Glock Forum - GlockTalk banner

1 - 12 of 12 Posts

·
Registered
Joined
·
135 Posts
Discussion Starter #1
Something runs continuously in my machine, the C drive runs and the task manager says I 'm at 99% idle. How can I find what's running?

My OS is Windows XP home 2600 xpsp SP2 gdr .070227-2254(service pack2)
I'm using Firefox as my browser and Outlook Express for my Email.
Thanks for any help
 

·
Registered
Joined
·
2,818 Posts
download hijackthis and post a log
 

·
Registered
Joined
·
135 Posts
Discussion Starter #3
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:16:32 PM, on 6/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\DS Clock\dsclock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Eye-Fi\Eye-Fi Manager.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\qoeapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\dsclock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Eye-Fi] "C:\Program Files\Eye-Fi\Eye-Fi Manager.exe"
O4 - Startup: E-mail.lnk = ?
O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179187677343
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

--
End of file - 9009 bytes
 

·
Registered
Joined
·
8,672 Posts
I'm not sure what you're using as a definition for 'running'..

depending on your power saving options, your C drive is SUPPOSED to be running.. (spun up to speed, by default)..

99% idle says nothing is stealing CPU cycles..

I'm not sure what 'symptom' you're trying to resolve. If there isn't one, if you're 'deducing' that you have an issue, perhaps you don't.

If you DO have an issue, it'll produce a complaint about performance generally, and I'm not hearing that. If you want ADVICE.. i don't even know what hardware is between the comp and the world.. but a hardware firewall isn't wrong, ever, supposing you're lacking one.

If you're not seeing a problem, but merely hearing C drive run, it MIGHT be that 'partial defrag' XP does in down times.. or, possibly you have a dying fan, and suddenly you're hearing what wasn't audible before, or didn't make noise before.. you've given plenty of info, I'm just wondering what you need FIXED is all..
 

·
Registered
Joined
·
135 Posts
Discussion Starter #5
''If you're not seeing a problem, but merely hearing C drive run, it MIGHT be that 'partial defrag' XP does in down times.. or, possibly you have a dying fan, and suddenly you're hearing what wasn't audible before, or didn't make noise before.. you've given plenty of info, I'm just wondering what you need FIXED is all..''


----------------
This may well sum it up. The machine works fine, just this sound, possibly a dying fan, and the C drive spinning up for no apparent reason, which you cover here as well. I will see if anyone spots anything in the logfile, and call it a day.


Thank you
for your help.
RJ=
 

·
finishes it...
Joined
·
3,899 Posts
it appears you have 2 different vendor applications for internet security/virus protection (on top of adaware as well)? i assume each program is handling different responsibilities?
 

·
Registered
Joined
·
135 Posts
Discussion Starter #7
Panda handles the anti virus, firewall, etc. Ad-aware is manually opened once in a while ,

CA catches the Spam..


Not good?

I'm open for advice on anything. :)
 

·
finishes it...
Joined
·
3,899 Posts
no, was just curious.

have you tried pausing sql?
 

·
Banned
Joined
·
5,218 Posts
Here's a few tips. Uninstall the Yahoo toolbar. Download and install Firefox 3.0. Do not uninstall current Firefox. Set Adobe Acrobat Reader to not load at start(that's the speed launcher). Uninstall Java 1.5 and install newest 1.6 version but make sure to uninstall all Java first. Quit using Outlook Express, big security risk. Install Thunderbird and use that for mail. How old is the PC/video card? The newer "update" Nvidia drivers can be a problem on older cards. Rule of thumb use version 3x.xx driver for Gforce 3 and older cards, (TNT also). Gforce 4 can use 4x.xx series drivers. The 5x.xx drivers are qwhere problems can start. They also seem to be Windows update default for the older cards. The 5xxx and newer cards can use usually use the 5x.xx and newer drivers but a few have some issues.Internet Explorer 7 doesn't always run as smoothly as old Internet Explorer 6 but not always easy or desired to try to change back. not familar with what CA security is but shouldn't have more than one security suite.
 

·
Registered
Joined
·
135 Posts
Discussion Starter #11
Thanks for all the help. Much of it WAY over my head. I'll just listen to the noise 'til I smell smoke.

Many thanks

RJ=
 

·
Registered
Joined
·
135 Posts
Discussion Starter #12
No smoke, but I got a Blue Screen.

Selected "restart in best last known configuration" or something like that, got her going again. Later that day I decided to do a System Restore, All is quiet now........
 
1 - 12 of 12 Posts
Top