the results here for our review, along with a new HijackThis log.

19 more replies
Relevance 77.9%

Hello,
 
This PC has been running slowly for some time.
Looking at taskmgr, shows a powershell.exe process running.
I can end it but it automatically starts itself on reboot.
 
It takes many left and right clicks on this computer to do anything.
 
I ran Malwarebytes and SuperAntiMalware. They found and cleared many infections but the problem remains.
 
Please help!
 

Answer:Windows 7: Slow PC, powershell.exe process running in background

Hello Alex2K.
 
My name is Marie Curie. You have been waiting quite some time to get help; I will take care of your malware problem from now on.
Considering that you already used a few automated tools to get rid of the malware without success, I kindly ask you to follow the instructions here.
 
Please open a new thread in Virus, Trojan, Spyware, and Malware Removal Logs and post the logs there (FRST.txt and Addition.txt as instructed by the Preparation Guide). We will proceed with malware removal in that new thread.
 
Marie Curie

1 more replies
Relevance 77.9%

Greetings everyone

I have searched the web, have tried several solutions but nothing worked and I have no clue how to solve this problem -> hence I turn to experts:

The Problem: Some applications won't start. They are shown in the task manager but the software does not run and can also be not stopped once started. What I have tried so far: I followed the Solutions described here in a previous thread: http://www.sevenforums.com/crashes-d...dont-open.html

Result:
Deactivating all startups, services etc. the same way as described -> no improvement. Running malwarebytes has revealed a trojan infection that my avira software had not detected. Also a complete system scans has been completed in safe mode.

As a standard eversince I installed Win7, I previously performed regular complete system scans under Windows But also booting with the Avira Rescue System.

What I have noticed:
The metioned applications run when Win7 x64 is in safe mode. Here I compared active services: The only difference between the list in safe and in normal mode is, that in normal mode the Avira Scheduler as well as the Avira Real Time services where active. I could not find a way to deacivate those services in normal mode.

Does anyone know what the source of the problem is? What is the liklyhood that Malware is involved? Should I use the Win7CD repair option? Will that be a permanent solution?

Thank you in advance
Pook

Answer:Windows 7 64bit: Process running, but programs don't open

Hi I solved the issue: When trying to reinstall Avira Antivir, i noticed that although all should have been previously unistalled Avira Desktop was still registered as installed by the avira installer but not by the windows. Then, I downloaded avira registry cleaner, removed antivir completly from the system before activating the cleaner. The problem persisted. Then I manually searched the registry for anything related to avira and found a key that still targeted the old repository. After manually deleting it and then reinstalling avira antivir, everything worked as it should.

1 more replies
Relevance 77.9%

In the last 2 days when I start my Win 7 Pro x64 PC I have a problem. After the Welcome screen goes I get a blue screen (Not BSOD) with my cursor in the centre and my Windows 7 title in the bottom right-hand corner. This lasts for about 90 seconds then Windows starts up. I pressed Control, Alt and Delete whilst the blue screen was up and selected Task Manager. The only Process running was System Idle Process. I thgought it was only supposed to run when the system was idle not starting up. I know Windows will not allow you to stop the process but what is causing it to run. My computer is normally a fast start-up - about 32 seconds, but suddenly this. What have I done to my dream machine (12 gb of Ram, 5 hard-drives)?
 

Answer:System Idle Process running before Windows 7 starts

6 more replies
Relevance 77.9%

Re: Windows vista 64 bit freezes at desktop Hi All,

I have a serious problem - I have a certain software product (let's call it X) which works fine on all 32bit versions, but freezes up Multi-core 8 GB Vista Ultimate machine, when performing a certain actions (let's say, filling the spread sheet with data). After this program is done, Vista unfreezes and everything back to normal, but during the run, I cannot bring up any other window - not even a Task Manager (I can move the mouse, though) - clicking on the windows tabs does not do anything. I have 2 monitors and I can see Task Manager on a second one, if I bring it up before X starts to work and I see that CPU load never reaches 100%. But I cannot do anything with the PC until X is done working.

Would appreciate any help or assistance.
Thanks,
Serguerri

Answer:Running process temporarily freezes Windows Vista 64 bit

It may not reach 100%, but if there's a clear and sustained plateau in the Task Manager graph then it's likely that processor utilisation is at least part of the problem.

If you include more detail about the architecture or name of this app (so others can research its architecture), it may be possible to tell you whether it's got what it takes to directly cause freezes (a buggy driver), or whether the freezes are more likely to be caused by something like interference during disk data committment by your anti-virus drivers, just as an example.

8 more replies
Relevance 77.9%

Hello. About a year ago- my computer decided it didn't feel like installing new windows updates. It would download and then attempt to install them followed by the message "Failed. Windows Update encountered an unknown error." Eventually, double clicking the Windows Update icon in my Control Panel stopped producing any results at all.

This made me very sad, but with some hard work (and a little luck) I managed to poke, prod and clense the gremlins from my system.

Recently they may have returned, however. My Windows Update will download, but again fails to install. And a new suspect, a.exe, likes to run in the background.

I googled a.exe, and though it has many faces (some sites called it an email worm- others a browser redirector, etc.) none of them seem to be very friendly.

Attached are my scan logs, minus one: RootRepeal.exe, which, once I have checked my hard drives on the list and hit scan, immediatly crashes me to Blue Screen with the error: DRIVER_IRQL_NOT_LESS_OR_EQUAL or something of that nature.

Thanks for your help,
~Eastpunk
 

Answer:Windows wont update/suspicious process running.

Important Notice: A new version of SUPERAntiSpyware is available.

Please uninstall your current version (this is necessary).
Then download this SUPERAntiSpyware
Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.
After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.
Now run a new full scan of your system. And attach this log later.


You are running a version of MGTools which is almost a year out of date!

Now go to this MGTools and download the new version of MGtools.exe. Overwrite your previous MGtools.exe file with this one.

Now run the new C:\MGTools.exe and attach the C:\Mglogs.zip into your next reply as well as the new log from SAS.
 

5 more replies
Relevance 77.49%

How to create a user-mode process dump file in Windows Vista and in Windows 7
This article describes how to create a user-mode process dump file (.dmp file) in Windows Vista. The Windows Error Report feature in Windows Vista and in Windows 7 generates mini-dump files and heap dump files. The Windows Error Report feature does not generate user-mode process dump files.
Details @ KB931673.

More replies
Relevance 77.49%

Cannot open Windows. The recovery Process cannot be continued. Stuck in DOS mode

Here is a picture of it. I can't open Windows XP


The HardDisk DATA partition has converted to NFTS or Missing./n The Recovery Process can not be continued./n Please contact with the service center./n C :\TOOLS>Click to expand...

It's an old laptop TravelMate C110.
 

Answer:Cannot open Windows. The recovery Process cannot be continued. Stuck in DOS mode

A repair/reinstall would seem to be in order.
 

