Improve company productivity with a Business Account.Sign Up

x
?
Solved

Virus increase CPU usage!

Posted on 2004-09-20
12
Medium Priority
?
1,402 Views
Last Modified: 2012-05-05
Hi, What is the new virus that increase CPU usage all the time and how can I get rid from it using Norton anti-virus?

Thanks.
0
Comment
Question by:Abdu_Allah
11 Comments
 
LVL 4

Expert Comment

by:tekchic
ID: 12102391
Hi Abdu_Allah,

What process is taking up all the CPU usage?  Also here's a link where Norton can be guilty of doing the same: http://www.experts-exchange.com/Applications/Viruses/Q_20716363.html

.: tekchic :.
0
 
LVL 3

Author Comment

by:Abdu_Allah
ID: 12102829
>What process is taking up all the CPU usage?
SVCHOST.EXE
0
 
LVL 3

Author Comment

by:Abdu_Allah
ID: 12102845
>Norton can be guilty of doing the same.

Noway, I have installed Norton for more than 2 years, but this problem is new.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
LVL 4

Accepted Solution

by:
tekchic earned 100 total points
ID: 12103996
Here are a few links I found regarding the 100% CPU cycles usage on SVCHOST.EXE.

http://ask-leo.com/svchost_and_svchostexe_crashs_cpu_maximization_viruses_exploits_and_more.html

There's also the "Welchia Worm".....
According Symantec, it produces itself as:
%System%\Wins\Dllhost.exe, then copies itself to your system folder.  Then %System%\Dllcache\Tftpd.exe is cloned as %System%\Wins\svchost.exe

I know this is a basic question, but are all your Norton files up to date?  Personally, I don't think Norton catches "everything".  I use a mixture of both spyware removal tools and virus scanners.  An online one that's free that you might want to try is at http://housecall.antivirus.com.  It doesn't install to your machine, it just runs it online.  I've had it detect worms that Norton missed even after Norton was updated.

Good luck.
0
 
LVL 4

Expert Comment

by:gemchest
ID: 12119803
Hi Abdu_allah,

Do you have your indexing function switched on? cos if it's on and you've just install some big programs, your computer resource will shot like crazy and seems to be hanging up.

to switch this function off, goto control panel>administraive tools>services
switch off "indexing service" and change "startup type" to manual.

reboot the com and should be fine.

cheers,
Luis
0
 
LVL 3

Author Comment

by:Abdu_Allah
ID: 12120931
gemchest, "indexing service" is already off!

Without any doubt this is a virus and the norton can not see it!
This problem appear if I open the Internet connection and it is continue even if I disconnect.

Thanks.
0
 
LVL 6

Expert Comment

by:akboss
ID: 12137243
Try downloading this free A/V.
AVG
http://www.grisoft.com/us/us_dwnl_free.php

Shut norton down and run this one in safe mode after you have run the updater.

They are really good about getting updates out as fast or faster than norton has.
0
 
LVL 6

Expert Comment

by:acmp
ID: 12142044
svchost is usuall a valid windows componant. But I'd check with PrcView (http://www.prcview.com)

This lets you see the path to the image that is running, very useful. The valid svchost runs from c:\windows\system32 the fake ones tend to run from c:\windows or another 'not system32' folder

If you do have a fake svchost and you AV didn't spot it then I'd change AV (or at least update it and try again)

As no one has mentioned it a good first check is stinger (http://vil.nai.com/vil/stinger). It's a free DL and check for the 30-50 latest 'popular' viruses. NAI update it very regularly so I DL it whenever I think it'll be useful.

If stinger and your chosen AV fail to notice anything then the chances are you don't have a virus.

A hijackthis log may help us to assist further.

acmp<><
0
 
LVL 1

Expert Comment

by:Pete Barr
ID: 12146064
how long is  a piece of string!
0
 
LVL 4

Expert Comment

by:tekchic
ID: 12147522
petebarr -- What the heck are you talking about?
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question