"Ssytem" at top of Task Manager

[visceron]

I read the other post of this same topic but I do not see a familiarity with it. When I kill the process, all my sound on my computer turns off until I restart my computer. So, I am pretty sure "system" is something linked to my sound on my computer. I had this problem before and forgot how I fixed it but this single process alone is sucking up valuable memory when I am playing my computer games. Does anybody know what I should do to fix this problem?

[Dr Jay]

Hello, and welcome to Computer Hope.

Please note the following information about the malware forum:

• Only the Malware Specialist Team is allowed to give advice on removing malware from your computer.
  
• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  
• Please do not attach logs or post them in Quote/Code boxes unless requested.
  
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
• If you have already asked for help somewhere, please post the link to the topic you were helped.
• We try our best to reply quickly, but for any reason we do not reply in two days, reply to this topic with the word BUMP
  
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

[visceron]

Well, I was a little bit paranoid of downloading and using the program but ehre is the log:

ComboFix 10-05-24.07 - Chris 05/25/2010  13:53:07.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1451 [GMT -7:00]
Running from: c:\documents and settings\Chris\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((   Files Created from 2010-04-25 to 2010-05-25  )))))))))))))))))))))))))))))))
.

2010-05-23 07:57 . 2010-05-23 07:57   --------   d-----w-   c:\program files\ConvertHelper
2010-05-17 23:34 . 2010-05-17 23:34   --------   d-----w-   c:\documents and settings\All Users\Application Data\Visan
2010-05-17 23:33 . 2010-05-17 23:34   --------   d-----w-   c:\documents and settings\All Users\Application Data\HP Photo Creations
2010-05-17 23:33 . 2010-05-17 23:33   --------   d-----w-   c:\program files\HP Photo Creations
2010-05-16 21:49 . 2010-05-16 21:49   --------   d-----w-   c:\program files\Common Files\Software Update Utility
2010-05-12 10:05 . 2010-05-12 10:23   --------   d-----w-   C:\0b3d3cc4b56690796e3c6610
2010-05-12 05:33 . 2010-05-12 05:33   --------   d-----w-   c:\documents and settings\Chris\Application Data\LolClient
2010-05-06 09:47 . 2010-05-06 09:47   --------   d-----w-   c:\program files\Combined Community Codec Pack
2010-05-06 09:37 . 2010-05-06 09:37   --------   d-----w-   c:\program files\Haali
2010-05-05 05:48 . 2010-05-05 05:48   --------   d-----w-   c:\program files\Uniblue
2010-04-30 05:42 . 2010-04-30 05:42   --------   d-----w-   c:\program files\Hewlett-Packard
2010-04-30 05:42 . 2010-04-30 05:42   --------   d-----w-   c:\program files\Common Files\Hewlett-Packard
2010-04-30 05:35 . 2010-04-30 05:42   110415   ----a-w-   c:\windows\hpoins11.dat
2010-04-30 05:35 . 2006-05-06 03:10   6947   ----a-w-   c:\windows\hpomdl11.dat
