Larian Studios Forums General Chat Chat (Anything) Please help 100% CPU usage.

After I start my computer and Windows loads, I press ctrl-alt-del and look for cpu usage it shows usage 100%. <img src="/ubbthreads/images/graemlins/XmasEek.gif" alt="" />

And since yesterday my Kaspersky antivirus program doesn't work anymore.

Ok, here comes long list of things I have done:

Clean up processes. Startup is now empty. MSconfig startup is also almost empty.

I scanned my PC with Ad-Aware and Cleansweeper.

I have installed all updates from Microsoft (still using XP SP1).

I have installed f-prot but it has been scanning drive C: all night and was still at about 20 % at the morning (approx 200mb used on C <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />.

I have one strange file on c: it is 840650.exe (numbers may wary)
Can't delete it even in safe mode. Doen't exist in registry.
Another strange file - pagefile.sys - approx 720mb.

Uff, I have huge catalog with Nvidia stuff. Weird, because I have ATI card so never installed any NVidia products.
There is empty MSIupdate catalog which is strange.

The only thing I think of trying when I come home is uninstalling Kaspersky, who knows maybe it has corrupted and causng CPU usage.

Rather than that I am completely out of ideas, please help <img src="/ubbthreads/images/graemlins/puppyeyes.gif" alt="" />

i heard throwing your computer out of the window helps relieve stress

Although i know that some of us are on a budget(well i am <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" /> ) so just tear out your hard drive and if it doesn't come loose swing your case around the room a little bit and bash it against the wall a couple times... then throw your hard drive out the window....

if your really stressed you can take your hard drive and stand on a bridge and drop it over an express way...

hope this helps <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" />

Virgo, but I am sure that my hard drives are ok.
BTW, they are not swapping, this is also strange.
But, programs are slowing down considerably. I tried to save small text file from internet and save window stopped responding.

I am not on budget so can't afford throwing things (but this is actually what I really want to do <img src="/ubbthreads/images/graemlins/memad.gif" alt="" /> <img src="/ubbthreads/images/graemlins/memad.gif" alt="" /> <img src="/ubbthreads/images/graemlins/memad.gif" alt="" />)

PS Is this the first time me using mad smile. Ohh I enjoy it now <img src="/ubbthreads/images/graemlins/memad.gif" alt="" />
(Egin looks for heavy battlehammer to revenge PC sleepless night he had today)

- Download the McAfee Stinger virsus-scanner. Use it. <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

- Try out also F-Prot DOS Shareware version. http://www.f-prot.de/down/tools-f.php (file FP [nuber] .ZIP there - the .DEF definition files are very often far more recent)

- and also AntiVir , a free virus-scanner. http://www.free-av.de

Hope this helps.

By the way, the pagefile.sys is the swap-file. I thought you knew this ? <img src="/ubbthreads/images/graemlins/winkwink.gif" alt="" />

Alrik.

P.S. : Go to www.sysinternals.com and download the Process Explorer ! It's the far best tool for finding out what's going on ! (At least the best I know of. <img src="/ubbthreads/images/graemlins/winkwink.gif" alt="" /> )

some sugestions:

*it could be you have a memory problem.
Maybe one of your memory sticks is malfunctioning.
*your harddisk is completely full, you have to delete some files on it.
*your pc is infected with a virus.
*your registry is corrupted
you could do a regclean/repair
*there are somehardwareproblems. maybe some wrong drivers were installed?
check out control panel -> system -> hardware tag -> decive control (?) it's the above button,
and then you can see a yellow question mark in front of the hardware thats not right installed.
*look in software, for installed components that werent there before, like nvidia display drivers etc...

Try running around, whaiving your arms in the air and scream as a lutitic. Not that it helps, bt you'll feel better afterwards <img src="/ubbthreads/images/graemlins/up.gif" alt="" />!

Übereil

PS If something like this would happen in my house, my father would reinstall the whole computer. DS

sounds like something i would do
well i usually have two hard drives one for games and the other for "stuff" *starts laughing evily muahaha ha haham muaha muauhah* oh sorry <img src="/ubbthreads/images/graemlins/silly.gif" alt="" />
then anything important "usually downloaded material" i would have saved on a cd


<img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" /> operation format TIME!!! (only 30 to 15 minutes of your day) <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" />

<img src="/ubbthreads/images/graemlins/silly.gif" alt="" />

Would 840650.exe (numbers may vary) happen to be...
Xerox Printer Drivers - 840USB98.exe

Also, pagefile.sys is the WinXP version/name of your swapfile that was used in WinME and older.


