PDA

View Full Version : Exe causes 100% cpu usage



supergran
03-12-2009, 12:24 PM
just got my computer back for the third time, new install XP proffesional, and the hard drive was only half there. So partitioned, well he did via logmein, and formatted other half, and now sometimes I open an exe the computer slows right down, and in the task manager it says 100%, then sometimes drops back. Even dupdetector does it, and some of my big fish games, won't even run without being very jumpy.

Yes, I have put a lot of my stuff back in, no, there isn't a virus!

Firefox is also stealing mem usage, when I started it back up under 5 minutes ago, usage was 35k already up to 145,000kbut this time it actually seems to be holding around 145,000 mark, where earlier today it was up to 300,000 real quick. Duh, I complain and it comes right.

Can java/flash cause this sort of stuff, or is it just something I have to put up with.

Do I send it back to the techie, once again. 3rd time since August, but longest time I have had it without it completely crashing.

System just over a year old, AMD Athlon 64x2 Dual Core 4000+ 211Ghz 2 gig ram

TIA

wainuitech
03-12-2009, 12:43 PM
It came back from some tech- like this - after a fresh install ????

Sounds like it wasn't done correctly.

Battleneter2
03-12-2009, 01:10 PM
I think the tech formatting the other partition is not relevant to your current problem probably the timing is coincidence.

100% CPU usage can be caused by anything from malware to a bad video codec (causing 100% usage when browsing folders etc)

Is it really the apps running at 100% or maybe a Svchost.exe?, next time it happens look in Task manager.

pctek
03-12-2009, 04:17 PM
I open an exe the computer slows right down, and in the task manager it says 100%,


What says 100% specifically - the app you try to open or some other exe? That would be the first thing we need to establish.

Chris09
03-12-2009, 04:43 PM
I suggest a Hijack log, and just pin point the highest objects for us to view.

But sounds pretty damn bad actually. Bad techie.

supergran
03-12-2009, 07:53 PM
Ok, so I will first check out what is doing it, but the firefox problem seems to have settled but still going up, but slowly. Back once I see what is doing it.

I have had the task manager open, as I got sick of everything seeming to freeze.

Ok, I had dupdetect and skype open, and it was 100%. It said skype at 50 something, and dupdetect 39 but now back to 50. It is NOT the scvhost.exe,

Yes, it come back from the teckie like this and no, I am not happy but as I havent' really had the computer going properly since the end of August, I am hesitant to send it back yet again.

Ok not sure if I am doing this proper, but will add two screen shots. The first one of the task manager, the next with the performance screen

http://farm3.static.flickr.com/2776/4154323265_cf93f28a65_b.jpg

http://farm3.static.flickr.com/2728/4154322939_578dc4a752_b.jpg

It come back with a new video card and new motherboard

Speedy Gonzales
03-12-2009, 08:00 PM
If it affects FF more than anything else, it could be an addon

supergran
03-12-2009, 08:07 PM
Doesn''t affect that more than other things, just that this is what I use most. Was going to go and uninstall java, and then try hijack this, if no one can come up with other suggestions.

I did leave a message on the tech answer phone 3 days ago, but he ignoring me I think LOL

Is the split screen on the performance tab the two halves of the hard drive? Sorry for dumb question, but never had that before

gary67
03-12-2009, 08:29 PM
No it is two parts of a dual core processor. where in NZ are you?

supergran
03-12-2009, 08:29 PM
Don't know if this will help, but here is the Hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:28:33 p.m., on 3/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Desktop Calendar\Desktop Calendar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Xnet Usage Monitor\XNetUsage.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [Desktop Calendar] C:\Program Files\Desktop Calendar\Desktop Calendar.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe
O4 - Startup: Xnet Usage Monitor.lnk = C:\Program Files\Xnet Usage Monitor\XNetUsage.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258498773092
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9851 bytes

supergran
03-12-2009, 08:40 PM
Just out of christchurch

I can't even play Bejewelled Blitz on Facebook, it stops and starts. Grrrrrrrrrrrr

Ok, am going offline, will be back to check for any answers tomorrow, thanks in advance.

supergran
04-12-2009, 07:55 AM
Can someone please check the hijack log, even if you have no answers for the rest of it.