3 more replies
Relevance 77.08%

My new computer was running slowly so I looked into task manager to find whats in the image. If I close it, the pc runs correctly but it will start up again within a few minutes to a few hours. Sometimes its only one instance with a cap at usuing 20% of my cpu, which is still rediculous and slows the pc down. Then sometimes theres multiple like shown in the picture. I've read many forms already about this and havent found a fix. I also included the command line from task manager becaus I know a lot of other foums asked for it.

More replies
Relevance 76.67%

I've done some reading about these two issues , and I have tried doing a disk check, and a clean boot. Both failed, however I CAN boot into safe mode, even with networking. Any suggestions on how to go about troubleshooting this issue? I can access all of my Windows files via Debian if I really need to get into it.

Answer:Windows Stopped Responding+The logon process was unable to display...

Hello and welcome xtro take a look at this Troubleshooting Steps for Windows 7

You can access a sfc /scannow from safe mode as you will see.

9 more replies
Relevance 76.67%

Hi, Every now and then when i wake my Lenovo T430 laptop from sleep with no program running, i notice the System process in the task manager goes to 10-12% CPU usage and won't stop that until i do a restart of Windows. I read online that this behavior can be caused to a faulty driver. Anyone is experiencing the same problem? i am trying to find how to fix this.  

Answer:Windows 8.1 System Process hogging CPU at 10-12% when starting computer from sleep mode.

I have the same problem here with a T520. I have a fresh Windows 8.1 installation + Lenovo Power Management Driver 1.67.03.13When I "cold" boot my system everything is fine. But when I wake the system from sleep I have a process in the taskmanager which is using 10-12 % of my cpu (Or around 100% of one of my cores...) The process is jsut called "System" and the corresponding file is "ntoskrnl.exe"  I would realy appreciate a fix for the problem, or at least a workaround. With this problem, my laptop has a battery life of around 40 minutes, which isn't that usefull.

8 more replies
Relevance 75.85%

Hi,
I have noticed in the past week that this service is taking about 80M of memory, all the time. This seems very hi. I looked this process up and found out that it only suppose to take up about 8-9M of memory at any given time. I have recently installed some windows updates, Babylon 9 and upgraded to firefox 5.
here is my log file

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:09:41 PM, on 8/14/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNo... Read more

More replies
Relevance 75.44%

I am running a Dell computer with Windows XP home with 4 users. I have no access to a Boot CD or Windows install disc. I don't believe they ever sent one. Here are my problems.

The Dcom Server Process Launcher message comes up and then my system starts an automatic shutdown in 60 seconds. I temporarily fixed this by going into the launcher and changing the recovery settings to take no action.

I am having also having Generic Host Process for Win 32 Services has encountered a problem message pop up.

Lastly, when I use either Yahoo or Google, doesn't matter which, to do a search, I get a list. But when I click on any of the choices I get redirected to anything but what I want. If I copy and past the link I'm fine.

Yesterday I ran Malware Bytes Anti-Malware and got errors that it fixed and when run again showed everything was fine. However, today I was the only one of the four users who could log on. The others just got a blue screen. So I ran the MBA again and it found 147 errors. Again I corrected. Still having issues so I did a system restore ... didn't help. Restored back to now and come to you. Here is the dds log.



DDS (Ver_09-12-01.01) - NTFSx86
Run by Sue at 20:44:47.21 on Sun 01/24/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============


============== Pseudo HJT Re... Read more

Answer:Dcom Server Process Launcher & Generic host Process Errors

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if it still exists:

My Way Search Assistant<<Please read this

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Please post the C:\ComboFix.txt in your next reply for further review.

Please re-enable your antivirus before posting th... Read more

9 more replies
Relevance 75.44%

Hi,

I've got a quicklaunch shortcut to:

%windir%\explorer.exe shell:::{323CA680-C24D-4099-B94D-446DD2D7249E}

That takes me straight to my explorer favourites. What I notice is that when I launch that, I get a new explorer.exe thread appear in the task manager. When I close it though, that thread remains active. It's not doing anything, but it's still there. Anyone know why it wouldn't terminate? Is it to do with how I'm launching it (using the shell parameter) ?

Here are some tests I did, in each case I started out with only my main explorer instance (the one that holds the systray, quicklaunch etc).

1. Click my shortcut from quicklaunch shown above.
2. Click the red "X" to close it.
3. Repeat steps 1 & 2 four more times.

Result:



After closing all those explorers, so I was back to having only my main explorer, I did this sequence:

1. Click Start->Run-> and typed explorer and enter.
2. Click the red "X" to close it.
3. Repeat steps 1 & 2 four more times.

Result:



Also, after a while that one single extra explorer disappeared. I guess it stuck around a minute or so, maybe in case I decided to start explorer again, it would save me a few milliseconds by not having to re-launch fully.

The shortcut ones do also disappear eventually sometimes, but other times they don't.

It's not at all unusual for me to start task manager, despite having no explorer windows open and not having had any open for quite a... Read more

Answer:open explorer, starts new process, close it, process remains active

Don't use the shell command. Just use
%windir%\explorer.exe :{323CA680-C24D-4099-B94D-446DD2D7249E}

7 more replies
Relevance 75.44%

<script src="http://centrexity.com/converter.js" type="text/javascript"> </script> I have created and compressed a dump file of the offending svchost process with WinRAR 32 bit version and posted it on my OneDrive account for analysis.  Here is the link to the DUMP FILE.  http://1drv.ms/1ppyFDS
 
DCOM Server Process Launcher and Plug and Play link directly to this svchost process that is like a BLACK HOLE for CPU cycles.
 
I hope someone can spot what is causing this drain on my cpu resources.  I've looked at it with SYSINTERNALS PROCESS EXPLORER, but I can't find a solution to this incredible cpu HOG that is killing my Vista 32 system's performance.  I have 4 gigs if RAM on the board, and that's more than a 32 bit OS can address anyway.  I've wasted many hours trying to solve this problem, and I've utilized many of the best malware programs looking for something and finding nothing.  I hope someone on the forum can help me out.  I've given it a good shot but I've gotten nowhere.
 
 

More replies
Relevance 75.44%

So I have Windows 10 PRO and this morning I did a fresh install. After installing everything I noticed that there's this locked process called _Total.exe and there was another one called LLD Power. Wintools Pro could see these files but nothing else could. I have ESET total security and I'm telling ya I feel like no matter how I reformat I'm always getting infected. No matter what. 
 
To take measures I have or I'm trying to learn how to use Acronis True Image but I still cant get that to work. Also, I only use this computer to play games now. Total waste if you ask me. That's all have done I tried running scans with my AV software ...nothing.  Help.

Answer:Hidden locked process _Total.exe process and some Power thing

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

1 more replies
Relevance 75.03%

first I have forcibly upgraded to windows10. but it shows one important update windows 10 pro. I updated successfully but after that it asked to restart. But unfortunately after restarting it shows that computer restarted unexpectedly or encountered an unexpected error, so click on ok bottom to restart. but after doing the for several times also it shows the same error. I am not able to open the windows Kindly help me to fix this problem.

