I've been having a lot of weird performance issues lately. For some reason today my CPU was just getting maxed out within minutes of booting. My first thought was a virus or spyware, but after some digging around with the excellent application Process Explorer, I was able to find a thread in the system process that was eating all my CPU cycles. It was a DLL named "ssrtln.sys".
Troubleshooting this was a real pain. This DLL was eating so many CPU cycles, that it was actually preventing many applications from even loading (including Internet Explorer, the Control Panel and Windows Explorer.) Turns out this DLL belongs to the Sonic Solutions, which was part of the IBM DLA drivers which were loaded on my IBM ThinkPad R50p.
Since the driver is not loaded in Safe Mode, I tried booting to Safe Mode to remove the driver. Turns out, you can't uninstall this particular piece of software in Safe Mode.
<rant> What's the point of prevent software from being uninstalled in Safe Mode? The whole point of Safe Mode is that it should be a minimized environment that you can boot to in order to fix problems with your computer. If you can't uninstall the software that's causing Windows problems from Safe Mode, doesn't that in essence defeat the point? Ok, I'm down ranting. </rant>
Anyway after some finagling, I discovered that the Control Panel and the Add/Remove Applications would load, provided I loaded them immediately after logging in to Windows XP.
After removing the IBM DLA application, my systems been running like new. I really wonder how long this stupid driver has been causing me problems, that I just put off as swap files being written to/from.
The moral of this? Well, I guess first to warn about using any DLA software (it's software designed to allow you to use a CD-R/DVD-R as a standard drive) and also to promote Process Explorer.
I've used Process Explorer for several years and I've found that about every six months or so I find I really need it. What makes Process Explorer so much more useful than just the built-in Windows Task Manager is that it not only shows you the full path of the processes, but it will also show you all the individual handles and DLLs loaded. You can even view each thread and the resources their using, which is how I was able to track down the rogue thread eating all my CPU cycles.
The people over at SysInternals have put together a very useful tool and ever heavy Windows user should have Process Explorer on their PC. If you choose, you can even have it replace Windows Task Manager.