Trend Micro Worry Free causing System process (PID 4) to hog CPU cycles
Hello,
We have a Windows SBS 2003 network in our own office. The server also runs Trend Micro Worry Free Business Security Advanced v5.1 Build 1142 with two client computers attached (one wired Windows XP Pro, one wireless Windows Vista Business). Both computers exhibit a problem where the CPU cycles reach close to 100%, and both show "System" with a PID 4 hogging the cycles (JPG picture attached). This can occur for a couple minutes up to several hours, where the computer's CPU runs high and you can hear the fans spinning as fast as they can. Both computers are free of viruses and spyware as scans from Trend, and several other antivirus and anti-spyware utilities have shown.
Troubleshooting running processes and applications has led me to remove the Trend client from one computer, then both computers. Both computers stop running high CPU cycles with Trend removed and then System PID 4 starts grabbing CPU cycles almost immediately when re-installing the Trend client. Also, there are no scheduled scans set to run when the computers login, so Trend is not running a scan when the CPU cycles are high.
Besides looking for a newer version of Trend WFBS to install, or dumping Trend and installing something else, does anyone have any suggestions on how to solve this? We have numerous clients using Trend WFBS and nobody has reported this problem. Searching the web, I find no mention of it either. I can't possibly be the only one with this issue, can I? Am I being fooled by the CPU calming down when the Trend client is removed?
The system just calmed down before I ran HijackThis. Here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:45:24 PM, on 3/14/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\tasken
C:\Windows\system32\Dwm.ex
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\w
C:\Program Files\Java\jre6\bin\jusche
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.e
C:\Program Files\Skype\Phone\Skype.ex
C:\Program Files\Common Files\Intuit\QuickBooks\QB
C:\Windows\System32\mobsyn
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mstsc.
C:\Program Files\Trend Micro\HijackThis\HijackThi
C:\Windows\system32\Search
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-0
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-0
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusche
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [OE] C:\Program Files\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.e
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.e
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.ex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QB
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustom
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillFo
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowTo
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePa
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-0
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-0
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.autotask.com
O16 - DPF: {00134F72-5284-44F7-95A8-5
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0
O16 - DPF: {0E5F0222-96B9-11D3-8997-0
O16 - DPF: {254AA86E-5655-4518-AA87-1
O16 - DPF: {2685176A-3502-47BB-B91D-B
O16 - DPF: {2F30081A-076B-4BD4-A6B7-5
O16 - DPF: {35C3D91E-401A-4E45-88A5-F
O16 - DPF: {485D813E-EE26-4DF8-9FAF-D
O16 - DPF: {4EFA317A-8569-4788-B175-5
O16 - DPF: {69B502DF-D12F-4FD7-9892-D
O16 - DPF: {9BBB3919-F518-4D06-8209-2
O16 - DPF: {9BBB3919-F518-4D06-8209-2
O16 - DPF: {9DCD8EB7-E925-45C9-9321-8
O16 - DPF: {9DCD8EB7-E925-45C9-9321-8
O16 - DPF: {A050E865-64E3-431B-8079-F
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-E
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {E78DE03F-DC83-40DB-B590-8
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B
O17 - HKLM\System\CCS\Services\T
O17 - HKLM\Software\..\Telephony
O17 - HKLM\System\CS1\Services\T
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1
O23 - Service: Advanced Monitoring Agent - Remote Monitoring - C:\PROGRA~1\ADVANC~1\winag
O23 - Service: Advanced Monitoring AutoUpdate - Unknown owner - C:\PROGRA~1\ADVANC~1\updat
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDev
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponde
O23 - Service: Sprint Con App Svc (CASprint) - Unknown owner - C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkSe
O23 - Service: Google Update Service (gupdate1c8fa2d86440862) (gupdate1c8fa2d86440862) - Google Inc. - C:\Program Files\Google\Update\Google
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FC
O23 - Service: SonicWall VPN Client Service (RampartSvc) - SonicWALL, Inc. - C:\Program Files\SonicWALL\SonicWALL Global VPN Client\RampartSvc.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - Unknown owner - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe
O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
--
End of file - 11006 bytes
Thanks for your insight!
Jeff
SystemPID4.JPG
We have a Windows SBS 2003 network in our own office. The server also runs Trend Micro Worry Free Business Security Advanced v5.1 Build 1142 with two client computers attached (one wired Windows XP Pro, one wireless Windows Vista Business). Both computers exhibit a problem where the CPU cycles reach close to 100%, and both show "System" with a PID 4 hogging the cycles (JPG picture attached). This can occur for a couple minutes up to several hours, where the computer's CPU runs high and you can hear the fans spinning as fast as they can. Both computers are free of viruses and spyware as scans from Trend, and several other antivirus and anti-spyware utilities have shown.
Troubleshooting running processes and applications has led me to remove the Trend client from one computer, then both computers. Both computers stop running high CPU cycles with Trend removed and then System PID 4 starts grabbing CPU cycles almost immediately when re-installing the Trend client. Also, there are no scheduled scans set to run when the computers login, so Trend is not running a scan when the CPU cycles are high.
Besides looking for a newer version of Trend WFBS to install, or dumping Trend and installing something else, does anyone have any suggestions on how to solve this? We have numerous clients using Trend WFBS and nobody has reported this problem. Searching the web, I find no mention of it either. I can't possibly be the only one with this issue, can I? Am I being fooled by the CPU calming down when the Trend client is removed?
The system just calmed down before I ran HijackThis. Here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:45:24 PM, on 3/14/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\tasken
C:\Windows\system32\Dwm.ex
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\w
C:\Program Files\Java\jre6\bin\jusche
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.e
C:\Program Files\Skype\Phone\Skype.ex
C:\Program Files\Common Files\Intuit\QuickBooks\QB
C:\Windows\System32\mobsyn
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mstsc.
C:\Program Files\Trend Micro\HijackThis\HijackThi
C:\Windows\system32\Search
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-0
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-0
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusche
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [OE] C:\Program Files\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.e
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.e
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.ex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QB
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustom
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillFo
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowTo
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePa
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-0
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-0
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.autotask.com
O16 - DPF: {00134F72-5284-44F7-95A8-5
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0
O16 - DPF: {0E5F0222-96B9-11D3-8997-0
O16 - DPF: {254AA86E-5655-4518-AA87-1
O16 - DPF: {2685176A-3502-47BB-B91D-B
O16 - DPF: {2F30081A-076B-4BD4-A6B7-5
O16 - DPF: {35C3D91E-401A-4E45-88A5-F
O16 - DPF: {485D813E-EE26-4DF8-9FAF-D
O16 - DPF: {4EFA317A-8569-4788-B175-5
O16 - DPF: {69B502DF-D12F-4FD7-9892-D
O16 - DPF: {9BBB3919-F518-4D06-8209-2
O16 - DPF: {9BBB3919-F518-4D06-8209-2
O16 - DPF: {9DCD8EB7-E925-45C9-9321-8
O16 - DPF: {9DCD8EB7-E925-45C9-9321-8
O16 - DPF: {A050E865-64E3-431B-8079-F
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-E
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {E78DE03F-DC83-40DB-B590-8
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B
O17 - HKLM\System\CCS\Services\T
O17 - HKLM\Software\..\Telephony
O17 - HKLM\System\CS1\Services\T
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1
O23 - Service: Advanced Monitoring Agent - Remote Monitoring - C:\PROGRA~1\ADVANC~1\winag
O23 - Service: Advanced Monitoring AutoUpdate - Unknown owner - C:\PROGRA~1\ADVANC~1\updat
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDev
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponde
O23 - Service: Sprint Con App Svc (CASprint) - Unknown owner - C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe (file missing)
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkSe
O23 - Service: Google Update Service (gupdate1c8fa2d86440862) (gupdate1c8fa2d86440862) - Google Inc. - C:\Program Files\Google\Update\Google
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FC
O23 - Service: SonicWall VPN Client Service (RampartSvc) - SonicWALL, Inc. - C:\Program Files\SonicWALL\SonicWALL Global VPN Client\RampartSvc.exe
O23 - Service: Sprint RcAppSvc (SprintRcAppSvc) - Unknown owner - C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe
O23 - Service: Trend Micro Client/Server Security Agent Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
--
End of file - 11006 bytes
Thanks for your insight!
Jeff
SystemPID4.JPG
ASKER
Soundguymike: I assume you mean to disable it on the main server console so the setting gets dished out to each workstation? Just want to make sure I'm following your instructions correctly.
ASKER
Soundguymike: I just checked our settings and the Trend firewall is not active on the server or the desktops.
Any other thoughts?
Any other thoughts?
We have the same problem here ...
Updated to the latest version (5.1), still the same problem.
Although we don't have the problem on all clients (different locations).
I'me not 100% sure, but I don't think XP machines have that problem.
Trendmicro doesn't give us solutions .... .
Updated to the latest version (5.1), still the same problem.
Although we don't have the problem on all clients (different locations).
I'me not 100% sure, but I don't think XP machines have that problem.
Trendmicro doesn't give us solutions .... .
ASKER
I have the same problem with version 3.6 and 5.1. Both on XP Pro and Vista Business. I can stop the problem if I unload the Trend client. Very frustrating!
Anyone else have any ideas what's up?
Anyone else have any ideas what's up?
I found the solution!
you need to uninstall the 'Altiris' software from the HP machines.
you need to uninstall the 'Altiris' software from the HP machines.
ASKER
Suppsaws: I'm glad that works for you, but I have HP and Dell computers that show the same problem. Plus the HP doesn't have the Altiris software installed. Guess I'll have to keep searching for a solution!
@JAStillwell, I notice your list of running processes includes Diskeeper. I experienced the same problem (pid 4, the system process, using high CPU). As soon as I stopped the Diskeeper service, the problem went away. Let us know if that solves it for you.
ASKER
Carehart: I just noticed that about 10 minutes ago on my laptop and thought "I wonder if Diskeeper is causing a problem?". Weird. However, I have two computers (one Vista and one XP Pro) and only one of them has Diskeeper running on it (the Vista machine), however, both have the System PID 4 high cpu problem.
In my previous troubleshooting, I compared the installed software on both, pared down to the bare minimum on both, and narrowed the issue down to Trend Micro Worry Free client software. I can replicate the problem by installing or uninstalling the Trend client software 100% of the time. It would be nice to know what it is doing or what it is conflicting with. If I had Diskeeper installed on both, I would be excited by your idea, but oh well...back to the drawing board.
:)
In my previous troubleshooting, I compared the installed software on both, pared down to the bare minimum on both, and narrowed the issue down to Trend Micro Worry Free client software. I can replicate the problem by installing or uninstalling the Trend client software 100% of the time. It would be nice to know what it is doing or what it is conflicting with. If I had Diskeeper installed on both, I would be excited by your idea, but oh well...back to the drawing board.
:)
Well, it's just that both do background operations that are nearly constantly running, it would seem. I don't run TM, but looking at its site, it seems a security solution. DK is of course a full-time disk defrag solution. Both clearly have the goal of doing their job all the time. Now, it's interesting, I'm running DK 2009, and one of its features is "InvisiTasking", so that it should not be using resources heavily while I am, but it just hasn't proven to work out as expected, obviously.
As for your challenge, I guess you want to know what specifically TM is doing that is taking resources. We'll have to leave that for others.
As for your challenge, I guess you want to know what specifically TM is doing that is taking resources. We'll have to leave that for others.
ASKER
I replaced the Trend client with AVG Free edition on one of the computers (laptop running Vista Business on the domain). So far, no System PID 4 100% CPU usage.
What's odd to me is that with as popular as Trend is in corporate environments that I would be one of just a couple people having this issue. I'm not running really weird apps. Things like QuickBooks 2007, Microsoft Office 2007, IE7, Firefox. The only odd one I can think of that's consistent across both computers is RoboForm for password management.
What's odd to me is that with as popular as Trend is in corporate environments that I would be one of just a couple people having this issue. I'm not running really weird apps. Things like QuickBooks 2007, Microsoft Office 2007, IE7, Firefox. The only odd one I can think of that's consistent across both computers is RoboForm for password management.
ASKER
I setup a new HP EliteBook 8530w running Windows 7 RC. Running Trend WFBS v5 client with no issues thus far. I would like to know why we have had problems with the older, slower Windows Vista Business and Windows XP Pro computers, though.
Hi,
Update below registry. this will solve the issue
rgd,
abhi
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM
"Start"=dword:00000004
Update below registry. this will solve the issue
rgd,
abhi
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM
"Start"=dword:00000004
[HKEY_LOCAL_MACHINE\SYSTEM
"Start"=dword:00000004
ASKER
We just got a possible solution from BMAREDTAG, so please don't delete this thread!
ASKER
Abhi,
I made those registry adjustments and System (PID 4) is still using anywhere from 25% to 65% of the CPU at any given time. The computer is not using 100% of the CPU cycles, but it's using more than it should as the computer I am trying this on is not actively being used.
I'll keep monitoring to see if the CPU usage slows down.
Jeff
I made those registry adjustments and System (PID 4) is still using anywhere from 25% to 65% of the CPU at any given time. The computer is not using 100% of the CPU cycles, but it's using more than it should as the computer I am trying this on is not actively being used.
I'll keep monitoring to see if the CPU usage slows down.
Jeff
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
SoundsGuyMike,
I just had a chance to try this. Hopefully it works!
Thanks,
Jeff
I just had a chance to try this. Hopefully it works!
Thanks,
Jeff
I have uninstalled the Symantec Virtualization Agent on my HP desktops... and ever since, my problem have disappeared.
On HP laptops this software was not installed, so I deducted this into uninstalling this on my desktops - which did solve my problem.
Symantec Virtualization Agent = Altiris SVS
On HP laptops this software was not installed, so I deducted this into uninstalling this on my desktops - which did solve my problem.
Symantec Virtualization Agent = Altiris SVS
I try to delete database but system process still gets high cpu. If I disable or uninstall client agent cpu usage goes down, but after reboot or enabled system process takes cpu again. I get the problem only in Windows 7 Business, XP or Vista works without problem.
PD:I update worry free server to last version.
PD:I update worry free server to last version.
Try disabling the trend micro firewall.