XP taskbar wierdness
June 6, 2005 1:06 AM Subscribe
I have a problem with XP...
Extensive Googling reveals people with the same problem (on pro as well, so I don't think it's an XP home issue), but no answers...
Various spyware checkers/virus stuff fails to pick up anything. All seems to be related - happened at the same time.
Symptoms:
Extensive Googling reveals people with the same problem (on pro as well, so I don't think it's an XP home issue), but no answers...
Various spyware checkers/virus stuff fails to pick up anything. All seems to be related - happened at the same time.
Symptoms:
- svchost.exe using 98-100% cpu all the time. I can end process, cancel the shutdown and carry on - after about 3 goes this kills this problem for the session.
- Programs don't show up on the taskbar anymore. When windows are minimised, they minimise to the desktop, leaving a small title bar with restore, maximise and close buttons (like when you minimised windows in 3.1)
- system tray also a bit weird - only shows selective things, and has stopped responding to right-click
- copy and paste functionality is limited - generally I can use it within an application, but not into dialogs. I can copy from dialogs, but only paste into other dialogs
- My dial-up connection doesn't appear in network connections or the system tray - I can still get to it through internet properties and it works
- changes in style to my taskbar are reflected in my wife's profile on the same machine
svchost.exe using 98-100% cpu all the time
Get Sysinternals Process Explorer and look at the services actually running on that svchost.exe process. Alternatively you can use the command line tasklist.exe (should come with Windows) /svc to see as well. This might help you diagnose the problem.
If you think this is a common issue, ask on microsoft.public.windowsxp.general, and someone might have better advice. Good luck.
posted by grouse at 2:56 AM on June 6, 2005
Get Sysinternals Process Explorer and look at the services actually running on that svchost.exe process. Alternatively you can use the command line tasklist.exe (should come with Windows) /svc to see as well. This might help you diagnose the problem.
If you think this is a common issue, ask on microsoft.public.windowsxp.general, and someone might have better advice. Good luck.
posted by grouse at 2:56 AM on June 6, 2005
Response by poster: It's already been asked there - the one piece of advice is Taskbar Repair Tool Plus!, which I can't get to run - it throws up errors (as does the alternative vbs on the site).
posted by monkey closet at 3:16 AM on June 6, 2005
posted by monkey closet at 3:16 AM on June 6, 2005
That sounds exactly the same as my earlier problem. (Check if it really is 'svchost'; my problem was with 'svhost', which confused me to hell at first). I guess it's also shutting down your av software? I bet you can't reach any av sites either? The effort of fixing it just wasn't worth the candle. In the end, I made a BartPE disc, managed to grab all the data and re-installed.
posted by punilux at 3:17 AM on June 6, 2005
posted by punilux at 3:17 AM on June 6, 2005
Response by poster: Don't think that's it - my av's still running. And it's definitely svchost.
posted by monkey closet at 3:30 AM on June 6, 2005
posted by monkey closet at 3:30 AM on June 6, 2005
So what service is it? That's really easy-to-find information that might go a way toward diagnosing your problem.
posted by grouse at 4:51 AM on June 6, 2005
posted by grouse at 4:51 AM on June 6, 2005
Response by poster: dunno. I got process explorer, but I can't get to the affected machine until this evening....
posted by monkey closet at 4:54 AM on June 6, 2005
posted by monkey closet at 4:54 AM on June 6, 2005
It looks like your profile might have been corrupted. Create a new account and see if the problems occur while using it: if they don't, then you're probably best off moving your old data over to the new account. Also, have you tried booting in safe mode i.e., with all services disabled?
posted by Goedel at 5:31 AM on June 6, 2005
posted by Goedel at 5:31 AM on June 6, 2005
It really sounds to me like you have some sort of infection on the system. As in, some critical file has been replaced with a malicious copy. Might want to run an sfc (system file check) which compares all Windows-critical files on your computer with the original versions, and replaces any that have been changed or overwritten. You'll need your WinXP disc as a source for known good versions.
More on the file checker (including command line options) here and some bits on Windows File Protection here.
Note that some infections will disable attempts to locate, detect and remove themselves, especially when scanning using common anti-spyware or malware tools. My general plan of attack is to look for suspicious files using an alternate disk management utility (like A43), as malware can screw with Explorer to keep it from showing everything. Look for system files where they shouldn't be, excessive numbers of identical-size randomly named DLLs in System32, etc. - use Google to track down anything that looks weird. When in doubt, move a file to a temporary directory rather than deleting it.
Then I run a multitude of file scanners (usually SpyBot S-D first, as it often sneaks by the disabling mechanisms, then Ad-Aware, then the Microsoft version, and I finish by doing a full system scan with Symantec Corporate AV using the Expanded Threats enabled, set to delete). BartPE (if you have the time to set up a boot disc) can be very useful here, as most of these things can be run directly from that boot disc and as a reslt will not be affected or blocked by anything living on your hard drive.
I've used this series of steps to rescue several machines that had been given up on as "beyond repair" by the owners. Given the amount of time it takes to wipe, reinstall, re-patch, and then set all your personal preferences and restore your favorite programs, attempting to fix before scrapping it is worth the effort.
If you do wipe the drive and then do a fresh install, do not under any circumstances connect the thing to the network until you have it up and running and have turned on your firewall. THEN connect and patch the thing. Windows systems (2000 and XP) will 99% of the time get hit with a worm or other baddie during install if they are hooked to a live network connection.
posted by caution live frogs at 6:32 AM on June 6, 2005
More on the file checker (including command line options) here and some bits on Windows File Protection here.
Note that some infections will disable attempts to locate, detect and remove themselves, especially when scanning using common anti-spyware or malware tools. My general plan of attack is to look for suspicious files using an alternate disk management utility (like A43), as malware can screw with Explorer to keep it from showing everything. Look for system files where they shouldn't be, excessive numbers of identical-size randomly named DLLs in System32, etc. - use Google to track down anything that looks weird. When in doubt, move a file to a temporary directory rather than deleting it.
Then I run a multitude of file scanners (usually SpyBot S-D first, as it often sneaks by the disabling mechanisms, then Ad-Aware, then the Microsoft version, and I finish by doing a full system scan with Symantec Corporate AV using the Expanded Threats enabled, set to delete). BartPE (if you have the time to set up a boot disc) can be very useful here, as most of these things can be run directly from that boot disc and as a reslt will not be affected or blocked by anything living on your hard drive.
I've used this series of steps to rescue several machines that had been given up on as "beyond repair" by the owners. Given the amount of time it takes to wipe, reinstall, re-patch, and then set all your personal preferences and restore your favorite programs, attempting to fix before scrapping it is worth the effort.
If you do wipe the drive and then do a fresh install, do not under any circumstances connect the thing to the network until you have it up and running and have turned on your firewall. THEN connect and patch the thing. Windows systems (2000 and XP) will 99% of the time get hit with a worm or other baddie during install if they are hooked to a live network connection.
posted by caution live frogs at 6:32 AM on June 6, 2005
If you do wipe the drive and then do a fresh install, do not under any circumstances use IE
Try Firefox
posted by stevejensen at 8:03 AM on June 6, 2005
Try Firefox
posted by stevejensen at 8:03 AM on June 6, 2005
If you do wipe the drive and then do a fresh install, do not under any circumstances use IE
Hey, Chicken Little, the sky is falling...
posted by thanotopsis at 9:47 AM on June 6, 2005
Hey, Chicken Little, the sky is falling...
posted by thanotopsis at 9:47 AM on June 6, 2005
If spyware/malware is the root issue here, thanatopsis, I see no reason why suggesting a more secure browser upon reinstall is a bad idea. Allowing the same program you use to manage files on your hard drive to have free access to the network is an extremely bad idea in terms of computer security. Your comment is akin to making fun of someone for suggesting using a deadbolt in a thread about break-ins. If you want to add a useless, unnecessary, and unhelpful comment, why not just ask monkey closet to get a Mac and be done with it? You could at least read the small print under the comment box before hitting post.
posted by caution live frogs at 12:50 PM on June 6, 2005
posted by caution live frogs at 12:50 PM on June 6, 2005
I see no reason why suggesting a more secure browser upon reinstall is a bad idea.
You didn't just suggest it. You said, and I quote: do not under any circumstances. I'm responding to the phrasing of your answer rather than the subject of the response. I doubt that you could determine that there isn't any circumstance where IE would be a better choice.
posted by thanotopsis at 9:33 AM on June 10, 2005
You didn't just suggest it. You said, and I quote: do not under any circumstances. I'm responding to the phrasing of your answer rather than the subject of the response. I doubt that you could determine that there isn't any circumstance where IE would be a better choice.
posted by thanotopsis at 9:33 AM on June 10, 2005
This thread is closed to new comments.
posted by Dean Keaton at 2:33 AM on June 6, 2005