2010-04-30 05:31 . 2010-04-30 05:31   --------   d-----w-   c:\program files\QuickTime
2010-04-30 01:24 . 2001-08-18 05:36   5632   ----a-w-   c:\windows\system32\ptpusb.dll
2010-04-30 01:24 . 2008-04-14 12:42   159232   ----a-w-   c:\windows\system32\ptpusd.dll
2010-04-28 06:13 . 2006-04-10 21:03   38400   ----a-w-   c:\windows\system32\hpz3l054.dll
2010-04-28 06:13 . 2006-04-10 21:02   74240   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\hpzpp054.dll
2010-04-28 06:12 . 2008-04-14 07:15   15104   -c--a-w-   c:\windows\system32\dllcache\usbscan.sys
2010-04-28 06:12 . 2008-04-14 07:15   15104   ----a-w-   c:\windows\system32\drivers\usbscan.sys
2010-04-28 06:12 . 2006-03-04 04:02   204800   ----a-w-   c:\windows\system32\HPZipr12.dll
2010-04-28 06:12 . 2006-03-04 04:02   94208   ----a-w-   c:\windows\system32\HPZipt12.dll
2010-04-28 06:12 . 2006-03-04 04:02   57344   ----a-w-   c:\windows\system32\HPZisn12.dll
2010-04-28 06:12 . 2006-03-04 04:03   282680   ----a-w-   c:\windows\system32\HPZidr12.dll
2010-04-28 06:12 . 2006-03-04 04:03   65536   ----a-w-   c:\windows\system32\HPZinw12.exe
2010-04-28 06:12 . 2006-03-04 04:03   69632   ----a-w-   c:\windows\system32\HPZipm12.exe
2010-04-28 06:12 . 1998-10-29 23:45   306688   ----a-w-   c:\windows\IsUninst.exe
2010-04-28 06:11 . 2010-04-28 06:11   --------   d-----w-   c:\program files\HP
2010-04-28 06:10 . 2006-04-13 00:04   49664   ----a-w-   c:\windows\system32\drivers\HPZid412.sys
2010-04-28 06:10 . 2006-04-13 00:04   16496   ----a-w-   c:\windows\system32\drivers\HPZipr12.sys
2010-04-28 06:08 . 2006-04-13 00:02   659456   ----a-w-   c:\windows\system32\hpowiax2.dll
2010-04-28 06:08 . 2006-04-13 00:02   254026   ----a-w-   c:\windows\system32\hpovst09.dll
2010-04-28 06:08 . 2006-04-13 00:02   827392   ----a-w-   c:\windows\system32\hpotiop2.dll
2010-04-28 06:08 . 2006-01-04 08:12   77824   ----a-w-   c:\windows\system32\HPZIDS01.dll
2010-04-28 06:08 . 2005-07-19 01:38   98304   ----a-w-   c:\windows\system32\hpzjsn01.dll
2010-04-28 05:42 . 2008-04-14 07:17   25856   -c--a-w-   c:\windows\system32\dllcache\usbprint.sys
2010-04-28 05:42 . 2008-04-14 07:17   25856   ----a-w-   c:\windows\system32\drivers\usbprint.sys
2010-04-28 05:40 . 2008-04-14 07:15   32128   -c--a-w-   c:\windows\system32\dllcache\usbccgp.sys
2010-04-28 05:40 . 2008-04-14 07:15   32128   ----a-w-   c:\windows\system32\drivers\usbccgp.sys
2010-04-26 09:04 . 2010-04-26 09:06   --------   d-----w-   c:\documents and settings\Chris\Application Data\acccore
2010-04-26 09:04 . 2010-05-16 21:50   --------   d-----w-   c:\documents and settings\Chris\Local Settings\Application Data\AIM
2010-04-26 09:04 . 2010-04-26 09:04   --------   d-----w-   c:\documents and settings\Chris\Local Settings\Application Data\AOL
2010-04-26 09:03 . 2010-04-26 09:03   --------   d-----w-   c:\documents and settings\All Users\Application Data\AIM
2010-04-26 09:03 . 2010-05-16 21:49   --------   d-----w-   c:\program files\AIM
2010-04-26 09:03 . 2010-04-26 09:03   --------   d-----w-   c:\program files\Common Files\AOL

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-25 20:53 . 2009-12-14 08:18   --------   d-----w-   c:\documents and settings\Chris\Application Data\BitTorrent
2010-05-25 20:46 . 2009-12-16 07:40   0   ----a-w-   c:\documents and settings\Chris\Local Settings\Application Data\prvlcl.dat
2010-05-24 17:01 . 2009-12-13 11:22   122424   ----a-w-   c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-05-17 06:39 . 2009-12-13 07:05   --------   d-----w-   c:\documents and settings\Chris\Application Data\Ventrilo
2010-04-30 05:31 . 2009-12-12 19:21   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple Computer
2010-04-24 16:13 . 2010-04-24 16:13   --------   d-----w-   c:\program files\Common Files\Java
2010-04-24 16:12 . 2010-04-24 16:12   503808   ----a-w-   c:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3f4b5f0c-n\msvcp71.dll
2010-04-24 16:12 . 2010-04-24 16:12   499712   ----a-w-   c:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3f4b5f0c-n\jmc.dll
2010-04-24 16:12 . 2010-04-24 16:12   348160   ----a-w-   c:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3f4b5f0c-n\msvcr71.dll
2010-04-24 16:12 . 2010-04-24 16:12   12800   ----a-w-   c:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-19c97f68-n\decora-d3d.dll
2010-04-24 16:12 . 2010-04-24 16:12   61440   ----a-w-   c:\documents and settings\Chris\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-19c97f68-n\decora-sse.dll
2010-04-24 16:12 . 2009-12-28 13:23   --------   d-----w-   c:\program files\Java
2010-04-24 16:08 . 2010-01-13 18:33   242896   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2010-04-13 00:29 . 2010-04-24 16:12   411368   ----a-w-   c:\windows\system32\deployJava1.dll
2010-03-30 00:22 . 2010-03-30 00:22   --------   d-----w-   c:\documents and settings\Chris\Application Data\Media Player Classic
2010-03-13 16:08 . 2010-03-13 16:08   12464   ----a-w-   c:\windows\system32\avgrsstx.dll
2010-03-13 16:08 . 2010-01-13 18:33   29512   ----a-w-   c:\windows\system32\drivers\avgmfx86.sys
2010-03-13 16:07 . 2010-01-13 18:33   216200   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2010-03-10 06:15 . 2008-04-14 04:42   420352   ----a-w-   c:\windows\system32\vbscript.dll
2010-02-25 06:24 . 2008-04-14 04:42   916480   ----a-w-   c:\windows\system32\wininet.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue ProcessQuickLink 2"="c:\program files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe" [2008-04-02 655640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-26 98304]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

c:\documents and settings\Chris\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-5-13 0]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-03-13 16:08   12464   ----a-w-   c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Chris^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\documents and settings\Chris\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccipStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 04:42   15360   ----a-w-   c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 04:53   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Documents and Settings\\Chris\\Local Settings\\Apps\\2.0\\6KK5HERP.E7G\\CDX17JR6.5OE\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8370:TCP"= 8370:TCP:League of Legends Launcher
"8370:UDP"= 8370:UDP:League of Legends Launcher
"8372:TCP"= 8372:TCP:League of Legends Launcher
"8372:UDP"= 8372:UDP:League of Legends Launcher
"6976:TCP"= 6976:TCP:League of Legends Launcher
"6976:UDP"= 6976:UDP:League of Legends Launcher
"8373:TCP"= 8373:TCP:League of Legends Launcher
"8373:UDP"= 8373:UDP:League of Legends Launcher
"8374:TCP"= 8374:TCP:League of Legends Launcher
"8374:UDP"= 8374:UDP:League of Legends Launcher
"8375:TCP"= 8375:TCP:League of Legends Launcher
"8375:UDP"= 8375:UDP:League of Legends Launcher
"6953:TCP"= 6953:TCP:League of Legends Launcher
"6953:UDP"= 6953:UDP:League of Legends Launcher
"8376:TCP"= 8376:TCP:League of Legends Launcher
"8376:UDP"= 8376:UDP:League of Legends Launcher
"8377:TCP"= 8377:TCP:League of Legends Launcher
"8377:UDP"= 8377:UDP:League of Legends Launcher
"6996:TCP"= 6996:TCP:League of Legends Launcher
"6996:UDP"= 6996:UDP:League of Legends Launcher
"6994:TCP"= 6994:TCP:League of Legends Launcher
"6994:UDP"= 6994:UDP:League of Legends Launcher
"6990:TCP"= 6990:TCP:League of Legends Launcher
"6990:UDP"= 6990:UDP:League of Legends Launcher
"8378:TCP"= 8378:TCP:League of Legends Launcher
"8378:UDP"= 8378:UDP:League of Legends Launcher
"6895:TCP"= 6895:TCP:League of Legends Launcher
"6895:UDP"= 6895:UDP:League of Legends Launcher
"6936:TCP"= 6936:TCP:League of Legends Launcher
"6936:UDP"= 6936:UDP:League of Legends Launcher
"6970:TCP"= 6970:TCP:League of Legends Launcher
"6970:UDP"= 6970:UDP:League of Legends Launcher

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1/13/2010 11:33 AM 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1/13/2010 11:33 AM 242896]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [3/13/2010 9:07 AM 916760]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3/13/2010 9:08 AM 308064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper   REG_MULTI_SZ      getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-05-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
FF - ProfilePath - c:\documents and settings\Chris\Application Data\Mozilla\Firefox\Profiles\504ita1a.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://home.myspace.com/index.cfm?fuseaction=home
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\Chris\Application Data\Mozilla\Firefox\Profiles\504ita1a.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-25 13:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(664)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3492)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
.
Completion time: 2010-05-25  14:00:47
ComboFix-quarantined-files.txt  2010-05-25 21:00

Pre-Run: 69,277,855,744 bytes free
Post-Run: 72,453,562,368 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - E6F62A149FF375677A83094CB3E0BD16

I know it has something to do with the sound because when I terminate it, the sound goes off permanently until I re-log onto the computer. I remember in the "run" command that there is a "ms" something or other that brings up all these things where I used to be able to turn it on and off. I used to use this prompt to turn the sound off, then turn it back on and the computer would run just fine. But I would rather not have to find all this information out again and maybe there is an underlying cause to all the problems I am having.

[Dr Jay]

What is the file you are terminating?

[visceron]

I terminated System:



I dont terminate it anymore, but when I did, it was the sound that went out on my computer. I dont know what that combofix log is all about, but I posted it because you techies would know what to do.

[Dr Jay]

If you terminate System, you are terminating a required process for your computer to run.

Any other processes that depend on the System process will fail.

This is why your sound no longer works if you terminate the System process.

[visceron]

But why is this System process so high? I used to be able to enter this "run" thing where i could turn on and off system things and I would turn off the sound when system was at an all time high but average 96k and then turn it back on to have system running way lower.

Other then all this arguing, is there a way to get my system running alot lower then 96k?

[Dr Jay]

96 K is not a lot. There are other processes that are well over 10,000 K. 96 K does not scratch the surface to be running high.

It is a required Kernel process, so terminating it can cause severe instability in your computer.

I would recommend to only terminate processes that have your own Username next to them.

[visceron]

This is not as helpful as I thought it would have been. Usually that process runs no higher then 30k which is 60k lower then what it is at right now. If there is nothing here that can solve it, maybe you can point me towards that run prompt where it gives me a list of all the main system things so I can turn it off then back on again.

[BC_Programmer]

This is not as helpful as I thought it would have been. Usually that process runs no higher then 30k which is 60k lower then what it is at right now. If there is nothing here that can solve it, maybe you can point me towards that run prompt where it gives me a list of all the main system things so I can turn it off then back on again.

You're agonizing over 60 Kilobytes of memory usage? Actually- you arent. it's MB, judging from the screenshots. my System process is using 108MB at the moment, and I'm not concerned because it's working fine.


Is you're system having problems as a result of this extra usage? Because it sounds to me that all the issues you've described such as sound cutting out are directly related to your penchant for terminating processes with reckless abandon.

[Dr Jay]

I am just going to go out on a limb here, and say that Catalyst Control Center (ccc.exe) is causing the System process to jack up.

Try to end the Catalyst Control Center, and see if System falls.

Seems if this is not the issue, then there is a hardware device driver not configured properly. (Maybe Sound driver?)

The System process does not run on an executable image. It runs solely on processing threads of the operating system at Kernel level. Whenever a new library is loaded in the Windows task manager, the System process will host it to the operating system so it can be used properly.

The System process has an important job in managing the resources of the operating system.

Whenever this process spikes, it means it is hosting too many threads and not able to configure devices properly.

CCC.exe can be an issue, because it is known (by discussion online) to be a very big resource hog. It consumes too much power on the system.

So, let me see what happens when you end CCC.exe.

Our next step would be to use Process Explorer to investigate the System process.

[visceron]

I closed it but the system is at a solid 96k still.

[Dr Jay]

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.

[visceron]

Here it is. Sorry for the time between. Lost my net.

[recovering disk space - old attachment deleted by admin]

[Dr Jay]

I am going out on a SECOND limb here, and saying that AVG is the primary culprit.

It likes to hide its memory in the System stack.

Try to uninstall AVG and install Avira free from http://free-av.com

To remove AVG, download and run this: http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

Then, let me know if this has helped.