[RESOLVED] [32] SVChost.exe hogging resources
Page 1 of 3 123 LastLast
Results 1 to 15 of 34

Thread: [RESOLVED] [32] SVChost.exe hogging resources

  1. #1
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536

    Resolved [RESOLVED] [32] SVChost.exe hogging resources

    My friends Dell laptop with Vista home premium installed has a problem with one of the SVChost.exe process taking 50% of the computers resources. This only seems to happen when the computer is connected to the internet. The problem makes the computer so slow that's it's nearly impossible to work on it. I've tried to find out what the service is connected to, but can't. Can I end task on this service without damaging the system? Also, any idea what is causing this and how to correct it? Thanks.
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  2. #2
    Join Date
    Apr 2000
    Location
    Elma,Wa.
    Posts
    50,036
    From the command prompt run tasklist /SVC
    That should list what all is using the SVChost.

    If you want a txt file to be put in the root ofC:\ , type in

    tasklist /SVC >C:\tasklist.txt
    SMILE
    and post back. Let us know if it worked.
    [ Book mark this post to find it again]

  3. #3
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,890
    Download HijackThis:
    http://www.trendsecure.com/portal/en...kthis/download
    Click on Download HijackThis Installer
    Post HijackTHis log.

  4. #4
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    Train; When I type in the command I get the list for about 1 second. When I try to save the list I'm unable to find it. Broni; I'll post a log in a while. I have to keep his laptop off the internet for it to be usable. I'll need to transfer the log from his computer to mine. Thanks guys for the replies.
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  5. #5
    Join Date
    Apr 2000
    Location
    Elma,Wa.
    Posts
    50,036
    You are using the run line not the cmd line.

    Start, run [type in] CMD and hit OK

    Copy the line to make the list.txt file

    Now on the top left of the cmd window click the little square, select edit then paste.
    Hit enter.
    works fine for me.
    SMILE
    and post back. Let us know if it worked.
    [ Book mark this post to find it again]

  6. #6
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    Hijack this log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:20:50 AM, on 5/9/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
    C:\Windows\sttray.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
    C:\Users\Tessa\Desktop\Security\HJT\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
    O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O4 - Global Startup: QuickSet.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
    O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
    O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
    O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
    O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
    O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 8760 bytes
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  7. #7
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,890
    There is nothing malicious there.
    Post Train's list.
    You may also download, and install Process Explorer: http://technet.microsoft.com/en-us/s.../bb896653.aspx
    When you open it, expand services.exe key, and any svchost.exe key to see what sub-process is using your CPU:


  8. #8
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    Thanks for the help guys. Here's a copy of the services list as per the direction:
    Microsoft Windows [Version 6.0.6000]
    Copyright (c) 2006 Microsoft Corporation. All rights reserved.

