Computer Support Forum

Multiple csrs process, com surroget process & fluxuating cpu usage superfetch running very high

Question: Multiple csrs process, com surroget process & fluxuating cpu usage superfetch running very high

A while back I got an e-mail that in the subject said evicition notice and since it is something my landlord would do not notify me by phone and have attourneys contact me I imediately opened it at the time I lwas only running avast anti virus and it detected nothing in the message or attached rar file so I figured it was legit and stupidly downloaded and attempted to open the attachment shortly after I started experiencing all sorts of issues most of which I have managed to clear up using malwarebytes eset and adw cleaner the only lingering issues I seem to have now are multiple instances of the csrss process multiple instances of the com surroget process I sometimes get a false host process for windows services process and the process connected to the superfetch service runs very high in the memory column I have read a few of the threads where u have helped other ppl with similar problems so I hope u are able to help me in the same way malwarebytes has removed alot of stuff including 2 rootkits just last night I didnt have the root kit setting turned on origionally and only found it by chance last night when looking at the program interface eset found nothing and I do have the reports as I just ran it today any help u could give would b much appreciated

Relevance 100%
Preferred Solution: Multiple csrs process, com surroget process & fluxuating cpu usage superfetch running very high

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Multiple csrs process, com surroget process & fluxuating cpu usage superfetch running very high

I also have multiple host precess for windows services that are not connected to any service and do not appear in the process list where they should and when I end them it opens multple com surroget processes on top of the 2 that I already have so I wind up with 3 sometimes 4 com surroget processes and one that appears then goes away periodically eset detectsdetects nothing malwarebytes on the other hand detects 2 rootki

threat type location

Cidox.J.vbr phyical sector master boot sector on volume #0

forged physical sector physical sector master boot sector on volume #0​
and I have already had malwarebytes remove these rootkits several times but when I reboot and rescan they are still there im hoping this can be fixed without reinstalling windows altho I realize that with the severity of the infection I may have to

77 more replies
Relevance 81.2%

Hi,
 
I've got windows 7 pro machine with explorer.exe running as a child of Explorer.EXE.  The child process is taking up huge amounts of memory, up to 2.8GB and is making tons of TCP/IP connections. I have also noticed that ctfmon.exe will sometimes run as a child of the second explorer.exe process, but this is not always the case.  If I kill the process, it comes back momentarily. It also runs and makes all of the connections in safe mode with nothing else opened. 
 
I have scanned with mbam, rkill, tdsskiller, and all come up clean. I've been watching the tcpip connections with process explorer and have multiple screen shots of the connections made if that'll help. I don't know if I can export them in txt format.
 
I have been unable to find a solution to this online, a few people seem to have similar problems, but haven't seen a solution yet.
 
Thank you for your help.
 
-Lucas

Answer:Secondary explorer.exe process high memory usage, multiple TCP/IP connections

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll dow... Read more

28 more replies
Relevance 100.86%

About a year ago, I noticed that my computer was running slow (both online and off) and that the explorer.exe process listed in the Windows Task Manager was usually running very high. Windows Explorer seemed to crash a lot as well. A few months ago, I attempted to install Kaspersky Internet Security 7.0 on my computer and before the install completed a warning window popped up saying something like 'there is already another instance of Kaspersky running' (which was not the case since this was the first time I had ever attempted to install Kaspersky software) and the install failed. When I rebooted my computer, I got the blue screen of death for a few seconds and then Windows booted with a message saying that Windows had recovered from a serious problem. Since recovering from whatever happened after the failed Kaspersky install, my computer is slower than ever and the Task Manager still shows a high CPU usage even though the System Idle Process is high and there isn't any processes listed that are using much CPU time at all.

I just scanned my system with the latest updated versions of AdAware, Spybot S&D, SuperAntiSpyware, and Avira AntiVir. All of them found nothing. I then cleaned my computer with CCleaner and ran HijackThis.

Here is the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:25:30 AM, on 13/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C... Read more

More replies
Relevance 100.45%

Hi,

I just bought my brand new laptop and have loaded Vista Ultimate 32bit onto it for about 5 days. I noticed something unusual about Vista's CPU usage while idle in the task manager as well as the Resource monitor.

I have attached two pictures to show my problem. Notice that my CPU usage is always at about 40-60% on both of my cores. However, the average CPU usage per process shows that it should actually occupy about 15% to at most 20% (by adding up all the highest average CPU for processes in the first picture). The second picture I attached shows the current CPU usage sorted by max usage, and again it does not add up to 41%!

Although at 40-60% usage, I do not notice any major performance impacts, as both cores are not loaded to the max. However, I do notice Vista chewing up more battery than needed when I have my laptop running off batteries. Because the max frequency for the processor would always need to be raised to around 60% even when idle (instead of say... 10-20%).

I have searched online for various problems relating to high CPU usage, and most of the responses are about tracing down which process is the culprit. Well, this is where I'm stumped because it all does not add up! According to the process view, everything is normal but my system resources are still get constantly chewed up by something invisible it seems.

Any help/suggestions would be greatly appreciated at this point!
 

Answer:Vista Ultimate 32: high CPU usage does not correspond with process usage

Posting two more image to show this problem from the task manager...

Notice that the system idle process is 84, and yet CPU usage is 42? I always thought that:
CPU usage + idle process = 100?

Perhaps things are done differently with dual core processors? This is my first dual core so I'm not sure. The second image shows how both my cores are being used roughly equally, at around 50%.
 

1 more replies
Relevance 97.99%

Hello,

Since the past 3-4 days the process called 'System' has been constantly using approximately 35% of my CPU. The usage is pretty much constant all the time. Below you can find screenshots from task manager, resource monitor and process explorer.
In the past I've never seen this, leaving the PC idle dropped the usage down to almost zero, now the CPU is running at full clock 24/7, heating it up ~55C, which is mildly undesirable.

Attempts done so far to fix the issue, none has worked:
- Waiting. I leave the PC to run overnight, but it does not seem to help it.
- Restarting, done multiple times, no effect whatsoever.
- sfc /scannow, nothing found.
- Full virus scan, nothing found.
- The update settings has been set already to not to receive from other pc's. All updates are installed what windows update has to offer.

PC specs:
Acer VN7 laptop, running Win 10 Home 64bit. HW: i5-6300HQ, 16GB, GTX960M. All drivers up to date.

Answer:'System' process high CPU usage

Hi, you'll need to do some analysis e.g.
High CPU utilization by process

You can also try a process of elimination - does this happen after a clean boot/in safe mode?
If you can find a situation when it does not occur you may be able to work from there.

2 more replies
Relevance 97.99%

iv experiencing slowdowns in my machine, im noticing that the lsass.exe process is taking alot of memory all of a sudden - up to 2GB !

Here:

(Win7x64,Vertex2,Gtx460,i7-2600,8gb ram)

Need help, tnx
 

Answer:lsass.exe process very high ram usage

hiya plase have a read here,http://www.google.co.uk/url?sa=t&rc...i4GACw&usg=AFQjCNGhgvhCdlzpyCZVthtOXLaS4zQU2Q
 

2 more replies
Relevance 97.99%

After running my PC for a few hours, I often run into problems with CPU Usage. The "System" process will spike up once every few minutes once it gets going. This causes the screen and the audio on the PC to freeze momentarily. It will make a loud buzzing sound, because the audio freezes. It will recover after that, until the next spike. This makes watching videos/playing games pretty irritating. 
 
I find that rebooting my PC usually pushes back the issue a first hours for whatever reason. 
 
I'll give any information that is needed.

Answer:High CPU Usage by the "System" Process

Please download MiniToolBox  , save it to your desktop and run it.
 Checkmark the following checkboxes:  List last 10 Event Viewer log  List Installed Programs  List Users, Partitions and Memory size.
 Click Go and paste the content into your next post.
 Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post. 
Louis

7 more replies
Relevance 97.99%

Hello,

Since the past 3-4 days the process called 'System' has been constantly using approximately 35% of my CPU. The usage is pretty much constant all the time. Below you can find screenshots from task manager, resource monitor and process explorer.
In the past I've never seen this, leaving the PC idle dropped the usage down to almost zero, now the CPU is running at full clock 24/7, heating it up ~55C, which is mildly undesirable.

Attempts done so far to fix the issue, none has worked:
- Waiting. I leave the PC to run overnight, but it does not seem to help it.
- Restarting, done multiple times, no effect whatsoever.
- sfc /scannow, nothing found.
- Full virus scan, nothing found.
- The update settings has been set already to not to receive from other pc's. All updates are installed what windows update has to offer.

PC specs:
Acer VN7 laptop, running Win 10 Home 64bit. HW: i5-6300HQ, 16GB, GTX960M. All drivers up to date.

More replies
Relevance 97.99%

iv experiencing slowdowns in my machine, im noticing that the lsass.exe process is taking alot of memory all of a sudden - up to 2GB !

Here:
(Win7x64,Vertex2,Gtx460,i7-2600,8gb ram)

I wonder what can that be, suggestions plz
tnx.

Answer:lsass.exe process very high ram usage

Hi!

I found this which might answer your question.

"lsass.exe" is the Local Security Authentication Server. It verifies the validity of user logons to your PC or server. Lsass generates the process responsible for authenticating users for the Winlogon service. This is performed by using authentication packages such as the default, Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates then inherit this token.
Note: The lsass.exe file is located in the folder C:\Windows\System32. In other cases, lsass.exe is a virus, spyware, trojan or worm!

Hope this helps!

9 more replies
Relevance 97.17%

Need help with an Acer Aspire laptop, with 1.86GHz Processor, and 1GB DDR2 memory. It is running very slow. The first thing I noticed when it booted up was that a program folder called "sea turtle" opened (program could have been installed by one of the kids). The properties of this folder said it was an empty folder. I don't remember the full path, but I think it was username/startup/random/sea turtle. There was no uninstall and I couldn't delete it from Add/Delete Programs. I deleted it by right clicking and deleting. It took a long time to delete.

The computer was slow, so I started Task Manager to see if something was draining the resources. An svchost.exe process was maxing out the resources. I installed and ran CCleaner, Super Antispyware, and Malwarebytes. Super AntiSpyware found Trojan.Agent/Gen-Iexplore(fake), and Trojan.Agent/Gen-PEC. Malwarebytes didn't find anything. I rebooted after each process and nothing changed, still slow, still high memory usage by svchost.exe. Stopping the svchost.exe process solves the problem of high memory use, but it comes back when rebooted.

I recalled hearing about HijackThis, so I signed up for an account and downloaded the program. I ran a scan and got an error message - "...your system denied write access to Hosts file...click Start, Run and type: notepad C:Windows\System32\drivers\etc\hosts...delete these lines...". There were no matching lines to delete, so that didn... Read more

Answer:High Memory Usage by Host Process

Since you ran HJT, Please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Once you have created the new topic, please reply back here with a link to the new topic.

3 more replies
Relevance 97.17%

Recently I have upgraded my laptop from windows 8 to windows 8.1. After upgrading i found that the process svchost.exe (netsvcs) consume about 60% of CPU usage. This makes my laptop overheated within 30 minutes. When I suspend this process, the cpu usage drops to just 5%. I have tried many solution available online to solve this issue, but unfortunately none of them worked. Plzzz help me to solve this problem...!!!

Answer:high cpu usage by process svchost.exe (netsvcs)

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll dow... Read more

1 more replies
Relevance 97.17%

OS - Windows Vista Home Premium
Computer - Acer Aspire

Computer started running slow. Noticed svchost.exe was maxing the resources. Ran CCleaner, Super Antispyware, and Malwarebytes. Found and cleaned a couple trojans with Super AntiSpyware. Created a BC account. Ran HJT, but didn't post log. I did post in Am I Infected and was later asked to read and follow the Guide and post a new topic.

Here are the scan logs. I couldn't access BC from the affected computer. I had to save the logs to a flash disk and post from another computer.

I ran DeFogger before running the scans. I tried to run the GMER scan but the computer blue screened (this is the first time that has happened).

Thanks for your help. ~Ron

I forgot to include the link to previous posts - http://www.bleepingcomputer.com/forums/topic399644.html/page__gopid__2281442#entry2281442

Answer:High Memory Usage by Host Process

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

30 more replies
Relevance 97.17%

ntoskrnl.exe CPU usage spikes up to about 40% sometimes when downloading anything. But usually spikes to around 7% will just generally usage of the system. It's not suppose to use that much and I wouldn't mind it using that much if it didn't lag the whole pc even at 7%. I've tried turning off superfetch, runtime broker. Also have changed the memory managment thing in the registry and ran both System File Checker and DISM. Also used the refresh OS option which is suppose to pretty much be like a new install but that didn't work either.
P.S. Used Driver Booster 4 to make sure all my drivers were up to date. And have disabled my firewall while trying to downloading things. This also only started after installing the creators update before I did the refresh OS.

Answer:ntoskrnl process CPU usage is HIGH on Windows

By the memory management thing, I assume that you changed the value of ClearPageFileAtShutDown registry key.
I assume that you have run the usual like running an antivirus scan, defragging the hard drive and running the built-in Performance Troubleshooter.
Open an elevated Command Prompt, type the following and hit Enter to run the Performance Troubleshooter.

msdt.exe /id PerformanceDiagnostic

Now this usually happens due to memory leak caused by some some faulty device driver.
Does this happen when you perform a Clean Boot? If not then it surely some non-Microsoft process causing this issue. The Clean Boot State will help you identify the offender manually.
Also try disabling the Windows Search service and see.

6 more replies
Relevance 97.17%

Hi everyone,
in Task Manager, the "System" sometimes starts eating 14~20% CPU and that persists until a reboot.
"System interrupts" (which is a pseudo process?) seems to do the same.

It doesn't happen from boot, and I don't know what triggers it.

Google searches suggest a driver may be buggy.

But which one?

How can I find it out?

Could I debug the system process using a tool to see what function a thread is in, for example? Somehow?

thanks

Answer:System process - high CPU usage after some time

Anyone?

edit:
High CPU Usage - Microsoft Community

Strange workaround by "Byoung-GyuOh"

2 more replies
Relevance 97.17%

Hi, yesterday I had a very bad lag while I'm playing, it was the 1st time to lag like that, it is not due to connection problem as I'm used to them and they are totally different (this one was with sound interruption).After I finished the game i restarted my pc, the restart took ~35 minutes!
The computer became too slow to be used for anything, I opened the task manager to see what is eating my process to find nothing, System idle process is at 99 usage, even when I run a program or try to play a video it stay over 80, I know system idle process means the computer has nothing important to do, and I think this is the problem.
I'm using windows 7 64 bits. My laptop is acer aspire4720 and there is a small green light which lights when it is precessing, after this problem began it is always green.
I had the same problem in the safe mode.
Opened msconfig but did not find anything new in the startup tab.
There is no new windows updates installed (the latest were before two days and the computer was fine).
No new programs installed, only updated skype.
Any suggestions?
As I'm not sure what is the problem I don't know if the title is correct or not.
Sorry for my bad English, it is not my native language.

Answer:System Idle Process High CPU Usage

Hello L_The_Legend & welcome to TSF

Have you scanned your computer for viruses lately?

Also, tap away at F10 as you start the PC to enter the BIOS menu. Under the Advanced or Diagnostic tab you should find the facility to run a test on the Hard Drive and Memory - run both test and post back with the results. Is the system overheating?

6 more replies
Relevance 97.17%

After laptop is on for about 5-10 minutes I start getting insane lag doing anything.
Just trying to get screenshots and typing this in is taking 30 minutes.
Hopefully screenshots can explain better.

Answer:System Idle process high cpu usage

You want system idle process to be high. That means the processor is looking for work. 99 is better than 60. What is that 22% process--it is running at 0% on my PC.

9 more replies
Relevance 97.17%

why System IDLE Process in my PRocesses have a high CPU USAGE???
this is my HIJACKthis log...

Logfile of HijackThis v1.99.1
Scan saved at 8:12:43 PM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\Smart Keystroke Recorder\sma.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.mi... Read more

More replies
Relevance 97.17%

I've noticed that a lot of the time the 'NT Kernal & System' process in the Task Manager goes on overdrive. It always happens when my Internet connection cuts out. It must be related because normally it's on (or close to) 0%. I then have to restart the PC sometimes every 10 - 15 minutes (unless I'm not using the Internet). It's driving me mad.
I'm using Windows 7 Ultimate, 8GB RAM, 500GB HDD. This problem has been going on for over a week now and I've tried all kinds of things.... uninstall/reinstall my Network card, update my Network card driver, virus/spyware/adware/malware scans, reinstalled Windows 7 (as an upgrade so I keep my files and programs. I'm stuck to just restarting my PC. I don't know what's causing it or how to fix it.

Answer:'NT Kernal & System' process high CPU usage

Take a look here CPU Usage

3 more replies
Relevance 97.17%

Every three to five minutes the computer bogs down, task manager shows the System process at over 95 CPU, the other 5 CPU swapping between the other processes running, but the amount of free RAM stays at around 60%, about 300MB. The PF Usage barely goes above 200MB even when it's bogging down. This happens even when nothing is going on, all programs are shut down, and the busy light on the front of the tower won't even flicker, nor do I hear the usual 'thinking' sounds a computer makes when it given to much to compute. Then occasionally I get a stroke of good luck and the computer runs perfectly for awhile. A friend told me it might be inadequate RAM for XP so I have minimized XP appearances to basic, everything geared for the best performance, I have restored my HDD, erased my HDD, defragged my HDD, and am about to blow up my HDD. I use Advanced System Care, SmartRAM, HijackThis, CCleaner, and TrendMicro Online Scan religiously, but other than some tracking cookies, nothing comes up. I really need a fully working computer in a very short amount of time so any help would be greatly appreciated. Thank you.
Computer Stats:

Windows XP Home Edition Service Pack 3
Compaq Presario
2.6GHz Intel Celeron Processor
512MB Ram, 120GB HDD
HijackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:18:42 AM, on 4/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:... Read more

Answer:System Process with High CPU, Low Memory Usage

16 more replies
Relevance 97.17%

Hi Experts,
I have encountered a very high memory usage in one svchost.exe process on my win 7 64-bit. Attached screen shots of process associated with it. Some times it goes up about 300Mb too.



I have tried several suggestions already available for this issue. But No luck .
I've tried by updating Windows (ref), scanning PC by TREND officescan.
Also when I tried with only with Microsoft Services using Selective Startup option in msconfig as suggested here, issue remains same. (With that can I conclude that it is related with malware?)

Also need to note that the WLAN AutoConfig service (wlansvc) associated with that svchost.exe make sense as I've encountered some problem uninstalling wireless router software.I feel that that has not been properly uninstalled. But I dont have any idea how to check/or rectify it.

HJT log is also attached.

View attachment hijackthis.log
Your response is highly appreciated.
Thanks
Rgrds,
SAM
 

Answer:high memory usage in one svchost.exe process

10 more replies
Relevance 97.17%

Though this topic is quite old, I would like to point out that everyone saying 100% CPU system idle process is normal...is CORRECT. With the task manager list, higher numbers could possibly indicate slower functioning. However, system idle process CPU means something different due to its nature, as others have already explained. This does not make sense to some, and I feel compelled to encourage people to ignore the negative voting scores on these entries; and kindly overlook system idle when searching for explanations of slow computers or programs. System Idle Process is not the culprit.

Answer:High CPU Usage System Idle Process

http://images3.wikia.nocookie.net/_...

4 more replies
Relevance 97.17%

Hi All--

I've got an unusual high CPU issue issue I can't seem to pinpoint. I'm hoping someone has some additional ideas. This problem happens every couple days. The only way to resolve is to reboot (not that big a deal but still annoying). When it occurs the SYSTEM process uses an entire core (25% of CPU). I've tried stopping all software and services that I can but the problem still occurs.

I've scanned my computer for viruses, spyware, etc. I use Microsoft Security Essentials, Spybot, and HijackThis!. I even downloading and scanned my computer with Sophos Anti-Rootkit. All of them turn up nothing!

My PC is a MSI laptop running Windows 7 Home Edition 64 Bit.

Windows Update is current. My drivers are current but it doesn't appear to be a driver issue (IMO).

Any thoughts? Any steps I could take to dig further? Anything?





Summary
Operating System
MS Windows 7 Home Premium 64-bit SP1
CPU
Intel Core i5 @ 2.30GHz 45 ?C
Sandy Bridge 32nm Technology
RAM
6.00 GB Dual-Channel DDR3 @ 665MHz (9-9-9-24)
Motherboard
Micro-Star International Co., Ltd. MS-16G5 (SOCKET 0) 28 ?C
Graphics
Generic PnP Monitor ([email protected])
(Illegal Vendor ID)
Hard Drives
94GB KINGSTON SVP100S296G (SATA) 36 ?C
Optical Drives
ELBY CLONEDRIVE SCSI CdRom Device
Slimtype DVD A DS8A5S
Audio
... Read more

Answer:Intermittent high CPU usage by SYSTEM process

That is the NT Kernel that is causing the spike. That is a essential part of Windows. It is what drives Windows. While yes yours is high, it is also something that is mandatory to run the system. So either you got a nasty rootkit installed that isnt being detected or your system is corrupted by something else.

Have you run the scans in Safe Mode?

