Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

wmiprvse.exe using 100% CPU/ how to fix?


  • Please log in to reply
6 replies to this topic

#1 JUICYboy

JUICYboy

  • Members
  • 537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Anaheim, Ca
  • Local time:11:54 AM

Posted 26 January 2010 - 08:38 PM

Okay:
The wmiprvse.exe is using 100% of CPU and it is making my computer SLOOOOOWWW, its A

Dell, Intel PDC, 4 Ram, 250GB.

I have tried removing the file but it is a sys32 file and access is denied. I will try to remove in SafeMode.

Does anyone know about this prob. and how can it be fixed?

P.s. I will post up my results of DEL file in safemode// :thumbsup:

BC AdBot (Login to Remove)

 


#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:54 AM

Posted 26 January 2010 - 08:43 PM

I do not know how to fix your problem but unless that file is not located in the Windows/System32 folder I do not recommend that you remove that file, it is needed

Edited by Stang777, 26 January 2010 - 08:46 PM.


#3 JUICYboy

JUICYboy
  • Topic Starter

  • Members
  • 537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Anaheim, Ca
  • Local time:11:54 AM

Posted 26 January 2010 - 08:56 PM

Yea it you are right it can't be done that way. But I found more info it is
Called
The Sasser Warm
Now I got to find out how to remove.

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,289 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:54 AM

Posted 26 January 2010 - 09:27 PM

I believe that size and location...are the only two criteria that allow a user to determine if a a file is what it appears to be.

http://www.neuber.com/taskmanager/process/wmiprvse.exe.html

Louis

#5 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:54 AM

Posted 26 January 2010 - 09:55 PM

Where on your system are you finding the wmiprvse.exe file?

What is making you think that it is the Sasser worm?

Have you scanned for malware/spyware using Malwarebytes or SuperAntiSpyware and have you ran any virus scans? If not, you should do that next.

There are reasons other than virus/malware for it to be using that much of your CPU. Have you recently done any updates to Windows?

#6 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:54 AM

Posted 26 January 2010 - 09:59 PM

Louis, all I see on the page you linked to are basically ads, is there suppose to be more information on it?

It shows to run a registry booster, spyware doctor and some other program and I find it hard to believe that is what you intended to be done, is it?

#7 JUICYboy

JUICYboy
  • Topic Starter

  • Members
  • 537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Anaheim, Ca
  • Local time:11:54 AM

Posted 27 January 2010 - 11:51 AM

Yea I ran the MalBites Software and No infections found.\

I research on Microsoft they have a patch out there for this type of issue. So I will try updates today I don't think is a Sasser Warm but I will Run a scan for it anyways because wmiprvse.exe is the folder that is giving me issues, and research shows that from the same place a Sasser Warm lurks.
So it leads me to conclude there might be a Sasser Warm in that Sys32/Wbem file.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users