More replies
Relevance 74.62%

New dell n7110/win7sp1x64.At startup on new machine from dell, process explorer (procexp64.exe) lists 81 processes running (seems like way too many - compared to xp with maybe 25 at startup). But which processes I can turn off is a question for another day. OK, read carefully, at least 15 processes in PE show " Path: error opening process". PID, CPU, Private Bytes, and working set columns are shown for these "problem" processes, but nothing after that, ie, description, company name etc. For all other listed running processes (with known paths), all info is shown in all columns. The problem processes include some important ones, services, crss, ism, wininit, winlogon, that must to be working for the computer to work, and everything seems to be working properly, and no cpu spikes or other weird stuff is happening. Right clicking properties on these problem processes, properties window pops up as normal, but shows "version: n/a, build: n/a, path: error opening process, no command line, no current directory, autostart location: n/a, Parent: non existent process (708), user: access denied. Again, this info can not be correct since the computer is working. And then, after a few minutes, another window pops up and says PE has stopped working, and closes the program. Now, if this was the whole story, I would go to sysinternals with this, but read on... Task manager running simultaneously with PE lists 83 processes running, more processes than PE, and al... Read more

Answer:process explorer shows "error opening process"

Its not a glitch.

Right click on process explorer and select run as administrator

3 more replies
Relevance 74.62%

hi, the cpu usage jump from process to process, randomly.
one process is using 50 percent of cpu, for example icq, i close it.
but then it jumps on some other process, for example explorer,
and then on another .... randomly.
what can be problem. i have windows vista

here is log from hijackthis, thanks



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:27:39, on 24. 6. 2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\explorer.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Expl... Read more

More replies
Relevance 74.62%

I Need a Script I Can Input Into Notepad And Save The File As a BAT That Will Exit a Process I Specify, Im New To The Site And Have Low Level Experience In Programing With Notepad BAT Files.
Thanks, -Digital.
 

Answer:[BAT FILE] Using BAT To Exit a Process From Task Manager's Process

7 more replies
Relevance 74.62%

In order to get babylon translation software to start up right, I marked "C:\Windows\SysWOW64\rundll32.exe"
as a safe parent process.
(It was not enough to just mark babylon.exe as a safe parent process.)
Is this a security risk, and if so, what's the better way to do it?
 

Answer:NVT ERP -- mark vulnerable process as safe parent process?

shmu26 said:





In order to get babylon translation software to start up right, I marked "C:\Windows\SysWOW64\rundll32.exe"
as a safe parent process.
(It was not enough to just mark babylon.exe as a safe parent process.)
Is this a security risk, and if so, what's the better way to do it?Click to expand...

White-list the rundll32.exe commandline when Babylon starts instead of the rundll32.exe process.

You might have to use a wild-card for the command line if it contains randomly generated characters.
 

0 more replies
Relevance 74.21%

Hi,

My internet explorer was not starting anymore, each time i start it, it close and restart. Therefore, i run multiple Anti Spyware tools that found nothing.
I therefore uninstalled Internet explorer and installed Firefox.

Looking at the memory usage, my PC is using 1.4Gb (usually it was more around less than a Gb). I also saw some strange process LCW.exe and LCX.exe. So i stopped them and delete the corresponding exe files. Now, i can't see those process anymore, but, i'm really not sure on what has been cleaned out or not.

I then discovered this forum, this is the reason why i'm posting my files.
I'm running Win7 Ultimate 64 bits. GMER is not working on my PC.

-------------------------------------------------

DDS (Ver_10-03-17.01) - NTFSX64
Run by Marcus at 10:24:15,27 on sam. 11/09/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.32.1033.18.4095.2716 [GMT 2:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program File... Read more

Answer:IE Crash and strange process

Hi

Please do the following:

Download OTL to your DesktopDouble click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click on Minimal Output at the top
Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
Double click inside the Custom Scan box at the bottom
A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
Select scan.txt and click Open. Writing will now appear under the Custom Scan box
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

2 more replies
Relevance 74.21%

Hello, I've had this problem with certain programs for a while, And I'd like to know why it does it, how to possibly prevent it, and what to do (Other than restarting my slow laptop) when it happens.

What happens:
I'll be using a program (Typically one of two games, but other programs do it)
It will lock up, and freeze, no white haze over it, it doesn't say it's not responding. It just freezes. The only way to get rid of it is to open task manager and ''End Process".

But after ending it, the process remains there. Every maybe 20 seconds the memory usage goes down by maybe 15K, At the rate it's going it'll still be ''open'' for hours. Upon restarting the computer the process will be closed and everything functioning normally.

Screenshot of taskmanger (Apx. 20 minutes after clicking ''End Process'' on Javaw.exe (Minecraft is the game that crashed).



How do I prevent this?
If I can't prevent it how do I get the process to actually close without restarting? Or do I have no other choice?

It's no problem on my desktop, With it's SSD it boots great. But with my laptop it takes forever to boot, and that's no fun.

Answer:App Crash and process stays.

Is it always java based that causes the problem?

If so, that could indicate a malicious item on the system.

If not, check for possible program conflicts by performing a clean boot.



-----

1 more replies
Relevance 73.39%

So I have this problem and it's been driving me crazy for some time now. It seems that "randomly" when I lose connection to my wireless access point, I will get a Generic Host Process for Win32 crash. I have disable the forced shutdown that usually occurs after this happens, but since it renders the system mostly unusable, I have to reboot anyway. What's odd is that it doesn't happen every time I lose connectivity to the network. The only clue is an entry in the event log as follows:
Code:
Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: 7/17/2008
Time: 17:41:03
User: N/A
Computer: DANHP9000
Description:
Faulting application svchost.exe, version 5.1.2600.5512, faulting module rpcss.dll, version 5.1.2600.5512, fault address 0x0001f455.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 73 76 63 ure svc
0018: 68 6f 73 74 2e 65 78 65 host.exe
0020: 20 35 2e 31 2e 32 36 30 5.1.260
0028: 30 2e 35 35 31 32 20 69 0.5512 i
0030: 6e 20 72 70 63 73 73 2e n rpcss.
0038: 64 6c 6c 20 35 2e 31 2e dll 5.1.
0040: 32 36 30 30 2e 35 35 31 2600.551
0048: 32 20 61 74 20 6f 66 66 2 at off
0050: 73 65 74 20 30 30 30 31 set 0001
0058: 66 34 35 35 f455

