Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

xp 'system' causing comp to hang


  • Please log in to reply
15 replies to this topic

#1 jbkilroy

jbkilroy

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 21 April 2005 - 08:24 PM

For some time now; I have been having the same problem with a variety of programs; Diablo II, Windows Media Player (and media player classic), etc... basically any graphics intensive program that runs on my computer. What happens is that after a few minutes the program will slow down, then return to normal, only to slow down again a minute later. For media files this results in the audio continuing to play while the video slows down. I had been using the computer for a while before this started to happen and I don't recall changing any settings around that time.

I noticed that during these 'stutterings' in the task manager image name-system and user name-system jumps from 0% of CPU use to up to 40%.

I even took the step of reinstalling windows, but now this problem is worse than ever (occurs more frequently). Does anyone have any ideas of what the problem might be, or how I might diagnose it?

Thanks

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:27 AM

Posted 24 April 2005 - 12:49 AM

Try this, shutdown all running programs and programs running in the task bar, including antivirus and spyware programs, and play a video. Does the problem still occur?

#3 jbkilroy

jbkilroy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 26 April 2005 - 07:46 PM

I've tried that. I also scanned for viruses, spyware, adware, changed my 3d setting, changed my video drivers (multiple times); and still have the same problem.

Although it seems the more I change my settings around to fix my problems, the more things the slowdown seems to affect. I hardly use my computer for more than web browsing and email anymore.

The number of programs running doesn't seem to have any effect on my problem, since I often had many things running at the same time back before things started slowing down.

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:27 AM

Posted 26 April 2005 - 10:58 PM

Create a directory on your hardrive to save HijackThis.exe. A directory like c:\hijackthis. If you do not do this, you will not be able to use the backup/restore features.

Download HijackThis from:

HijackThis Download Site

Save this file into the directory you made previously and then run the program named hijackthis.exe. When the program opens click on the Config button, then click on the Misc Tools button, and click on the Check for update online button. When it completes checking/applying updates press the back button.

Now click on the Scan button and when it is finished click on the Save Log button. A Notepad window will open with the contents of this log. Click on Edit then click on Select all. Then click on Edit and then Click on Copy.

Create a reply to this post here and right click in message area and select paste to paste the log into the post.

Someone will reply to you after reading this post. DO NOT fix any entries unless you understand what you are doing.

To see a tutorial with screenshots on using HijackThis you can click on the link below:

How to use HijackThis to remove Browser Hijackers, Malware, & Spyware

#5 jbkilroy

jbkilroy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 29 April 2005 - 12:10 AM

As requested; here is the hijackthis logfile.
Although I am a bit confused... it says this is for problems with web browsers, and mine doesn't have a problem, but everything else does.

Logfile of HijackThis v1.99.1
Scan saved at 1:07:36 AM, on 4/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\jre1.5.0_02\bin\javaw.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\conime.exe
C:\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1107927973833
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:27 AM

Posted 29 April 2005 - 10:55 AM

Looks good..what happens if you open up your case cover and leave it open for a testing period. Does the problem still occur?

#7 Herk

Herk

  • Members
  • 1,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:S.E. Idaho, USA
  • Local time:07:27 AM

Posted 29 April 2005 - 05:12 PM

Isn't "conime" a backdoor?

#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:27 AM

Posted 30 April 2005 - 12:10 AM

Damn you right it may be...missed that in the processes.

Thanks Herk.

I need to get samples of some of your files. Please create a folder called c:\submit. Now copy the following files into that directory:

C:\WINDOWS\system32\conime.exe

To copy the files simply navigate to the directory they are in and right click on the file name, and then click on copy option. Now go back to the c:\submit folder and right click in the folder and select the paste option.

Once the files are all copied zip the folder and rename submit.zip to yourmembername.zip (for example grinler.zip). If you are using XP or ME right-click on the folder and click on the Send To option and then send it to a Compressed folder. You will now see a file called yourmembername.zip. If you are using another version of Windows, please download a program called Winzip and zip it using that.

When the files are zipped, go to:
http://www.bleepingcomputer.com/submit-malware.php
and fill in the required fields and browsing to the file you are submitting Finally click on the Send File button.

#9 jbkilroy

jbkilroy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 30 April 2005 - 11:07 AM

ok; I submitted the file as requested.

Something did occur to me though. In keeping an eye on the task manager window, I noticed that the 'system' jump up to 40% of my CPU only happens when I am running something that slows down (like running media player). Could it be possible that whatever the trouble program is would only be visible if something like media player were running at the same time? If so, how could I detect it?

#10 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:27 AM

Posted 30 April 2005 - 12:22 PM

The file is fine. Its a microsoft file called Console IME.

So you are saying the problem only occurs if media player is running? There are infections that replace wmplayer with a hacked copy. If thats happening, you may want to unisntall and then download the latest and reinstall.

#11 jbkilroy

jbkilroy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 30 April 2005 - 03:41 PM

I was only using media player as an example. It occurs with any media playing program I try, as well as games.

As I said in the beginning, all of these things used to work fine, but then they just started having problems because something under the windows 'system' entry in the task manager is sucking up the CPU speed they need to work. However, if I am not running something CPU intensive, the 'system' entry does not do anything.

There is something wrong with my computer, but no matter what I do; I can only seem to make it worse. As an example (I don't know if this helps, but...) I used to be able to run normal avi files with windows media player. However, I changed some 3d settings to try and make a DVD play smoothly. Not only did that not work, but my avi files now also experience slowdown, even after I reset the 3d options back to what they were before. I even tried uninstalling those drivers and using totally different ones, but with the same result.

#12 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:27 AM

Posted 01 May 2005 - 12:24 AM

I really dont know what else to tell you. Have you tried updating your video drivers and seeing if that helps?

#13 jbkilroy

jbkilroy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 01 May 2005 - 12:42 AM

yes, I already tried that... several times.

The only thing I can think of that I haven't tried yet is a complete format and reinstallation from scratch. But even there I have problems. I have a Dell laptop, and the startup screen tells me to press f2 for BIOS system options (so I can tell my computer to boot from the CD drive). However, I press f2, and nothing happens. I tried to update my motherboard drivers, but was told that I didn't have a Dell motherboard, but one by Phoenix Technologies. However, I don't know how to access the BIOS options for this hardware, and couldn' t find the key commands online. Anyone have an idea?

#14 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:05:27 AM

Posted 01 May 2005 - 03:45 PM

Try using the DELETE key to get into the BIOS
That's what works on my Dell.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#15 jbkilroy

jbkilroy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 07 May 2005 - 06:48 PM

nope, the DEL key doesn't let me access the BIOS options either.

I noticed something interesting today; I don't know if it would help anyone figure out my problem though. I had media player classic running (one of the programs that has problems and was looking at the 'system' entry under the task manager window and noticed that the amount of CPU used would go up temporarily every 7th update (I have update speed on normal). No matter how long I checked it, it was always the 7th 'tick' that would cause the CPU usage to go up, then it would drop back down to 0% on the next, only to reappear 7 'ticks' later. I also noticed that the amount of CPU used would slowly increase over time, until it needed to steal some from MPC and thus caused that program to stutter.

I asked before whether I should try running the HijackThis utility while a program like MPC was running, and I ask again here...

The system process only steals CPU speed when something like that is running, and might be hiding somewhere at other times; I don't know.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users