1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Computer using higher CPU resources recently and slowing down

Discussion in 'Windows XP' started by rk233, Jan 21, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. rk233

    rk233 Thread Starter

    Joined:
    Feb 7, 2007
    Messages:
    84
    I have Windows XP SP3. Use Firefox browser. Antivir AV.with real-time enabled. Just changed firewall from Zone Alarm Pro to Comodo free. Run Malwarebytes Pro Real-Time

    My computer has been running much slower recently, especially over the last month or so. I run some programs and the CPU on the task manager icon gets to 100%.

    I've tried checking task manager and closing down some programs that might not be necessary such as mbam.exe and a few others but this still uses much more CPU resources than it use to several weeks ago. I've taken out start-up programs that aren't need too. I've tried disabling in MSconfig and services unneeded items. I've also tried disabling Malwarebytes from start-up but this does not help things.

    I had no problems running all these programs together until the last couple weeks. My Antivir antivirus which usually took about an hour to run now takes more than 1.5 hours, very slow, and task manager icon showing high CPU when this is run.(I may need to uninstall/reinstall this)

    I have at least 2GB ram so memory should not be an issue. I do realize that my hard drive C: is filling up and now about 80 GB of the 110 GB allotted so this may be part of the issue but there must be more going on since I have not stored that much more on the drive recently.

    I checked in the Control panel>System programs>Perfomance>Virtual Memory and noted that the "Pagefile size for selected drive" has a check by "system managed size" then below there is a section on paging size.

    It states 3837 recommended
    2558 MB presently allocated paging size


    Should this be changed and if so how?
    . The above section gives an initial and final value and 3 choices of things to check off. (I have "system managed size" checked")

    The Antivir and Malwarebytes programs just updated their engine versions in Nov/Dec. They may be using more resources but I don't think this is the problem as the computer ran Antivir fine (abt 1 hr) until just recently. Malwarebytes runs normally -still about 1 hr.

    Is there anything else I should check or programs to run? I have posted a thread on Malware Forum just recently and it does not seem like I have malware on my system. (You can check logs there if you'd like).

    Thanks for your assistance.
     
  2. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    MBAM Pro has a tendency to conflict with antivirus software, especially if they are both set up to load at Startup.

    To correct this problem, you'll need to add the following MBAM files to Avira's exclusion list:
    • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    • C:\Windows\System32\drivers\mbam.sys
    • C:\Windows\System32\drivers\mbamswissarmy.sys
    ===================================================================

    Please click HERE to download and install HijackThis.

    Run it and select Do a system scan and save a logfile from the Main Menu.

    The log will be saved in Notepad. Copy and paste the log in your next reply.

    IMPORTANT: Do not fix anything
     
  3. rk233

    rk233 Thread Starter

    Joined:
    Feb 7, 2007
    Messages:
    84
    I made the changes. Still using much CPU resources:

    My Antivir antivirus has been running very slow very at least the last week. More than 1.5-2 hours to complete ..which in many times it doesn't. It found 2 items in the boot area in the first 15 min. of the scan per one report.

    [I have removed a 15GB folder from the main C: drive to my F: external drive but that does not seem to change things.]...a very SLOW scan that cannot complete.

    I've scanned online with ESET and it has found nothing.

    Any other system tweaks I might want to do? There was a site I went to once that gave suggestions for configuring the services.exe section. (smallvoid.c--)

    What should I do about the above virtual memory page setting?
    ================

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 6:09:15 PM, on 1/22/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\dllhost.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Administrator\Desktop\analyzeme122910.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - S-1-5-18 Startup: Logitech . Product Registration.lnk.disabled (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Secunia PSI (BETA).lnk.disabled (User 'SYSTEM')
    O4 - .DEFAULT Startup: Logitech . Product Registration.lnk.disabled (User 'Default user')
    O4 - .DEFAULT Startup: Secunia PSI (BETA).lnk.disabled (User 'Default user')
    O4 - Startup: Logitech . Product Registration.lnk.disabled
    O4 - Startup: Secunia PSI (BETA).lnk.disabled
    O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 2.lnk.disabled
    O4 - Global Startup: WD Backup Monitor.lnk.disabled
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://download.windowsupdate.com
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1182743078562
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} (Java Plug-in 1.6.0_18) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5434DCB3-376D-4633-89EB-AE97A9EB089D}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

    --
    End of file - 7744 bytes
     
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    You only have the firewall part of Comodo Internet Security, right?

    What processes are showing higher CPU? How high?
     
  5. rk233

    rk233 Thread Starter

    Joined:
    Feb 7, 2007
    Messages:
    84
    This is the HijackThis program from Trend Micro.. I read somewhere that it should be renamed.

    I downloaded a fresh copy of antivir. I found that this new download was about 56MB but the one I downloaded earlier was only about 52MB; thus either my earlier verrsion was corrupted or changes were made in that engine since then.

    I re-ran the program in Norma mode overnight and it ok more than 3 hrs. and I stopped it at about 64% scanned.

    I re-scanned this AM in SAFE MODE and it took at least 3 hrs and seemed to get caught at 64.4% scanned from 1 hr 32 min to 3 hr 08 min +. After the scan got to C: Windows/WinSx it semed to jump back to Document and Settings\Adminstrator\..... I aborted the scan at this point!

    It scanned about 839K files but did not scan for objects in SAFE MODE. My scan on 12/20/10 ran for 1 hr and scanned 444K files. Something weird has happened since then. My CPU usage was still high in SAFE MODE scan.

    I just recently installed Comodo. Is there conflict with Comodo Firewall and Antivir? Perhaps I should try scanning with Defense+ disabled but since I scanned in SAFE MODE with Comodo inactive I don't think this will change things.

    I just installed the Comodo firewall portion..not the AV.

    How can I optimize CPU usage?
     
  6. rk233

    rk233 Thread Starter

    Joined:
    Feb 7, 2007
    Messages:
    84
    How can I send you a snap shot of task manager. I don't know how to make/send zip files and I can't make a screen shot.

    Most CPU is by avscan.exe PID=3084; CPU=98%; Memory = 3720K
    cfp.exe PID=1704; CPU=1%; Memory= 2060K (Not peak memory)

    If there is a way to find thing out by sysinternals process Manager I have that too. Just tell me how to use it effectively.
    Thanks.
     
  7. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    That's what I figured. That's why I had withdrawn my question. :)

    Try Process Explorer. It doesn't require any installation. It'll give you more info on the processes hogging that CPU.


    Do you still find the McAfee SiteAdvisor useful? Did you have the McAfee antivirus with Comcast at one time?
     
  8. surferdude2

    surferdude2

    Joined:
    Jul 6, 2010
    Messages:
    619
    It probably isn't relevant but I'll mention it anyway since you are using Open DNS. I discovered long ago that OpenDNS didn't play well with certain Malware programs. I think it was Ad-Aware or MalwareBytes, don't remember exactly.
    I'll look for my old post on another forum.


    It might be worth a shot to try your system without OpenDNS.

    Edit: It was Ad-Aware but perhaps still worth trying without it. Here's the old post.
     
  9. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    I've used OpenDNS servers myself but without installing any software, and never experienced any trouble with it.

    rk233, if you have OpenDNS software installed on your computer, try surferdude2's suggestion.
     
  10. surferdude2

    surferdude2

    Joined:
    Jul 6, 2010
    Messages:
    619
    Open DNS isn't software, it's a service you can access by setting your internet protocol (tcp/ip) properties differently than normal.

    http://208.69.38.170/
     
  11. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Yes, it's a service but you can have much more than simple DNS settings, like parental controls... I only chose the DNS settings for faster domain name resolution.

    OpenDNS
     
  12. surferdude2

    surferdude2

    Joined:
    Jul 6, 2010
    Messages:
    619
    That's why I mentioned it. If there is a problem resolving a url or perhaps several url's at startup, it could conceivably cause some disappointing system speed condition. I doubt it, but just wanted to present it for consideration. ;)
     
  13. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
  14. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
  15. rk233

    rk233 Thread Starter

    Joined:
    Feb 7, 2007
    Messages:
    84
    I tried running Antivir in Normal mode with the Defense + disabled. It gets to 74% scanned then goes back to scanning from the beginning or from Document & Systems.

    I do not think that Open DNS is the problem but I could try disabling it from my start and running an AV scan.

    I have the McAfee SiteAdvisor for whatever it is worth. Just another opinion on sites. I never had McAfee AV Installed.

    Are there any known conflicts between Antivir and Comodo Firewall?

    How do I effectively use Process Explorer to debug this?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Solved Computer using
  1. Marcella253
    Replies:
    2
    Views:
    196
  2. 8biosdrive
    Replies:
    5
    Views:
    545
  3. Tip1721
    Replies:
    1
    Views:
    525
  4. osephj
    Replies:
    11
    Views:
    723
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/976118

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice