Reading mode: Light Dark

A Virus??

Go to last post
C

CUSIN BRUCIE

Senior Member
Messages
1,802
Reaction score
2
Location
Middletown/Orange County, New York, US
My Pc recently started to run Verrrrry Sloooowly. I thought that I might have a problem with my AMD 3500+ Processor. I called AMD and they said if it is booting up okay then that may not be the problem. The tech suggested going into the task manager and look at ther performance tab, if it shows the CPU is running at 100% then it could be Malware.

It is running at 100% and takes forever to do anything. I checked what was running in the Processes section and svchost.exe is running at 70+%. I did a Google search and found svhost.exe could be a virus but svchost.exe is a normal app that needs to run.

I tried a system restore to about 1 month ago, that didn't help. I ran adaware and webroot spy sweeper in safe mode, that didn't help. I then cancelled the restore and did a virus scan but found no virus. Then last sunday it seemed okay for a day or two but then started up again.
H E L P P L E A S E !!!

I have a custome built PC running Windows XP pro, an AMD 3500+, with 1 Gb of ram. I have 1 40GB IDe hard drive for windows and two 250GB SATA drives partitioned for everything else.

Any and all help would be greatly appreciated. I really don't want to have to wipe the hard drive and start over again.

Thanks,
Bruce
--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
1. Clean out the temp files. C:Windoz/Documents and Settings/ Administrator(or user name) local settings/temp.
Do a Search for all temp folders on the system, delete what is unnecessary.

2. C:\documents and settings/Administrator (or user name) Start Menu/programs/startup.......Remove programs not needed/wanted or delete item from folder so it won't run at startup but you'll still be able to open it manually.

3. Control Panel/Administrative tools/Services. See whats loading at start up and disable services you don't need.

Defrag the hard drive. Hard Drives that are reaching over 75/80% of capacity tend to run slower.

Mike
 
Thanks Mike,

I'll give these a try although I already defragged my drives. One of my partitions is fairly full but it is not on my main C: drive which I use mainly for windows. I shoot a loot of digital pictures in RAW mode, Nikon NEF files 15.8 mb each so they take up a lot of room.

I've beed told that it is best to delete thes temp files in SafeMode. I also have an error coming up mentioning two temp files :
svchost.exe.mdmp and
appcompat.txt

I had these coming up a few months ago and I had to delete them in safe mode.

Thanks
Bruce
--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
Just some things to check to try to localize where the performance hit is happening:

Open the Task Manager, change to Performance tab, and see if the amount of physical memory is correct. (i.e., is all your memory still installed.)

In Task Manager, select Processes tab, select View/show columns, and select PF Delta and Page Faults. Watch this page and see if some process has large PF Delta. This will imply that your system is page faulting a lot, suggesting a virtual (or real) memory shortage.

Turn on I/O Writes, I/O Reads, and I/O Other columns and see if they show any unexpected activity.

Try disabling your internet conenction and see if CPU usage stays high.

How much free space is there on your C: drive? How large are your Windows paging files and where are they located? Shortage of space on the boot drive, especially if all page files are there, can cause some strange behaviors.

Guy
 
Hi Guy,

Thanks so much for the reply.OK here goes,

1.On the task manager here's what it shows for memory (I have 1 gigabyte installed)
Phys Memory 1,048,040
Available 277,508 fluctuates a little
System Cache 420,668
The CPU is running at between 97-99% sometimes going a little lower.

I selected the itmes that you mentioned and I have some readings. Could I possibly call you and discuss the readings? I would really appreciate your help with this.

Thanks
Bruce
--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
Guy,

I disconnected the internet connection and nothing changed.

It CPU % is drwtsn32.exe at about 78%. I googled that file and it is the Dr Watson error checking utility. But it doesn't stop, it just keeps going.

It also seems my anti virus program AVG, is listed hig in the I/O reads, writes and other colums. Any ideas? Help Please....
--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
CUSIN BRUCIE said:
1.On the task manager here's what it shows for memory (I have 1
gigabyte installed)
Phys Memory 1,048,040
Available 277,508 fluctuates a little
System Cache 420,668
Click to expand...
What percentage of disk space is available?
CUSIN BRUCIE said:
The CPU is running at between 97-99% sometimes going a little lower.
Click to expand...
What is the image name using that 97-99%? If it's the "System Idle Process", that's normal.

Also, has your computer taken longer to boot or shut down than usual?

You may have registry issues. You may want to DL Ccleaner from ccleaner.com. It has a terrific cleaner that gets rid of lots of garbage.

Please be careful with it. It has a registry cleaner that, while fairly safe, is something I wouldn't recomend you use unless you're comfortable in the Registry Editor.
(THAT MEANS BACK IT UP FULLY BEFORE YOU START!)
Sorry for the "shouting- ...
Hope this helps.
--
RG
Chesapeake, VA.
 
Run all of your antivirus and spyware in safe mode.

Also, download Microsoft Defender and load it. Do this first, then reboot to safe mode and run everything there.

--
Thanks,

Digitalshooter!

Member of the 7D and Beercan Cult!

The light at the end of the tunnel is becoming clearer and its calling me to the darkside!
 
you may be at or very close to the point where the best thing to do is back up your data...reformat the drive and reinstall windows and your programs. Could save you lots of time and aggravation in the long run
--
joel albert
[email protected]
 
RoxLo said:
RoxLo said:
1.On the task manager here's what it shows for memory (I have 1
gigabyte installed)
Phys Memory 1,048,040
Available 277,508 fluctuates a little
System Cache 420,668
Click to expand...
What percentage of disk space is available?
RoxLo said:
The CPU is running at between 97-99% sometimes going a little lower.
Click to expand...
Click to expand...
RoxLo said:
What is the image name using that 97-99%? If it's the "System Idle
Process", that's normal.
Click to expand...
drwtsn32.exe SYSTEM is using 65% of CPU. The reading in the performance tab shows a total of 97-99% usage.
RoxLo said:
Also, has your computer taken longer to boot or shut down than usual?
You may have registry issues. You may want to DL Ccleaner from
ccleaner.com. It has a terrific cleaner that gets rid of lots of
garbage.
Click to expand...
It is a bit slow in booting up but not extremely slow. Sometimes when I shut down it does take awhile and also has error messages that say ending program... then I click on End program to shut that down.

I've gone into the registry before but am not too comfortable in doing that unless necessary. If I do use it and back up the registry how do I restore it if I do mess something up?
RoxLo said:
Please be careful with it. It has a registry cleaner that, while
fairly safe, is something I wouldn't recomend you use unless you're
comfortable in the Registry Editor.
(THAT MEANS BACK IT UP FULLY BEFORE YOU START!)
Sorry for the "shouting- ...
Hope this helps.
--
RG
Chesapeake, VA.
Click to expand...
--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
CUSIN BRUCIE said:
Digitalshooter!
I tried to install it in safe mode but it won't allow in safe mode.
I rebooted in regular mode and get the same error saying:
"This installation package is not supported by this processor type.
Click to expand...
Windows Defender?

It is "supported by your processor".

Time to reformat your system drive and reinstall. It's going to be quicker and the only way to be 100% certain you have rid of all the nasties.

I suspect you have been infected with a root kit, which is a way for nasties to hide from the operating system and your antivirus. There are root kit scanners but a clever root kit can hide from these too.
 
Download and install Spybot search and destroy and Lavasoft adaware. MAke sure you run both after installing to update them.

The key here is after you get a good install, then go to safe mode becaause safe mode only load s basic functions and most times will not load any spy ware or viruses.

Key is doiing checks in safe mode. Also can you get to the Internet? and go to any website that does free scans?

Empty you prefetch folder, all temp files and your restore folder.

--
Thanks,

Digitalshooter!

Member of the 7D and Beercan Cult!

The light at the end of the tunnel is becoming clearer and its calling me to the darkside!
 
Hi digitalshooter,

Thanks so much for your ongoing help,
digitalshooter said:
Download and install Spybot search and destroy and Lavasoft
adaware. MAke sure you run both after installing to update them.
Click to expand...
I hove both but will update again and run in safe mode. When I ran them before it didn't seem to help.
digitalshooter said:
The key here is after you get a good install, then go to safe mode
becaause safe mode only load s basic functions and most times will
not load any spy ware or viruses.

Key is doiing checks in safe mode. Also can you get to the
Internet? and go to any website that does free scans?

Empty you prefetch folder, all temp files and your restore folder.
Click to expand...
What exactly is in the prefetch folder? And what is in the restore folder? When I was searching for the file that I thought might be a virus because it was using up a lot of cpu power the other day, svchost.exe, the search located the prefetch folder but it had a lot of files. Is this a temp folder with all temp files? It turns out that svhost.exe is the one associatedwith a virus. Now it is drwtsn32.exe that is using up most of the processor usage. I googled it and it seems to be associated with Dr Watson that windows uses to check for errors but this has been running for a few days.

I have to leave for the day so I will run these later. Any other suggestions will be very greatly appreciated.
digitalshooter said:
--
Thanks,

Digitalshooter!

Member of the 7D and Beercan Cult!

The light at the end of the tunnel is becoming clearer and its
calling me to the darkside!
Click to expand...
--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
This is common. It manifiests itself on my laptop by slowing down everything at boot and running as high as 99% cpu for about five minutes, then it goes away.

Google searches basically expose the reality that no one knows exactly what causes the problem. Some say malware, others say it's an interaction with IPX/SPX network protocol software, and there are a few other theories. None seem to explain or offer a generic solution to the problem. I've found nothing useful at the Microsoft Knowledge Base either.

I've casually looked for a solution for over a month. It's time to rebuild my laptop from scratch I'm afraid. Problem is, there's no guarantee that I won't be crippled once again soon after the rebuild.

--
Cheers,

Jim Pilcher
Colorado, USA

I don't make stupid mistakes. My mistakes are always very clever.
 
Hi Jim,

That's exactly what mine is doing but it doesn't go away, it keeps running my cpu at about 98%. Although right now it is running at between 58% - 70% but things are still running very slowly.

I am also getting an error on startup for Win32, that actually reports a problem from the previous syt down. I had actually allowed it in my Data exectiuon folder but that is when things really slowed down, so now I have it unchecked but that doesn't really get rid of the problem. This was also happening a few months ago and I was able to locate and delet the 2 temp files it mentions in the error window. Now I can't seem to locate the folder that they are located in which keeps changing:
WER1e84.dir00~ for both:
svchost.exemdmp and appcompat.txt

Last time I was able to locate these from safe mode and delet them and my errors stopped. Now I am a bit stumped.

Thanks for your and everyone's help so far. I hope that someone will come accross the right solution so I won't have to reformata and re-install windows.

--
http://CusinBrucie.smugmug.com/gallery/1285864/1/60412211

http://borkofsky.ilovesuccess.net/

My Daughter's Art/Photo Site, Please have a look http://lipping.myexpose.com/gallery/
Nikon D200, 18-200mm VR lens
 
Restore is a Win item that lets you go back in time to a date when your PC operated fine. If any of those have spy or virus, most programs will not clean within a restore point.

Prefetch is files theat Win XP looks for to help the startup process. Viruses and spys hide everywhere.

As a tech, I have learned that if initial runs of anti virus, spyware and a restore point dont help, in safe mode, then I remove the drive and put in a machine as a backup and try to check it as a "d" drive.

My tactics are sometimes more of a challenge because as stated earlier, sometimes it is better to repartition/reformat/reload.

I love a good challenge though. If you reload make sure you REPARTITIOn also then reformat and reload.

--
Thanks,

Digitalshooter!

Member of the 7D and Beercan Cult!

The light at the end of the tunnel is becoming clearer and its calling me to the darkside!
 
You must log in or register to reply here.

Keyboard shortcuts

f
Forum
m
My threads
Mobile site
About
Editorial content
Cameras & Lenses
Community
All content, design, and layout are Copyright © 1998–2025 Digital Photography Review All Rights Reserved.
Reproduction in whole or part in any form or medium without specific written permission is prohibited.
When you use DPReview links to buy products, the site may earn a commission.
©GPS Media - Guides, Products, Services.
Back
Top