On Thursday 26 Sep 2002 2:48 pm, baba ali wrote: > Hello > > My machine is responding really slow now.After I run Process viewer > program,here is what I find > > Process:Idle Pid : 0x0 Cpu :76% Desciption:system idle > Priority:0 Thread :0 > Properties : no path , no command line , no current directory > no parent ,no version
This is the amount of time that the processor is doing nothing. The fact it has no handle, no path, etc. would indicate that it is the "true" idle report. There has been talk of trojans that run under a processname of "idle" but that would not report a 0x0 handle, etc. - unless it was really clever. > Did my machine get infected with a malicious code,How come a process > running idle can take up to 76% of Cpu ? There is no process - hence idle. The chances are that the machine is waiting for a response from the network for something like Outlook or IE (assuming windows!). This can cause process blocking due to the kernel level code being in a "mutex status". Lots of exploits exist - DOS exploits - can cause a machine to lock as a result of this behaviour. I believe most of them are due to malformed Netbios packets/responses. I suspect you have blocking calls at the network level that is causing slow responses, and hence the appearance of running slow even though nothing is using CPU. On fast systems there are more likely places to be the bottleneck than the CPU, the network being one of them. Token Ring networks seem to be worse for this - in my experience! > Thank you again! Hope this helps. > Baba Mike