Battleneter2
04-12-2009, 08:30 AM
Having a quick scim, can't anything much.

I would personally loose Zone Alarm, it is a resource hungry over reporting hunk of junk, a few people here like it, so am sure will disagree. Personally id rather have most viruses and be hacked it will cost less in performance lol.

Here is what i would do from here.

Run "MSconfig" from "run" and go to "Startup". Un-tick as as much as possible from starting when the Machine boots. Everything like Logmein, Itunes bla ba. Anything your not sure about either google or leave.

See how it goes for a day or so, if it looks good start allowing apps to startup again and see which one causes the issue.

What Spyware/malware scanner are you using?

supergran
04-12-2009, 08:50 AM
malware/spyware scanner, none at present, haven't even had it reformatted for a week, but I usually use crap cleaner and malwarebytes. At least I think they are the two I was using before motherboard and videocard crash.

Thank you to whoever said about the add on's on firefox, I have disabled the ones I could, and firefox is behaving.

Now for the rest, thanks, I will try msconfig, and go from there.

does the printer have to start on start up? It always does, and I can't figure out how to stop that, or the webcam through their folders, guess I will find them in msconfig too.

linw
04-12-2009, 09:12 AM
I'm with Battle. I'd do the same. AVG and ZA have long been struck off my list. Set the Windows firewall on (windows might do that, anyway, but check) after uninstalling ZA.

gary67
04-12-2009, 04:44 PM
Ccleaner also allows you to disable things from running on start up, you can turn off the printer and webcam from running at start up there

Speedy Gonzales
04-12-2009, 04:50 PM
You can tick these entries in the log then tick fix checked

Close browsers

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

If you dont use nero home you can tick this

O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

I would disable indexing, open my computer / right mouse on C / properties. Untick indexing

supergran
04-12-2009, 07:51 PM
Will go do that now thanks Speedy. I will have to run hijack this again, and maybe some of it will be different, as I unticked indexing last night, when someone suggested it.

Today, after following directions and doing stuff you all advised me to do, ie I disabled the add ons, and obviously, something I disabled in msconfig worked, as the puter is working beautiful.

Now I am just too scared to reboot in case it is a fluke. LOL

Thanks everyone, and will go to the hijack stuff now.

PS do you guys rely on the Windows firewall with XP? I use Avast for virus.

Speedy Gonzales
04-12-2009, 08:07 PM
Use ccleaner and delete them under tools / startup. It'll do the same thing. Also if Nero scout is enabled disable it. I think it puts an icon in my computer (right mouse / properties I think). Depends what you do really (and where you go / what you get), and how paranoid you are, whether you install a firewall or not. I 'm just using Vista x64's firewall. And a modem/router

supergran
06-12-2009, 10:06 AM
Yea, my techie also told me he doesn't like zone alarm, and yes, I am a bit paranoid, my main place to visit at present seems to be facebook, and yes I do play the games there. LOL

Now going to try and disable nero scout, and yes, will do that in ccleaner.

Thanks everyone, you guys rock. I would hate to say how much your advice saves me in computer tech bills.

supergran
07-12-2009, 02:22 PM
Ok, it was a flluke, just double checked and everything I was told to do, I did, and we are back to slow! Oh well, thanks everyone for trying.

I have even uninstalled and reinstalled firefox, as that does keep going high, especially using facebook aps.

I think it must be a java or flash thing but will uninstall and reinstall them another day.

Battleneter2
08-12-2009, 09:48 AM
bad luck supergran. At the end of the day you could spend another 5 hrs trying to fix the problem and fail, or bite the bullet nuke it spending maybe 3-5hrs putting all ya guff back on.

I have had to nuke a notebook in the past being unable to solve the exact same "symptom" so I feel your pain lol.

supergran
08-12-2009, 02:00 PM
Ok, thanks heaps anyway.

supergran
09-12-2009, 09:15 PM
Ok, I give up, sending it back to the tech for another fresh install