Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sygate Firewall Cpu Usage


  • Please log in to reply
16 replies to this topic

#1 k17

k17

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 23 August 2006 - 03:51 AM

Hi, Im using Sygate personal firewall pro and I got a problem with cpu usage. When i start windows everything is fine, bu after few minutes smc.exe starts using 50% of my cpu. It syays on 50%, sometimes it goes to 48% and 51%.

Sygate personal Firewall pro 5.5 build 2710 should be the latest version
3.0Ghz 1Gb ram


One more question:
I deleted a file name msntt.exe from my system32 directory, I had to unhide protected OP system files to do so. The reason I deleted it was because it has never shown up in taskmanager and wanted internet access. Any information on msntt.exe?

Tnx

Edited by k17, 23 August 2006 - 03:55 AM.


BC AdBot (Login to Remove)

 


m

#2 rowal5555

rowal5555

    Just enough info to be armed & dangerous...


  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:07:36 PM

Posted 23 August 2006 - 07:33 AM

Hi k17.

Info on msntt.exe http://fileinfo.prevx.com/filesearch.asp?f...earch=msntt.exe

It's not a good idea to delete a system file before you check it out - could cause you some heartache.

Cheers

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#3 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:01:36 AM

Posted 23 August 2006 - 08:59 AM

Sygate is a remarkably problem free firewall. I continue to use it even though it's no longer freeware.

I'd suggest uninstalling the firewall, then reinstalling it to fix the problem. Here's a link to the freeware version: http://www.majorgeeks.com/Sygate_Personal_...Free_d3356.html
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#4 k17

k17
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 23 August 2006 - 09:34 AM

Uninstalling and reinstalling didnt fix the problem.

#5 rowal5555

rowal5555

    Just enough info to be armed & dangerous...


  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:07:36 PM

Posted 24 August 2006 - 01:55 AM

A few thoughts.

1. Do you have only one firewall and one antivirus running at any given time? More than one of each can cause conflicts.
2. If your firewall is running overtime, it may be trying a prevent a trojan from calling home. Have you checked your system for malware? You could start here.
3. You could download and save another firewall, go offline, disable Sygate and install the new one.

Let us know how you get on.

Cheers

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#6 FifeFlyer

FifeFlyer

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Location:North of Hadrians Wall.
  • Local time:07:36 AM

Posted 24 August 2006 - 08:29 AM

Uninstalling and reinstalling didnt fix the problem.


Sorry , just to be sure , did you install version 5.6 ?

#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,699 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:36 AM

Posted 24 August 2006 - 11:42 AM

I deleted a file name msntt.exe from my system32 directory, I had to unhide protected OP system files to do so. The reason I deleted it was because it has never shown up in taskmanager and wanted internet access. Any information on msntt.exe?


Many legitimate files run that do not show up in task-manager. You should always research all files before deleting them as you could make your system inoperable if you delete an essential file.

I have just found some information on the specific file in question, and it is not good news. file information. Given the information on that page, it is possible that the CPU usage may be related to an infection.

I would suggest first making sure all your security systems are up to date and then do scans in safe mode. I would also use on-line scanners for additional opinions as not any one security product will find everything.

The following are good on-line scanners. You must use Internet Explorer for these and they will download and use Active X - they won't function without it.

http://www.pandasoftware.es/activescan/activescan-com.asp

http://www.bitdefender.com/

Post back with what they find.

Orange Blossom :thumbsup:

Edited by Orange Blossom, 24 August 2006 - 02:29 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#8 ThorXP

ThorXP

  • Banned
  • 880 posts
  • OFFLINE
  •  
  • Local time:02:36 AM

Posted 24 August 2006 - 03:00 PM

I think that fixing this problem without knowing some system stats is not going to work very well. Could you provide some of these listed?

Age of system:

CPU: Brand, speed

Ram: Type, amount, speed

Peripheral devices

Operating system: Windows 98, 98SE, ME, XP Home, XP Pro, Other

Do you run Anti-Virus software: Brand Name, version #, date of most recent AV signature file

For Internet problems:

Modem: Brand name and date of driver

Type connection: dial-up, cable, sat/DSL, other

Browser: IE, Netscape, version #

Also I would like you to go to the fillowing page that has a choice of 10 free to try or free to use firewalls and choose one other than the one you are using and see if it works properly

http://www.thefreecountry.com/security/firewalls.shtml

#9 k17

k17
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 24 August 2006 - 06:40 PM

CPU: Intel P4 3.0GHz
Ram: DDR, 512MB, 400Mhz +2x DDR 256MB 400MHz
Operating system: XP Pro
Anti-Virus software: Kaspersky
Modem: Model EPX2203 WebSTAR Cable Modem
Type connection: cable
Browser: IE 6

I forgot to mention that Reinstalling windows didnt help (New Install)
And I been using Sygate for some time now and never noticed this problem before


Uninstalling and reinstalling didnt fix the problem.


Sorry , just to be sure , did you install version 5.6 ?

Sygate personal Pro 5.6 build 3408

Post back with what they find.

Panda gave me 16 Spyware and 3 Viruses(Unhiding folders refreshed scanner window, so will post them later)
BitDefender was too slow so I will post the results later.

1. Do you have only one firewall and one antivirus running at any given time? More than one of each can cause conflicts.
2. If your firewall is running overtime, it may be trying a prevent a trojan from calling home. Have you checked your system for malware? You could start here.
3. You could download and save another firewall, go offline, disable Sygate and install the new one.

1.yes
2.Scanned with Karspersky, Spybot, AdAware. HijackThis log clean

3.I installed Filseclap Personal Firewall and everything seems fine, the main reason for this topic it that I want to keep Sygate.

#10 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,699 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:36 AM

Posted 24 August 2006 - 07:51 PM

How do you know that HiJack This is clean? It takes experts to interpret and use HiJack This. Since Panda has found 16 spyware and 3 viruses, there may be other stuff lurking on your system.

What specifically did Panda find? The answer to this will aid our anti-malware folks about what kinds of infections your computer has and what might be bundled with it and they can then tell you what to do next.

Once the computer is disinfected, I suspect the CPU issue will be resolved. Many folks on BC use Sygate.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#11 k17

k17
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 25 August 2006 - 09:05 AM

I used Hijackthis.de online analyze and it gave me
Unknown:
C:\WINDOWS\system32\winsersec.exe -PC Security
C:\WINDOWS\sdaemon.exe -Daemon Tools
O23 - Service: winser - Unknown owner - C:\WINDOWS\system32\winsersec.exe

Unnecessarily:
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll (file missing)

Everything else safe

I did another panda scan ant it gave me 25 Spyware and 0 viruses
Those 25 Spyware are all cookies
After the previous scan I deleted the virus in Temp IE files and couldnt find the rest
I dont think it will help, but just in case: I remember one of them being something like msjavaupd32.exe, google gives nothing

#12 ViZZY

ViZZY

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:36 AM

Posted 25 August 2006 - 10:09 AM

cool

#13 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:36 AM

Posted 25 August 2006 - 10:59 AM

First.
Experience has shown that automated analyses of HJT logs, while fine for what they do, are no substitute for a personalised analysis by someone trained to review each and every entry in the log, and with experience in finding all the "nooks and crannies" where malware might reside. I would suggest, therefore, that you rerun a HJT log and submit it to our volunteer team of experts for review and help. Instructions for submission are found here:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Second.
It would be entirely helpful if you could provide the EXACT information about the viruses, etc., as provided by the AV scan, since even the difference of one letter can be extremely important.

The Sygate problem you are having is probably NOT caused by the application itself, but is symptomatic of some other problem that we can try to identify and correct.

Regards,
John
Whereof one cannot speak, thereof one should be silent.

#14 k17

k17
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 26 August 2006 - 07:48 AM

Tryed following preparation guide for Hijackthis and noticed that cleanmanager isnt working.
Its not that registery problem. When i start cleanmanager in dosent show up, however, it stays in processes and eats up cpu. Ending the process dosent work, only way to turn it off is restart.



Btw could someone chek if msntt.exe is in system32 directory.
Dont forget to disable Hiding of protected Operation system files.

#15 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,699 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:36 AM

Posted 26 August 2006 - 10:05 PM

Btw could someone chek if msntt.exe is in system32 directory.


Please double check spelling and capitalization please. Even a single character difference can mark the difference between a legitimate file and a bad one.

Also, please follow the rest of jgweed's directions if you already haven't done so. Please do not make any additional changes to your computer after you have posted your log as it will make it more difficult for the HJT team to help you. Please be patient as these folks are volunteers and do not bump your post as they may think that someone is already helping you. If you haven't heard from them in five days, add a response to this topic and paste in the link to your HJT topic in that post.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users