Warning: fopen(/home/dottech/public_html/wp-content/sp-resources/forum-cache/sp-plugin-scripts-footer.js): failed to open stream: Permission denied in /home/dottech/public_html/wp-content/plugins/simple-press/sp-api/sp-api-plugins.php on line 745

Warning: fopen(/home/dottech/public_html/wp-content/sp-resources/forum-cache/sp-plugin-styles-all.css): failed to open stream: Permission denied in /home/dottech/public_html/wp-content/plugins/simple-press/sp-api/sp-api-plugins.php on line 534

Services.exe consuming 50% CPU | Page 2 | Tech Support | Forums

A A A

Please consider registering
guest

Log In Register

Register | Lost password?
Advanced Search

— Forum Scope —

  

— Match —

   

— Forum Options —

    

Wildcard usage:
*  matches any number of characters    %  matches exactly one character

Minimum search word length is 4 characters - maximum search word length is 84 characters

Topic RSS
Services.exe consuming 50% CPU
Topic Rating: 0 (0 votes) 
February 17, 2010
7:11 PM
karen
Washington, DC Metro Area
dotTechie
Forum Posts: 878
Member Since:
November 1, 2009
Offline
21
0

Bad LAN drivers could cause something like that.  But I guess we'll never really know.

Glad your problem is fixed though.

February 17, 2010
8:47 PM
Pwnana
Geek
Forum Posts: 238
Member Since:
November 15, 2009
Offline
22
0

Glad you got it :lol:17

You got Pwnd
February 17, 2010
8:18 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
Offline
23
0

Phew what a relief! Lovely start to a great new day!

RameshSmile

February 17, 2010
9:27 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
Offline
24
0

There is one introspection I hasten to share. In fact I cursed myself for not thinking out of the box fast enough. I'd rushed to post it; mercifully Sandeep's problem had been solved by then.Smile

Throughout Sandeep's trouble I inferred that the "naughty Process" was a "visible" process. That is, it was not a trojan or a rootkit. How daft of me. What if the devil was actually invisible? Cry

A rootkit/trojan process is a clever invisible devil of a process which hides itself even from a process manager itself!

I'd like someone to answer this if possible.

1) Does Anvir "visibilize" even an "invisible, rootkit, trojan process" or is it unable to do so?

2) If one wished to capture a rootkit trojan devil in Anvir can one do it this way – Physically count the number of processes in a 1, 2, 3, 4… basis & compare that with the summarized count which Anvir shows you in its icon in the system tray? The difference means you are suffering a rootkit process.

3) Does Anvir's physical process count always match the process count showed in the tray? Or can the tray count be higher – the difference being a pointer that there is a rootkit devil eating the cpu. That's dicey because the devil eating cpu cycles is an "invisible" devil rather than a "visible" devil!

4) Do Anvir & Process Tamer only catch/tame "visible" devils or "invisible" devils as well?

We fortunately have well-heeled stalwarts like Karen & also savvy stalwarts like Ashraf whose high standing in the industry owes itself not only to his intellect & honesty but also to I am sure excellent respect he commands from developers.

Therefore it would help dottechies if we get an answer to this question – does Anvir & Process Tamer catch/tame only visible devils or invisible devils too.Wink

Sandeep – for posterity sake invisible devilry aka rootkit gets caused sometimes in the time gap between uninstalling one antivirus & installing another. Even a good antivirus catches a rootkit only if it enters AFTER that AV is installed AND NOT before that AV is installed.

Given that I shudder to think what invisible rootkit devils lurk in various computers.That's why there is a market for rootkit revealers even though there are good antivirus – it catches invisible devils even if your anti virus does not.

I don't have one yet, but plan to.Which rootkit revealer is best & why? 

RameshSmile

February 17, 2010
10:45 PM
Sandeep
AUS
Nerd
Forum Posts: 82
Member Since:
December 1, 2009
Offline
25
0

That's really a good question asked by Ramesh and sorry i don't have any answer to it.

Regarding Rootkit – there is a Microsoft program called RootkitRevealer which can be found at http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

Thanks Guys.

But i am really doubtfull how come my problem is gone by just installing the updated LAN drivers. I will try rebooting it again to see if it is really gone.

February 17, 2010
10:46 PM
Locutus
Guru
Forum Posts: 1886
Member Since:
February 19, 2009
Offline
26
0

@Ramesh:  I only tried to think through part of your post (I was just reading some "classic" literature -.-), but it looks like you're looking for something to reveal rootkits.  I can't say I've tried this, but I can't say I've ever had a rootkit either:

http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

Good luck!

Oh, the site that was :(
February 17, 2010
11:18 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
Offline
27
0

Locutus I kindly seek an answer to 2 quesions & not just one. Sorry, my fault. Perhaps I should have phrased better:-  Cry

1) Do Anvir & Process Tamer spot "visible" processes only or are also capable of spotting invisible (aka a rootkit) processes as well? I am optimistically hopeful because our very own doyen who reviewed it is with us. I say this with all the affection & respect I possess Ashraf  so don't go angry on me okaySmile

2) Which is the best rootkit revealer & why?

So these are 2 seperate issues for which I seek help from our family

RameshSmile

February 17, 2010
11:39 PM
Locutus
Guru
Forum Posts: 1886
Member Since:
February 19, 2009
Offline
28
0

Unfortunately I've never used either of those pieces of software, so I can't help you there. Yell

On the second note, I've never had to deal with a rootkit, but here's some I've found:

http://download.cnet.com/Panda-Anti-Rootkit/3000-8022_4-10717196.html?tag=mncol – Panda Anti-Rootkit

http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx – RootkitRevealer

Both are from very big name companies.

Oh, the site that was :(
February 17, 2010
11:44 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
Offline
29
0

Thanks Locutus

RameshSmile

February 18, 2010
1:34 AM
amnesia
Admin
Forum Posts: 270
Member Since:
May 7, 2009
Offline
30
0

@ Ramesh

1, Anvir dosen't find rootkits, never used Process Tamer, but I would say no.

2, I use Sophos Anti-Rootkit.

I've tried Panda Anti-Rootkit. Had a problem with it,  unistalled it, left some piece's behind.

February 18, 2010
11:32 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
Offline
31
0

@SandeepSmile

@amnesiaSmile

@LocutusSmile – reading a classic & also moderating a forum. Obviouly you have refined taste & rare talents tooWink That's nice!

Thanks friends. They say if you give a person a fish you provide him a meal; but if you teach him how to fish you enable him to feed himself throughout his life. You've taught me how to fish. Thanks! I am setting out to fish for a rootkit protector for my compSmile

LOL everyone

Ramesh

February 21, 2010
6:33 AM
black raven
Geek
Forum Posts: 125
Member Since:
April 3, 2009
Offline
32
0

http://www.prnwatch.com/prio.html this is an improved over task manager that I useEmbarassed

February 21, 2010
4:11 PM
Sandeep
AUS
Nerd
Forum Posts: 82
Member Since:
December 1, 2009
Offline
33
0

This morning when i started my PC, services.exe again started consuming 50% CPU. Sorry Ramesh i didn't installed Process Tamer yet. Before rebooting my PC this morning there was an error message (as my PC was locked on friday, didn't shutdown) saying "Delayed write failed" pointing to somewhere here "C:\WINDOWS\system32\wbem". I oked that message and did a reboot. After running Windows services.exe was consuming 50% CPU. Then i checked this post and as Karen says try disabling "Event Log" and "Error Reporting Service" i did that and rebooted the PC. Hurrrey the problem is gone. 

Thanks Guys for all your help. Keep it up.Smile

February 21, 2010
9:29 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
Offline
34
0

Hi Sandeep! Smile

That's the second good news in 2 days. Yesterday Conn09 got out of the woods & today you have. That now leaves only Steelers6 (System Dumps).

It is not important whether getting out of the woods was because of or inspite of someone. When a dottechie gets out of the woods all other dottechies are happy. Like Conn09 you too have left everyone with good learnings for the future

RameshSmile

February 22, 2010
8:38 AM
Conn Platt
Lancashire, England
Young Dude
Forum Posts: 167
Member Since:
September 27, 2009
Offline
35
0

Hey that's great Sandeep I'm glad that you fixed your problem finally.

Difficult, to be sure…..but it shall be done!!
Forum Timezone: America/Los_Angeles

Most Users Ever Online: wp_sferrorlog

Currently Online:
39 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

phoenix_rising: 899

karen: 878

Wheezer: 786

yourpalal: 647

PCbasics: 614

ebony: 548

Member Stats:

Guest Posters: 11

Members: 9777

Moderators: 0

Admins: 3

Forum Stats:

Groups: 3

Forums: 17

Topics: 2601

Posts: 16629

Newest Members: OrganMan51, manishnexusclearing.com, joycewilson, surmit chauhan, jasonclarke916, zorastalin

Administrators: Ashraf (1799), Locutus (1886), amnesia (270)

Comments