1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: svchost.exe then wmiprvse.exe at 100% CPU

Discussion in 'Windows XP' started by amm9487, Dec 15, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. amm9487

    amm9487 Thread Starter

    Joined:
    Jan 13, 2010
    Messages:
    14
    I recently had a fake AV virus that was messing up my pc. I found the file and successfully removed it. Now my pc starts up extremely slow, there are multiple instances of svchost running before I even get to my desktop. One of the scvhost's starts at 99-100% CPU, I can end the process and everything loads fine for a minute or two. Then wmiprvse (NETWORK SERVICE) starts up and runs at 100% CPU. I've read thru a few sites and I can confirm that wmiprvse is in the correct system32 folder. I'm not sure what's going on, any help is greatly appreciated.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:17:50 PM, on 12/15/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Safe mode

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
    O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
    O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
    O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBooster] C:\Program Files\RamBooster 2.0\Rambooster.exe
    O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
    O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
    O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andrew McVeigh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Andrew McVeigh\Application Data\Dropbox\bin\Dropbox.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
    O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Unknown owner - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\PC Tools Security\pctsAuxs.exe (file missing)
    O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\PC Tools Security\pctsSvc.exe (file missing)
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 8657 bytes
     
  2. user22

    user22 Banned

    Joined:
    Dec 10, 2011
    Messages:
    197
    You have two antivirus apps installed.

    Open msconfig and disable the entries below.
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBooster] C:\Program Files\RamBooster 2.0\Rambooster.exe
    O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
    O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
    O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andrew McVeigh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Andrew McVeigh\Application Data\Dropbox\bin\Dropbox.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe


    Hit start button at lower left hand corner of the screen.Then in the run box type services.msc. Find the service listed below,one at a time. left click it once you should have the option to either stop the service or restart it , stop the service then right click selected service select properties then change the startup type to manual then left click apply and move on to the next service.If the service is stopped and the startup type is manual then do nothing.

    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (set this service to disabled)
    O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
    O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Unknown owner - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\PC Tools Security\pctsAuxs.exe (file missing)
    O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\PC Tools Security\pctsSvc.exe (file missing)

    Uninstall the programs listed below.
    Spybot
    PC Tools Security

    Please download TFC by Old Timer and save it to your desktop.
    http://oldtimer.geekstogo.com/TFC.exe
    Save any unsaved work. TFC will close ALL open programs including your browser!
    right-click Run as Admin on TFC.exe to run it.If tfc doesnt prompt a reboot then do so manually.

    Let me know how things are running after completing my instructions.
     
  3. user22

    user22 Banned

    Joined:
    Dec 10, 2011
    Messages:
    197
    Please download MINITOOLBOX When the box opens click save file, save it to the desktop and run it.





    Checkmark the following boxes:


    Flush Dns
    List Installed Programs
    List Users, Partitions and Memory size
    Click Go and post the result.
     
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    PC Tools looks like it has been uninstalled already but left remnants behind.

    Click Start > Run > type CMD

    Click OK.

    Type the following commands one after the other, hitting Enter after each one of them:

    sc delete PersonalSecureDriveService

    sc delete sdAuxService

    sc delete sdCoreService
     
  5. amm9487

    amm9487 Thread Starter

    Joined:
    Jan 13, 2010
    Messages:
    14
    I've got more than two AV systems, I also have Panda Cloud AV and MalwareBytes. Should I keep those? Below is the results of MINITOOLBOX, i'm getting ready to run TFC right now. Thanks for the help!

    MiniToolBox by Farbar
    Ran by AMM9487 (administrator) on 16-12-2011 at 17:38:25
    Microsoft Windows XP Professional Service Pack 3 (X86)

    ***************************************************************************

    ========================= Flush DNS: ===================================
    Windows IP ConfigurationAn internal error occurred: The request is not supported. Please contact Microsoft Product Support Services for further help.Additional information: Unable to query host name.
    =========================== Installed Programs ============================

    2007 Microsoft Office system (Version: 12.0.6425.1000)
    32 Bit HP CIO Components Installer (Version: 6.1.2)
    Acrobat.com (Version: 0.0.0)
    Acrobat.com (Version: 1.1.377)
    Activation Assistant for the 2007 Microsoft Office suites
    Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
    Adobe AIR (Version: 3.1.0.4880)
    Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)
    Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
    Adobe Reader 9.2 (Version: 9.2.0)
    Adobe Shockwave Player 11 (Version: 11)
    Agere Systems AC'97 Modem
    BitTorrent (Version: 7.2.1)
    Broadcom NetXtreme Ethernet Controller (Version: 7.54.03)
    Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
    CCleaner (Version: 2.34)
    CutePDF Writer 2.8
    Defraggler (remove only)
    DivX Setup (Version: 2.5.0.11)
    DJ_SF_03_D2500_Software_Min (Version: 110.0.206.000)
    DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000)
    Dominions 3 (remove only)
    Dominions II (remove only)
    DriverMax 5 (Version: 5.6.0.799)
    FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
    GDR 4053 for SQL Server Database Services 2005 ENU (KB970892) (Version: 9.3.4053)
    Google Toolbar for Internet Explorer (Version: 1.0.0)
    Google Toolbar for Internet Explorer (Version: 7.2.2308.2056)
    Google Update Helper (Version: 1.3.21.79)
    HijackThis 2.0.2 (Version: 2.0.2)
    HP Deskjet D1600 Printer Driver 14.0 Rel. 6 (Version: 14.0)
    HP Deskjet D2500 Printer Driver Software 11.0 Rel .3 (Version: 11.0)
    HP Embedded Security for ProtectTools (Version: 4.5)
    HP Product Detection (Version: 4.0.0013)
    HP ProtectTools Security Manager 2.00 D3 (Version: 2.00 D3)
    HP Quick Launch Buttons 6.30 J1 (Version: 6.30 J1)
    Intel(R) Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4631a)
    Java Auto Updater (Version: 2.0.2.4)
    Java(TM) 6 Update 21 (Version: 6.0.210)
    jZip
    K-Lite Codec Pack 7.7.0 (Full) (Version: 7.7.0)
    Magic ISO Maker v5.5 (build 0281)
    MagicDisc 2.7.106
    Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
    Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
    Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
    Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
    Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Accounting 2007 (Version: 2.0.7503.0)
    Microsoft Office Accounting ADP Payroll Addin (Version: 0.0.0.0)
    Microsoft Office Accounting Equifax Addin (Version: 2.0.7416.00)
    Microsoft Office Accounting Fixed Asset Manager (Version: 2.0.7416.00)
    Microsoft Office Accounting PayPal Addin (Version: 2.0.7416.00)
    Microsoft Office Basic 2007 (Version: 12.0.6425.1000)
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Professional Hybrid 2007 (Version: 12.0.6425.1000)
    Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
    Microsoft Silverlight (Version: 4.0.60531.0)
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.3.4035.00)
    Microsoft SQL Server Native Client (Version: 9.00.4035.00)
    Microsoft SQL Server Setup Support Files (English) (Version: 9.00.4035.00)
    Microsoft SQL Server VSS Writer (Version: 9.00.4035.00)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Mozilla Firefox (3.6.24) (Version: 3.6.24 (en-US))
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
    MSXML 6.0 Parser (Version: 6.10.1129.0)
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
    Panda Cloud Antivirus (Version: 1.05.01.0000)
    Panda Cloud Antivirus (Version: 1.5.1)
    Panda Identity Protect 3.0.44 (Version: 3.0.44)
    Panda Security Toolbar (Version: 2.0.0.10)
    Panda Security URL Filtering (Version: 2.0.0.9)
    Pandora (Version: 2.0.5)
    PeerGuardian 2.0 (Version: 2.0.6.5)
    Putty (Version: 0.60)
    RamBooster (Version: 2.0)
    SoundMAX (Version: 5.12.01.5250)
    Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
    Spybot - Search & Destroy (Version: 1.6.2)
    Synaptics Pointing Device Driver (Version: 9.0.1.5)
    Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)
    TIPCI (Version: 1.20.0000)
    Toolbox (Version: 140.0.428.000)
    VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
    VLC media player 1.0.3 (Version: 1.0.3)
    WebFldrs XP (Version: 9.50.7523)
    Windows Internet Explorer 8 (Version: 20090308.140743)
    Windows Media Format 11 runtime
    Windows Media Player 11
    WinPcap 4.1.1 (Version: 4.1.0.1753)
    WinSCP (Version: 4.0.7)
    WinZip 12.1 (Version: 12.1.8519)
    X-Win32 8.2 (Version: 8.02.1215)

    ========================= Memory info: ===================================

    Percentage of memory in use: 18%
    Total physical RAM: 1527.36 MB
    Available physical RAM: 1247.84 MB
    Total Pagefile: 2136.34 MB
    Available Pagefile: 2052.48 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1975.86 MB

    ========================= Partitions: =====================================

    1 Drive c: (Local Disk) (Fixed) (Total:55.89 GB) (Free:10.35 GB) NTFS
    2 Drive e: (Transcend) (Removable) (Total:15.1 GB) (Free:0.68 GB) FAT32

    ========================= Users: ========================================

    User accounts for \\

    Administrator AMM9487 Guest
    HelpAssistant SUPPORT_388945a0


    **** End of log ****
     
  6. amm9487

    amm9487 Thread Starter

    Joined:
    Jan 13, 2010
    Messages:
    14
    svchost.exe is still using 100% CPU. It wont let me run TFC because I dont have Admin rights? I only see the option to log in as the admin when I boot into safemode. This never occurred to me until recently, weird. I cant run TFC in safemode either.
     
  7. amm9487

    amm9487 Thread Starter

    Joined:
    Jan 13, 2010
    Messages:
    14
    What's next?
     
  8. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Concerning your wmiprvse.exe high CPU usage, you might want to try a Clean Boot procedure to hopefully isolate an offending application. Run it for both Services and Startup items.
     
  9. amm9487

    amm9487 Thread Starter

    Joined:
    Jan 13, 2010
    Messages:
    14
    One instance of svchost.exe still runs at 99% CPU at startup, if I end the process everything seems to work fine except for Firefox. wmiprvse.exe still pops up occasionally but it doesn't devour the CPU anymore.

    Any ideas on whats going on with the svchost.exe?
     
  10. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Open the Task Manager (CTRL+ALT+DEL).

    Select the Processes tab.

    Make sure the PID column is showing.

    How to Get and View PID in Task Manager

    Make Windows Task Manager Display More System Information

    Note the PID of the offending svchost.exe process.

    Click Start > Run > type cmd /k tasklist /svc

    Press Enter.

    With the help of the PID, locate the offending svchost.exe process and let me know which one it is (PID). You can copy the whole command prompt output and paste it into your next reply.
     
  11. amm9487

    amm9487 Thread Starter

    Joined:
    Jan 13, 2010
    Messages:
    14
    It looks like it working fine now, I cant recreate the problem. I'm gonna go ahead and say this one is solved. Thanks for all the help, happy holidays.
     
  12. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    You're welcome! (y)

    Happy Holidays! :)
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1031437

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice