30-40% CPU Usage in Windows XP

[ShazamKnight]

Basically I just did a fresh install of Windows XP Professional and my CPU USage is 30-40% when it is idle with only the basics as startup programs. NO idea why.

My system is,
Mainboard - GA-MA770-DS3
RAM - 4GB G.SKill
Video Card - Radeon HD 5670
Processor - AMD Athlon 64 X2 6000+
Hard Drive - Seagate 7200 RPM 500GB

I'm attaching a Screenshot of my processes running.

If you need any more info lemme know!

 

[ShadeTreeTech]

Basically I just did a fresh install of Windows XP Professional and my CPU USage is 30-40% when it is idle with only the basics as startup programs. NO idea why.

My system is,
Mainboard - GA-MA770-DS3
RAM - 4GB G.SKill
Video Card - Radeon HD 5670
Processor - AMD Athlon 64 X2 6000+
Hard Drive - Seagate 7200 RPM 500GB

I'm attaching a Screenshot of my processes running.

http://s1217.photobucket.com/albums...tion=view&current=processes_and_cpu_usage.jpg

If you need any more info lemme know!

click on the "show processes for all users" box to show the rest of your items that are running in the background. If it is a fresh install of XP, it is likely windows updates are running. Failing that, use Kapersky's TDSSKiller (rootkit killer - free) to check for a rootkit. You can also use something like Hijack This (again - free) to see what all is starting/running on your computer. Hijack This is a powerful tool, but can cause damage to windows if you delete something needed for windows to operate.

Small side note, from the picture this looks like Win7... not that it would change my answer.

Good luck!

 

[ShazamKnight]

Okay, I ran Kaspersky's TDSSKiller and no infections were found

[Processes from all users.]

Hijack This gave me a log file that says this:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:56:51 AM, on 6/25/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Documents and Settings\Shazam\My Documents\Downloads\Programs\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favorites
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 5510 bytes

 

[ShazamKnight]

So I ran Process Explorer and discovered that the problem I'm having now is the same as before when I had Windows 7 64 bit running, System Interrupts is the culprit, more specifically it was the USBPORT.sys causing the Interrupts (Before I installed XP).
Anyone know what to do here?

UPDATE: I disabled my wireless card to stop it from connecting to the router as I've read that a router/modem can cause high interrupts and that didn't help at all.

 

[ShazamKnight]

So if I uninstall all my USB Drives under USB Controllers then reboot my computer the interrupts go back to <0.01% of the CPU, this is working for now. I'll update this if it goes back.

 

[ShazamKnight]

It's back to sucking up my CPU. :\

 

[ShazamKnight]

I think I narrowed it down to a couple bad USB ports.

 

[popatim]

You know for a fresh install of XP you sure have alot of crap running...

 

[ShazamKnight]

I reinstalled most of it as soon as updates were done. But like I said, I narrowed the problem down to the USBPORT.sys, which went away when i stopped using these 2 usb ports on the main board, working for now.

 

[ShazamKnight]

aaaaaaaaaand its doing it again, on different USB ports.

 

[ShazamKnight]

Best answer selected by ShazamKnight.

 

[popatim]

Did you do a full format , wipe the drives clean before installing? This sure smells like a virus searching for gold.

edit - You're HJT logfile looks clean. It could be a rootkit or you actually have an IRQ conflict with something else.