"horst engel" wrote:
> Since this morning my PC is practically blocked regularly for 30 sec each
> minute!
> Checking with Process Explorer I found out that the prog Services.exe uses
> nearly 100% of CPU during this time.
> No other program uses more than 10%
> Can somebody be so kind and help me to solve this problem?
> Horst

>  From a command prompt;
> tlist -s
> now match up the PID = PID in Task Manager|Processes
>
>
> You can extract the tlist.exe utility from the Support.cab file from the
> Windows 2000 installation CD's Support\Tools folder.
>
> This tool may also help.
> http://www.microsoft.com/technet/sysinternals/Utilities/ProcessExplorer.mspx
>
>
>

"horst engel" wrote:
> Thank you Dave,
> for the Service.exe with tlist I found:
>  500 SERVICES.EXE    Svcs:
> Browser,Dhcp,dmserver,Dnscache,Eventlog,lanmanserver,lanmanworkstation,LmHosts,Messenger,PlugPlay,ProtectedStoage,seclogon,TrkWks,Wmi
>
> But now what should I do?
> Google say that dmserver may be a trojan. But it is exactly equal to an
> older backupped file.
>
> What do you mean by "match up the PID = PID in Task Manager|Processes"?
> There are a few programs which appear in Processes and not in TLIST, but
> this may be due to the fact that I didn't start the 2 progs at the same
> time.
> Disable all services? Shurely not advisable!
> Horst

> No, no need to disable anything at this point. Try stopping some of them
> and check the effect after each one. (Start|Run|services.msc) Maybe in
> this order. Looks like you probably don't want the first one anyway.
>
> dmserver
> TrkWks,
> Messenger,
> Browser,
> Dhcp,
> Dnscache,
> LmHosts,
> lanmanserver,
> lanmanworkstation,
> Wmi
>

"horst" wrote:
> Well, I found the cause of the problem: DNScache.
> But now what should I do?
> I couldn't find anywhere the name of the file(s) which run this service.
> If I knew their name I could restore them from older backups.
> Can you please help me?
> Horst