2 more replies
Relevance 97.17%

AdwCleaner reports that file : C:\Users\Artur\AppData\Roaming\Mozilla\Firefox\Profiles\spxtbko2.default\prefs.js is infected. However I cannot remove it with this application and with Malwarebytes Anti-Malware (even when PUP is enabled for showing and removing in results) . 
 
When this one specific process of chrome32.exe *32 is active the whole system runs extremely slow. When I disable it it via windows task manager it runs normally and smoothly again. What is more, even when I unistalled Chrome the process still appeared as chrome.exe *32 in windows taks manager. Now I have reinstalled Chrome because the suspicious process also appeared when I was using only Firefox. 
 
P.S. The "potentially infected" process was terminated via windows task manager before I ran dds scan.
 
Please tell me what I need to do to remove this unwanted process from my computer.
 

 attach.txt   3.42KB
  2 downloads
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Artur at 14:33:11 on 2014-03-08
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.48.1045.18.4094.2143 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes =============... Read more

Answer:Possible infection: One process of chrome.exe *32 has very high (50%) CPU usage

Hi bandzior88 and Welcome to BleepingComputer.I am currently looking though your logs and will advice you on what to do in my next reply.I would like you to post the Adwcleaner log that shows the infection.The report will be saved in the C:\AdwCleaner folder.

5 more replies
Relevance 97.17%

hEI TEAM,

I SEE A HIGH USAGE OF MEMORY BY PROCESS "SYSTEM". I SEE THAT IT HAPPENED FOR A FRESHLY INSTALLED OS WHEN AVG WAS INSTALLED. AFTER A WHILE THE MEMORY WAS FREE AND 'SYSTEM' PROCESS WAS USING 400K ONLY. pLEASE LET ME KNOW WHAT NEEDS TO BE DONE TO FREE THE SYSTEM PROCESS MEMORY ?

tHANKS IN ADVANCE !!

Answer:hIGH USAGE OF MEMORY FOR SYSTEM PROCESS !

I would try to remove some of those programs, and can you list your system specs especially the amount of RAM you have and Hard Drive space.

13 more replies
Relevance 97.17%

Hi everyone, I'm having quite a hard time solving a problem that I have been having with an svchost process in Windows Vista (I've got service pack 2).

The main reason that I noticed this spike in cpu usage was because while playing games on the computer, I would get massive fps drops every 10-15 seconds. These fps drops seemed to occur whenever the specific svchost process spiked from 0% cpu usage to 30%. After monitoring the process for a little while using process explorer I was able to find out some info about it.

Here's a pic of the CPU usage in process explorer:



Also, using the graph feature you can see how it spikes up and down every few seconds:



The svchost in question has the services "DCOM Server Process Launcher" and "Plug and Play" under it. The following is what is shown when highlighting the svchost process and also the command line shown for each of them in the services tab:





After researching for solutions online, it seems as though there are quite a lot of other people experiencing this problem. One solution that some people talked about online was to go into the sound options, right click your specific device and go to properties. From there go into enhancements tab and check "disable all enhancements". Supposedly this would cause the dcom service from constantly checking hardware every few seconds, but doing this did not fix my problem and the process keeps spiking to 30% every few seconds ... Read more

Answer:High CPU Usage spikes (0 to 30%) for an svchost process

Right click on the svchost.exe process and select the Threads tab. See if there's an entry with high Cycles Delta and let us know the Start Address

Then, in the Process Explorer main window there should be a couple of entries that are "children" to it (on my system it's unsecapp.exe and WmiPrvSE.exe). Right click on them and check their Threads tabs for the same info.

3 more replies
Relevance 97.17%

Recently I have upgraded my laptop from windows 8 to windows 8.1. After upgrading i found that the process svchost.exe (netsvcs) consume about 60% of CPU usage. This makes my laptop overheated within 30 minutes. When I suspend this process, the cpu usage drops to just 5%. I have tried many solution available online to solve this issue, but unfortunately none of them worked. Plzzz help me to solve this problem...!!!
 

More replies
Relevance 95.94%

Hello,
I've run into a problem that I can't seem to diagnose; unsure whether it us malware related or not.
I'm running windows 7 home professional 64 bit. 8 gigs of ram.
Very recently, as in within the last couple days, applications have begun to hang and crash. Upon investigation, I found that one of the svchost.exe files is chewing up a huge amount of memory. The process usually sits between 15 to 25 percent cpu usage, but can spike up to 50 to 80; meanwhile the memory usage continues to rise. Eventually, the process closes (I think) and it causes a system restart.
I have a little experience dealing with computer infections, so I tried to do some investigating on my own initially (I know you guys don't like to hear that, sorry). Anyway, the specific svchost.exe that is seemingly causing problems was managing the Power service, the Plugplay service, and DCOMlaunch service. I split them up to try to identify the problem and it's the one managing DCOMlaunch. I looked at the threads in process explorer and, while I don't fully understand what they mean, it seems that there are several threads related to msvct.dll and ntoskml.exe.
I've done what I usually do when I run into problems; I ran MBAM, MBAR, and I did a scan with ESET, I did a scan with my regular antivirus Avira, but everything is coming up totally clean, so I'm stumped.
Any help would be greatly appreciated.

Answer:High memory usage svchost.exe for dcomlaunch process

Bump

4 more replies
Relevance 95.94%

Hi,
Its my first post here. Greetings to everybody.


I run a Windows XP SP3 based system with all updates and latest drivers installed, and the software maintained for optimal performance (stuff like a clean and defragged registry, defragged file system, minimal background processes and disabling of non-essential windows services, no malware/spyware, absence of junk files, etc etc). The hardware config consists of an Core2Duo E6750 CPU, Corsair XMS2 2GB memory, Gigabyte X-38 DS5 motherboard, Gigabyte 8800GT based GPU and a Seagate 320GB HDD.

Since a past few days, I've been noticing abnormally high CPU usage under idle conditions. The processes "System Idle Process" and "System" occupy anywhere from 40% to 70% CPU usage. I have the Enhanced Halt (C1E), Thermal monitor 2 and Enhanced Intel Speedstep Technology enabled in the BIOS - in case this information is relevant. Hardware Interrupts, Deferred Procedure Calls under System Idle Process seem to take up cpu cycles for most of the time, possibly indicating a driver bug. I have not installed/removed any software, hardware, nor updated any device drivers which would lead to such a problem suddenly. Normal workloads are not affected, however stuff like playing video with PowerDVD 10 and running the Milkdrop Visualization are badly throttled.

Please Advice.

Answer:Abnormally high CPU usage by System Idle Process

I'll think on your problem for a while, but I wanted to comment that Milkdrop is the best visualization software ever, and it can definitely take its toll on any processor or gfx card lol. Are any of your processes using more resources than normal? It would appear you have a firm grasp on what is usually running on your system, so is anything out of the ordinary?

Ideally though, the "System Idle process" should be as high as possible, as that is where your excess cycles are going. So, the higher the number, the less resources your usual operations are using (so 99% idle process means 1% in use) (Also, that is my understanding of it, if I am incorrect in this assumption, somebody please correct me, I have not really ever thought about that process before).

I don't think your bios settings will interfere with that, but I could be wrong, again somebody correct me if I am wrong (making another assumption).

Are you using a laptop? Sometimes slower processing can mean the battery is going bad (Though not always)

Try running some form of monitor to find out if your processor is running up to par (cpu-z works alright for quick checks). But I think it is probably something else. Gfx card going bad or underclocked perhaps?

I am not really sure what could be causing it, you seem to sound like you already checked for abnormally running processes, so I am at a bit of a loss. Perhaps it could be hard drive slowing down or something? I am sure MoM will come in here and cor... Read more

7 more replies
Relevance 95.94%

Hello,

I have recently discovered that my laptop cooler was going crazy and I didn't knew why, then I started Task Manager and there it was "Windows host process (Rundll32) eating 30% of the cpu.

Notebook specs:
Cpu: Intel Core i5 3210m
Ram: 8gb ddr3 1600mhz
OS: Windows 8.1 x64 pro with the latest update

Does anyone know how to find out how and/or why is it doing that?
Thanks in advance.

I added the requested info @arachnaut

Answer:Windows host process (Rundll32) HIGH CPU usage

Can you enable the Process name and Command line to the column list - that will help.

13 more replies
Relevance 95.94%

so , i dont really know too much about computer , but this message keeps coming up from norton and my computer just got really really slow and keeps freezing so please someone help quick, what is this ?
 

Answer:high disk usage by application host process

16 more replies
Relevance 95.94%

Hello,
from some reason, a process called "Windows Image Acquisition (WIA), which I've never seen before is running and using about 30% CPU.
I read in MSDN that "Windows Image Acquisition (WIA) is the still image acquisition platform in the Windows family of operating systems starting with Windows Millennium Edition (Windows Me) and Windows XP."

Does that mean that from some reason my laptop's camera is running now? Maybe my laptop was hacked?

Thanks!

Answer:Windows Image Acquisition process - high CPU usage

Anyone ?

4 more replies
Relevance 95.94%

Every time i start my laptop up, this process is taking 20%+ cpu usage and slowing my laptop down entirely. I believe that this is a very recent change as before it wasn't 20%+

More replies
Relevance 95.94%

Lately, I've been getting alerts about high cpu usage. Checking Process Explorer, I see that spoolsv.exe is using about 49-50% and Systems Idle is using 45-50. I have no idea why this is happening. Only recent change has been the swapping out of a HP Photosmart printer for a Lexmark Pro 915 printer.

Answer:High CPU usage from spoolsv.exe and Systems Idle Process?

System Idle Process is not using anything, shows % of idle time, higher number = less processor use. At least 1 less thing to worry about.

2 more replies
Relevance 95.94%

Hello,
from some reason, a process called "Windows Image Acquisition (WIA), which I've never seen before is running and using about 30% CPU.
I read in MSDN that "Windows Image Acquisition (WIA) is the still image acquisition platform in the Windows family of operating systems starting with Windows Millennium Edition (Windows Me) and Windows XP."

Does that mean that from some reason my laptop's camera is running now? Maybe my laptop was hacked?

Thanks!

Answer:Windows Image Acquisition process - high CPU usage

Anyone ?

4 more replies
Relevance 95.12%

Just in case, this is the first post I make in this site and the computer I'm trying to clean is not mine.
 
My grandpa asked me to check his computer because it was slow. He also opens and runs every single email attachment, even though I tell him to not do so. So I check it, it took a lot of time to boot in the "Startting Windows" screen and it was nearly unusable since memory usage was around 90-99% because there were around 60-80 Java processes that showed up in the Task Manager, each process used between a few KB of memory to some MB. I booted up in safe mode. There were no java processes and it ran with the normal speed, downloaded Malwatebytes Chamaleon and tried to run it, but it didn't start. Clicking the help file opened a blank page. I tried to run the Chamaleon programs manually (their webpage said so) in the Program Files folder and not the downloaded one.
 
Anyways, I try to run it, MBAM tries to update (it was also horribly out of date) and it was blocked with an "Access Denied". The task killer in chamaleon also killed some tasks. The tasks were random characters, except for one "Distromatic Updater", which googling tells me its some sort of malware. Also the killer was blocked later. The MBAM update needed an install, since it was too old. During the install, the chamaleon files were blocked (Access Denied). I clicked to retry that file and the same thing happens. Only after some retries, the installer went on to the next file, which was also blocke... Read more

More replies
Relevance 95.12%

Hi. Recently i've noticed that my CPU usage on idle is around 50% (which is high). I've found a process that is network related called "Service Host: Network Service (5)". It is currently using aaround 25% of my CPU. I can end it, but then it just restarts. Whenever it starts, any music or anything im listening to glitches out on whatever it currently was on and repeats like the current note and it sounds awful. How do i fix the CPU issue with this?

More replies
Relevance 95.12%

Hi. Recently i've noticed that my CPU usage on idle is around 50% (which is high). I've found a process that is network related called "Service Host: Network Service (5)". It is currently using aaround 25% of my CPU. I can end it, but then it just restarts. Whenever it starts, any music or anything im listening to glitches out on whatever it currently was on and repeats like the current note and it sounds awful. How do i fix the CPU issue with this?

Answer:High CPU usage from network process, sound randomly glitches

Try using Process Explorer to see if you can figure out exactly what is causing it. PE gives you a lot more info than Task Manager. It's free and does not get installed, you just run it.

5 more replies
Relevance 95.12%

When using IE 11 the browser window constantly blinks and loses focus.  It makes it almost impossible to type anything into the browser.  My CPU and memory usage is also very high.  I checked the Windows Task Manager and I see multiple processes called dllhost.ext *32 - COM Surrogate using a ton of memory.  The memory usage for these processes continues to increase until the CPU usage is 100% and the computer becomes very slow.  I have tied to "End Process" on these processes which helps but they reappear and then start using more and more memory.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17420  BrowserJavaVersion: 10.60.2
Run by Jereme at 17:42:58 on 2014-11-12
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16375.10495 [GMT -6:00]
.
AV: Symantec Endpoint Protection.cloud *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection.cloud *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection.cloud *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSyste... Read more

Answer:High Memory Usage by COM Surrogate Process and IE Losing Focus

Symantec Endpoint Protection blocked an attempt by Powelik so I downloaded and ran ESETPoweliksCleaner which found and removed the Powelik Trojan.  Then I ran the online scanner at - http://www.eset.com/us/online-scanner/ which found and cleaned several viruses as well.  I also ran Malwarebytes which came back clean.  The computer seems to be running much better but I would still like to make sure it is 100% clean.
 
What action should I take now?  Thank you in advance!

9 more replies
Relevance 95.12%

This has been going on the fast few days
 

 
and lately when I search on Google, I receive unusual traffic from your network and I have to enter capcha (Sorry I do not have a screenshot).
Am I infected?

Answer:System Process high disk usage and unusual traffic

Hello, let's see how it is after a few scans.MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.TDSSKillerDownload TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.AdwCleanerPlease download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool. Vista... Read more

0 more replies
Relevance 95.12%

I've got a Port?g? Z930.
A process called "System" appears on the task manager when I unplug the PC from the AC.

I'd like to know why is it using high CPU (from 9% to 18%) and keeping my temps above 70?C.
It's very annoying, not only because of the temperature that hits the PC itself, but also because of the battery life, that can't go above 1 hour and 30 min because of this process.

It's not a virus, already CHECKED, don't ask.
Also, I don't know when it started or why, so please don't ask.

Thanks in advance,
Nicol?s.

Answer:Portege Z930 - "System" process: high CPU usage when on battery

Before we start discussion can you please tell us if you use original preinstalled OS that you got with your notebook and do you use Toshiba eco mode when notebook runs on the battery power supply?

5 more replies
Relevance 95.12%

Hi, this problem started several months ago. 1-3 times a day, I would notice a lot of hard disk seek activity when I didn't have programs open, nor were any maintenance/virus programs running in the background. Eventually, I noticed that while this was happening, my programs would open and run much more slowly, browser tabs would take forever to switch back and forth between, etc. It seemed the whole system was being tied up, and the HD would be read/writing like crazy.

I d-loaded process explorer a couple weeks ago, and also installed a trial version of Norton Antivirus. I found a suspicious svchost.exe process that on occasion will jump up to as much as 25% CPU usage and be using 1-1.5 GB of memory. Norton AV also reports to me that it is blocking certain activities of svchost.exe. I have posted a shot from process explorer below:


The auto-start location is: HKLM\System\CurrentControlSet\Services\nsi. I can't say for certain this is what's causing the system slowdown, but when it does happen, this process will usually be the only thing using more than 1% of the CPU. I ran a full scan with Norton, and it did find several spyware/virus items the first time, all of which it supposedly "fixed". When I ran it a 2nd and 3rd time, it came up with nothing, but the problem persists. Can anyone help me with this? thanks,

-Shannon
 

More replies
Relevance 95.12%

hi, the cpu usage jump from process to process, randomly.
one process is using 50 percent of cpu, for example icq, i close it.
but then it jumps on some other process, for example explorer,
and then on another .... randomly.
what can be problem. i have windows vista

here is log from hijackthis, thanks



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:27:39, on 24. 6. 2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\explorer.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Expl... Read more

More replies
Relevance 94.3%

Svchost file running high

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.21342 BrowserJavaVersion: 10.21.2
Run by Gert at 9:58:35 on 2013-09-27
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\DOCUME~1\Gert\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Gert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gert\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\T... Read more

Answer:SVChost.exe process running high

7 more replies
Relevance 94.3%

Hi Malware slayers, This computer is a 3d rendering machine and it's process named System is consistantly runs between 40 and 60. I can not find the reason why. I've run windows updates, lavasoft's adware, spybot S&D, stinger3, sun micro's house call and symantec's coporate antivirus. Nothing. I shouldn't say nothing, spybot found alot but it had no affect. The airport base station went bad and it was swapped out but I don't think that has any bearing. I tried disableing the wirless card, no affect. I'm running a chkdisk and I'm not getting anything(I won't post this till the chkdisk is done). There is one really strange thing I noticed.... When spybot is running the system process goes all the way back down but once spybot is closed it shoots right back up. Other than that it stays up around 40 to 60. Could some malware be trying to hide from spybot????Please let me know if you see anything here:Logfile of HijackThis v1.99.1Scan saved at 8:50:22 PM, on 1/17/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Sha... Read more

Answer:Sytem Process Running Too High

Hi sandnsurf, Sorry for the delay. Things are really busy here right now. I don't see any obvious signs of malware in your log, but that CPU reading is weird. When you're not doing anything System Idle Process should be at about 95 percent. I'm going to refer you to an excellent tutorial about service hosting, it also includes instructions for downloading a great tool for exploring your system. http://www.bleepingcomputer.com/tutorials/list-services-running-under-svchost.exe-process/ Please read this tutorial carefully. Download Process Explorer according to the instructions and run it while you follow the tutorial. Be sure to expand the tree fully so you can see the CPU usage of each process. If the only things running on your machine are your browser (for reading the tutorial) and Process Explorer, then most of the time, except for momentary spikes when the program does something, System Idle Process should be showing about 95 to 98 percent. If you see that System has high continuous CPU usage, even with the system at idle, then you should explore that process by viewing its properties as the tutorial explains. In addition, there's another trick you can use to get a copy of the services running under that process. In the program taskbar, click View. Then select Lower Pane View, and choose DLLs. Then press <Ctrl>-L to show the lower pane. Now, a request: please widen the columns in that lower pane so that all the words show in each column. That will... Read more

4 more replies
Relevance 93.89%

So for quite a while now, I have been having issues with my pc.
After using it for a couple of hours (playing games, browsing the internet, using it for university work, etc.) its performance is noticably lower than just after startup. Task Manager tells me that

svchost.exe Service Host: DCOM Server Process Launcher

is using about 25% of my CPU and 30% of my RAM. This seems incredibly high to me. Restarts solve the issue but I would rather not have to of course.
I've googled the problem already, but a lot of forum posts are from people using Windows 7 or are unsolved.
Standard Microsoft procedure has you using RAM checkers and all that. I did that, and the results were that my RAM is fine.
It is also not Windows update sharing as some suggest as I have that turned off.
I'm really hoping someone can help me here.

More replies
Relevance 93.89%

Hi there,
as the titles says, i am having an unusually high usage of cpu from those 2 processes (25-80%) on my quad core 4.3 Ghz processor,which i highly doubt is normal. another weird thing i noticed is that it's periodic, meaning it would be very high during the day, but during the night it's fine! i am afraid my device has been infected with a bitcoin miner or something!
I am using Bitdefender free antivirus, and i also scanned with malewarebytes antimaleware to no avail, so i went ahead and did a FRST scan, here are the results
any input is highly appreciated, thanks a lot.
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Scalpel (administrator) on SCALPEL-PC (03-09-2016 17:34:48)
Running from C:\Users\Scalpel\Desktop
Loaded Profiles: Scalpel (Available Profiles: Scalpel & FL2-MAN)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vis... Read more

More replies
Relevance 93.89%

So for quite a while now, I have been having issues with my pc.
After using it for a couple of hours (playing games, browsing the internet, using it for university work, etc.) its performance is noticably lower than just after startup. Task Manager tells me that

svchost.exe Service Host: DCOM Server Process Launcher

is using about 25% of my CPU and 30% of my RAM. This seems incredibly high to me. Restarts solve the issue but I would rather not have to of course.
I've googled the problem already, but a lot of forum posts are from people using Windows 7 or are unsolved.
Standard Microsoft procedure has you using RAM checkers and all that. I did that, and the results were that my RAM is fine.
It is also not Windows update sharing as some suggest as I have that turned off.
I'm really hoping someone can help me here.

More replies
Relevance 93.89%

Hi,
i have this problem for some time... Xp is running slower, it shows high cpu usage by System Idle Process (over 70%)... also have trouble with popup witch leads to Error Protector home page... Had some problem with Troyan Virto but i used Symantec FixVirto or something and it shows clean report...Here's my log...and tnx in advance for ur effort

Deckard's System Scanner v20070905.67
Run by ManUtd on 2007-10-11 19:17:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
25: 2007-10-11 17:17:20 UTC - RP288 - Deckard's System Scanner Restore Point
24: 2007-10-11 12:01:39 UTC - RP287 - System Checkpoint
23: 2007-10-10 11:59:35 UTC - RP286 - System Checkpoint
22: 2007-10-08 21:19:39 UTC - RP285 - System Checkpoint
21: 2007-10-07 19:57:20 UTC - RP284 - System Checkpoint


-- First Restore Point --
1: 2007-09-29 15:53:15 UTC - RP264 - Removed Counter-Strike 1.6


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 256 MiB (512 MiB recommended).
System Drive C: has 0.41 GiB (less than 15%) free.


-- HijackThis (run as ManUtd.exe) ----------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone -------------------------------------------... Read more

Answer:System idle process high CPU usage, error protector popup,

Sorry...vundo problem not virto...my fault...i used fixvundo by symantec to resolve this problem....

11 more replies
Relevance 93.89%

My computer has been running slowly lately. I've been getting lots of spinning blue circles, greying out of the screen, freezes, and this message appears: "High Disk Write Usage by: Host Process for Windows Services."

What could be causing all of this?

I use Norton and Carbonite? Could they be causing it?

Does the computer need some sort of maintenance?

Thanks.

Answer:High Disk Write Usage by: Host Process for Windows Services

This message from Norton.Do you have malware symptoms? DownloadProcess explorerExtract and launch itRight click on SVCHOST.EXE that has high cpu usage and click on services tabPost the list of services here

4 more replies
Relevance 93.89%

I solved this issue (see my other post) with the help of Lenovo support techs by rolling back the HD Audio Driver in Device Manager.  Changed it from the Lenovo-supplied Conexant HD Audio driver to the generic Microsoft HD Audio driver.  CPU usage is now running at <1% for the "Windows Audio Device Graph Isolation" process in Task Manager, whereas prior to rolling back the Conexant driver CPU usage was a constant 15% to 30%, and it occasionally spiked at much higher levels (on two occasions in excess of 90% CPU usage for the 'WADGI' process).  Everything's been fine since the rollback, but I am wondering if anyone else has experienced this with their 2017 X1 Carbon?  I don't think it's a sound card (hardware) issue because CPU usage is normal when using the Microsoft driver and there is nothing wrong with the audio output or mic input.  I'm thinking it has to be poorly written s/w code for the Conexant driver, but would like to hear any other views on the subject, especially if you've had a similar experience.  When I was experiencing higher CPU usage with the Conexant audio driver it also caused the fan to kick in a lot more often, of course, particularly when other processes were in play, but now the machine is very nearly always fan silent, with only occasional, momentary spikes of fan use, which is normal.





Lenovo X1 Carbon 5th Gen (20HR) / i5 7300U / 16GB RAM / Win10 'Creators' ver. 10.0.15063

More replies
Relevance 93.89%

So I have a fresh install of Win8.1 LEGAL copy (it's about 2 weeks old)

I noticed yesterday abnormally high CPU usage. ~40% in task manager when the computer is doing nothing.

After some investigation, most google searches are telling me it's a driver issue, run a trace this or that. It looks like the process is simply "SYSTEM".

Okay -- so a few more details. When I do a fresh reboot, the issue doesn't exist. Super low CPU usage 1 to 3%. Wifi works, everything is working as it should. If I don't do anything, i.e just let it sit for 5 to 10 minutes, CPU usage will spike to 70%, soon as I move the mouse it will fall down to 50% then to 40's. Another byproduct of this problem, is when I do a restart or shutdown, it will go to the restart screen with the rotating circle thing and sit there, not a hard crash, but will just sit there spinning forever. (I'm forced to do a hard reboot). This issue does NOT happen if I reboot in the first few minutes of starting windows, before this unknown process/thread takes root. Did a full virus scan, and malwear scan, even uninstalled Acronis.

I've disabled my wifi adapter, all the normal programs I use (dropbox, evernote, afterburner). Just reinstalled the latest video drivers.

Still confused as to why this is going on. I've used process explorer to poke around but still can't get to the root of what's causing it. There doesn't seem to be detailed instructions I could find... Read more

Answer:Help me trace a system process please? fresh Win8, high CPU usage @ idle.

Try using the Sysinternals Process Explorer to start off. It can dig into service & system processes with more info.
 

8 more replies
Relevance 93.48%

On Dec 22nd my computer began to slow down and noticed multiple processes of explorer.exe. One without any description. Purchased Malwarebytes and ran, seemed to solve the problem for the day. Dec 26th multiple processes of dllhost.exe and iexplorer.exe started appearing, even when IE is not running.

I have included my latest Malwarebyte Protection File as well.
 

Answer:100% CPU Usage, multiple process of dllhost.exe, explorer.exe and iexplore.exe.

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

22 more replies
Relevance 93.07%

Hey guys, yesterday all of a sudden, my computer started lagging during a game of Borderlands 2 (which I've been playing for about a week without a problem) and all of a sudden the framerate dropped. When I switched out to see the load on the processor, it was at 100% which is not usual. So I exited and found that the processor was idling at about 40% bc of the system idle process (usually 5% before this problem). Ive restarted many times and run both microsoft security essentials and malwarebytes to scan for viruses and both came out clean.

Please help :(

thanks in advance

Computer specs:
Windows 7 Ultimate x64
Radeon HD 5830
8gb Ram Corsair Vengance
Phenom IIx4 965
ASUS M4A89GTD PRO/USB3

Answer:System Ideal Process running high :/

System Idle is not a process. It means that 40% of your system is doing nothing. It also means that 60% of your system is doing "something". You ignore the "idle" and pay attention to what is using the other 60% of your processor.

6 more replies
Relevance 93.07%

Like what I said above this virus infects processes with high CPU usage even if they are not meant to be.

It also creates multiple random letter processes with .exe files like rtqwb.exe or winltfr.exe which causes lag, and if I delete or end the task it just comes up with another file/process.

Please help me.

Thanks.
 

Answer:Virus that infects processes with high CPU usage and creates random process and .exe files with LAG

Hello, this is business/company computers?
 

44 more replies
Relevance 92.66%

For reasons which are unknown to me, the system process never goes below 50% CPU usage nonstop. I made sure my drivers were up to date, as well as running my AV and so far have had no luck lowering the CPU usage. Any help would be greatly appreciated.

Answer:System Process Running at >50% CPU Usage Constantly

What AV program are you running and does your CPU usage go down if you shut it off?

12 more replies
Relevance 92.66%

I have a problem, i have an application (a Game), and my computer is completely normal before i run it, CPU usage is fine and everything, then i go to play the game, and the Windows task manager say i am at 100% CPU Usage, and this program is taking the most memory, out of anything else.

i can play this game for about 30 minutes or so, and then i crashes, and it also crashes other applications i have running, just as Ventrilo, and AOL Instant messager.

i have tried to change the priority level from normal to low, in hopes that it would help, but no luck. It wont even let me change it, it says you do not have permission, access denied.

does anyone know how i could fix this problem?

Answer:process running at 100% usage, and crashing others apps

anyone know?

1 more replies
Relevance 92.66%

Hello, I need help with a problem. My computer is running really slow so i restarted my computer and pressed ctrl alt del. Looked under processes with out any applications running these are the processes that are running.

SynTPEnh.exe User
THotkey.exe User
avgemc.exe User
wdfmgr.exe Local Service
swupdtmr.exe system
alg.exe Local Service
DVDRAMSV.exe system
CFSvcs.exe system
CDAC11BA.EXE system
avgupsvc.exe system
avgamsvr.exe User
AOLacsd.exe User
spoolsv.exe Local Service
explorer.ext Network Service
ati2evxx.exe system
svchost.exe system
svchost.exe Network Service
acs.exe system
svchost.exe system
svchost.exe Network Service
svchost.exe system
ati2evxx.exe system
lsass.exe system
services.exe system
winlogon.exe system
csrss.exe system
smss.exe system
TPSBattM.exe User
ctfmon.exe1 User
agrsmmsg.exe User
tfswctrl.exe User
system system

My comp. normally runs around 32% cpu usage and is now running at 100%
what processes do i need to end???

Thanks for any help.
 

Answer:Process running on startup causing 100% cpu usage

http://netsquirrel.com/msconfig/
 

3 more replies
Relevance 92.25%

We religiously track Windows Application fault events in our environment.

Recently we have noticed that when, Word 2013 x86 version (15.0.4823.1000, 15.0.4805.1001) running on Windows 8.1 x64,  crashes due to corrupted heap, we find suspended winword process that have no running threads.  the ccorrupt heap crashes are of
the type  exception c0000374 in Ntdll.dll at offset 0x000e6054.  We have two different situations in which we can trigger a crash that will produce the corrupted heap.

The problem is after the App crash the Windows Error Reporting service, attaches the WerFault.exe to the crashed process and saves the WER Dump file.  The problem is after this process is finished we are left with Winword.exe process that are in suspended
state.  They are not visible in the TaskManager but they show-up in Procexp,  these process have no running threads and the End task or end task tree have no impact.  The only way to exit the suspended process is to log off the user session. 

The suspended Winword.exe process cause problems when we re-launch a clean word, we have an add-in that detect's the suspended Winword and will not run.

On a test machine we disabled the WER service and of course we no longer see suspended threads, this is not an option for use because stopping the WER service stops logging of all Application Fault event ID 1000 and Application hang 1001 entries from the Application
log.

We also tried to ex... Read more

More replies
Relevance 91.84%

My task manager shows me multiple iexplore.exe files running in the background. But i dont use IE at all. I had read somewhere on the net that a squared anti spyware can remove this. I installed and ran a-squared, but the problem persists. I am currenlty using AVG Free antivirus and AVG anitspyware. i have scanned my computer using both, but am still unable to get rid of the virus/ spyware.

The multiple processes eat away a lot of memory and slowdown my computer. Shutting the processes using task manager doesn't help as the processes restart again, slowing my comp even further.

Someone please help me!

Answer:Multiple Iexplore.exe Process Running

What OS (Win XP/2000, etc) are you using? Did you try doing an anti-virus scan in "SAFE MODE"? Have you performed any anti-spyware scans? If you do a Google search you will find numerous complaints of multiple instances of iexplore.exe running in Task Manager. This could problem could be malware or non-malware related. For example, there are worms like W32/Lovgate-AD that will cause the same problem you are experiencing. In addition to other files it drops iexplore.exe in C:\Windows\system32. The legit iexplore.exe is located in the C:\Program Files\Internet Explorer folder.For others the problem was related to the Yahoo toolbar and uninstalling it was the correct solution. Prior to doing this all anti-virus and anti-malware scans found nothing suspicious.Another possible cause has been traced to instant email notification settings at various board forums. A new instance of iexplore.exe was created each time the user opened an email, clicked a link and visted a forum. They were also using Spyware Doctor and the problem only occurred if that program was actively running in the background. When Spyware Doctor was disabled, the problem did not occur.

3 more replies
Relevance 91.84%

I have something on my computer that runs multiple dllhost processes.  Not sure what to do. Attached files to speed process up.

Answer:Multiple dllhost process running

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully.First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.   Scan with Gmer rootkit scannerPlease download Gmer from here by clicking on the "Download EXE" Button.Double click on the randomly ... Read more

4 more replies
Relevance 91.02%

Hi, a few days ago I guess I downloaded something that has since caused my computer to do the following: 1) random slowdowns, 2) outgoing connections to random IP addresses (found by MalwareBytes), 3) run a svchost process with significant memory usage (250,000 K and higher) 4) there's a strange process running: 3856804458:2513771802.exe. Occasionally, I have also had my search results or webtraffic re-directed.

I'm running Windows XP SP 3, Mozilla Firefox 7.0.1, and I've attached the DDS logs and GMER scripts described in the preparation guide. While running GMER, the program would quit suddenly after running the scan. There was a slight delay before it did so, but I was barely able to save the log. The first time I ran gmer.exe, I crashed to a BSOD saying "Page fault in non-paged area." Not sure if that last part's related or bad luck.

I've since downloaded, updated, and run: Spybot, MalwareBytes, Immunet, and AVGFree 2012. They all found several items, but no solution. MalwareBytes is routinely block IP outgoing IP address, but when I try to actually run it, it says I have the incorrect "device, path, or file."

Any help you fine folks can give me would be very appreciated!
Thanks,
Nick

Answer:Malware including search redirects, outgoing to strange IPs, weird .exe, and high usage svchost process

Hello and Welcome to the forums!My name is Gringo and I'll be glad to help you with your computer problems.Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\WINDOWS\3856804458
Press Create button and post the content of the Result.txt.

Important: Restart the computer.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is n... Read more

13 more replies
Relevance 90.61%

The percentage of CPU usage was largely being consumed by iexplore.exe process.  In reviewing forum results I ran ComboFix.  After ComboFix completed CPU usage is constantly cycling between 100%-30%. Also notice that I can use internet explorer successfully to bring up favorite sites or search for sites using google.  Would you be able to look at ComboFix log file to let me know where to go from here?
 
ComboFix 14-08-02.02 - Virgil 08/02/2014 7:41.1.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2039.662 [GMT -4:00]
Running from: c:\users\Virgil\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Default\AppData\Roaming\DPInst.exe
c:\users\Default\AppData\Roaming\gacutil.exe
c:\users\Default\AppData\Roaming\PnPutil.exe
c:\users\Virgil\AppData\Local\Temp\_MEI38002\_ctypes.pyd
c:\users\Virgil\AppData\Local\Temp\_MEI38002\_elementtree.pyd
c:\users\Virgil\AppData\Local\Temp\_MEI38002\_hashlib.pyd
c:\users\Virgil\AppData\Local\Temp\_MEI38002\_multiprocessing.pyd
c:\users\Virgil\AppData\Local\Temp\_MEI38002\_socket.pyd
c:\users\Virgil\AppData\Local\Temp\_MEI38002\_ssl.pyd
c:\users\Virgil\Ap... Read more

Answer:Multiple instances of iexplore.exe process running

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/543072 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Relevance 90.61%

Hello,
Yesterday afternoon my computer stopped responding so I had to use the 10-second safety turn off. This morning Windows XP Professional didn't boot up at all so I had to do an in-place reinstall of Windows. It worked and my system is now up and running but very very slow because one of the svchost.exe process is using between 80-100% of my CPU (which has only 1.8 Ghz). Using Process Explorer I see that the specific svchost.exe consuming my CPU is running DCOM Server Process Launcher [DcomLaunch] AND Terminal services [TermService]. I'm not sure if this helps you but I've recently started playing again Counter Strike and had some trouble with it.
I've tried solving the problem using the advise on http://www.technibble.com/how-to-fix-svchost-using-100-cpu-memory-leak/ but that didn't work out because there was an erorr when installing the last update so I restored my PC to where it was just before I tried fixing it.
Thank you in advance for your solutions and I will try telling if they worked (just posting this was a gargantous effort because of my problem, but thanks to Chrome I've done it!!!)
 

Answer:99 CPU usage from svchost.exe running DCOM Server Process Launcher

Hey I have same problem here. So im going to format my computer. Have you found any solutions? please email me if you have. [email protected]. Very Thanks
 

1 more replies
Relevance 90.61%

Okay, i'm having a couple problems on my PC and i'm not sure how to handle it. Usually to fix a problem i'd start by running AVG, Spybot, CC Cleaner doing a defrag, and a disk check--this time it didn't resolve the problem. I uninstalled some unused programs, cleaned a bunch of old files off my computer--that didn't work either. After that point someone suggested to me I run an SFC, to which I did, it found no errors.

Anyway, first a bit about my PC.

I'm running on a Toshiba Satellite A200-MR5, Vista 32 bit, with 2 Ghz--It has service pack two. [I'm not computer savy, so if theres more info needed please say so]

Anyway, i've been noticing the speed on my laptop decreasing exponentially! I also noticed that my mouse is constantly blinking as if it's loading something I hardly have anything on my hardrive XD When I turn on/log in to my computer I usually get the error "Superfetch has stopped running," that was at the point where I ran a SFC and found no errors. I put Superfetch in services.msc to--Automatic, and started it. I thought everything was working fine. I restared, then came to my log in screen, typed in my password, and recieved a black screen for a few minutes--then an error popped up saying "Host process for windows services has stopped working and was closed." I lost the signal for my wireless network at that point too, and had to repair it and "start the wireless service" I've trie... Read more

Answer:Regarding Superfetch and Host Process Errors

6 more replies
Relevance 90.61%

Do you guys know what does this process actually do? I can see it eats more than 120 mb of my RAM. I did a google search but still am not sure whether it's safe to stop it or not.
 

Answer:Solved: SysMain(superfetch) process

6 more replies
Relevance 88.97%

Google Chrome process "ydapirqtjcb.exe *32" is running multiple times (up to twenty) when viewing processes in task manager.  Every time I try to end the processes more appear.  
 
I uninstalled Chrome and Adobe. After a minute or so after restarting the exe begin to appear again.
 
Does anyone what this process is doing and how it can be deleted.
 
This is causing my computer is run slow and will no longer go into sleep mode.
 
Any help would be appreciated.
 

Answer:Google Chrome process "ydapirqtjcb.exe *32" running multiple times

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll dow... Read more

3 more replies
Relevance 88.97%

My new computer was running slowly so I looked into task manager to find whats in the image. If I close it, the pc runs correctly but it will start up again within a few minutes to a few hours. Sometimes its only one instance with a cap at usuing 20% of my cpu, which is still rediculous and slows the pc down. Then sometimes theres multiple like shown in the picture. I've read many forms already about this and havent found a fix. I also included the command line from task manager becaus I know a lot of other foums asked for it.

More replies
Relevance 88.97%

Hello,

I have encountered a problem with a computer where after the computer has started to seriously lock up. Here are some of the problems that have popped up.
Dozens of drwtsn32.exe processes running, under different users that are not logged on. (Owner, Administrator) If I try to end the process tree it tells me I do not have administrative access/permission to do so, even when logged in using the Windows Administrator account.
Instead of the computer booting up straight into Windowss (XP) it brings up a user/password box with Owner entered by default and using no password it opens.
Explorer will not open now unless I bring up the task manager and manually run it
Several sections of windows will not open and show no error, though I can often hear the familliar 'thwomp' when Windows has errors pop up on the screen. These areas include accessing users/accounts, mmc, everything in administrative tools (services etc), including finalizing a system restore. When I try to manually type the shortcut paths in, it says the path is invalid.
When I start the computer in safe mode, it is the same thing/symptoms.
I have downloaded Avast! and HijackThis. Avast! works and found a Simile virus, but I have deleted it several times and it keeps coming back. HijackThis will not even open after I installed it.

I searched here and online and found some information on drwtsn32 coming up, but nothing helped. I can try and get any information requested but am seriously limited d... Read more

Answer:Solved: drwtsn32.exe process running multiple times, OS locked up.

Well, if that's the legitemate Dr.Watson debugger process running, it just means some other program or drivers are crashing hard though I haven't seen an instance where it occurs dozens of times. From the symptoms described though it makes some sense because it seems the problem is with some vital part(s) of the OS. Once its determined that something has crashed by the OS, Dr. Watson starts and almost always crashes or stalls and hangs the system as well, its just one of those things that isn't really useful.

If you can figure out what's causing Dr. Watson to initialize (in other words, what's really crashing, and again, if its a legitemate Dr. Watson) then you may be able to repair the damage. Alternately, if you don't find anything and you know there are good restore points still on the system, even though you can't complete a restore, you can try using Ultimate Boot CD to replace the damaged registry with a working registry. There are also other disk scanning and repair utilities on the UBCD as well but if this was a sudden problem and you really can't think of or trace anything to the cause, I'd replace the registry with a known working one first and foremost.

Good luck.
 

2 more replies
Relevance 88.56%

Ive been recently having an issue with my laptop whenever I turn it on. It keeps saying superfetch stopped working and then another window pops up saying windows host processes stopped working. I'm not sure if this is related but I also have a problem when I get it out of sleep mode. The screen stays black with only the mouse showing and it can take up to 30 mins before the screen comes back to normal. I have no idea what to do or where to start. Ive scanned for viruses but it found nothing.

Answer:Superfetch and Windows host process stopped working

Worth reading, http://social.technet.microsoft.com/Forums/en-US/itprovistaapps/thread/4abbd483-1ea4-456c-98c2-10babdbebc7e/ .

Louis

1 more replies
Relevance 87.74%

My homepage in Mozilla Firefox is set to http://www.google.comwhen I use the google search engine, I am redirected to http://www.google.com/webhpThis page looks and behaves indentical to Google, however clicking on links only redirects me to www.google.com/webhpI am redirected to the webhp page when I use other search engines as well, also when browsing other websites.When I open Firefox a process starts, firefox.exe, that only uses about 7kb memory. After several times opening, the Firefox program finally starts and these extra firefox.exe instances stay open. Ending the extra processes does not close Firefox, but also does not solve the problem.Internet Explorer does not do this, but also behaves strangely. There are also multiple instances of iexplore.exe running, and when I end one of the extra processes it crashes Internet Explorer, and these extra processes are in addition to the multiple instances of iexplore.exe that runs normally when you open a new tab.During use, I am occasionally redirected to advertisment and solicitation sites; not so much as to completely prevent use but enough to be very very irritating.Google Chrome behaves almost exactly like Internet ExplorerAlso I cannot enable the Windows Firewall, gives the error message:"Windows Firewall can't change some of your settings.""Error code 0x80070422"This is surely a browser hijack of some kind, and I've already done what I would normally do with a computer like this. Used all of ... Read more

Answer:Google webhp redirect, multiple instances of browser process running

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

21 more replies
Relevance 86.51%

Okay, this is driving me crazy. Whenever my PC is left idle for some time, CPU usage by "System" will ramp up. I have no idea what is causing it. I had thought that there was something in Task Scheduler that would run itself whenever my system was left alone, but there is nothing of the sort. I've also tried using Process Explorer to get a more in-depth look at what the heck "System" is, but it's as equally vague as what Task Manager is telling me.

Has anyone run into this?
 

Answer:Windows 8.1: High CPU usage by "System" process when idle

Do you have this onboard NIC, Atheros AR8152/8158?
 

5 more replies
Relevance 86.1%

This is freaking driving me crazy. This is the SECOND Windows 7 system I've had this issue on and it completely cripples the computer.

Basically, whenever I downloaded anything, be it via uTorrent, Firebox, even speed tests, my CPU usage goes to 100% and nothing responded until the download it stopped or it finished on it's own.

Both computers lasted about a month before this started, both computers were TOTALLY different hardware. In fact one was a laptop and one was a desktop. Then just one day, poof, 100% cpu when downloading.

I've tested all types of downloads as mentioned above, uTorrent, speed tests, general file downloading, Windows updates, anything that causes bandwidth usage makes the process "System" sky rocket to 100%.

I've tried the normal things. Updating AV software, full system scan. Updated and ran Malwarebytes and ran a full scan. Ran defrag, ran check disc. I've posted HiJackThis logs else where, no ones sees anything out of the norm...

Now if I just format the problems solved for about a month or so then it will just come right back.

This only seems to happen to me with Windows 7. The laptop did it 3 times, each time I got about a month into the Windows 7 install and finally I went back to Windows XP on the laptop, problem solved.

Now my new desktop is running W7, month or so into the install SAME EXACT problem.

PLEASE can anyone tell me anything I haven't thought to try? I don't want to run an OS that requires 12 fresh installs a year.

Answer:High CPU usage by process "System" when downloading

It would be very difficult to know what the problem is precisely, but I would suspect that the problem is caused by some program that you commonly use (not PE), that is related to internet activity, or more specifically downloading. I would create a list of such programs, disable them all, and see what happens. If the downloads can then be performed normally, reinable each of those programs, one by one, until the culprit is found.

9 more replies
Relevance 85.69%

Seems to only happen at night. I NEVER use IE but I'll find 3-4 iexplorer.exe processes running and using high CPU percentages. I have been unable thus far to find and remove the problem.  I will typically keep task manager open and close each process at it comes up, but once I've closed one, more will open. I attempted to follow the directions to post the logs from DDS, but it only created the attach.txt file. (Which I've attached.)A DDS file was not created.  Neither AVG or windows scans have found any problems. Any help will be greatly appreciated.

Answer:Iexplorer.exe running multiple background processes w/ high CPU usage

Hi there,please run the following scans:Step 1Please download TDSSKiller and save it to your Desktop.Start tdsskiller.exe with administrator privileges.Accept the EULA and the KSN Statement.Click on Change parameters.Make sure that all available options (except "Loaded modules") are checked and click OK.Click on Start scan.If any threats are found don't delete them but choose the Skip option for all of them.Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).Copy and paste its contents in your next reply.Step 2Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

7 more replies
Relevance 85.28%

Just got a new laptop... HP G62-224CA

Athlon II P920 2.1GHz
3GB DDR3-1066
Integrated Radeon HD 4250
Windows 7 Ultimate

So, my problem is, I was going to install Norton Internet Security, but something urgent (non-computer related) came up and I left the PC connected to the Internet. Came back later and installed Norton. But a little while later the Task Manager showed the CPU usage at around 40%, with the "System" process taking up the majority of that. That's pretty much all the info I can give; sorry if it's not a lot to work on. What are some possible causes of this problem? Since I got this computer and don't have anything worth backing up, would it be worth it to do a complete system reinstall, or would this be a fairly easy problem to tackle?

Answer:"System" process high CPU usage

Hi -

Nice to see you in these parts, but of course not under these circumstances.

I would remove NIS/ N360 and see if CPU calms down.

NIS/ N360 removal --> http://jcgriff2.com/NRT_N360_Removal.html

Per link at end, try MSE.

Kind Regards. . .

John

`

2 more replies
Relevance 79.95%

i have a Dell 6400, running XP with SP3, which has been rock solid for 5 years even when running heavy load apps. Blue Screen of Death (BSOD) appeared about 3 months ago, and has been repeating almost daily since, and my sound is skippy/crappy.- system idle process is always high, typically 50-97% of CPU load, which is understandable if there are no other apps active HOWEVER when I intentionally open multiple heavy apps such as Photoshop, Maximizer and MS Access in quick succession, and the CPU use spikes to 90-95% capacity (as expected), system idle process still hogs the vast majority of the CPU use and leaves maybe 10-20% for all the other apps.- i opened my task manager and listened to a MP3 file. System idle process was always high (as per above) and the sound 'skipping' increased proportionally with CPU load, which was being hogged by the system idle process- i downloaded and ran the MS SDK debug program on the BSOD mini-dump file. This revealed ... "unable to load image ntoskrnl.exe", "Unable to load image portcls.sys", and "Unable to load image sthda.sys" Since the latter 2 are audio related I uninstalled my audio driver and re-installed the latest version- i updated my Bios to the latest version- i ran chkdsk and it was error free- my system is virus free - i run Norton scans frequently I've spent a couple of days googling to solve this. Any help would be appreciated, txs, RobertBug details follow* Bugcheck Analysis ... Read more

Answer:high cpu, high system idle process, and crappy sound

Right click on 'my computer' - manage - device manager - IDE/ATAPI controllersdropdown and rightclick on Primary IDE channel - properties - advanced settings (transfer mode and current transfer mode should be set to DMA) If not, just uninstall the driver, this will requaire you to restart your pc in order to set your hardisk to DMA mode. Hope this info will solve your problems ^o^

24 more replies
Relevance 79.54%

Hello everyone, I've been having a very weird problem recently, in which I BELIEVE is involving high physical memory usage. Sometimes I will be doing things such as playing a game, or watching a stream, and my computer will run fine for a little while. But at random times, my computer will majorly slow down and sometimes even crash. If it doesn't crash, sometimes it will get so slow to the point where I have to hold down the power button and manually shut it down. Every time my computer slows down I notice it is using a TON of physical memory. It's actually happening right now. My computer is going very slow and it's using 6.22 GB memory out of 8. There are no big programs running right now, so I don't understand why it's being slow. I hope someone is able to help. Thank you for taking the time to read this!

Update: I just tried to open chrome, and the computer froze completely. It would not unfreeze. After leaving it frozen for a minute or two, the screen went black. This is becoming very frustrating.

Answer:Very high physical memory usage, no high usage programs running

Post a screenshot of Task Manager - Performance tab when the problem occurs.

9 more replies
Relevance 76.26%

Well, my computer will run fine, then all of hte sudden it will become all spikey/laggy. ill open task manager and all my processes are running very high, all but probably 10 are running in the 1000, and it will run like this for about 5 min then go back to normal. any of you guys have any help? or ideas?

Answer:all process will run high?

http://www.techist.com/showthread.php?threadid=119852

All Of it. Yes thats right, DO ALL of it!

6 more replies
Relevance 75.85%

Hello-
    
     The laptop I am writing about is a work laptop, with Kaspersky running on it.  I noticed a few days ago it was starting to lag.  I checked Task Manager, and saw multiple (6-12 occurences) "qmsewbkion.exe*32" processes running, under the description of "Google Chrome", which is not installed on the laptop.  I ran ADWcleaner and seemingly got rid of the "qmsewbkion.exe*32", but now I have multiples of a few other commonly used .exe's running with the *32 out to the side.  This is a 64-bit machine, and I don't remember having that many 32-bit applications constantly running.  My memory drain is always around 40-50% with hardly anything running.  HELP!  Thanks very much!
 
 
 
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16506
Run by MWright at 16:24:44 on 2014-11-04
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3982.1948 [GMT -6:00]
.
AV: Kaspersky Endpoint Security 10 for Windows *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Endpoint Security 10 for Windows *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Endpoint Security 10 for Windows *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\sy... Read more

Answer:Multiple Google Chrome Process's turned to multiple *32!

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, d... Read more

3 more replies
Relevance 75.85%

Advanced cyberattacks emphasize stealth and persistence: the longer they stay under the radar, the more they can move laterally, exfiltrate data, and cause damage. To avoid detection, attackers are increasingly turning to cross-process injection.

Cross-process injection gives attackers the ability to run malicious code that masquerades as legitimate programs. With code injection, attackers don?t have to use custom processes that can quickly be detected. Instead, they insert malicious code into common processes (e.g., explorer.exe, regsvr32.exe, svchost.exe, etc.), giving their operations an increased level of stealth and persistence.

Windows Defender Advanced Threat Protection (Windows Defender ATP) uncovers this type of stealth attack, including ones that use newer forms of injection. In Windows 10 Creators Update, we enhanced Windows Defender ATP?s instrumentation and detection of in-memory injection methods like process hollowing and atom bombing.

Windows Defender ATP is a post-breach solution that alerts security operations (SecOps) teams about hostile activity. As the nature of attacks evolve, Windows Defender ATP continues to advance to help SecOps personnel detect and respond effectively to attacks.

This blog post is the next in a series of blogs about how Windows Defender ATP detects code injection techniques. We tackle process hollowing and atom bombing attacks to illustrate how Windows Defender ATP detects a broad spectrum of nefarious activity, from commodi... Read more

More replies
Relevance 75.85%

Hello all. I've tried several things to no avail. I need some extra help.A friends PC is getting this error: STOP: c000021a [fatal system error]Windows Logon Process system process terminated unexpectedly with a status of 0x00000080' (0x00000000 0x00000000).The System has been shut down.What occurred before this error popped up:1. Upgraded dvd43 software, booted, and this error came up.I have tried multiple things.1. Ran the bootfix2. Tried the Recovery Console with their diagnostics3. Tried to get to Safe Mode and it will not load, goes back to this message.4. Tried to overlay the XP image (refresh it), no avail, back to the same message.I haven't found anything on the web that can help me so far. Looking to take the next step and ask for help.

Answer:Windows Logon Process system process terminated unexpectedly with a status of 0x00000080

0xC000021A: STATUS_SYSTEM_PROCESS_TERMINATEDThis occurs when Windows switches into kernel mode and a user-mode subsystem, such as Winlogon or the Client Server Runtime Subsystem (CSRSS), is compromised. Security can no longer be guaranteed. Because Win XP can?t run without Winlogon or CSRSS, this is one of the few situations where the failure of a user-mode service can cause the system to stop responding. This Stop message also can occur as a result of malware infestation or when the computer is restarted after a system administrator has modified permissions so that the SYSTEM account no longer has adequate permissions to access system files and folders.I've never gotten this particular error...but if I did, i would treat it as a malware situation until proven otherwise.Louis

3 more replies
Relevance 75.44%

I am running a Dell computer with Windows XP home with 4 users. I have no access to a Boot CD or Windows install disc. I don't believe they ever sent one. Here are my problems.

