Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: cmd.exe high CPU


07 Feb 2013   #1

Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
 
 
cmd.exe high CPU

Occasionally it happens that Cmd.exe is causing high CPU of 100%
The file exists in the correct folder.
With the task-manager I dropped it off and CPU returned to normal.

Now I disabled cmd.exe with Start/ cmd/ gpedit.msc / local policy / system etc.

Lets see what happens.

Is there a way to trace which application starts this annoying problem with cmd.exe ?

My Pc runs on Windows 7 64 bits.
It seems to be a more frequent problem on the internet.
Any solutions are welcome.


My System SpecsSystem Spec
.

07 Feb 2013   #2

Windows 7 Pro. 64/SP-1
 
 

My System SpecsSystem Spec
07 Feb 2013   #3

Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

Thank you for your reply Layback Bear.

I really found three key's in the registry with reg seeker which contained that particular filename. igfxupdate.exe
However it seems to belong to an Intel Update service?
What is igfxupdate.exe ? | System Explorer

File details of most used file with name "igfxupdate.exe"

Product:
Intel Graphics Properties
Company:
Intel Corporation
Description:
Updater Service
Version:
8.15.10.2622
MD5:
4c2b0369b42a7e4b0e1e3077956da98b
SHA1:
20360c1e7d0a1f3e283124f87a1536793b85db1e
SHA256:
7c558047df7337a545abc1fabb6d845447f5608d3eaddbe9a61077e1a028a020
Size:
269824
Directory:
C:\Windows\SysWOW64
Operating System:
Windows 7
Discovered:
November 23, 2012
- See more at: What is igfxupdate.exe ? | System Explorer

How can I find out that's a troyan or trusted file?
I'm using AVG internet-security.


One other thing is that cmd.exe has a permission on trusted installer?
Normally cmd.exe should not start unless I want it to.
My System SpecsSystem Spec
.


07 Feb 2013   #4

Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
 
 

Quote   Quote: Originally Posted by Bernardus View Post
How can I find out that's a troyan or trusted file?
You can upload files to VirusTotal for analysis.
https://www.virustotal.com/
My System SpecsSystem Spec
07 Feb 2013   #5

Windows 7 Pro. 64/SP-1
 
 

This has helped other members.
CPU stuck @ 100% unless task manager is open

Did you go to the Microsoft site and posted in my post #2 and read this? Please let us know what you have done and what has worked.


Ishurean replied on

Here's the step by step if you're not into computers.


1/ Open the Task Manager (and let if open)
2/ Go in C:\Windows\System32 and delete "igfxupdate.exe"
3/ Go in C:\Windows\SysWOW64 and check if "igfxupdate.exe" is also here, if yes delete it
4/ Open the windows services management console
Start > Execute > services.msc or Start > type "services.msc" in the search bar (Windows 7)
5/ Look for "Search Indexer" -> Right click -> Properties and change the "Automatic" into "Disabled"
6/ Reboot
7/ Open the Windows CMD as an Administrator
Start > type "cmd" in the search bar (Windows 7) -> Right click -> Run as an Administrator
8-> Type "sc delete SearchIndexer" then hit Enter


And you're done !
My System SpecsSystem Spec
08 Feb 2013   #6

Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

After scanning the pc with several Malware or Adware software no result for cmd.exe.
It appeared this morning again.
Followed off course your advice which I have found earlier on the net.

Windows search has been disabled now. (indexing)

However I can't find a file igfxupdate.exe as you mentioned not even with unhiding mapoptions
In the registry I found three entries. If I can safely delete them??? I backed them up just in case.
Have to read your further links.

Thank you so far for your reply.
My System SpecsSystem Spec
08 Feb 2013   #7

Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

Thanks to your help I may have found something nasty.
A Keygenerator was causing intermitted cmd.exe.
It was continuously active in the Temp File?
Even hard to remove while running.
But with ASC. I scrambled the whole file to piece's.
Something like an activation of which no further file could be found?
That was correct, that software was not installed on my PC.
I'm not even using that version.

Hope that is solves the matter.
My System SpecsSystem Spec
08 Feb 2013   #8

Windows 7 Pro. 64/SP-1
 
 

Advanced System Care in my opinion is a NO NO. It causes more problems than it helps. Many won't use AVG either. I would recommend MSE for your antivirus.
Microsoft Security Essentials - Microsoft Windows

I would also run these to check if anything else is hiding in your system. Many times infections like this let their buddy infection in the backdoor.
Malwarebytes

Free Online Virus Scanner | ESET

Let us know how thing go and what is found if any.
My System SpecsSystem Spec
09 Feb 2013   #9

Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
 
 

All I found was that particular generator itself.
This morning it started again wit a find.exe *32, a script.exe and cscript.exe 110%CPU
Trying to change a non existent file.
I could locate it thanks to your explorer program.
Removed all the entries out of the register en deleted the gen. file afterwards.
Hope this will be the end of the trouble.
At least I'm on trail of something particular.
My System SpecsSystem Spec
09 Feb 2013   #10

Windows 7 Pro. 64/SP-1
 
 

This might be of some help. Please read.

Encyclopedia entry: Worm:Win32/Bofra.E@mm - Learn more about malware - Microsoft Malware Protection Center
---------------------------------------------------------
How to get rid of the .exe*32 file that infects programs | PC Help Forum

Win32.Bofra.E

Not to be mistaken for a critical System 32 file, the 32.exe file is actually a worm which has become notorious for its widespread infection via email. The file preys on our instinct not to touch important looking files, and it also comes with a generator function that will place a random set of characters before the 32.exe. This is to dissuade people from searching the file by name and finding a fix for the problem.
The 32.exe virus is officially referred to as a Win32.Bofra.E. It copies itself to the System directory but you will need to look closely to find it as there’s no easy way of telling what the prefix to the file will be.
The nature of the Win32.Bofra.E is that it is designed to re-spawn when you boot from scratch. If you don’t remove the registry entries that trigger the virus in to life, you will be simply removing it temporarily until the next start up.
----------------------------------------
This could also help. Win32.Bofra.E has been around for a while so the scans I suggested should find it.
Windows Defender Offline
My System SpecsSystem Spec
Reply

 cmd.exe high CPU




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:19 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33