Kyra_Ny <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

Uninstall kapersky and install and run a different av program such as
http://www.free-av.com/
This one is free and has daily updates and I have used it to rescue the computers of 2 people recently whose Norton didn't do the job.

Definitely make sure there is adequate storage on the HD which well exceeds the size of your swap file.

What did you come up with on the adware and Cleansweeper scans?

Go to msconfig>services. Check the box that says "hide all microsoft services"
If there is anything strange there google it. If you get a bad result from google then uncheck it and remove it from your system.

If you have a virus,trojan, or malware infestation you may need to run the scans in safe mode and regular mode more than once and while you are disconnected from the internet.

There are certain places where virus,trojan, or malware infestations like to hide.
Delete all the .tmp files and temp internet files--you can use the disc cleanup utility to do this.

Open My computer or Windows Explorer. tools>folder options>view; Make sure show hidden filesand folders is checked. Go to c:/windows/system 32. Click View details Arrange the icons by date modified. Look through the recent past and if any files look suspicious to you google them and delete them if necessary--but only if absolutely sure they are bad If you have found virus,trojan, or malware infestations you may need to make some changes in the registry. But we'll talk about that later.

This process takes hours and hours. Consider a fresh installation of XP instead. However, if you have not found any virus,trojan, or malware infestations,, perhaps you have a hardware problem.
Here is a link to a troubleshooting guide. Read all the way through it including the comments before implementing it.
http://arstechnica.com/guides/tweaks/troubleshooting.ars

Let us know how it goes.

An easy way to solve this problem, do a fresh installation of XP like clegaw said, try xp sp2, and almost with sure you`ll not have more this problem, one more thing when you go to do the installation:
When you run the xp setup program using the cd, you can manipulate your partitions at your disk, do two primary partitions - C:/ and D:/, your important files stays at d:/ and your system what is instable stays at c:/, what you can format and reinstall your programs without loose your important files, one more thing, xp sp2 has an important security agent to keep your computer safe, the xp firewall too can help, you don`t need to have an antivirus running all the time and spend more memory and processor but if you feel safe with it, keep it, i prefer to use the online symantech checker. Try to uninstall your current protections programs, like antivirus and spyware removal tools and install them again. Pagefile.sys is your swap file and is high, see if your memory isn`t with problems and if all memory you have the system can see it.

A few days ago, I had to clean a PC of a neighbour from the worm "Francette". It was an interesting experience. <img src="/ubbthreads/images/graemlins/winkwink.gif" alt="" />

Ok, my line of work.... finally <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" />

Ok, start with 3 things in this order:

download:
EnditAll2
Spybot Search and Destroy

Run EnditAll and see what all is running... you may "protect" your vital programs (like antivirus etc.... but keep this as LITTLE as possible)...

[color:"orange"] Please note: Unprotect anything that just says "Services" as a name... yes it is your MS services, but VERY VERY often it is infected with something at that point in time. You may also unprotect ANYTHING that you are not sure of the name / description... the program will have its own description of the vital stuff (and the very vital stuff will have a lock with a green aura) [/color]

After that is done. Click on the "Kill all" button. Refresh the screen, wait 60 seconds, refresh again.... kill anything that happened to run in that time.

AFter you have that done.

Run Spybot S&D. During installation Make sure that you install the "Teatimer"

The program starts with a wizzard, so let it immunize your computer, let it update, and do all those things....

After that, before you even check for problems.... click on "Mode" and change it to advanced.

In the "tools" section at the left hand side, you will find "startup"

Go through the list (there is a description tab that you can open up on the right hand side.... this will tell you what you should keep and what you may SAFELY delete (dont be scared to DELETE the stuff that is marked, "spyware or resource hog"

Stuff that are marked "not usually nescesary" you can deside if you REALLY need them on startup.

Files marked with numbers or just random letters that are running from the following directories:

..\windows\
..\windows\system32\

DELETE THEM OUT OF YOUR STARTUP, they are viruses and will likely not get detected by antivirus programs because they cloak themselves.

runt he check in spybot, and fix all the problems.

after that go back to tools and run a "system internals" check and delete all the problems it finds (i have never found this to cause any problems, since it only shows you regestry entries that points to missing targets / files - So its safe to delete all these)

After all this....

go to :
Trend Micro's Housecall

Let them do a full system scan for virusses.

After that restart your system and run spybot again.

See if your CPU usage is back to normal now (some computers startup with a 100% cpu usage, but that should never continue for more than 2 minutes at most), after that your cpu usage should be under 20 % until you run programs.

If that doesnt fix it, run Enditall again and write down all the stuff that is running, run spybot and write down all the stuff in startup and pm it to me.... i should be able to tell you which one is the culprit)

I do this for a living.... clean up virus residues and spyware...

Spybot is much more powerful than adaware and cleansweep.... and since "teatimer" will tell you of every registry change, you KNOW when something is trying to climb back into your registry...

BTW i forgot to mention.... as you remove things out of your startup, or fix problems with the program, it will popup with questions of do you want to "allow" or "deny" a change....

If it says "value deleted" click allow ALWAYS......
If it says "value changed" READ what it wants to change and decide from there... during the fix problem stage, you can always allow a value change
If it says "value added" READ very carefully, if you are not sure, DENY the change.... cause this is the one that viruses use to get back into your registry.

Trend micro is one of the Very few anti-virus packages that so far found every virus i encountered....

Norton is bad..... (i have removed over 300 viruses off a computer with norton fully updated)
Mcaffee also lets viruses through and there are currently about 3000+ viruses that they dont include in their defenitions.
Fprot is just as bad as norton.
I have not tested all of the smaller ones, bt mostly i found them to have their lackings aswell.

Endit All, is just one of those miracle programs that i use to dig out ANYTHING that is running and trying to hide from me... It can even end some processes that microsoft technet tools cant end. The feature that it can kill services is absolutely vital, since most of your new irritating viruses, now writes itself to your services profile so that windows cant catch it (and norton cant either)

Gods ... I think I love you Lady_Rain, "Enditall" is 1 of those programs I sometimes would have died for thank you very much <img src="/ubbthreads/images/graemlins/smile.gif" alt="" /> <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" /> <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" /> <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" /> <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" /> <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" /> <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" />

Pleasure <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

Its amazing how little you need to fix ANY problem.... but end it all is just ONE of the 3 things i NEED...

BTW: have you used the new enditall???? it makes the old one look useless...

WoW <img src="/ubbthreads/images/graemlins/XmasJump.gif" alt="" />

maybe i should stop throwing my hard drives out the window and call lady rain instead <img src="/ubbthreads/images/graemlins/up.gif" alt="" />

it is getting kinda cluttered out there <img src="/ubbthreads/images/graemlins/silly.gif" alt="" />

I have a handy use for old hardrives... i do a little sowing sometimes.... there is nothing that can pick up a pin from the floor, like a harddrive magnet <img src="/ubbthreads/images/graemlins/evilgrin1.gif" alt="" />

And no i cant fix stuffed hardrives... but i can keep them running for longer <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

hmm... looks like Lady Rain ends it all. <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" /> with solid advice! <img src="/ubbthreads/images/graemlins/up.gif" alt="" />

Omg, I didn't imagine, I couldn't even dream to see so many replies, so many absolutely resourceful, useful, professional advices. Thank you all!!!!

I have found my problem. It was Kaspersky Antivirus program. Something happened to it, so it kept working in systray all the time. Maybe it continuously tried to initialize so that was eating all my system resources. I have uninstalled it.

Now my system works fine, at home but <img src="/ubbthreads/images/graemlins/puppyeyes.gif" alt="" /> ... <img src="/ubbthreads/images/graemlins/puppyeyes.gif" alt="" /> today at work.

It seems that somebody messed with my PC yesterday. I have 2 more links in favs, new set of toolbars some SearchNugget Toolbar. It is absolutely clear it is ad/spyware.
AdAware found about 60 items to kill, including 2 processes.
But, but Cleansweeper crashes the system everytime I run it. It seems that now it has somehow corrupted.

But anyway, all those things that were described here were very very helpful for me. Thank you.

PS Kyra Uff, the most difficult question is what processes can I kill with Enditall? I have 14 at work and I think even more at home.
Can I kill winlogon or pwic, lsass or svchost (and why do i have 4 svchosts?)
<img src="/ubbthreads/images/graemlins/confused.gif" alt="" />

Those you cannot kill, winn automatically be protected in enditall....

and those that you shouldnt have killed will restart as soon as you need them in anycase.... so there is no harm done in killing anything....

the worst thing that can happen when you kill processes that shouldnt have been killed, is you cant download off the internet... whoopy, that corrects itself after a restart....

and 14 processes are normal.... depending on the system configuration, even up to 50 is normal....

As for the messing with your computer at work.... install spybot... it immunizes your computer against a LOT of spyware... so it makes it much more difficult for spyware to hop aboard. as for cleansweep crashing.... that happens because some spyware actaully attack cleansweep.