[Solved] Random CPU spikes while idle, possible connection with WoW [game]

Broni · Nov 28, 2010

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.

IMPORTANT! Have PE opened in the background and try to create a report, when the actual spikes happen.

===============================================================================

It may be your Eset as well....
Another thing to try....

Go Start>Run (Start Search in Vista), type in:
msconfig
Click OK (hit Enter in Vista).

Click on Startup tab.
Click Disable all
IMPORTANT! In case of laptop, make sure, you do NOT disable any keyboard, or touchpad entries.

Click Services tab.
Put checkmark in Hide all Microsoft services
Click Disable all.

Click OK.
Restart computer in Normal Mode.

NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
If you use Windows firewall, you're fine.

Same problem?

wiera · Nov 28, 2010

Firewall was on but I restored default settings, something was changed there.
It's not eset too, same thing like with spybot - downloaded the trial version to find infectons causing spikes.
I already have process eplorer and like i said :wow goes from 15% to 50%, skype from 15% to 45% and another silly service up to sumary 100% usage of CPU
I'll try to catch a moment when spike occur becouse they are less likely and much shorter after Your cure.

Broni · Nov 28, 2010

downloaded the trial version

I suggest, you uninstall it, since it's a trial and go for one of the freebies:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
- Avira free antivirus: http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html

wiera · Dec 2, 2010

Skype on/off -> no result
WoW off -> spike off
Now im looking for an addon that may cause the spike.

Process PID CPU Private Bytes Working Set Description Company Name Command Line
Wow.exe 3520 41.72 562*156 K 563*596 K World of Warcraft Retail Blizzard Entertainment "C:\Documents and Settings\Wiera\Pulpit\World of Warcraft\Wow.exe"
Skype.exe 3892 41.38 85*604 K 48*400 K Skype Skype Technologies S.A. "C:\Program Files\Skype\Phone\Skype.exe"
procexp.exe 1324 11.72 14*396 K 5*836 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Documents and Settings\Wiera\Pulpit\procexp.exe"
DPCs n/a 2.41 0 K 0 K Deferred Procedure Calls
services.exe 892 1.38 1*764 K 3*500 K Usługi i aplikacja Kontroler Microsoft Corporation C:\WINDOWS\system32\services.exe
Interrupts n/a 0.69 0 K 0 K Hardware Interrupts
lsass.exe 904 0.34 3*852 K 1*180 K LSA Shell (Export Version) Microsoft Corporation C:\WINDOWS\system32\lsass.exe
explorer.exe 3484 0.34 12*924 K 25*412 K Eksplorator Windows Microsoft Corporation C:\WINDOWS\Explorer.EXE
wmiapsrv.exe 2072 2*268 K 4*004 K Usługa karty wydajności WMI Microsoft Corporation C:\WINDOWS\System32\wbem\wmiapsrv.exe
winlogon.exe 848 7*316 K 4*556 K Aplikacja logowania systemu Windows NT Microsoft Corporation winlogon.exe
wdfmgr.exe 2004 1*500 K 1*808 K Windows User Mode Driver Manager Microsoft Corporation C:\WINDOWS\system32\wdfmgr.exe
System Idle Process 0 0 K 16 K
System 4 0 K 220 K
svchost.exe 1256 25*200 K 34*932 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe 1412 2*176 K 4*476 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k NetworkService
svchost.exe 1160 1*884 K 4*684 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost -k rpcss
svchost.exe 1092 2*928 K 4*780 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe 1424 2*552 K 4*668 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k eapsvcs
svchost.exe 1544 2*704 K 5*224 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
svchost.exe 1568 2*392 K 6*388 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k dot3svc
svchost.exe 132 1*176 K 3*404 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k LocalService
svchost.exe 552 1*564 K 3*448 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k HTTPFilter
svchost.exe 1528 2*632 K 4*772 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k imgsvc
spoolsv.exe 1796 3*008 K 4*560 K Spooler SubSystem App Microsoft Corporation C:\WINDOWS\system32\spoolsv.exe
smss.exe 764 176 K 404 K Menedżer sesji Windows NT Microsoft Corporation \SystemRoot\System32\smss.exe
skypePM.exe 396 15*472 K 19*592 K Skype Extras Manager Skype Technologies "C:\Program Files\Skype\Plugin Manager\skypePM.exe" /SILENT
scardsvr.exe 1868 856 K 2*624 K Smart Card Resource Management Server Microsoft Corporation C:\WINDOWS\System32\SCardSvr.exe
netdde.exe 192 1*016 K 2*892 K DDE sieci - komunikacja DDE Microsoft Corporation C:\WINDOWS\system32\netdde.exe
msdtc.exe 676 1*852 K 5*024 K MS DTC console program Microsoft Corporation C:\WINDOWS\System32\msdtc.exe
locator.exe 1312 952 K 2*660 K Rpc Locator Microsoft Corporation C:\WINDOWS\System32\locator.exe
konnekt.exe 796 11*464 K 21*400 K Konnekt - Core Stamina "C:\Program Files\Konnekt\konnekt.exe"
ekrn.exe 380 57*796 K 62*616 K ESET Service ESET "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
dmadmin.exe 2160 2*016 K 3*236 K Proces usługi Menedżera dysków logicznych Microsoft Corp., Veritas Software C:\WINDOWS\System32\dmadmin.exe /com
dllhost.exe 276 2*892 K 7*988 K COM Surrogate Microsoft Corporation C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
dllhost.exe 1904 1*504 K 4*916 K COM Surrogate Microsoft Corporation C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{B476F47C-F6AA-4604-86FC-522F04F2D5B4}
csrss.exe 820 1*452 K 4*276 K Client Server Runtime Process Microsoft Corporation C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
chrome.exe 2656 27*680 K 15*912 K Google Chrome Google Inc. "C:\Documents and Settings\Wiera\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe"
chrome.exe 3704 8*688 K 13*972 K Google Chrome Google Inc. "C:\Documents and Settings\Wiera\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" --type=extension --lang=pl --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/ --channel=2656.011AB780.465372230 /prefetch:3 --ignored=" --type=renderer "
chrome.exe 2848 18*212 K 26*132 K Google Chrome Google Inc. "C:\Documents and Settings\Wiera\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" --type=renderer --lang=pl --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/ --channel=2656.0415FA80.1947503952 /prefetch:3
chrome.exe 3760 2*920 K 6*316 K Google Chrome Google Inc. "C:\Documents and Settings\Wiera\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Documents and Settings\Wiera\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.57_0\npqslauncher.dll" --lang=pl --plugin-data-dir="C:\Documents and Settings\Wiera\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default" --channel=2656.056F444C.1468731433 /prefetch:4
alg.exe 240 1*168 K 3*580 K Application Layer Gateway Service Microsoft Corporation C:\WINDOWS\System32\alg.exe

Broni · Dec 2, 2010

What AV program are you running at the moment?

Try my post #21 again (disabling stuff) and post new PE log, after restart.

wiera · Dec 3, 2010

I'm using still nod32 trial version, waiting for it's trial expiration.
Below the log when no spikes occur, wow and skype ar on, cpu usage 5%... idle
In addition - spikes are now maybe 1 per day instead of 1 per minute, something was made, ther are very rare now
Redone #21 step. Only av is on on startup.

Process PID CPU Private Bytes Working Set Description Company Name Command Line
System Idle Process 0 95.74 0 K 16 K
procexp.exe 2096 3.10 14*392 K 18*612 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Documents and Settings\Wiera\Pulpit\procexp.exe"
System 4 0.39 0 K 220 K
services.exe 888 0.39 1*756 K 3*472 K Usługi i aplikacja Kontroler Microsoft Corporation C:\WINDOWS\system32\services.exe
DPCs n/a 0.39 0 K 0 K Deferred Procedure Calls
Wow.exe 1900 136*192 K 4*112 K World of Warcraft Retail Blizzard Entertainment "C:\Documents and Settings\Wiera\Pulpit\World of Warcraft\Wow.exe"
wmiprvse.exe 1464 2*368 K 4*880 K WMI Microsoft Corporation C:\WINDOWS\system32\wbem\wmiprvse.exe
wmiprvse.exe 2648 2*036 K 6*116 K WMI Microsoft Corporation C:\WINDOWS\system32\wbem\wmiprvse.exe
wmiapsrv.exe 2132 2*280 K 4*012 K Usługa karty wydajności WMI Microsoft Corporation C:\WINDOWS\System32\wbem\wmiapsrv.exe
winlogon.exe 844 6*376 K 3*096 K Aplikacja logowania systemu Windows NT Microsoft Corporation winlogon.exe
wdfmgr.exe 2024 1*500 K 1*808 K Windows User Mode Driver Manager Microsoft Corporation C:\WINDOWS\system32\wdfmgr.exe
svchost.exe 1096 3*040 K 4*844 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe 1164 1*896 K 4*672 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost -k rpcss
svchost.exe 1292 18*756 K 29*084 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe 1340 1*352 K 3*624 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k NetworkService
svchost.exe 1412 2*576 K 4*684 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k eapsvcs
svchost.exe 1612 2*728 K 5*228 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
svchost.exe 1632 2*412 K 6*412 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k dot3svc
svchost.exe 132 1*172 K 3*400 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k LocalService
svchost.exe 556 1*564 K 3*448 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k HTTPFilter
svchost.exe 1620 2*680 K 4*748 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k imgsvc
spoolsv.exe 1860 3*128 K 4*592 K Spooler SubSystem App Microsoft Corporation C:\WINDOWS\system32\spoolsv.exe
smss.exe 756 168 K 400 K Menedżer sesji Windows NT Microsoft Corporation \SystemRoot\System32\smss.exe
skypePM.exe 2856 15*444 K 19*316 K Skype Extras Manager Skype Technologies "C:\Program Files\Skype\Plugin Manager\skypePM.exe" /SILENT
Skype.exe 2016 68*552 K 80*788 K Skype Skype Technologies S.A. "C:\Program Files\Skype\Phone\Skype.exe"
scardsvr.exe 1908 856 K 2*624 K Smart Card Resource Management Server Microsoft Corporation C:\WINDOWS\System32\SCardSvr.exe
netdde.exe 188 1*016 K 2*888 K DDE sieci - komunikacja DDE Microsoft Corporation C:\WINDOWS\system32\netdde.exe
msiexec.exe 688 1*004 K 3*236 K Windows® installer Microsoft Corporation C:\WINDOWS\system32\msiexec.exe /V
msdtc.exe 668 1*904 K 5*048 K MS DTC console program Microsoft Corporation C:\WINDOWS\System32\msdtc.exe