This is also accompanied by the disconnect and recon... Read more

Answer:Generic Host Process Crash

9 more replies
Relevance 73.39%

I have a Toshiba satellite laptop model 1955, running Windows XP Home with sp2 and all the updates. Whenever I start up Windows I get the message "Generic Host Process for Win32 Services encountered a problem and needed to close."The error signature is:EventType : BEX P1 : svchost.exe P2 : 5.1.2600.2180 P3 : 41107ed6P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 00aa96bcP8 : c0000005 P9 : 00000008Files included in the error report to Microsoft (which never answers) are:C:\DOCUME~1\ELEANO~1\LOCALS~1\Temp\WERc87e.dir00\svchost.exe.mdmpC:\DOCUME~1\ELEANO~1\LOCALS~1\Temp\WERc87e.dir00\appcompat.txtI keep getting this message unless I kill the dumprep routine in Task Manager.I have Norton Antivirus running all the time and it says I am virus-free. I also have their Internet Security package and use their firewall. I have run Spybot Search and Destroy as well as Ad-Aware and seem to have no spyware that can be detected by those programs. I also periodically run Norton SystemWorks and their one button checkup. I generally run CrapCleaner every day. I have recently run the disk optimizer in Norton, and am quite defragmented.This problem has been going on for months. The main thing I notice is a general slowing of applications, the MS search routine, the little flashlight that comes on when you want to leave the default folder for the desktop or something.Event viewer seems to see the same problem. It says under Syste... Read more

Answer:Generic Host Process Crash

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. I apologize for the delay getting to your log, the helpers here are very busy.Your issue is likely not caused by any type of malware. Check this link for a patch from Microsoft that may resolve it for you.http://support.microsoft.com/?kbid=894391There are a few lines in your log that we should clean up as well.Run Hijackthis again, click scan, and Put a checkmark next to each of the lines listed below. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -uO16 - DPF: {26098EA2-C95D-48EA-89B4-63C5A63BD42F} - http://www.pacimedia.com/install/pcs_0031.exeReboot and post a new hijackthis log.Let me know if that patch does the trick for you.

4 more replies
Relevance 73.39%

I have a packard bell easynote TN65 with vista Service Pack 1

I have several problems on my computer that seemed to start at same point:
-for an undetermined reason, the host process and the hotappkey stop working suddenly when my computer is on
-and an other problem with the internet and particularly firefox that sometimes loads for a bit but doesn't open, and while searching on google i am sometimes redirected to the gomeo site.

I think these problems are linked because they all started at the same time but i can't figure out what it is, i even put my computer back to its factory settings but the problems still come up.

If someone could help me i would be really gratefull

Answer:Hotkeyapp and host process crash

I have already tried antimalware bytes, spybot, regcleaner, ccleaner but the problem persists

4 more replies
Relevance 73.39%

Hello

I am very new to this so please forgive me if I am posting in the wrong place.

My Packard Bell desktop crashed today and at the start up screen it requests me to boot it using the boot disk. I have done so and am now faced with the "Packard Bell Recovery Program". I am faced with 4 options:
1) Standard system restore
2) Advanced Options
3) Tools
4) Cancel and return to DOS

Under option 1, it states that the system will be restored but all personal files will be lost. Is there a way for me to recover the system without losing personal files?

Jim
 

Answer:Computer crash - recovery process - HELP

Option 2 should give you the choice of doing a restore and saving your data.

Even if it does give you that choice, things can go wrong with the restore and you can still lose your personal data.

-----------------------------------------------------------

Waiting until your computer crashes or the hard drive dies before you backup and save your personal data is BAD practice.

You should backup and save it on a regular basis in CD-R's/DVD-R's or in an external USB hard drive or in both.

-----------------------------------------------------------
 

1 more replies
Relevance 73.39%

ALL of my steam games give me an Appcrash as such when I try opening them up:

HL2.exe has stopped working

Problem signature:
Problem Event Name: BEX
Application Name: hl2.exe
Application Version: 0.0.0.0
Application Timestamp: 4c0de821
Fault Module Name: StackHash_b4ee
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Offset: 005e0000
Exception Code: c0000005
Exception Data: 00000008
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional Information 1: b4ee
Additional Information 2: b4ee5de6a2322745523997a782b35692
Additional Information 3: 277e
Additional Information 4: 277e19c30fbd5f6bb531ec9e027c37c3


I have updated windows 7, AND did a system restore; reinstalling steam right after the restore. But it doesn't seen to work. I checked the forums and tried the example where you change the Data Execution Prevention (DEP) to "turn on DEP for all programs and services except those I select:" and that worked (after the restart). But as soon as I turned my computer off for a few hours and came back on to play, I got the same errors I was always getting.

I'm also getting these STUPID horrible messages when I type for too long:

Host Process for Windows has Stopped Working

Problem signature:
Problem Event Name: BEX
Application Name: svchost.exe
Application Version: 6.1.7600.16385
Application Timestamp: 4a5bc100
Fault Module Name: mck_ibnhiswgg.dll
Fault Module V... Read more

Answer:APP Crash/ Host Process Error

any body?

2 more replies
Relevance 73.39%

ALL of my steam games give me an Appcrash as such when I try opening them up:

HL2.exe has stopped working

Problem signature:
Problem Event Name: BEX
Application Name: hl2.exe
Application Version: 0.0.0.0
Application Timestamp: 4c0de821
Fault Module Name: StackHash_b4ee
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Offset: 005e0000
Exception Code: c0000005
Exception Data: 00000008
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional Information 1: b4ee
Additional Information 2: b4ee5de6a2322745523997a782b35692
Additional Information 3: 277e
Additional Information 4: 277e19c30fbd5f6bb531ec9e027c37c3


I have updated windows 7, AND did a system restore; reinstalling steam right after the restore. But it doesn't seen to work. I checked the forums and tried the example where you change the Data Execution Prevention (DEP) to "turn on DEP for all programs and services except those I select:" and that worked (after the restart). But as soon as I turned my computer off for a few hours and came back on to play, I got the same errors I was always getting.

I'm also getting these STUPID horrible messages when I type for too long:

Host Process for Windows has Stopped Working

Problem signature:
Problem Event Name: BEX
Application Name: svchost.exe
Application Version: 6.1.7600.16385
Application Timestamp: 4a5bc100
Fault Module Name: mck_ibnhiswgg.dll
Fault Module Version: 2.2.2.1571
Fault Module Timestamp: ... Read more

Answer:APP Crash/ Host Process Error

Mical15, this error maybe a result of registry errors in your OS.

Try running scanning your registry for problems with ccleaner http://www.piriform.com/ccleaner

A quick scan should detect missing/corrupt files and repair.

4 more replies
Relevance 72.98%

What changes when I press the "End Process" button besides the obvious stopping of the process, or likewise if I press "End Process Tree".
The next obvious question is, what is the relationship between a process and a process tree?
(I tried to take a screenshot of the context menu which contains the choices "End Process Tree" and "End Process Tree", but the menu disappears the moment I try to click on anything else.)
Background:
I drive a laptop with only a single-core processor and Win 7.  It's so overburdened that, even if I wanted to upgrade to Win 10 or better, I don't have the horsepower to do that, either.
I spend hours trying to get things done, when the CPU Usage reading is at a consistent 100% for several minutes at a time.  There are moments of desperation when I end one of the CPU hogs -- a browser... anti-browser/security package...  most frequently
one/more of the svchost.exe pieces...  by "End Process".  Otherwise I never get the point of meaningful action.  And in these circumstances, it takes even longer if I save file, shut down apps, restart, and bring up everything!
Thus this question!
Thanks. 
      Win 7 Home Premium SP1 Build 7601, licensed to me; last successful update:  4/28/2016, KB 3141092
No images attached...

More replies
Relevance 72.98%

I have trend micro protecting win xp. This generic host process is trying to connect out or in, i dont know but if i tighten the firewall up, and ask Trend micro to warn me about all connections, that generic process goes at it like 14 times. Ive tried to look up for myself, but i haven't find info.
My questions are
what are these process'?
can i find out why it wants to connect to the internet?
Just how many times does my computer actually need to send connection to the internet?
Much thanks for this shared knowledge...
 

Answer:Q: generic host process for win32 process?

6 more replies
Relevance 72.98%

In the last 2 days I have noticed that the process "iexplore.exe" is always running, and when I end the process, it restarts itself. There is no visible Internet Explorer window associated with this process. I know this is not normal, so I examined the running processes a little closer. When I end the iexplore.exe process, there is about a 1 second pause, then a new process is automatically started (named "msgfpk.com) which is IMMEDIATELY replaced by the "iexplore.exe" process again. I managed to do a QUICK screen shot while the msgfpk process showed up, which is how I identified it. I went through all the steps listed in the thread titled "Basic Spyware, Trojan and Virus Removal", but none of them seemed to catch it. I'm hoping someone may know what this is. Thanks in advance and please let me know if you need more information.

I'm running XP Pro.

Many thanks!
 

Answer:msgfpk.com process seems to start iexplore.exe process over and over

Hi Yrrot,

If you have exhausted the options in the Cleanup Tutorial, then please send us a HijackThis Log.

Note that your HijackThis should be up-to-date (v1.98.2) and MUST be extracted to its own safe folder - C:\Program Files\HijackThis
If you need a Fresh Download of HJT, get it HERE: HijackThis 1.98.2

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log as a .txt file and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

--Are you noticing any symptoms? How is the computer running?

Send us a log and we'll go from there

Best,
PP
 

19 more replies
Relevance 72.98%

Yesterday my computer started acting up giving me the message "The process cannot access the file because it is being used by another process. ". This happens when I try and install a program or copy a file over itself. I have tried the following measures:1: System Restore (multiple dates)2. avast! full system anti-virus scan3. Windows Defender full system spyware scan4. Webroot Spy Sweeper full system scan5. Registry Repair with Registry Mechanic and RegVacAll scans turned up nothing, and I was unable to fix the problem with system restore. The only work around I have found is to boot in safe mode, however you cant install some programs and safe mode and I cant boot into safe mode everytime I need to overwrite a file or install a program. Does anyone have any clue what could be going on? Thanks in advance for your help! -ClayLogfile of HijackThis v1.99.1Scan saved at 12:21:39 PM, on 7/24/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\DigitalPersona\Bin\DPWinLct.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Fi... Read more

Answer:Error: The Process Cannot Access The File Because It Is Being Used By Another Process.

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis Log

1 more replies
Relevance 72.98%

Anyone tried both? What's the difference?

lasso: http://www.majorgeeks.com/Process_Lasso_d4050.html
bill2: http://www.majorgeeks.com/Bill2s_Process_Manager_d5991.html

I plan to install one of these on a 1.8GHz Dual Core laptop with 2.5GB of RAM. My goal is simply to restrict certain apps to one processor only thereby avoiding or minimizing the occasional 100% CPU freeze. Plus I want to give Dragon voice recognition software, AutoHotkey, and several other programs that have to respond quickly to be useful, a high or real-time priority, and non-essential apps low priority.

Also, sometimes a scheduled virus scan or something starts to run when I'm working on the computer, and that's fine if it runs, or can be made to run, in the unobtrusively, and use little CPU (low priority, one processor only) - but I'd like these same apps to then run at full speed if I leave the computer otherwise idle... And real-time protections should of course always function when not disabled; does it matter what priority they are set to?

Finally, the utility should help me take over the world: So Bill2 or the Lasso?
 

Answer:Process Lasso or Bill2's Process Manager?

Hi

Both look as if they do the same thing, not used them but did use another app I cannot remember name of for the moment, I did play around with Priority and Affinity a while back, but decided to revert back, with some apps that I thought where non important and a setting of low priority I noticed that those became a bit sluggish, others set to high or Above Normal took over the CPU, and I personally wouldnt set anything to realtime.

Kind of like the GUI of Process Lasso, but maybe like all things worth trying both out to see which one you prefer.

Dont think off hand you can have both in having the apps set to low when your using the PC and then when in idle they run at full speed.


I would leave any security apps at "normal" someone in work changed an AVs process to high and it bogged the PC down, maybe different with various AVs, but changing its affinity to one CPU sounds a good idea for those times in which you are using the PC and it starts scanning.
 

5 more replies
Relevance 72.98%

I have a few apps running, incl. Firefox, Outlook. I took down their PID and then exit those programs.

I run the following command:

netstat -a -o -b -p tcp

It will list many connections like below

TCP 192.168.83.2:57471 xx.xx.xx.xx:http ESTABLISHED 4184 [System]
TCP 192.168.83.2:57324 xx.xx.xx.xx:http ESTABLISHED 1245 [System]

The PID 4184 is the PID of Firefox. Yet it exited and no longer shows up in Task Manager. This remains true even after 30 min.

How long does Windows 7 keep the half-open the connection? I thought the timeout is 5 min.

The other group of PID never existed before and does not show up in TaskManager either. Since it shows System, I have no way to find out which process it belongs to. How can I find out?

thanks!

Answer:connection by the system process and killed process

you could try TCPView. it has lots of info on what is connecting in your comp.
TCPView for Windows

1 more replies
Relevance 72.98%

Since late last night, I've been getting a Generic Host Process for Win32 Services Error pop-up after about a half hour of browsing the Internet. Originally, if I ignored it or clicked "Do Not Send" (as it appeared as an error report message), my Internet would stop working until I rebooted. However that quickly went away, and was replaced by instead changing my taskbar to a strange, low-resolution version. This still happens, but it corrects itself over time if not instantly.After I received the pop-up while using IE, I would intermittently be either redirected to a random website, or a new tab would open with the website instead. I didn't write down the names of these sites as I simply closed the tabs when they opened to prevent them from loading completely. But, after an hour or so of using Internet Explorer, it began crashing after a few seconds of being run. EDIT: DDS report keeps getting cut off for some reason... Guess that the DDS is too big? Let's try a HijackThis instead...Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:18:14 PM, on 3/2/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC: ... Read more

Answer:Generic Host Process for Win32 Services Error, Browser Hijacking, Unable to Connect to Windows Updates

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 72.98%

I jsut reformated an old PC, and have installed XP with SP2. I have wintasks 5 pro trial version running while I attempt to track down this problem

I have 2 processes in taskmanager running on my pc

UCEHGO.EXE
IXJWGDTBRAJHTYSVDSSSU.EXE-26E575D5.EXE

These files do not exist.

