system process cpu usage spike...

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by pez35, Nov 2, 2004.

  1. pez35

    pez35 Private E-2

    wasn't sure where to post this but I suspect it's spyware of some sort so I'm posting it here. Recently I've noticed that my 'system' process on task manager spikes randomly, most noticably when gaming but also noticable when just browsing the web. Whenever it spikes everything just freezes and then after 5-10 secs it resumes again, beginning to get really annoying. I have ran several spyware removal programs and removed all found, still doing it... I have ran anti virus programs, avg didn't pick up anything, but when I ran norton on-line virus scan it came up with 3 intances of the trojan.byteverify on java class files, since avg wouldn't catch it I just deleted the 3 java files... still doing it. This is getting frustrating, killing my gaming...
    please help...
    I am running Win XP SP2 on 1200Mhz with 512 RAM

    I appologize if this is in the wrong forum...
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Which spyware blocking/scanning applications do you have installed and running?
    Do you have any additional applications that perform popup blocking?
    Do you only have one virus protection application installed and running? You said you have AVG. I want to make sure you are only using one. Which version of AVG.

    Only the System process spikes? Nothing else?

    It may be useful for you to follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.
     
  3. pez35

    pez35 Private E-2

    I am running ad-aware, spybot, and spyware blaster...all up to date.
    no pop-up blocking other then the sp2 one built in...
    I am only running AVG 6.0.788...up to date.

    yes, only the process "system" spikes nothing else.

    I have followed all the steps in that tutorial and the only thing found in all of it was 6 files in house call with Java ByteVer.A-1 in it.

    It's also worth mentioning that I have ran sfc and still no results.
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should read the tutorial in this Sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

    Make sure you have HJT version 1.98.2 and follow the guidelines on where to install it and how to post a log as an attachment.

    And just a note: AVG is up to version 7. AVG Free Edition
     
  5. pez35

    pez35 Private E-2

    here it is...

    I downloaded avg 7.0 beta...

    also I was having an error message saying
    16 bit windows subsystem
    c:\windows\system32\autoexec.nt. the system file is not suitable for running ms-dos and microsoft windows applications. Choose close to terminate application.

    I looked in system32 and there was not autoexec.nt file in there. So I copied it from repair directory into system32 and everything seems to be working fine with that, but I wonder if it's somehow related to this problem...
     

    Attached Files:

  6. pez35

    pez35 Private E-2

    also I downloaded taskinfo hoping to get a better understanding of what's going on. cpu usage is split into 3 areas user, kernel, and "in hardware interrupts and deferred procedures". The spike in the "system" process in task manager corresponds to a spike in kernel in taskinfo, hope that helps... :confused:
     
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Goto Control Panel, Add/Remove programs and look for an uninstall for Windows AdTools (or maybe they just call it WinAdTools or AdTools ). If found, uninstall it. If you don't find an uninstall run HijackThis and have it fix the below line:
    O4 - HKLM\..\Run: [Windows AdTools] C:\Program Files\Windows AdTools\WinAdTools.exe

    After fixing that line, delete the following directory (a reboot may be required first):
    C:\Program Files\Windows AdTools

    Let me know if this resolves your problem.


    Question:

    Do you use some software from Lanovation's Prism Deploy? Is this next line something you installed?
    O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE
     
  8. pez35

    pez35 Private E-2

    yea, I already deleted all that win adtools stuff, I thought I posted a hijak log after the fact but I guess I was wrong, sorry. Anyways it's all gone and no change. As far as that

    O4 - Global Startup: Install Pending Files.LNK = C:\Program Files\SIFXINST\SIFXINST.EXE

    that appeared after I upgraded to winxp sp2, as far as I know that's why it's there, it shows up in my startup folder. I really don't know what else it could be.
     
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Does the spiking ever occur when you are not connected to the web and you are not playing games?
     
  10. pez35

    pez35 Private E-2

    I believe it does, it's most noticable in video, but as far as not being connected I'm always connected so there's no way of knowing. I have sat there and watched the cpu usage and I don't have to be doing anything for it to spike but if I am doing something it makes it spike more often. I'm coming off a fresh boot after the release of sp2 so I think I'm just going to reboot, I won't lose too much progress...thanks for trying to help, I'm definately going to start using system restore points now.
     
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Try physically disconnecting your cables so that you are not connected. Now see if it happens. If not, you may have some kind of dialer or other trojan.

    Go back to the READ ME FIRST and run the section called: Alternative Scans - If still having problems
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds