?
Solved

I need to restore registry to fresh load state

Posted on 2008-02-03
9
Medium Priority
?
233 Views
Last Modified: 2010-04-21
I need to konw if there is a way to restore the registry of a machine to a "fresh load" state, such that it only starts up essential task.  (I have a computer that I think has Adware or something that consumes all of the CPU time - but it is not apparent using the task manager = whatever it is it's banging the heck out of the "C" drive.  Also, What is the best utiltiy to show "hidden tasks" that are running such as this.  I am a programmer of 25 years, but thios has me stumped!
0
Comment
Question by:audiodude
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 27

Accepted Solution

by:
Jonvee earned 300 total points
ID: 20810802
To check out the CPU time suggest you download & run Process Explorer version 11.04, it should show you what you have (hidden also)running:

http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx
0
 
LVL 6

Expert Comment

by:Hardi
ID: 20810829
Have you tried ComboFix?
I got a stubborn virus and ComboFix removed it for me.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 20810836
If you see an increase in CPU usage you can double click the file that appears to be the the problem.  Is it a svchost.exe file?   If it is, select the Services tab.  That should list the services that are running within svchost.exe.

Presume you have thoroughly scanned for viruses and Malware?  Have you had any error messages, pse?

You could also look at the SCU & untick any unwanted items. These will help>
http://netsquirrel.com/msconfig/
http://www.answersthatwork.com/             
http://www2.whidbey.net/djdenham/Uncheck.htm
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 27

Expert Comment

by:Jonvee
ID: 20810868
For Malware>
Superantispyware download:                        
http://www.superantispyware.com/

and viruses>
Kaspersky free online virus scanner:
http://www.kaspersky.co.uk/virusscanner

If then you still have a problem, try  Trend HijackThis 2.02 :
http://majorgeeks.com/Trend_Micro_HijackThis_d5554.html

The technique is to create a folder where you would like the HijackThis file to reside, and run it from there, not from the Desktop or a temp folder. Post back for further details, if required.
0
 
LVL 66

Assisted Solution

by:johnb6767
johnb6767 earned 200 total points
ID: 20812358
Would like to add to Jonvee's suggestion of Process Explorer, to get more detailed....

Process Explorer for Windows v10.21
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx

Double click the offending file. If it is a svchost.exe, then Select the Services Tab. Please list what services are in that svchost.exe.

Then Select the Threads tab, and see what .exe or .dll is using the CPU, and then select it by double clicking it....and copying/pasting the call stack here.....

What I would be curious to see is the Interupts, and the DPC's in Process Explorer. If thats what is using the CPU (not seeen in the Task manager), then you have either a HW problem, or a Driver problem.

0
 

Author Comment

by:audiodude
ID: 20899260
Process Explorer did not show me the offending process  - the process (or service) was hammering the hard drive, creating 10K files in the root directory named POSXXX, where XXX is a hex number starting at 100.  Task manager still shows over 90% Idle on the cpu clock, even tho the PC is running at a crawl..
I am going to try some other other utilities mentioned above. Thanks
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 20900142
Ok.  Well probably your next move is to thoroughly scan for Malware & viruses, as already suggested.

Then at a later time, it would also be prudent to check your hard disk.
"Hard Drive Diagnostics Tools and Utilities ":
http://www.tacktech.com/display.cfm?ttid=287
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 20901913
Process Explorer should register the module using the CPU, unless you dont have the CPU Usage tab shown.... Might need to look all the way at the top, to double check to make sure that it is not an actual process, but the Interupts or DPC's...

Those 2 do not register in Task Manager for sure, but they do in PE...

Could you post a screenshot?
0
 

Author Closing Comment

by:audiodude
ID: 31427656
Thanks guys!
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
In a question here at Experts Exchange, a member was looking for "a little app that would allow sound to be turned OFF and ON by simply clicking on an icon in the system tray". This article shows how to achieve that, as well as providing the same OF…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Free Data Recovery software is an advanced solution from Kernel Tools to recover data and files such as documents, emails, database, media and pictures, etc. It supports recovery from physical & logical drive after a hard disk crash, accidental/inte…

593 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question