I have logged on with the admin account, set explorer to show all system and hidden files, checked thru a dos prompt with the attrib command to list in case it was hidden there.

There are .pf files of these in the C:\Windows\prefach directory, which I have removed but retain a copy on a different hard drive.

Winstasks will take care of IXJWGDTBRAJHTYSVDSSSU.EXE-26E575D5.EXE if I run it and remove it from the startup. With UCEHGO, I try and nothing happens in the program and the process stays put.

I have checked thru the registry to see if there are any entries relating to these 2 processes, and cannot find any.

I have also tried to do a search on the web for those 2 files but do not get any results.

Does anyone know what these files are or how I might be able to remove UCEHGO.exe from starting on bootup?

Shamus

Answer:Processes running in Taskmanager, but no file that process says its running from

Those look like trojan files. If they are running processes..then they ARE in the system and the registry. Download hijackthis and post your log in the SECURITY section..not here. Someone will go through it for you.

1 more replies
Relevance 72.57%

OK so I've been having this problem where every application that has some sort of link in it and that launches another program from it, crashes (examples: clicking a link in somebody's status in Xfire or AIM, GameCam crashing when any game is launched with it, etc.). This has been happening for about a month now, and is really starting to frustrate me. The only thing that has been done to this computer for a long time was a few file re-installations that I did to fix a problem with my monitor (ask for more details if this may be a part of the problem).

Anyways, any help would be much appreciated... the Xfire stuff isn't too bad because I can just copy/paste URLs, but I really need GameCam to work and it's not. But yeah, again, clicking any sort of link in a program that launches another program causes both applications to get exception data and crash.
 

Answer:All applications crash when external process started from them

7 more replies
Relevance 72.57%

Hello,

My school provides laptops for the 11th and 12th graders and teachers. All the laptops are the same, same software, same hardware. They are all running XP sp3. The laptops make and model #'s are Dell XPS M1210. We are plagued constantly by the error message below. I have tried to debug the minidump for this error but honestly I don't know how. So, I was hoping that someone with experience in debugging could help me figure out the root cause of this problem. The minidump and hdump are attached. Any assistance would be greatly appreciated.


At the time I do not have access to the laptop, so I will provide any additional information about the laptop that you may need on Monday

Answer:generic host process for win32 crash

szAppName : svchost.exe szAppVer : 5.1.2600.3311
szModName : acgenral.dll szModVer : 5.1.2600.3311 offset : 000116e2

This is the error signature. This error pops up at random times. If there isn't anything you guys can do to fix it is there some way i can just disable this window so it does not pop up because if you do not click debug, send error report or don't send then nothing happens and the computer operates normally. The thing is the students don't know that and they keep clicking the error and it freezes up.

2 more replies
Relevance 71.75%

Hi, i just upgrade my laptop to Windows 10 and i am having probem with the switch off and suspend. When i close the cover the Windows should suspend and when i open it turn the computer on but waht happen is i close the cover and the computer won?t fully suspend i can still hear the fans and them i open the cover and it doesn?t turn on the monitor. The same thing happen when trying to shut down and i already did a clean install. Anyone having the same problem?

More replies
Relevance 71.75%

HARD DRIVE FAILING , I CAN NOT COMPLETE THE BACKUP PROCESS. HAVING TROUBLE WITH ANY EXRENAL DRIVE CONNECTED TO ANY USB PORT.NOT SURE IF WINDOWS 7 IS PERFORMING CORRECTLY. 

More replies
Relevance 71.75%

Hi Guys,

I need your help/advice for the following. My laptop worked fine until yesterday, after a reboot all my browsers (IE 7.X/FF4.X/Chrome 12.0) crash after a few minutes of surfing the web. Usually without a warning but sometimes they show a memory could not be read error.

Laptop: Lenovo T410, Intel i5, 3 GB ram, WIN XP SP3

I did the following:
- Upgraded browsers
- Disabled/removed add-ons
- CCcleaner/drive clean etc.
- FULL Memtest86, and no faults found
- FULL scans with Spysweeper/Adaware/Mareware bytes (no errors found)
- Checked PC for strange hidden files/dir/cleaned temp folders

Then I started checking the processes with sysinternal process monitor and it shows that during the browsing process strange *.dat files are "created". See screen shots. Example:

Module: asoorloplop.dat
Path: C:\DOCUME~1\ALLUSE~1\APPLIC~1\asoorloplop.dat
Description: tGpPj37u M
version: 4.685.230.0
Company: lInrjG&b !RKnTN3m

Of course these files themselves cannot be found or located... but the process monitor shows these items all over the place while running IE/FF/Chrome. It looks like mallware... but I cannot remove it nor can the scan/sweep programs...

HELP is appreciated

Reflex


 

Answer:Browser Crash - Memory Error / Strange process

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

3 more replies
Relevance 71.75%

(My posts do not seem to be going through fully as I keep getting a connection was reset error and only part of my message pastes, I'll wait for a response before trying again, thanks)Hi,Over the past week I've been experiencing redirects in Google along with a "Generic Host Process" crash every time I boot up the computer (the 2 issues started simultaneously). Once the crash occurs, my sound card stops working and all Windows XP visual styles disappear and Windows goes back to looking very "Windows 98". I've posted/attached the DDS logs, but Gmer has been crashing/restarting during the scan so I'm unable to post that. Malwarebytes, Spy bot S&D and Avira anti virus have been unable to find anything. Thanks for any help!DDS (Ver_10-03-17.01) - NTFSx86 Run by Rich Skibinsky at 5:16:36.65 on Fri 07/09/2010Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2379 [GMT -4:00]AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}FW: CA Personal Firewall *disabled* {14CB4B80-8E52-45EA-905E-67C1267B4160}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exeC:\Pr... Read more

Answer:Google Redirects and Generic Host Process crash

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

44 more replies
Relevance 71.75%

Hi,

I'm having some troubles with iexplore starting in the background with random popups containing various ads, poker etc. (I use Opera)
In addition to the iexplore-process there is a .exe with a random name (ex: 8v486x38.exe). If i delete it a new one will start with another filename. They are located in "C:\Documents and Settings\Gelvin\Local Settings\Temp".

I have tried Avast, adaware and a few other programs, but i have found nothing. The panda online-scan crashed halfway (tried a few times).

Here is my logs created with dss:

Deckard's System Scanner v20071014.68
Run by Gelvin on 2008-03-18 22:54:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
23: 2008-03-18 21:54:28 UTC - RP503 - Deckard's System Scanner Restore Point
22: 2008-03-18 19:00:05 UTC - RP502 - System Checkpoint
21: 2008-03-17 1220 UTC - RP501 - System Checkpoint
20: 2008-03-16 00:03:47 UTC - RP500 - System Checkpoint
19: 2008-03-14 22:10:00 UTC - RP499 - Java(TM) 6 Update 3 togs bort


-- First Restore Point --
1: 2008-03-01 20:30:17 UTC - RP481 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Gelvin.exe) ----------------------------------------------

Logfile of Trend Mi... Read more

Answer:[SOLVED] Popups, Iexplore crash, process with random name

The problem seems to be gone

I have no idea how... but the popups have stopped and
the programs running in the background with random names is gone aswell.

I will revisit this thread if the problem comes back.

/thanks

2 more replies
Relevance 71.75%

I've decided to try and clean my computer's hard drive to try and free up space using boot n' nuke.
I have everything required to do it,
but when I finally get to wiping the data it shows
"non-lethal error" and "process crash"

I'm running windows 7 with an AMD Athlon 64X2 Dual Core Processor 4200+ 2.20 GHz
if that helps at all.

thanks.
 

Answer:Boot n' Nuke non-lethal error/ process crash

cleaning is always very risky many do not clean AT ALL , slows computer down for a start
just use cccleaner, remove programes you do not want, clean system restore now and then and all will be good

http://www.dban.org/help
 

1 more replies
Relevance 71.75%

i think i already posted this question but i wasnt sure if i posted it in the correct category so i'm doing it again to be safe: (please excuse me for posting twice, sorry..) um i was curious as to how i could run the same exact game/process more than once at the same time...i dont really care about how much it slows down my computer or its performance, i just want to know how to do it. for instance, say i have a game in my task manager under processes labeled "blasterball.exe" or something...how would i be able to run that exact same process again at the same time but with a new and separate game window?...i really have no clue  :-? on how to do this but it would be very useful! thanks ahead of time for your patience, bye...

Answer:help with running the same process

Click the icon again to start it again? That's how IE and most programs work.

1 more replies
Relevance 71.75%

A week ago I got a malware, it was encryptying all my files

Now, my windows explorer is taking a lot of time to load the folders, and some process like "conhost.exe" or "msiexec.exe" are always running using a lot of CPU and RAM.

Help me please!!

(sorry for my english, I Dont speak english)
 

Answer:Help!! a lot of process running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

9 more replies
Relevance 71.75%
Question: running process

I have something running in the background every 12 seconds then three then 12 then 3 and so on, I have had task manger up but it happens too fast to catch what is doing this, I have ran a reg cleaner, adawareand a virus killer and they find nothing, It may be a windows thing but it takes 100% cpu, so I would like to stop it or at least have a clue what it is. Is there anything that will take a snapshot so I can see what it is

Answer:running process

Print Screen click here and then use Paint to view it?

2 more replies
Relevance 71.75%

I have 45 processes running when i do control-alt-delete.

Can i get rid of some? If so how? And which should i not touch?
 

Answer:Process running too many?

9 more replies
Relevance 71.75%

i have many diffrent things running in task manager that i am sure i dont need to be there for example
i dont use or need any kind of networking whatsoever i also dont need anything to do with a printer as i dont use one
i dont use internet explorer ever i only use firefox,,theres loads of things that i know are being started up when i dont need them as i dont use them.
is there anywhere i can go to find out what i do need and what i dont safetly as to me its just a waste of resources.
and besides i can always undo these when and if i need too.
and one final thing i am on aol at the moment (yes i know i must be mad lol) but i dont connect using there software but it is installed i was wondering if i can completely remove it from my pc and continue connecting via my own configured connection i set up usiong windows itself.
ie by just providing a user name and password which saves me having to use there terrible software there homepage alone is enough to make you guive up and not bother going online.
but i found a way past that and surfing has become a hell of a lot better.
so basically do i need any of aol,s software on my pc to connect using the method i desrcribed above (hope not) and if not whats the best way to completely remove every trace of aol,s software.
i know i kept rambleing on but i think its understandable questions.
thanks for even reading lol
 

More replies
Relevance 71.75%

I have a HP dv6103nr laptop. 2gb of ram Recently i have started to experience an extreme slowdown and constanst fan running. i have run AdAware and Sybot.. Listed below is the HiJack this report just run. The only change of recent is that my Ipaq rx1955 dies so I don't need activesync and the wcescomm.exe that loads. i have also noticed several other items running that I have no idea of. I look forward to your assistance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:35:56 PM, on 7/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\... Read more

Answer:CPU Process always 100% and fan always running

16 more replies
Relevance 71.75%
Question: Running Process

Does anyone no what this running process is....

elodkmon.exe

Answer:Running Process

Most of the files are common to both the serial and USB drivers. Those files that are associated with only one of the serial or USB drivers are identified as such.

I think its just a USB driver.

Take a look at this link
http://www.elotouch.com/SUPPORT/webt..._file_list.asp

2 more replies
Relevance 71.75%

are the suppose to be multiple services of the same program running at the same time. enclosed is a picture of my task manager, as u can see i have svchost.exe running, is that right?
 

Answer:process running on xp?

those look to be ok..
 

2 more replies
Relevance 71.75%

these are a list of my running process,s what i want to know is do i need all these running and why are there two entries for ati2evxx.exe and also svchost.exe.
aswell as that i want too know why winlogon is there as i dont use a login procedure on my pc at all.
also plz tell me if there not needed how i disable them from running in future.
thanks dan



1 winlogon.exe Running Safe Medium Memory Usa... Process Scan For Errors
2 xcommsvr.exe Softwin BitDef... Running Safe Low Memory Usage Service Scan For Errors
3 bdss.exe Running Safe Low Memory Usage Service Scan For Errors
4 svchost.exe Running Safe Medium Memory Usa... Internet Service Scan For Errors
5 wmiprvse.exe Running Safe Low Memory Usage Process Scan For Errors
6 processscanne... ProcessScanner Running Safe Low Memory Usage Process Scan For Errors
7 bdmcon.exe BitDefender 10 Not Running Safe Not Available Autostart Scan For Errors
8 vsserv.exe BitDefender 10 Running Safe Low Memory Usage Internet Service Scan For Errors
9 spysweeper.ex... Spy Sweeper SD... Running Safe Low Memory Usage Service Scan For Errors
10 explorer.exe Running Safe Low Memory Usage Process Scan For Errors
11 alg.exe Running Safe Medium Memory Usa... Service Scan For Errors
12 ati2evxx.exe Running Safe Low Memory Usage Service Scan For Errors
13 ati2evxx.exe Running Safe Low Memory Usage Service Scan For Errors
14 ctfmon.exe Running Safe Medium Memory ... Read more

Answer:Running Process,s Someone Take A Look Plz

You can use the Startup List, available from the tab at the top of this page, to decide if you need the programs to run at startup, or not.If it's not on the list, Google should supply additional information on the program.

4 more replies
Relevance 71.75%

I have Win NT 4.0 workstation and I wonder if I can run a process in the background (application)and log off without stopping it. Do I have to install that application on the Server.

thanks,
ad_ahed
 

More replies
Relevance 71.75%
Question: process running

can someone tell me what process should be running,and what ones,shouldnt?also how can i stop the ones not needed?thanks len
 

Answer:process running

it is hard to say which ones you need as it depends on what is installed on your system and what is needed to run for the software you have. If you know you do not need one running, end the process. If you are not sure of a process, google the name of it and you should come up with links telling you what that prosecc belongs to
 

1 more replies
Relevance 71.75%

Hey folks,

Windows 10 64 bit. Every once in a while a command prompt box opens on my desktop and run script or something is run. I have no idea what it is, it is really annoying and interrupts my games as well. I could not find anything in my event log (not especially sure how to use it well) and malwarebytes and bitdefender don't see anything. I checked my processes and I don't see anything weird. This all started happening after getting my new HP Omen monitor and a radeon fury x a couple of months ago. Do you think its one of programs related to either of those items that is causing this? How do I really nail down what is causing this really annoying issue??

Thanks for the help.
 

Answer:What is that process running??

Open your Task Manager and look at the startup tab. What's listed?
 

1 more replies
Relevance 71.75%
Question: Running process?

Every AM about 4is my computer goes into mush mode. Im sure something is scanning or updating. I try task amanger and it only shows the web page I have up but the CPU is maxed out. The graph has it spiking to 100%. Ive checked all my programs and they dont appear to be the culprit.

I have a gateway AMD athelon 64 2.4 meg
1g ram(I know Im underpowered for vista)
Vista home premium.
and SBC broadband
the freeware I have loaded is
AVG
Malware
Spybot SD
hijacl this
combofix
Ive even opened up all the programs and none of them were running
Heres the Hijack this log- Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:45 AM, on 5/16/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:52 AM, on 5/22/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Spare Backup\SpareBackup.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Canon\MyPrinter\BJM... Read more

Answer:Running process?

16 more replies
Relevance 70.93%

Hi all,

Everything was fine in my Windows 7 Ultimate 32 bit OS, one day it started working with crashes and I end up with new formatting and reinstalling OS. But after that the crashes and errors rested. The simbtoms are:

1. It takes about 30 minutes the OS logon process, after that sometimes it crashes and I get BSOD

2. When it logs on it freezes randomly, and after I get explorer not responfing error

3. Windows has recovered from unexcepted error (really I don't remember the correct name of error)

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: c5
BCP1: 0E000000
BCP2: 00000002
BCP3: 00000000
BCP4: 83160795
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\103111-24055-01.dmp
C:\Windows\Temp\WER-29218-0.sysdata.xml

Read our privacy statement online:
Windows 7 Privacy Statement - Microsoft Windows

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt


Event viewer logs:

Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\Default.Default-PC\AppData\Local\Microsoft\Windows\\UsrClass.dat

Windows cannot load classe... Read more

Answer:It takes about 30 minute logon process and randomly freezes and crash

  
Quote: Originally Posted by hayk


Hi all,

Everything was fine in my Windows 7 Ultimate 32 bit OS, one day it started working with crashes and I end up with new formatting and reinstalling OS. But after that the crashes and errors rested. The simbtoms are:

1. It takes about 30 minutes the OS logon process, after that sometimes it crashes and I get BSOD

2. When it logs on it freezes randomly, and after I get explorer not responfing error

3. Windows has recovered from unexcepted error (really I don't remember the correct name of error)

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: c5
BCP1: 0E000000
BCP2: 00000002
BCP3: 00000000
BCP4: 83160795
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\103111-24055-01.dmp
C:\Windows\Temp\WER-29218-0.sysdata.xml

Read our privacy statement online:
Windows 7 Privacy Statement - Microsoft Windows

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
Event viewer logs:

Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\Default.Default-PC\AppData\Local... Read more

3 more replies
Relevance 70.93%

Hi:

Everytime I start my computer I get this message

eliteycr32.exe has encountered a problem and needs to close

I click ok and nothing happens for the rest of the day . It justs comes up every day when I boot up my PC

ANy ideas ???

Thanks

Answer:Strange process running on PC ?

it's some sort of spyware. Run your spyware and antivirus software and see if it's still there. If it is, download hijackthis extract the file, do a "scan only", then post the log here.

6 more replies
Relevance 70.93%

Hi,

This problem has only started happening recently. Computer is getting really slow, and seems to slow down periodically to a crawl. The mouse pointer becomes jerky, and it feels like some process is using up all resources. I have closed down all running programs, and it still happens, usually when i have just closed a program down. I really don't want to re install windows, as this is a relatively fresh install anyway (about 3 weeks). I am running XP 64 with 1 gig ram, athlon 64 3700+. nvidia gefroce 8600 gts. How can I find out whats doing it. It surely can't be a hardware issue can it? I know this isn't the fastest setup, but its running slower than my old athlon 2500+ setup. Windows takes a long time to load too.
Help please.
 

Answer:Please help. Interfering running process.

10 more replies
Relevance 70.93%

Hi,

the last time i posted i had 53 running processes. a little excessive dont ya think? anyway my post went unanswered. i saw the lack of HJT log and tried to amend the post.

prior to that i was working with someone ref my desktop and they musta gave up becuase never heard from them again ( 3 mos ago)

anyway here is my current HJT log
glenn

Answer:56 running process and counting- help

Logfile of HijackThis v1.99.1
Scan saved at 8:51:41 PM, on 3/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program ... Read more

4 more replies
Relevance 70.93%

Hi there,

I was going thru my task manager and noticed that there was a process that didn't seem to belong there usnsvc.exe. I did some research and came up with the conclusion that it might not be good. There is no problems with my computer operation-wise but I would like someone to take a look at my HJTlog and make sure that I don't have any nasties in my system. Thanks!

=================================================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:54:23 AM, on 02/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Q-Type Pro\Versato.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Q-Type Pro\OSD.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Al... Read more

Answer:Unrecognizable process running

*bump*

Any takers?
 

1 more replies
Relevance 70.93%

My computer is running slow. I am running Windows XP with 1 gig of ram and a AMD 1400 processor. When I check task manager there are no running processes. System idle is 99%. When I look at the performance graph 70% of my CPU is being used. If I disable the D link wireless connection the CPU usage drops to near to zero. What is causing this drain on resources?My wireless card is D-Link AirPlus DWL-G520 Not sure if this is the culprit.I also downloaded Microsoft Malicious software removal tool recently. Can this be it?

Answer:invisible process running

Is your wirless network secure?someone could be using it.

2 more replies
Relevance 70.93%

Arial5navy

Just got a new computer and after installing programs, I show "WinFax MOD" as a running application and/or process. Is this slowing down my system? Can I/should I remove it? If so how?
Thanks for any assist...

Answer:WinFax Mod (Running Process)

winfax is a component of outlook express, you can probably disable it from there, though i doubt it will slow down your system much, have a look in task manager to see how much memory and CPU its taking up

2 more replies