    C:\Users\Tessa>tasklist /SVC

    Image Name PID Services
    ========================= ======== ============================================
    System Idle Process 0 N/A
    System 4 N/A
    smss.exe 636 N/A
    csrss.exe 1096 N/A
    wininit.exe 1508 N/A
    csrss.exe 1532 N/A
    services.exe 544 N/A
    lsass.exe 812 KeyIso, SamSs
    lsm.exe 868 N/A
    winlogon.exe 1252 N/A
    svchost.exe 1312 DcomLaunch, PlugPlay
    svchost.exe 1904 RpcSs
    svchost.exe 1000 WinDefend
    svchost.exe 484 Audiosrv, Dhcp, Eventlog, lmhosts, wscsvc
    svchost.exe 1800 AudioEndpointBuilder, EMDMgmt, Netman,
    PcaSvc, SysMain, TabletInputService, UxSms,
    WdiSystemHost, Wlansvc, WPDBusEnum, wudfsvc
    svchost.exe 532 AeLookupSvc, BITS, EapHost, gpsvc,
    iphlpsvc, LanmanServer, MMCSS, ProfSvc,
    RasMan, Schedule, seclogon, SENS,
    ShellHWDetection, Themes, Winmgmt, wuauserv
    audiodg.exe 1108 N/A
    SLsvc.exe 704 slsvc
    svchost.exe 1384 EventSystem, FDResPub, LanmanWorkstation,
    netprofm, nsi, SSDPSRV, upnphost, W32Time,
    WebClient
    svchost.exe 1420 CryptSvc, Dnscache, KtmRm, NlaSvc, TapiSrv,
    TermService
    WLTRYSVC.EXE 1472 wltrysvc
    BCMWLTRY.EXE 1200 N/A
    UmxCfg.exe 1692 UmxCfg
    UmxFwHlp.exe 604 UmxFwHlp
    spoolsv.exe 1344 Spooler
    UmxPol.exe 996 UmxPol
    UmxAgent.exe 2040 UmxAgent
    svchost.exe 476 BFE, DPS, MpsSvc
    dwm.exe 684 N/A
    explorer.exe 432 N/A
    capfsem.exe 648 N/A
    MSASCui.exe 1336 N/A
    SynTPEnh.exe 668 N/A
    igfxtray.exe 2320 N/A
    hkcmd.exe 2632 N/A
    igfxpers.exe 3108 N/A
    WLTRAY.EXE 3460 N/A
    issch.exe 2072 N/A
    isafe.exe 2572 CAISafe
    ITMRTSVC.exe 3556 ITMRTSVC
    cctray.exe 3836 N/A
    cavrid.exe 2876 N/A
    MDM.EXE 3032 MDM
    sttray.exe 2248 N/A
    svchost.exe 2872 PolicyAgent
    RoxWatch9.exe 3272 RoxWatch9
    capfasem.exe 2228 N/A
    ehtray.exe 3532 N/A
    sprtsvc.exe 1596 sprtsvc_dellsupportcenter
    sprtcmd.exe 2788 N/A
    LinksysAgent.exe 3220 N/A
    stacsv.exe 3396 STacSV
    GoogleToolbarNotifier.exe 2284 N/A
    ehmsas.exe 3076 N/A
    DLG.exe 3128 N/A
    svchost.exe 2360 stisvc
    quickset.exe 3168 N/A
    vetmsg.exe 3360 VETMSGNT
    SearchIndexer.exe 3268 WSearch
    XAudio.exe 2120 XAudioService
    ccprovsp.exe 1372 CaCCProvSP
    taskeng.exe 3868 N/A
    CAPPActiveProtection.exe 1048 N/A
    PPCtlPriv.exe 3484 PPCtlPriv
    cmd.exe 3116 N/A
    tasklist.exe 2688 N/A
    WmiPrvSE.exe 2780 N/A

    C:\Users\Tessa>
    C:\Users\Tessa>
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  9. #9
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    I need to add some important information that I forgot to include in the first post. The last program used before the problems started was Limewire. My friend downloaded two songs. He reminded me of that while golfing this morning.
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  10. #10
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,890
    It'd take ages to check every single process from that text file, so why don't you use Process Explorer to see what sub-process of svchost is eating up CPU.

    Limewire, huh?
    Post HijackThis log, as well.

  11. #11
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    Yes, I know I've warned him about Limewire and he doesn't download much, but I can't seem to get through to him that anything can ride along with the download. I just downloaded Process explorer, I'll slip it on a CD-RW disk and transfer it to the laptop. Be back in a while.

    Another thought about Limewire. I've seen Limewire itself cause problems like this. It wants a internet connection to transfer files to another user or something like that.
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  12. #12
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,890
    If you play safe.....I've been using Limewire for years with no ill effects - 2K, XP, Vista...

  13. #13
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    OK, I installed Process explorer on the laptop and started it. I'm not seeing the exact window that's shown above. What I'm seeing is a windows without the process showing on the left. I tried to select "show process" but it is grayed out. I hooked the laptop up to the internet and observed Process Explorer. The CPU usage shoots up 50% and goes back and forth between two or more services. I know there's something causing this, but what. This is a real mystery . I'm going to uninstall Limewire-reboot-and connect to the internet. Then I'll try to post a new HJT log while connected.
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  14. #14
    Join Date
    Apr 2001
    Location
    Ogdensburg,NY USA
    Posts
    4,536
    Update & HJT log;
    I used system restore to roll back to the 1st day of this month. I'm able to get on the internet now with it. I reinstalled Process Explorer and now I'm able to see the screens as shown in your previous post. While generating a new HJT log I need to do it as admin., HJT was denied access to the host file. Here's the new log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:09:06 PM, on 5/9/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
    C:\Windows\sttray.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Tessa\Desktop\Security\HJT\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
    O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O4 - Global Startup: QuickSet.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
    O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
    O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
    O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
    O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
    O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 8803 bytes
    Thanks again.
    The true test of character is not how much we
    know how to do, but how we behave when we don't know what to do

  15. #15
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,890
    The log is clean.
    What about those CPU spikes?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •