Tech Support banner

Status
Not open for further replies.
1 - 14 of 14 Posts

·
Registered
Joined
·
17 Posts
Discussion Starter · #1 ·
I have a Vista system. Recently something is transfering large amounts of data when I'm not downloading or uploading anything. How to find application responsible for it? I scanned the system with Malwarebytes, AVG antivirus. I also have Comodo firewall installed.
 

·
Team Manager, Microsoft Support
Joined
·
28,956 Posts
Did the Task manager show anything?
 

·
Registered
Joined
·
17 Posts
Discussion Starter · #3 ·
The task manager didn't show anything out of ordinary in programs but I'm not sure about the processes and I don't know enough to make this call.
 

·
Moderator , - Microsoft Support
Joined
·
7,753 Posts
Hi, when next it is doing this, go to start, search and type:- cmd right click on the returned cmd.exe and select "run as administrator" at the command prompt copy paste:-

wmic process get Caption, CommandLine, Handle, HandleCount, PageFaults, PageFileUsage, PArentProcessId, ProcessId, ThreadCount /Format:list > 0 & notepad 0 (press enter)

Please post the notepad outcome here. This is the same as the process tab from task manager with a bit more info, easier for you and for use to read.
 

·
Registered
Joined
·
17 Posts
Discussion Starter · #6 ·
Caption=System Idle Process
CommandLine=
Handle=0
HandleCount=0
PageFaults=0
PageFileUsage=0
ParentProcessId=0
ProcessId=0
ThreadCount=2


Caption=System
CommandLine=
Handle=4
HandleCount=2128
PageFaults=74035
PageFileUsage=0
ParentProcessId=0
ProcessId=4
ThreadCount=149


Caption=smss.exe
CommandLine=\SystemRoot\System32\smss.exe
Handle=604
HandleCount=28
PageFaults=280
PageFileUsage=288
ParentProcessId=4
ProcessId=604
ThreadCount=4


Caption=avgrsx.exe
CommandLine=d:\PROGRA~1\AVG\AVG2014\avgrsx.exe /boot
Handle=640
HandleCount=757
PageFaults=25125
PageFileUsage=13064
ParentProcessId=628
ProcessId=640
ThreadCount=56


Caption=avgcsrvx.exe
CommandLine=D:\Program Files\AVG\AVG2014\avgcsrvx.exe /pipeName=c4a7af16-32fb-4052-82d7-464e2922d61b /coreSdkOptions=8478 /logConfFile="D:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\4dd31a46-eeca-4143-8c34-63179ba4ad07-280-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="D:\Program Files\AVG\AVG2014\" /tempPath="D:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="D:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
Handle=708
HandleCount=157
PageFaults=99308
PageFileUsage=24400
ParentProcessId=640
ProcessId=708
ThreadCount=11


Caption=csrss.exe
CommandLine=D:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Handle=940
HandleCount=1015
PageFaults=16710
PageFileUsage=2316
ParentProcessId=928
ProcessId=940
ThreadCount=12


Caption=wininit.exe
CommandLine=wininit.exe
Handle=988
HandleCount=245
PageFaults=5269
PageFileUsage=3776
ParentProcessId=928
ProcessId=988
ThreadCount=3


Caption=csrss.exe
CommandLine=D:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
Handle=1000
HandleCount=627
PageFaults=21889
PageFileUsage=14388
ParentProcessId=980
ProcessId=1000
ThreadCount=10


Caption=services.exe
CommandLine=D:\Windows\system32\services.exe
Handle=1036
HandleCount=428
PageFaults=19475
PageFileUsage=7448
ParentProcessId=988
ProcessId=1036
ThreadCount=6


Caption=lsass.exe
CommandLine=D:\Windows\system32\lsass.exe
Handle=1052
HandleCount=936
PageFaults=9002
PageFileUsage=7768
ParentProcessId=988
ProcessId=1052
ThreadCount=12


Caption=lsm.exe
CommandLine=D:\Windows\system32\lsm.exe
Handle=1060
HandleCount=338
PageFaults=5427
PageFileUsage=6120
ParentProcessId=988
ProcessId=1060
ThreadCount=11


Caption=winlogon.exe
CommandLine=winlogon.exe
Handle=1100
HandleCount=228
PageFaults=5194
PageFileUsage=4316
ParentProcessId=980
ProcessId=1100
ThreadCount=3


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k DcomLaunch
Handle=1248
HandleCount=477
PageFaults=75414
PageFileUsage=8380
ParentProcessId=1036
ProcessId=1248
ThreadCount=8


Caption=launcher_service.exe
CommandLine="D:\Program Files\Common Files\COMODO\launcher_service.exe"
Handle=1292
HandleCount=342
PageFaults=5972
PageFileUsage=6784
ParentProcessId=1036
ProcessId=1292
ThreadCount=5


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k rpcss
Handle=1320
HandleCount=574
PageFaults=6811
PageFileUsage=8684
ParentProcessId=1036
ProcessId=1320
ThreadCount=8


Caption=cmdagent.exe
CommandLine="D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
Handle=1396
HandleCount=896
PageFaults=59048
PageFileUsage=36976
ParentProcessId=1036
ProcessId=1396
ThreadCount=119


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k NetworkService
Handle=1472
HandleCount=721
PageFaults=14363
PageFileUsage=25232
ParentProcessId=1036
ProcessId=1472
ThreadCount=26


Caption=svchost.exe
CommandLine=D:\Windows\System32\svchost.exe -k secsvcs
Handle=1516
HandleCount=552
PageFaults=110630
PageFileUsage=38428
ParentProcessId=1036
ProcessId=1516
ThreadCount=18


Caption=svchost.exe
CommandLine=D:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Handle=1584
HandleCount=617
PageFaults=270159
PageFileUsage=31284
ParentProcessId=1036
ProcessId=1584
ThreadCount=17


Caption=svchost.exe
CommandLine=D:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Handle=1612
HandleCount=719
PageFaults=69978
PageFileUsage=68328
ParentProcessId=1036
ProcessId=1612
ThreadCount=40


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k netsvcs
Handle=1640
HandleCount=1603
PageFaults=73028
PageFileUsage=41060
ParentProcessId=1036
ProcessId=1640
ThreadCount=53


Caption=audiodg.exe
CommandLine=
Handle=1708
HandleCount=124
PageFaults=4817
PageFileUsage=12700
ParentProcessId=1584
ProcessId=1708
ThreadCount=3


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k GPSvcGroup
Handle=1736
HandleCount=283
PageFaults=5339
PageFileUsage=5932
ParentProcessId=1036
ProcessId=1736
ThreadCount=5


Caption=SLsvc.exe
CommandLine=D:\Windows\system32\SLsvc.exe
Handle=1752
HandleCount=95
PageFaults=10548
PageFileUsage=7104
ParentProcessId=1036
ProcessId=1752
ThreadCount=4


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k LocalService
Handle=1812
HandleCount=631
PageFaults=10465
PageFileUsage=14812
ParentProcessId=1036
ProcessId=1812
ThreadCount=29


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Handle=380
HandleCount=323
PageFaults=45433
PageFileUsage=14072
ParentProcessId=1036
ProcessId=380
ThreadCount=23


Caption=explorer.exe
CommandLine=D:\Windows\Explorer.EXE
Handle=944
HandleCount=724
PageFaults=64279
PageFileUsage=33776
ParentProcessId=904
ProcessId=944
ThreadCount=24


Caption=taskeng.exe
CommandLine=taskeng.exe {0EC04139-CAA1-43E7-A240-D4DAD0C10104}
Handle=984
HandleCount=270
PageFaults=6285
PageFileUsage=5800
ParentProcessId=1640
ProcessId=984
ThreadCount=5


Caption=taskeng.exe
CommandLine=taskeng.exe {2A286D94-0925-4A28-A2EB-714D4598BDAB}
Handle=912
HandleCount=528
PageFaults=9437
PageFileUsage=15564
ParentProcessId=1640
ProcessId=912
ThreadCount=15


Caption=MSASCui.exe
CommandLine="D:\Program Files\Windows Defender\MSASCui.exe" -hide
Handle=2092
HandleCount=491
PageFaults=9003
PageFileUsage=10580
ParentProcessId=944
ProcessId=2092
ThreadCount=11


Caption=igfxtray.exe
CommandLine="D:\Windows\System32\igfxtray.exe"
Handle=2152
HandleCount=217
PageFaults=5464
PageFileUsage=4848
ParentProcessId=944
ProcessId=2152
ThreadCount=2


Caption=hkcmd.exe
CommandLine="D:\Windows\System32\hkcmd.exe"
Handle=2160
HandleCount=226
PageFaults=5439
PageFileUsage=5460
ParentProcessId=944
ProcessId=2160
ThreadCount=3


Caption=igfxpers.exe
CommandLine="D:\Windows\System32\igfxpers.exe"
Handle=2168
HandleCount=224
PageFaults=5420
PageFileUsage=4504
ParentProcessId=944
ProcessId=2168
ThreadCount=2


Caption=TFTray.exe
CommandLine="D:\Program Files\ThreatFire\TFTray.exe"
Handle=2188
HandleCount=233
PageFaults=6303
PageFileUsage=6480
ParentProcessId=944
ProcessId=2188
ThreadCount=3


Caption=cistray.exe
CommandLine="D:\Program Files\Comodo\COMODO Internet Security\cistray.exe"
Handle=2204
HandleCount=260
PageFaults=25803
PageFileUsage=9072
ParentProcessId=944
ProcessId=2204
ThreadCount=4


Caption=igfxsrvc.exe
CommandLine=D:\Windows\system32\igfxsrvc.exe -Embedding
Handle=2288
HandleCount=233
PageFaults=5589
PageFileUsage=5716
ParentProcessId=1248
ProcessId=2288
ThreadCount=4


Caption=armsvc.exe
CommandLine="D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
Handle=2408
HandleCount=208
PageFaults=4845
PageFileUsage=5168
ParentProcessId=1036
ProcessId=2408
ThreadCount=2


Caption=avgidsagent.exe
CommandLine="D:\Program Files\AVG\AVG2014\avgidsagent.exe"
Handle=2444
HandleCount=495
PageFaults=9164
PageFileUsage=12156
ParentProcessId=1036
ProcessId=2444
ThreadCount=29


Caption=avgwdsvc.exe
CommandLine="D:\Program Files\AVG\AVG2014\avgwdsvc.exe"
Handle=2472
HandleCount=879
PageFaults=9473
PageFileUsage=10064
ParentProcessId=1036
ProcessId=2472
ThreadCount=40


Caption=Agent.exe
CommandLine="D:\Program Files\EaseUS\Todo Backup\bin\Agent.exe"
Handle=2508
HandleCount=474
PageFaults=13645
PageFileUsage=37512
ParentProcessId=1036
ProcessId=2508
ThreadCount=60


Caption=FTRTSVC.exe
CommandLine="D:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe"
Handle=2624
HandleCount=206
PageFaults=5187
PageFileUsage=5308
ParentProcessId=1036
ProcessId=2624
ThreadCount=2


Caption=GeekBuddyRSP.exe
CommandLine="D:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -service
Handle=2672
HandleCount=292
PageFaults=5315
PageFileUsage=4904
ParentProcessId=1036
ProcessId=2672
ThreadCount=12


Caption=GuardAgent.exe
CommandLine="D:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe"
Handle=2696
HandleCount=202
PageFaults=4737
PageFileUsage=4168
ParentProcessId=1036
ProcessId=2696
ThreadCount=2


Caption=mbamscheduler.exe
CommandLine="D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"
Handle=2768
HandleCount=209
PageFaults=5391
PageFileUsage=5272
ParentProcessId=1036
ProcessId=2768
ThreadCount=2


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Handle=2848
HandleCount=274
PageFaults=5487
PageFileUsage=5224
ParentProcessId=1036
ProcessId=2848
ThreadCount=5


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k imgsvc
Handle=2884
HandleCount=303
PageFaults=5996
PageFileUsage=7332
ParentProcessId=1036
ProcessId=2884
ThreadCount=7


Caption=avgnsx.exe
CommandLine="D:\Program Files\AVG\AVG2014\avgnsx.exe"
Handle=2920
HandleCount=222
PageFaults=38776
PageFileUsage=5836
ParentProcessId=2472
ProcessId=2920
ThreadCount=10


Caption=avgemcx.exe
CommandLine="D:\Program Files\AVG\AVG2014\avgemcx.exe"
Handle=2932
HandleCount=126
PageFaults=4623
PageFileUsage=2336
ParentProcessId=2472
ProcessId=2932
ThreadCount=4


Caption=TFService.exe
CommandLine="D:\Program Files\ThreatFire\TFService.exe" service
Handle=3032
HandleCount=351
PageFaults=22642
PageFileUsage=10860
ParentProcessId=1036
ProcessId=3032
ThreadCount=32


Caption=svchost.exe
CommandLine=D:\Windows\System32\svchost.exe -k WerSvcGroup
Handle=3164
HandleCount=214
PageFaults=4935
PageFileUsage=4492
ParentProcessId=1036
ProcessId=3164
ThreadCount=4


Caption=SearchIndexer.exe
CommandLine=D:\Windows\system32\SearchIndexer.exe /Embedding
Handle=3200
HandleCount=831
PageFaults=13417
PageFileUsage=47472
ParentProcessId=1036
ProcessId=3200
ThreadCount=17


Caption=WUDFHost.exe
CommandLine="D:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ca4241d5-5735-42c8-b971-4e474a911b55 -SystemEventPortName:HostProcess-36b0c3d8-0f2d-4dab-a6e6-9d2b09f6491f -IoCancelEventPortName:HostProcess-cc98eee0-3774-4aaa-b6ad-dcfb36e772c1 -NonStateChangingEventPortName:HostProcess-fc9a752e-7b02-44be-923f-c0e92620bff4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:039a026a-e3c0-4482-a02f-1ef5425ad9eb -DeviceGroupId:WpdFsGroup
Handle=3468
HandleCount=347
PageFaults=5275
PageFileUsage=6196
ParentProcessId=1612
ProcessId=3468
ThreadCount=8


Caption=SDWinSec.exe
CommandLine="D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe"
Handle=3480
HandleCount=273
PageFaults=7327
PageFileUsage=8212
ParentProcessId=1036
ProcessId=3480
ThreadCount=6


Caption=Launcher.exe
CommandLine="D:\Program Files\OrangeBS\BEWInternet-PL-IEW\Launcher\Launcher.exe" -appid DESKBOARDAPP -deskboardsplash
Handle=3700
HandleCount=591
PageFaults=4964606
PageFileUsage=25864
ParentProcessId=944
ProcessId=3700
ThreadCount=10


Caption=AlertModule.exe
CommandLine="D:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe" -Embedding
Handle=3848
HandleCount=249
PageFaults=5821
PageFileUsage=5580
ParentProcessId=1248
ProcessId=3848
ThreadCount=3


Caption=SystrayApp.exe
CommandLine="D:\Program Files\OrangeBS\BEWInternet-PL-IEW\systray\systrayapp.exe"
Handle=2128
HandleCount=238
PageFaults=6214
PageFileUsage=6836
ParentProcessId=3700
ProcessId=2128
ThreadCount=3


Caption=ConnectivityManager.exe
CommandLine="D:\Program Files\OrangeBS\BEWInternet-PL-IEW\connectivity\connectivitymanager.exe"
Handle=2144
HandleCount=366
PageFaults=8083
PageFileUsage=11188
ParentProcessId=3700
ProcessId=2144
ThreadCount=14


Caption=TextMessaging.exe
CommandLine="D:\Program Files\OrangeBS\BEWInternet-PL-IEW\PhoneTools\TextMessaging.exe" -hide
Handle=2236
HandleCount=307
PageFaults=9774
PageFileUsage=15768
ParentProcessId=3700
ProcessId=2236
ThreadCount=5


Caption=Deskboard.exe
CommandLine="D:\Program Files\OrangeBS\BEWInternet-PL-IEW\Deskboard\deskboard.exe"
Handle=2264
HandleCount=298
PageFaults=10828
PageFileUsage=15604
ParentProcessId=3700
ProcessId=2264
ThreadCount=4


Caption=CoreCom.exe
CommandLine="D:\Program Files\OrangeBS\BEWInternet-PL-IEW\connectivity\CoreCom\CoreCom.exe"
Handle=1484
HandleCount=498
PageFaults=22149
PageFileUsage=19596
ParentProcessId=2144
ProcessId=1484
ThreadCount=17


Caption=FTCOMModule.exe
CommandLine="D:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\1\FTCOMModule.exe" -Embedding
Handle=1696
HandleCount=234
PageFaults=5651
PageFileUsage=6052
ParentProcessId=1248
ProcessId=1696
ThreadCount=5


Caption=vds.exe
CommandLine=D:\Windows\System32\vds.exe
Handle=1232
HandleCount=297
PageFaults=7984
PageFileUsage=8384
ParentProcessId=1036
ProcessId=1232
ThreadCount=12


Caption=mobsync.exe
CommandLine=D:\Windows\System32\mobsync.exe -Embedding
Handle=920
HandleCount=273
PageFaults=6875
PageFileUsage=10940
ParentProcessId=1248
ProcessId=920
ThreadCount=4


Caption=wmplayer.exe
CommandLine="D:\Program Files\Windows Media Player\wmplayer.exe" /SkipFUE /RemoteOCXLaunch /SuppressDialogs
Handle=4360
HandleCount=495
PageFaults=24318
PageFileUsage=20920
ParentProcessId=920
ProcessId=4360
ThreadCount=10


Caption=WmiPrvSE.exe
CommandLine=D:\Windows\system32\wbem\wmiprvse.exe
Handle=4860
HandleCount=284
PageFaults=8804
PageFileUsage=7392
ParentProcessId=1248
ProcessId=4860
ThreadCount=6


Caption=jusched.exe
CommandLine="D:\Program Files\Common Files\Java\Java Update\jusched.exe"
Handle=5192
HandleCount=206
PageFaults=5844
PageFileUsage=4432
ParentProcessId=944
ProcessId=5192
ThreadCount=1


Caption=CardDetector.exe
CommandLine="D:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe"
Handle=5200
HandleCount=226
PageFaults=6063
PageFileUsage=5368
ParentProcessId=944
ProcessId=5200
ThreadCount=2


Caption=avgui.exe
CommandLine="D:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
Handle=5220
HandleCount=542
PageFaults=21532
PageFileUsage=11140
ParentProcessId=944
ProcessId=5220
ThreadCount=23


Caption=TeaTimer.exe
CommandLine="D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Handle=5228
HandleCount=266
PageFaults=192628
PageFileUsage=57424
ParentProcessId=944
ProcessId=5228
ThreadCount=3


Caption=ATnotes.exe
CommandLine="D:\Program Files\ATnotes\ATnotes.exe"
Handle=5236
HandleCount=221
PageFaults=5420
PageFileUsage=5284
ParentProcessId=944
ProcessId=5236
ThreadCount=1


Caption=TouchpadBlocker.exe
CommandLine="D:\Program Files\Touchpad Blocker\TouchpadBlocker.exe"
Handle=5248
HandleCount=220
PageFaults=6041
PageFileUsage=4608
ParentProcessId=944
ProcessId=5248
ThreadCount=1


Caption=cavwp.exe
CommandLine="D:\Program Files\Comodo\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
Handle=5472
HandleCount=223
PageFaults=41113
PageFileUsage=17952
ParentProcessId=1248
ProcessId=5472
ThreadCount=5


Caption=unit_manager.exe
CommandLine="D:\Program Files\Comodo\GeekBuddy\unit_manager.exe"
Handle=5684
HandleCount=321
PageFaults=8487
PageFileUsage=7128
ParentProcessId=1292
ProcessId=5684
ThreadCount=7


Caption=unit.exe
CommandLine="D:\Program Files\Comodo\GeekBuddy\unit" "\"D:/Program Files/Comodo/GeekBuddy/lps-cspm\""
Handle=5816
HandleCount=6671
PageFaults=53921
PageFileUsage=55096
ParentProcessId=5684
ProcessId=5816
ThreadCount=57


Caption=ctfmon.exe
CommandLine=ctfmon.exe
Handle=4440
HandleCount=247
PageFaults=6261
PageFileUsage=4704
ParentProcessId=5220
ProcessId=4440
ThreadCount=2


Caption=cis.exe
CommandLine="D:\Program Files\Comodo\COMODO Internet Security\cis.exe" --alertsUI
Handle=5164
HandleCount=312
PageFaults=18762
PageFileUsage=9856
ParentProcessId=2204
ProcessId=5164
ThreadCount=6


