They've stopped. I don't know what was causing them-maybe a MS update :) or something. But, at least for now alls OK. Thanks again.Quote:
What about those CPU spikes?
Printable View
They've stopped. I don't know what was causing them-maybe a MS update :) or something. But, at least for now alls OK. Thanks again.Quote:
What about those CPU spikes?
Cool :)
Bad news, the problem is back. I don't know what we're going to do with it. I can't figure out whats causing this. The only thing left is to reinstall Vista.
Question: If you reformat a hard drive that has a rootkit would the rootkit be wiped or will it remain? Thank.
Everything will be wiped out, including any infection, but before you go there, did you trace those spikes to any particular process, using Process Explorer?
They jump back and forth between two or three different processes. It's a really strange problem. Using the windows task manager sometimes system idle processes doesn't even show, but everything shows when using the Process Explorer program. I thought we had it last night. Then when I rebooted this morning the problem was back. :( I've got to check to make sure my friend can locate the Vista DVD that came with this laptop.Quote:
but before you go there, did you trace those spikes to any particular process, using Process Explorer?
What are their names?Quote:
They jump back and forth between two or three different processes.
OK, the one using the most CPU cycles is: Task scheduling engine, the SVChost.exe PID # is 1896. I don't know if this of any help or not.
What is the name of that file? taskeng.exe?
I'm running his computer in safe mode right now, but I have RasMan in my notes as connected to service. I'm thinking of running a rootkit program on it. Can I do that in safe mode?
Some anti rootkit won't run in Safe Mode, the others are not recommended to run in Safe Mode. Which one are you using?Quote:
What is the name of that file? taskeng.exe?
I've downloaded Blacklight root eliminator and transfer it to the laptop. It won't run in safe mode so it will be a long process to run it normal mode. But, I'll give it a go.
http://www.antirootkit.com/software/...Light-Beta.htm
Anti Rootkit Software Scanners for Vista: http://www.antirootkit.com/blog/2008...ers-for-vista/
Ok, I was able to run Blacklight anti rootkit=nothing found. I also ran a scan with Superantispyware Free, again nothing found. This is really weird. Right now it's running good in normal mode, but not connected to the internet. I'm still looking at the services, but after a while I'm going to put it back on the net to see what happens.
...and take a not of the processes...
Before I connected the laptop to the internet I saved a copy of the Process Explorer log. I then shutdown and connected it to the net and rebooted. Much to my surprise it's running with no problems. I'm wondering if the problem starts with the first boot in the morning. Maybe some windows process wants a connection for some purpose on first boot. I'll see what happens in the morning and post back. I'm hoping to duplicate the problem so I can copy the Process Explorer log for posting. The hardest problem to solve is an intermittent problem.