Services.exe consuming 50% CPU | Page 2 | Tech Support | Forums
A
A
A
Topic RSS
Offline
21
Offline
22
Offline
23
Offline
24
Offline
25
Offline
26
Offline
27
Offline
28
Offline
29
Offline
30
Offline
31
Offline
32
Offline
33
Offline
34
Log In
Register
HomeTopic RSS
Services.exe consuming 50% CPU
February 17, 2010
7:11 PM
7:11 PM
karen
Washington, DC Metro Area
dotTechie
Forum Posts: 878
Member Since:
November 1, 2009
November 1, 2009
Offline
0
Bad LAN drivers could cause something like that. But I guess we'll never really know.
Glad your problem is fixed though.
February 17, 2010
8:47 PM
8:47 PM
Pwnana
Geek
Forum Posts: 238
Member Since:
November 15, 2009
November 15, 2009
Offline
0
Glad you got it 
17
You got Pwnd
February 17, 2010
8:18 PM
8:18 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
February 1, 2010
Offline
0
Phew what a relief! Lovely start to a great new day!
Ramesh
February 17, 2010
9:27 PM
9:27 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
February 1, 2010
Offline
0
There is one introspection I hasten to share. In fact I cursed myself for not thinking out of the box fast enough. I'd rushed to post it; mercifully Sandeep's problem had been solved by then.
Throughout Sandeep's trouble I inferred that the "naughty Process" was a "visible" process. That is, it was not a trojan or a rootkit. How daft of me. What if the devil was actually invisible? 
A rootkit/trojan process is a clever invisible devil of a process which hides itself even from a process manager itself!
I'd like someone to answer this if possible.
1) Does Anvir "visibilize" even an "invisible, rootkit, trojan process" or is it unable to do so?
2) If one wished to capture a rootkit trojan devil in Anvir can one do it this way – Physically count the number of processes in a 1, 2, 3, 4… basis & compare that with the summarized count which Anvir shows you in its icon in the system tray? The difference means you are suffering a rootkit process.
3) Does Anvir's physical process count always match the process count showed in the tray? Or can the tray count be higher – the difference being a pointer that there is a rootkit devil eating the cpu. That's dicey because the devil eating cpu cycles is an "invisible" devil rather than a "visible" devil!
4) Do Anvir & Process Tamer only catch/tame "visible" devils or "invisible" devils as well?
We fortunately have well-heeled stalwarts like Karen & also savvy stalwarts like Ashraf whose high standing in the industry owes itself not only to his intellect & honesty but also to I am sure excellent respect he commands from developers.
Therefore it would help dottechies if we get an answer to this question – does Anvir & Process Tamer catch/tame only visible devils or invisible devils too.
Sandeep – for posterity sake invisible devilry aka rootkit gets caused sometimes in the time gap between uninstalling one antivirus & installing another. Even a good antivirus catches a rootkit only if it enters AFTER that AV is installed AND NOT before that AV is installed.
Given that I shudder to think what invisible rootkit devils lurk in various computers.That's why there is a market for rootkit revealers even though there are good antivirus – it catches invisible devils even if your anti virus does not.
I don't have one yet, but plan to.Which rootkit revealer is best & why?
Ramesh
February 17, 2010
10:45 PM
10:45 PM
Sandeep
AUS
Nerd
Forum Posts: 82
Member Since:
December 1, 2009
December 1, 2009
Offline
0
That's really a good question asked by Ramesh and sorry i don't have any answer to it.
Regarding Rootkit – there is a Microsoft program called RootkitRevealer which can be found at http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
Thanks Guys.
But i am really doubtfull how come my problem is gone by just installing the updated LAN drivers. I will try rebooting it again to see if it is really gone.
February 17, 2010
10:46 PM
10:46 PM
Locutus
Guru
Forum Posts: 1886
Member Since:
February 19, 2009
February 19, 2009
Offline
0
@Ramesh: I only tried to think through part of your post (I was just reading some "classic" literature -.-), but it looks like you're looking for something to reveal rootkits. I can't say I've tried this, but I can't say I've ever had a rootkit either:
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
Good luck!
