1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved CPU seems taxed

Discussion in 'Malware and Virus Removal Archive' started by TJGarner, 2010/07/14.

Page 2 of 2
  1. 2010/07/31
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Very good :)

    Update Adobe Reader

    You can download it from http://www.adobe.com/products/acrobat/readstep2.html
    After installing the latest Adobe Reader, uninstall all previous versions.
    Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

    Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
    It's a much smaller file to download and uses a lot less resources than Adobe Reader.
    Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.

    ==============================================================

    OTL Clean-Up
    Clean up with OTL:

    * Double-click OTL.exe to start the program.
    * Close all other programs apart from OTL as this step will require a reboot
    * On the OTL main screen, press the CLEANUP button
    * Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    ==============================================================

    Your computer is clean :)

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

    Turn off System Restore:

    - Windows XP:
    1. Click Start.
    2. Right-click the My Computer icon, and then click Properties.
    3. Click the System Restore tab.
    4. Check "Turn off System Restore ".
    5. Click Apply.
    6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
    7. Click OK.
    - Windows Vista and 7:
    1. Click Start.
    2. Right-click the Computer icon, and then click Properties.
    3. Click on System Protection under the Tasks column on the left side
    4. Click on Continue on the "User Account Control" window that pops up
    5. Under the System Protection tab, find Available Disks
    6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C: ")
    7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
    8. Click OK

    2. Restart computer.

    3. Turn System Restore on.

    4. Make sure, Windows Updates are current.

    [SIZE= "4"]5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately![/SIZE]

    6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    7. Run defrag at your convenience.

    8. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    9. Please, let me know, how is your computer doing.
     
    broni,
    #21
  2. 2010/07/31
    TJGarner

    TJGarner Well-Known Member Thread Starter

    Joined:
    2008/10/12
    Messages:
    72
    Likes Received:
    0
    Thanks for all your time and help.

    The computer is much better. When mousing over a nested file in the All Programs button from the start menu, they populate much faster than previously. My cpu usage "spikes" to 30%-40% instead of nearly always at 100%. The fan runs a lot less than previously as well.

    One minor complaint, though easily corrected. I took your advice and downloaded the Foxit PDF reader after removing the Adobe Reader. Even though I told it NOT to download the tool bar, it did it anyway. I manually removed it. Other than that, I am very happy with how things are right now.
     
    TJGarner,
    #22


  3. to hide this advert.

  4. 2010/07/31
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I'm happy for you then :)

    Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
    Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
    Click on View > Select Colunms.
    In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
    Go File>Save As, and save the report as Procexp.txt.
    Paste the content into your next reply.
     
    broni,
    #23
  5. 2010/08/01
    TJGarner

    TJGarner Well-Known Member Thread Starter

    Joined:
    2008/10/12
    Messages:
    72
    Likes Received:
    0
    Process PID CPU Private Bytes Working Set Description Company Name Command Line
    System Idle Process 0 59.09 0 K 28 K
    Interrupts n/a 0 K 0 K Hardware Interrupts
    DPCs n/a 1.52 0 K 0 K Deferred Procedure Calls
    System 4 0 K 101,844 K
    smss.exe 536 172 K 428 K Windows NT Session Manager Microsoft Corporation \SystemRoot\System32\smss.exe
    csrss.exe 600 1,792 K 4,392 K Client Server Runtime Process Microsoft Corporation C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
    winlogon.exe 628 6,528 K 5,424 K Windows NT Logon Application Microsoft Corporation winlogon.exe
    services.exe 672 1.52 1,860 K 3,756 K Services and Controller app Microsoft Corporation C:\WINDOWS\system32\services.exe
    ati2evxx.exe 832 744 K 2,640 K ATI External Event Utility EXE Module ATI Technologies Inc. C:\WINDOWS\system32\Ati2evxx.exe
    svchost.exe 848 3,152 K 5,188 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost -k DcomLaunch
    wmiprvse.exe 2412 2,128 K 5,672 K WMI Microsoft Corporation C:\WINDOWS\system32\wbem\wmiprvse.exe
    HPQTOA~1.EXE 3580 1,468 K 5,144 K HpqToaster Module C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE -Embedding
    svchost.exe 940 1,928 K 4,520 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost -k rpcss
    svchost.exe 980 24,124 K 35,436 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe 1044 2,092 K 4,436 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k NetworkService
    svchost.exe 1128 4,972 K 6,992 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
    spoolsv.exe 1488 3,320 K 5,156 K Spooler SubSystem App Microsoft Corporation C:\WINDOWS\system32\spoolsv.exe
    svchost.exe 1576 1,424 K 3,944 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
    avgwdsvc.exe 1612 5,356 K 2,484 K AVG Watchdog Service AVG Technologies CZ, s.r.o. "C:\Program Files\AVG\AVG9\avgwdsvc.exe "
    avgnsx.exe 1232 9,776 K 808 K AVG Network scanner Service AVG Technologies CZ, s.r.o. "C:\Program Files\AVG\AVG9\avgnsx.exe "
    jqs.exe 1752 2,296 K 2,112 K Java(TM) Quick Starter Service Oracle "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf "
    svchost.exe 800 2,516 K 4,396 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k imgsvc
    hpqwmiex.exe 1324 1,216 K 4,092 K hpqwmiex Module Hewlett-Packard Development Company, L.P. "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe "
    alg.exe 2516 1,280 K 3,756 K Application Layer Gateway Service Microsoft Corporation C:\WINDOWS\System32\alg.exe
    svchost.exe 3204 1,656 K 3,660 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    lsass.exe 684 2,444 K 880 K LSA Shell (Export Version) Microsoft Corporation C:\WINDOWS\system32\lsass.exe
    avgchsvx.exe 1144 16,664 K 2,100 K AVG Cache Server AVG Technologies CZ, s.r.o. "C:\Program Files\AVG\AVG9\avgchsvx.exe "
    avgrsx.exe 1152 1,428 K 716 K AVG Resident Shield Service AVG Technologies CZ, s.r.o. "C:\Program Files\AVG\AVG9\avgrsx.exe "
    avgcsrvx.exe 1288 7,104 K 4,036 K AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. /pipeName=2b5fb936-d3b4-4556-9735-e91664ee2085 /coreSdkOptions=30 /logConfFile= "C:\Documents and Settings\All Users\Application Data\avg9\temp\f88f657e-14a4-4e54-843f-207732b05c53-480-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath= "C:\Program Files\AVG\AVG9\" /tempPath= "C:\Documents and Settings\All Users\Application Data\avg9\temp\ "
    ati2evxx.exe 1948 1,024 K 4,008 K ATI External Event Utility EXE Module ATI Technologies Inc. Ati2evxx.exe -Client
    explorer.exe 380 21,148 K 33,388 K Windows Explorer Microsoft Corporation C:\WINDOWS\Explorer.EXE
    SynTPEnh.exe 2716 1,748 K 5,440 K Synaptics TouchPad Enhancements Synaptics, Inc. "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    eabservr.exe 2788 6,512 K 10,804 K Quick Launch Buttons Hewlett-Packard "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start
    HP Wireless Assistant.exe 2832 5,684 K 9,736 K hp Wireless Assistant Module Hewlett-Packard Development Company, L.P. "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"
    avgtray.exe 2876 4,312 K 2,416 K AVG Tray Monitor AVG Technologies CZ, s.r.o. "C:\PROGRA~1\AVG\AVG9\avgtray.exe"
    ctfmon.exe 2900 1,128 K 4,468 K CTF Loader Microsoft Corporation "C:\WINDOWS\system32\ctfmon.exe"
    firefox.exe 2756 1.52 108,116 K 124,416 K Firefox Mozilla Corporation "C:\Program Files\Mozilla Firefox\firefox.exe"
    plugin-container.exe 3696 33.33 24,980 K 29,460 K Plugin Container for Firefox Mozilla Corporation "C:\Program Files\Mozilla Firefox\plugin-container.exe" --channel=2756.6fb4780.1170591505 "C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll" 2756 plugin \\.\pipe\gecko-crash-server-pipe.2756
    procexp.exe 4076 3.03 13,072 K 17,528 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Documents and Settings\Tony\My Documents\Downloads\ProcessExplorer\procexp.exe"
    EM_EXEC.EXE 3528 1,512 K 4,448 K Logitech Events Handler Application Logitech Inc. "C:\Program Files\Logitech\MouseWare\system\em_exec.exe "
     
    TJGarner,
    #24
  6. 2010/08/01
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    broni,
    #25
  7. 2010/08/02
    TJGarner

    TJGarner Well-Known Member Thread Starter

    Joined:
    2008/10/12
    Messages:
    72
    Likes Received:
    0
    Thanks for this tip. That helped a lot. The computer is responding even better.
     
    TJGarner,
    #26
  8. 2010/08/02
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Excellent :)
     
    broni,
    #27
  9. 2010/08/03
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    You should really and urgently update both Adobe & Java!
     
    Admin.,
    #28
  10. 2010/08/03
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    SecurityScan seems to have some glitch, which reports current Java 6 Update 21 as out of date. I contacted program's author.
    OP has current Java 2 Update 21 installed.
     
    broni,
    #29
Page 2 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...