Caption=cmd.exe
CommandLine="D:\Windows\System32\cmd.exe"
Handle=3400
HandleCount=204
PageFaults=5369
PageFileUsage=5544
ParentProcessId=944
ProcessId=3400
ThreadCount=1


Caption=conime.exe
CommandLine=D:\Windows\system32\conime.exe
Handle=4604
HandleCount=203
PageFaults=4870
PageFileUsage=4768
ParentProcessId=3400
ProcessId=4604
ThreadCount=1


Caption=explorer.exe
CommandLine="D:\Windows\Explorer.exe" /separate,/idlist,:49211:944,E:\Lech\Pictures
Handle=5076
HandleCount=477
PageFaults=35842
PageFileUsage=37588
ParentProcessId=944
ProcessId=5076
ThreadCount=5


Caption=svchost.exe
CommandLine=D:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
Handle=3416
HandleCount=229
PageFaults=6508
PageFileUsage=5292
ParentProcessId=1036
ProcessId=3416
ThreadCount=4


Caption=firefox.exe
CommandLine="D:\Program Files\Mozilla Firefox\firefox.exe"
Handle=2088
HandleCount=642
PageFaults=228821
PageFileUsage=260344
ParentProcessId=944
ProcessId=2088
ThreadCount=46


Caption=WmiPrvSE.exe
CommandLine=D:\Windows\system32\wbem\wmiprvse.exe
Handle=2352
HandleCount=286
PageFaults=8379
PageFileUsage=7036
ParentProcessId=1248
ProcessId=2352
ThreadCount=6


Caption=TrustedInstaller.exe
CommandLine=D:\Windows\servicing\TrustedInstaller.exe
Handle=5592
HandleCount=262
PageFaults=7596
PageFileUsage=9944
ParentProcessId=1036
ProcessId=5592
ThreadCount=3


Caption=TFUN.exe
CommandLine="D:\Program Files\ThreatFire\TFUN.exe" AUTO
Handle=5880
HandleCount=154
PageFaults=7728
PageFileUsage=2968
ParentProcessId=3032
ProcessId=5880
ThreadCount=7


Caption=WMIC.exe
CommandLine=wmic process get Caption, CommandLine, Handle, HandleCount, PageFaults, PageFileUsage, PArentProcessId, ProcessId, ThreadCount /Format:list
Handle=4244
HandleCount=260
PageFaults=9462
PageFileUsage=7068
ParentProcessId=3400
ProcessId=4244
ThreadCount=3
 

·
Team Manager, Microsoft Support
Joined
·
28,956 Posts
I see you're using AVG as your AV and Comodo as your Firewall. Since cystray is loaded, I'm wondering if you're also using the Comodo Suite, hence 2 AVs. Temporarily disable AVG. Does the problem still occur?
 

·
Moderator , - Microsoft Support
Joined
·
7,753 Posts
Hi, you should also check to see if windows firewall is active as well. I suspect your main problem is with spybot's, "tea timer" I would disable this, it is a known problem.
 

·
Registered
Joined
·
17 Posts
Discussion Starter · #10 ·
I don't have the Comodo Suite, so there is only 1 AV. Suspending AVG didn't do it and there is no way of suspending the Tea Timer. Besides, I use Threatfire and Spyboot-SD
for years and never had a problem before.
 

·
Team Manager, Microsoft Support
Joined
·
28,956 Posts
Lots of problems with Tea Timer. You can disable it without affecting the rest of Spybot.
 

·
Registered
Joined
·
17 Posts
Discussion Starter · #12 ·
I disabled AVG, Tea Timer and ThreatFire, one at a time and it didn't change
anything. Data is still transfered.
 

·
Moderator , - Microsoft Support
Joined
·
7,753 Posts
Hi, whats this:-

Caption=explorer.exe
CommandLine="D:\Windows\Explorer.exe" /separate,/idlist,:49211:944,E:\Lech\Pictures
Handle=5076
HandleCount=477
PageFaults=35842
PageFileUsage=37588
ParentProcessId=944
ProcessId=5076
ThreadCount=5

What is drive E:?
 

·
Registered
Joined
·
17 Posts
Discussion Starter · #14 ·
Drive "E" that's storage drive, I keep most of my files there. As for the process - I don't know.
 
1 - 14 of 14 Posts
Status
Not open for further replies.
Top