Oh, the site that was :(
February 17, 2010
11:18 PM
11:18 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
February 1, 2010
Offline
0
Locutus I kindly seek an answer to 2 quesions & not just one. Sorry, my fault. Perhaps I should have phrased better:-
1) Do Anvir & Process Tamer spot "visible" processes only or are also capable of spotting invisible (aka a rootkit) processes as well? I am optimistically hopeful because our very own doyen who reviewed it is with us. I say this with all the affection & respect I possess Ashraf so don't go angry on me okay
2) Which is the best rootkit revealer & why?
So these are 2 seperate issues for which I seek help from our family
Ramesh
February 17, 2010
11:39 PM
11:39 PM
Locutus
Guru
Forum Posts: 1886
Member Since:
February 19, 2009
February 19, 2009
Offline
0
Unfortunately I've never used either of those pieces of software, so I can't help you there. 
On the second note, I've never had to deal with a rootkit, but here's some I've found:
http://download.cnet.com/Panda-Anti-Rootkit/3000-8022_4-10717196.html?tag=mncol – Panda Anti-Rootkit
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx – RootkitRevealer
Both are from very big name companies.
Oh, the site that was :(
February 17, 2010
11:44 PM
11:44 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
February 1, 2010
Offline
0
Thanks Locutus
Ramesh
February 18, 2010
1:34 AM
1:34 AM
amnesia
Admin
Forum Posts: 270
Member Since:
May 7, 2009
May 7, 2009
Offline
0
@ Ramesh
1, Anvir dosen't find rootkits, never used Process Tamer, but I would say no.
2, I use Sophos Anti-Rootkit.
I've tried Panda Anti-Rootkit. Had a problem with it, unistalled it, left some piece's behind.
February 18, 2010
11:32 PM
11:32 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
February 1, 2010
Offline
0
@Sandeep
@amnesia
@Locutus – reading a classic & also moderating a forum. Obviouly you have refined taste & rare talents too That's nice!
Thanks friends. They say if you give a person a fish you provide him a meal; but if you teach him how to fish you enable him to feed himself throughout his life. You've taught me how to fish. Thanks! I am setting out to fish for a rootkit protector for my comp
LOL everyone
Ramesh
February 21, 2010
6:33 AM
6:33 AM
black raven
Geek
Forum Posts: 122
Member Since:
April 3, 2009
April 3, 2009
Offline
0
http://www.prnwatch.com/prio.html this is an improved over task manager that I use
February 21, 2010
4:11 PM
4:11 PM
Sandeep
AUS
Nerd
Forum Posts: 82
Member Since:
December 1, 2009
December 1, 2009
Offline
0
This morning when i started my PC, services.exe again started consuming 50% CPU. Sorry Ramesh i didn't installed Process Tamer yet. Before rebooting my PC this morning there was an error message (as my PC was locked on friday, didn't shutdown) saying "Delayed write failed" pointing to somewhere here "C:\WINDOWS\system32\wbem". I oked that message and did a reboot. After running Windows services.exe was consuming 50% CPU. Then i checked this post and as Karen says try disabling "Event Log" and "Error Reporting Service" i did that and rebooted the PC. Hurrrey the problem is gone.
Thanks Guys for all your help. Keep it up.
February 21, 2010
9:29 PM
9:29 PM
Ramesh Kumar
Grand Master
Forum Posts: 390
Member Since:
February 1, 2010
February 1, 2010
Offline
0
Hi Sandeep!
That's the second good news in 2 days. Yesterday Conn09 got out of the woods & today you have. That now leaves only Steelers6 (System Dumps).
It is not important whether getting out of the woods was because of or inspite of someone. When a dottechie gets out of the woods all other dottechies are happy. Like Conn09 you too have left everyone with good learnings for the future
Ramesh
Forum Timezone: America/Los_Angeles
Most Users Ever Online: 253
Currently Online:
43 Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
phoenix_rising: 899
karen: 878
Wheezer: 786
yourpalal: 647
PCbasics: 612
ebony: 548
Member Stats:
Guest Posters: 9
Members: 7523
Moderators: 0
Admins: 3
Forum Stats:
Groups: 3
Forums: 17
Topics: 2192
Posts: 15804
Newest Members: mame, aryan, Cvele, jennifer, yrmi10, Alkyona
Administrators: Ashraf (1741), Locutus (1886), amnesia (270)