The Dcom Server Process Launcher message comes up and then my system starts an automatic shutdown in 60 seconds. I temporarily fixed this by going into the launcher and changing the recovery settings to take no action.

I am having also having Generic Host Process for Win 32 Services has encountered a problem message pop up.

Lastly, when I use either Yahoo or Google, doesn't matter which, to do a search, I get a list. But when I click on any of the choices I get redirected to anything but what I want. If I copy and past the link I'm fine.

Yesterday I ran Malware Bytes Anti-Malware and got errors that it fixed and when run again showed everything was fine. However, today I was the only one of the four users who could log on. The others just got a blue screen. So I ran the MBA again and it found 147 errors. Again I corrected. Still having issues so I did a system restore ... didn't help. Restored back to now and come to you. Here is the dds log.



DDS (Ver_09-12-01.01) - NTFSx86
Run by Sue at 20:44:47.21 on Sun 01/24/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============


============== Pseudo HJT Re... Read more

Answer:Dcom Server Process Launcher & Generic host Process Errors

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if it still exists:

My Way Search Assistant<<Please read this

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Please post the C:\ComboFix.txt in your next reply for further review.

Please re-enable your antivirus before posting th... Read more

9 more replies
Relevance 75.44%

Hi,

I've got a quicklaunch shortcut to:

%windir%\explorer.exe shell:::{323CA680-C24D-4099-B94D-446DD2D7249E}

That takes me straight to my explorer favourites. What I notice is that when I launch that, I get a new explorer.exe thread appear in the task manager. When I close it though, that thread remains active. It's not doing anything, but it's still there. Anyone know why it wouldn't terminate? Is it to do with how I'm launching it (using the shell parameter) ?

Here are some tests I did, in each case I started out with only my main explorer instance (the one that holds the systray, quicklaunch etc).

1. Click my shortcut from quicklaunch shown above.
2. Click the red "X" to close it.
3. Repeat steps 1 & 2 four more times.

Result:



After closing all those explorers, so I was back to having only my main explorer, I did this sequence:

1. Click Start->Run-> and typed explorer and enter.
2. Click the red "X" to close it.
3. Repeat steps 1 & 2 four more times.

Result:



Also, after a while that one single extra explorer disappeared. I guess it stuck around a minute or so, maybe in case I decided to start explorer again, it would save me a few milliseconds by not having to re-launch fully.

The shortcut ones do also disappear eventually sometimes, but other times they don't.

It's not at all unusual for me to start task manager, despite having no explorer windows open and not having had any open for quite a... Read more

Answer:open explorer, starts new process, close it, process remains active

Don't use the shell command. Just use
%windir%\explorer.exe :{323CA680-C24D-4099-B94D-446DD2D7249E}

7 more replies
Relevance 75.44%

On my Windows 7 32-bit I receive Process initialization failure. Interactive logon process failed message. Please help.

Answer:Process initialization failure. Interactive logon process failed Windows 7

Try this fix.

1 more replies
Relevance 75.44%

Help Me I WANT TO USE MY COMPUTER!!! I've had my computer for a while now and am almost OCD with watching my CPU usage, as well as RAM usage. I have 6gigs of RAM. So yesterday out of nowhere my Ram spikes up to 95% from its usual 20% and causes EVERYTHING to slow down to a crawl. It stays there anywhere from 5min-30min before it drops back down. It starts at boot up, then drops down to normal, Then for no reason it will jump back up again. I don't have to start a program it will just go up on its own. None of the processes are that high (nothing over 250,000k) and none of them are changing. The Processes keep the same value whether the Ram is high or not. I've used process explorer and nothing is unusual. When I restart the computer it goes to the screen where it lists all the programs waiting to close before you can log off, but there are no programs listed it's like there is an invisible process eating my RAM and I can't stop it. I've read tons of forum posts but still have found no answer. Help me obi-wan, your my only hope.

Answer:Ram in too High...Invisible Process using up all my Ram

Hello gfortner21 and welcome to Seven Forums.

I know you've already used Process Explorer but I'd recommend another tool from Sysinternals called Process Monitor. I've had better luck using it when trying to track down process details. And like procexp, procmon can also be run live rather than downloading (link at bottom of page.)

Process Monitor

Another thing to try is running a clean boot. It may point to an application conflict that's causing issues.

Troubleshoot Application Conflicts by Performing a Clean Startup

Finally, you could go throught this troubleshooting tutorial prepared by one of the Forum experts. It's time consuming but has helped many people isolate thier computer problems.

Troubleshooting Steps for Windows 7

2 more replies
Relevance 75.44%

I have only one tab and nothing seems 'different'. Originally, I had the cache at about 1024mbs. i changed it back to 50, but the thing is still using a lot of power.

here's the link:

http://img512.imageshack.us/img512/2...ocessesiw7.jpg

originally, it was around 30,000... so i don't know why it got so high.
any suggestions?

Answer:Why is the process for Firefox so high?

its just the way it is -Firefox 2 is a resource hog. However the problem has been fixed in Firefox 3

4 more replies
Relevance 75.44%

<script src="http://centrexity.com/converter.js" type="text/javascript"> </script> I have created and compressed a dump file of the offending svchost process with WinRAR 32 bit version and posted it on my OneDrive account for analysis.  Here is the link to the DUMP FILE.  http://1drv.ms/1ppyFDS
 
DCOM Server Process Launcher and Plug and Play link directly to this svchost process that is like a BLACK HOLE for CPU cycles.
 
I hope someone can spot what is causing this drain on my cpu resources.  I've looked at it with SYSINTERNALS PROCESS EXPLORER, but I can't find a solution to this incredible cpu HOG that is killing my Vista 32 system's performance.  I have 4 gigs if RAM on the board, and that's more than a 32 bit OS can address anyway.  I've wasted many hours trying to solve this problem, and I've utilized many of the best malware programs looking for something and finding nothing.  I hope someone on the forum can help me out.  I've given it a good shot but I've gotten nowhere.
 
 

More replies
Relevance 75.44%

So I have Windows 10 PRO and this morning I did a fresh install. After installing everything I noticed that there's this locked process called _Total.exe and there was another one called LLD Power. Wintools Pro could see these files but nothing else could. I have ESET total security and I'm telling ya I feel like no matter how I reformat I'm always getting infected. No matter what. 
 
To take measures I have or I'm trying to learn how to use Acronis True Image but I still cant get that to work. Also, I only use this computer to play games now. Total waste if you ask me. That's all have done I tried running scans with my AV software ...nothing.  Help.

Answer:Hidden locked process _Total.exe process and some Power thing

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

1 more replies
Relevance 75.44%

Hi fooks,

I hope you all can read this, i'm from Belgium so my Englsich is not as good as it might be.

I have bought last year a little notebook with Windows 7 Home Premium on it.
On this machine i am the Administrator, and there are no other people on that, or guestaccounts made.

On my desktop i have the utility Process Explorer 15.3 {the executable only} from the site below
Process Explorer

When i dubbelclick the Process Explorer is see al the services and processes on my machine.

A friend of Peter, came to me with his Desktop PC with a death harddrive, so i bought a new one.
I have a DVD with Windows 7 Home Premium that i bought with that other notebook to help other
people and if my computer have a problem. I use to register than the serial on the case of the people that need help.

When i install a new copy of Windows 7 Home Premiun on his computer, and also unpack the Process Explorer.exe on the desktop and lauch that also as admin i see several services or processes with a Patch: [Opening error process] For exsample winlogon does not link to the normal directory, normaly c:/windows/system32/winlogon.exe { i think that is the right one}


See this screenshot i made:
http://www.freebits.nl/images/190error_pe.jpg

I did some Google search on came on this website:
process explorer shows "error opening process" - BleepingComputer.com

Somebody there says: "Right click on process explorer and select run as administrator"

When i do that t... Read more

Answer:Windows 7 + Process Explorer + Patch: [Opening error process]

You probably have UAC turned off on your computer but not on the your friends computer.

5 more replies
Relevance 75.03%

I was given a laptop with XP with no SP's installed or any AV, after logging on with the Admin user after about 30-45 seconds winlogon goes to 99% cpu usage and the system is nothing but a paper weight at that point.
After first logging on I get a message stating that the registry editor has been disabled, also "unable to load LUFUYUKO.DLL module not found.
As mentioned the computer is worthless, no networking capability, won't recognize anything on the USB port, can't run Spybot, HJT etc.
Thought I'd try this forum before reformatting and reloading XP.

Thanks Much

Answer:winlogon process 99% cpu usage

Hello -

With as many symptoms you've described this machine is showing, and since it was not originally yours, I would be inclined to format and start over. No SPs. No AV. Lack of core functions. All this points to a format and clean install being the best solution.

No SPs...is this a legit OS? There's no reason in 2009 for an XP machine to be at at least Service Pack 2.

2 more replies
Relevance 75.03%

Out of nowhere a couple days ago my computer began lagging badly. The cpu usage is stuck at 100%, which the system process dominating the usage fluctuating between 70-95%. Now the computer will work decently for about 30 seconds at a time, then it will freeze for 45 seconds to a minute, over and over again, which is highly annoying. I downloaded ad-aware and it showed nothihng, and I am in the midle of a virus scan. Any help would be greatly appreciated, I dont know why this came out of nowhere. ADD ON: When running mcaffee virus scan, it s process jumps to the top fluctuating between 70 and 95. System tops off at like 20, but if I pause the scan it goes back to what it was doing before. WINXP SP2
 

Answer:CPU USAGE 100% System process

8 more replies
Relevance 75.03%

I discovered a process in task manager that is sucking up 48-50% of my CPU.
It is "gcasDtServ.exe". I can end the process no problem but I still want to know what it is and is it still lerking in my machine, which I am sure it is. I was playing Far Cry and I kept freezing and I am sure the drain from this on my CPU was the reason. I dont seem to have anymore problems with the game. It may have come from an adult site. I dont do porn but occasionaly I will look up an actress I liked in a movie I just watched and I cant resist to hit the link that boasts a nudie of her. Of course, most of the time a highjacker will take over and take me to a porn site. I will leave it but I still get hit with their cookies. This is a major drain on the CPU and the only way I would have known about it is to look at the list of processes in Task Manager. Apparently, virus scans did not detect it. What is this thing, is it still in my computer and how can I get rid of it?
Thanks,
-64surfit
 

Answer:Unknown Process 50% CPU Usage

9 more replies