cmd.exe, resource hog

Status
Not open for further replies.

gottastopthis

Posts: 12   +0
Hi, I've just reinstalled windows because I had "cmd.exe" pop up in my taskmgr every time I started some program (bitcomet, media player, paint.net) and it used 80 percent of my resources grinding down my computer speed.

Reinstalling didn't solve anything, now I get even more "cmd.exe's" in taskmgr and the only way to close them is if I click on them and "End Task".

Can any of you help me with this? How to disable it or auto turn it off whenever it runs?
It is really annoying, my pc isn't great so, every resource hog makes it even worse.


I scanned my pc with that AVG thing, all it found was some tracking cookies. Nothing important.
I scanned with trend micro online, it didn't find anything as well.

I used HJT, I don't think it found anything important, just that cmd.exe that pops up in taskmgr right after I open a program or movie.

Had some "helpsvc" thing going on, that started draining as much as cmd.

Anyway here's the HJT log, hope you can help:



Just now firefox crashed while scanning with that trend micro again, don't know if it's from the scan but...

I'm having major problems here :(

Thanks a bunch!
 
How about uninstalling that McAfee antivirus? Even without any cmd.exe, it is a hog :p
 
i thnk that there is a lttle more thanyo see. there are a couple of 09 entries and 017 entries.
you also need to make sure that your hjt is up to date, and it also needs to have its name changed too, to 'hjt1991'. the reason for this is that there are bugs that hide fom hjt now, and by changing its name, it will expose them.
the entrie numbers i have pointed out, do not delete until howard or someone with more experience has looked at your hjt log
 
Hello and welcome to Techspot.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.


Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.


Regards Howard :wave: :wave:


This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I did everything on that page. I couldn't run tool2, I think because it opened a cmd prompt and I have problems with cmd.exe. Kept closing on me.
I scanned with everything in safe mode, they didn't find anything either.
S&D found some stuff that I had repaired (at least I think it repaired something).

Here are some logs of the tools, I didn't take a screen of avg because I scanned when I first downloaded it and it only found some tracking cookies, last scan was clean.

I just booted half an hour ago, everything seems smooth except for when I try to open a movie file (that darn cmd.exe opens up and stops media player classic from opening anything, if I want to open something I have to close mpc again then end task then hope it'll work second time around).

Well, hope you guys can help.

I think I attached hjt as a log file, sorry, I changed that into .txt
Sorry.
 
I can see nothing particularly nasty in your HJT log.

However, these two processes look a little suspicious.

C:\Documents and Settings\Alexandru\Desktop\C-zone.exe
E:\Screenshot Utility\ScreenshotUtility.exe

Do you know what they are? Did you install them yourself?

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Czone is the program that allows me to connect to the internet, logs my account in etc.
Screenshot Utility is self explanatory. :p


Well if nothing weird is in there, can you recommend me a program that auto kills cmd.exe? Or how to disable it from even running?
With registry or something. Or even stop helpSvc from eating as much memory as cmd. Oh and that "msmsgs.exe" is pretty annoying, I know its windows' messenger thing but I don't use that and it runs at startup, I've tried opening it and setting it so it won't run at startup. Didn't solve anything.

I also disabled DrWtsn32 in registry. I don't think I get cmd.exe because of that, but it used to cause me problems in the past (drwtsn) so I disabled it anyway.
 
Search your system for cmd.exe and let me know the filepaths to all instances found.

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
All those are legit so I don`t think its a virus/spyware problem.

I think it`s probably a software conflict or corruption.

You need to find out which cmd.exe is causing the problem.

I suggest it`s either Nero or AV VCS 4.0 DIAMOND that`s the cause. Uninstalling these programmes, then reinstalling them one at a time may well allow you to find the cause.

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Those are freshly installed. Nero I installed just a few minutes before posting, so did av thing.

Now, I have a problem, after installing those programs you told me to (avg s&d ccleaner adware etc) it doesn't remember my users on pages I visit, it does remember the name and pw but it doesnt keep me logged like on this forum i have to log each time even though i click remember me, same on my otherforum that didn't do that.
Can you tell me what box I checked to clear that data?
Also I might install another version of windows soon, if that doesn't/does fix it I'll post to tell you guys, maybe someone else is having the same problem and may find an answer here.

Thanks a lot for trying!
 
The Ccleaner programme will have cleared your cookies and that`s why you have to login again.

You can tell Ccleaner which cookies to keep by doing the following.

Run Ccleaner and click on options/cookies, in the cookies to delete panel, transfer the cookies you wish to keep into the cookies to keep panel. Now, whenever you run Ccleaner those cookies won`t be deleted.

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Or can't I just un-check cookies?
Also, after I this morning's boot up the cmd.exe isn't popping up after I run any program. I don't know whether it's something we did here or not, but I still am going to reinstall windows. I'll try to see if there is a program that causes that "cmd" thing.
 
Yes you can uncheck cookies if you want, but that actually defeats the object of Ccleaner somewhat.

Good luck with the reinstall.

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I've just reinstalled windows.
Installed my sound drivers, graphics card drivers and mcafee firewall/antivirus.
I tried opening a video file, I didn't have any codecs so it played it as a sound file. No cmd popped up.
I mass installed:
- anti spyware programs (cc S&D adaware etc)
- paint.net > net frameworks
- winamp
- winace/rar
- daemontools <don't think thats it because I used it right after i installed windows to load ms office =d
- ms office
- klite codec pack
- nero
- firefox
- realalternative
cmd popped up as soon as I tried playing a video file.

I uninstalled nero (I think. I deleted the installation folder because it didnt haven an uninstall)

So, one of those may have something to do with cmd.exe


In any case, is there a way to disable it from ever running?
 
Click start/run and type msconfig into the runbox and press the enter key.

Click the startup tab and look for anything that says cmd.exe, if found uncheck/diable it and click apply/ok. Reboot your system and when you see the msconfig message, tick the little box that says not to run msconfig the next time you start your system and click ok.

Let me know the results.

The thing is, you shouldn`t be mass installing anything, otherwise how are you going to know what it is that`s causing the problem?

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I have always considered codec packs evil. And cmd.exe appearing when playing videos..
 
You`re quite right there Nodsu.

However, providing it`s only the K-lite codec pack that`s been installed, there shouldn`t really be a problem.

Regards Howard :)

This thread is for the use of gottastopthis only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
This is weird now.
I kind of deleted nero, just to see if it would do anything and, to my surprise, (though I am not 100% sure) cmd.exe stopped popping up.

I've kept a close eye on the taskmgr whenever I launched some program/movie file and, let me state again that I am not 100% sure that nero was the problem, woe and behold, no more cmd to lag my pc!

I don't know why I've "had" (it might come back) this problem now, I haven't had it in the past, not even after I installed nero...

If it does come back though, I'll be sure to post back here, so others will know more about this.

Thanks a lot for your help, Howard. At least now I know to protect my pc :p

Keep this topic here, though, I might want to come back and cancel cmd through msconfig if it ever comes back. Let's hope not though.

Thanks a bunch guys!
 
Oh one other thing, can you guys recommend a program that helps improve my pc speed? It's really crappy and well, it can't even run the simplest programs without slowing down to snail speed.
Unless of course, speed program things mess up my pc more or something like that.
It has to be free, I can't buy stuff :(
Thanks again!
 
All right, apparently, the damned thing didn't go away. Odd enough, if playing video files with windows media player it won't pop up, only media player classic starts it. And also a game starts it, but it didn't before... I have to get to the bottom of this, or stop it for good.
Is there any other replacement program for cmd, like, the system will use that other program as a default? maybe its cmd itself thats bugged...
 
Status
Not open for further replies.
Back