Trend Micro – Unmasking Fake Anti-virus

Here is some interesting information that Trend Micro has put together on how the fake anti-virus programs trick a lot of people to not only install it, but to think it is legitimate AV.

January 25th, 2011 | Leave a Comment

System CPU Usage

I was troubleshooting an issue on an SBS 2003 Premium server today when I noticed that the CPU usage seemed to be higher than normal on a consistent basis.  While it was only hovering about 20-30% (2 Dual-Core processors), it was consistent and did not dip below that level. 

I found a helpful blog post ( that pointed me in the direction of KernRate, which turned out to be exactly what I needed to track the problem down.

After running KernRate for about a minute, it showed intelppm at 57%, ntkrnlpa at 25%, and vsapint at 10%.  From looking around on the Internet it looked like intelppm is an internal power management feature of the cpu, ntkrnlpa is the kernel, and vsapint was a trend micro system process (Trend Micro Worry Free Advanced is installed).  The first two items were probably not the culprit so I killed the Realtime scan in services and the System process went back down to a normal level.  After starting the realtime scan process again, after a minute or two the cpu usage spiked again. 

The server is not set to scan during the day.  The trend micro systray icon shows that it is not currently scanning.  However it is obviously doing something.

We’ll be contacting Trend Micro support tomorrow to follow up on this problem.  Unfortunately, it seems par for the course with the kernel memory usage problems, startup items that need to be stopped, and ip stack corruption that I am really losing trust in this product. 

September 17th, 2008 | Leave a Comment

Powered by WordPress | Blue Weed by Blog Oh! Blog | Entries (RSS) and Comments (RSS).