100% cpu load, reason unknown.

Hello all. Not sure if this is the right sub forum for this type of questions, so please move it if necessary.

Yesterday I was asked to look at the PC remotely by my friend to check thinks (you know, check for viruses, clean stuff etc). I noticed it was running very slow, I looked at task manager it said cpu load was 100% but when I sorted the prosecces by cpu usage, no process was using 100% cpu or even close, while idling. (System Idle proccess was at 80 - 90% I think and other processes didn’t add up to anywhere near 100%, show processes from all users are checked). I scanned the system with MBAM, super antispyware, Hitman pro, CCE, TDSS killer and Emsisodt emergency kit. apart from bunch of tracking coockies everything turned up clean. No malware or even unknown entries in Killswitch and Autorun analyzer.

Wierd thing I noticed, according to Windows task manager, Process explorer and killswitch CPU hog (the cilprit) is whatever program I start, I mean if I start CCE, it will use 60 and up % cpu, if I start process explorer then it will use 60% and up of CPU etc.

I don’t think it’s HDD PIO mode problem.

Since it was remote connection I couldn’t use safe mode or boot cd.

Os on that PC is Win 7 x32
CPU is Pentiom 4 2.93 Ghz
4 gb Ram

I’ve run out of ideas, any help?

Maybe it’s just a bunch of temp, logs and other stuff that has build up over time that’s slowing down the pc. You can use ccleaner or even comodo system cleaner <-----either case, save a backup of whatever gets cleaned. That way if something bad happens(not likely, it can always be put back the way it was before starting) :slight_smile:

I posted a portable version of ccleaner here, if you want to try that out.

I used Ccleaner for disk and registry clean-up, and defragmented all drives with Auslogics disk defrag… no effect on CPU load… it still says 100% load with whatever I start being cpu hog…

There are no unknown devices or devices with error(s) in device manager (there were 2 devices without drivers, but I found apropriate drivers for them).

Has any software been updated recently??

You say you don’t think it is HDD PIO mode problem. Did you check to be 100% sure? It can really contribute to hight CPU usage.

Let’s see… updated \ installed software: MBAM free, Emsisoft emergency kit, CCE, Super antispyware, Hitman pro (on demand only), TDSSkiller, Ccleaner, Auslogics Disk Defrag.

Installed drivers for 2 unknown devices, one of them was Asus acpi and other was RTL8187_Wireless.

HDD is listed as ST3200826AS ATA Device, appears to be SATA HDD and I think PIO problem are only for IDE HDDs

Cd-rom is listed as _NEC DVD_RW ND-4551A ATA Device, so I don’t think is the problem, no disk was present in cd-rom drive…if that matters.

Hello all,

I’m interested in how to sort this problem out. My desktop (W7-64bit, Q6600 4core 2.4Ghz, 8GB RAM, nice Gigabyte MB, and no overclock) is having the same issue. A full mode virus scan taxes my CPU so badly that basic functions like opening a window bogs down. CPU spikes and stays from high 80s to 100% load the entire scan duration. The scan process renders my computer unusable until it is complete. I have the latest updated Pro version of CIS installed. Also something to note, my RAM usage never goes above 50-60% during this time.

What I find interesting is I have the free version of CIS on my laptop(HP dv6-3050us, 4core, W7-64bit, 8GB RAM) and it runs nearly the opposite. My RAM gets taxed and my CPU rarely spikes to high 80’s. It is also completely usable and barely has lag.

Something is up for sure. What is this HDD PIO mode problem?? Is there a setting I’ve chosen I can change somewhere? This is the only program short of Prime95 that taxes my CPU so much.

Cyber high-fives to anyone that can help. Thanks

PIO is sort of last resort transfer mode for HDD, if anything else is unavailable, it works but it’s very CPU demanding and pretty slow… That’s how I understand it anyway, correct me if I’m wrong.

You can see your current transfer mode with system info programs like Speccy ( Download Speccy for Windows - Filehippo.com ) hard drives section. Mine is using Sata III mode (see screenshot).

I’m pretty sure the problem PC is using Sata I mode… but I’ll double check that when I’m able to connect to it.

MetalMaster, if your CPU spikes only when you’re doing antivirus scan, parhaps you got some other antivirus or antimalware or some sort of real-time scanner running along with CIS (Windows defender for example). Or parhaps remains of a previous anti-virus \ security suite you were using wasn’t complete deleted. These are some uninstall tools for popular security products, if you were using any of these before CIS, they might clean things up ESET Knowledgebase

Here is some info I got from that pc:

System specs by speccy http://speccy.piriform.com/results/7DaspOq754NJO45Y5IAwEBI

HijackThis log and GMER log - if anyone can read those

Hope this helps.

Looking into the hardware specs Speccy says the SATA transfer mode is SATA III where the hard drive is SATA 1. That’s odd. Can you check that BIOS setting match SATA modes between motherboard and hard drive?

I checked your Gmer log. The entries for the registry. Are they in red when looking in the Gmer interface? Red means they are hidden. Can you show a screenshot? I attached an image of that part of the registry that Gmer is pointing to from my Windows 7

Another thing that I notice is the very limited amount of services running. Is this a stripped, nLite, version of Windows 7? May be there are services not running that should be running. It is possible to strip Windows with nLite and make it no longer function like it should.

I can’t really check the bios remotely…can I? But I could try to tell someone over there to check it for me over the phone. What should I … or they be looking for exactly?

There weren’t any red entries in GMER interface so I just saved the log and posted it here.

They seem to have Win 7 Ultimate x32 on that Pc, I have no idea if it’s stripped nLited or anything… Is there any specific services that could affect CPU usage when not running, I should look out for?

There is nothing I can add to help you diagnose over the phone. For the BIOS you need to be hands on and just see if you see anything unusual. We still could be looking at an error by Speccy.

Can you check in Gmer under the registry tab for the entries that are in the logs?

My remark about a possible stripped version was me totally thinking out loud. I can give nothing to specifically look for. Better ask the user or the person who installed for the user.