lsass.exe 900 3*852 K 2*316 K LSA Shell (Export Version) Microsoft Corporation C:\WINDOWS\system32\lsass.exe
locator.exe 1364 952 K 2*660 K Rpc Locator Microsoft Corporation C:\WINDOWS\System32\locator.exe
Interrupts n/a 0 K 0 K Hardware Interrupts
explorer.exe 3460 10*792 K 20*028 K Eksplorator Windows Microsoft Corporation C:\WINDOWS\Explorer.EXE
ekrn.exe 380 57*788 K 62*060 K ESET Service ESET "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
egui.exe 3868 1*760 K 6*412 K ESET GUI ESET "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe"
dmadmin.exe 2240 1*932 K 3*132 K Proces usługi Menedżera dysków logicznych Microsoft Corp., Veritas Software C:\WINDOWS\System32\dmadmin.exe /com
dllhost.exe 276 2*944 K 8*028 K COM Surrogate Microsoft Corporation C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{02D4B3F1-FD88-11D1-960D-00805FC79235}
dllhost.exe 1936 1*528 K 4*928 K COM Surrogate Microsoft Corporation C:\WINDOWS\SYSTEM32\DLLHOST.EXE /PROCESSID:{B476F47C-F6AA-4604-86FC-522F04F2D5B4}
csrss.exe 816 1*460 K 4*032 K Client Server Runtime Process Microsoft Corporation C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
alg.exe 240 1*168 K 3*580 K Application Layer Gateway Service Microsoft Corporation C:\WINDOWS\System32\alg.exe

Edit
Now I'm watching video on on youtube in HD and its tearing without a spike (it was smooth earlier) and cpu usage goes up on chrome every 4-6 mins, without a cause. Drivers? Im sure its not overheat of vga.

Broni · Dec 3, 2010

OK, that PE log looks perfect.

cpu usage goes up on chrome every 4-6 mins, without a cause

How high does it go?
Did you try another browser to see, if same issue will happen?

wiera · Dec 3, 2010

Broni said: ↑

OK, that PE log looks perfect.

How high does it go?
Did you try another browser to see, if same issue will happen?

Yup, same on IE and FF. It goes up to 30-35% per tab (95% summary - 5% goes to system idle process). If I close any tab usage transfers to different one, If I close whole browser then usage jumps on random process.Recently I've rebooted pc and there are no spikes at all, video on hd little tearing, but I can bet that tomorrow they will be back... spikes

Broni · Dec 3, 2010

I looked again at your last PE log and I don't understand something.
You're supposed to disable all non-MS startups and services, but I still see things like WOW and Skype running. What gives?

wiera · Dec 4, 2010

Broni said: ↑

I looked again at your last PE log and I don't understand something.
You're supposed to disable all non-MS startups and services, but I still see things like WOW and Skype running. What gives?

Non-ms startups and services are disabled - wow is game in which spikes are experienced the most. Possibly wow is the problem or its closely related, but I want to obviate other possibilities. Spike doesnt happen on idle deskopt when nothing is running. I hope You understand my point of view.

Broni · Dec 4, 2010

No. Neither Skype, or WOW are MS items, so they should be disabled before posting PE log.
I want PE log, when only MS startups and services are running.

TechSpot

[Solved] Random CPU spikes while idle, possible connection with WoW [game]

Broni Malware Annihilator

wiera Newcomer, in training

Broni Malware Annihilator

wiera Newcomer, in training

Broni Malware Annihilator

wiera Newcomer, in training

Broni Malware Annihilator

wiera Newcomer, in training

Broni Malware Annihilator

wiera Newcomer, in training

Broni Malware Annihilator