[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

conhost.exe CPU is almost 99%

Posted on 2011-09-02
11
Medium Priority
?
3,809 Views
Last Modified: 2012-05-12
My computer is very slow. I look at the Processes running and I see that conhost.exe is running at96=99% of the CPU. . what is? Malware?  Virus? Using Windows XP with Outlook 2010 running.  . .
0
Comment
Question by:Starquest321
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 28

Accepted Solution

by:
burrcm earned 400 total points
ID: 36477081
conhost is a process introduced in Vista and Win7. In XP it is likely a virus/trojan. Search for the executable file. If it is anywhere but system32 it is definitely a bug. Give Malwarebytes a run.

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

Chris B
0
 
LVL 28

Expert Comment

by:burrcm
ID: 36477429
Notwithstanding the uninformative and misdirected copy and paste above, conhost.exe is not part of XP and should be dealt with accordingly.

The use of a registry cleaner is almost never a good idea. Most do not do what is advertised and generally will make any problem worse.

Chris B
0
 
LVL 30

Assisted Solution

by:IanTh
IanTh earned 400 total points
ID: 36477516
malware :
http://en.wikipedia.org/wiki/Malware

I have seen virus and malware / trogens appearing more and more in the last 12 months
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
LVL 30

Expert Comment

by:Dr. Klahn
ID: 36478143
Recommend you download a copy of Microsoft Autoruns and run it on the afflicted system.  This will tell you where the offending program is located, how it is being started, and allow you to disable it from being run at startup.
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 800 total points
ID: 36486807
The symptom as you have described it is almost certainly due to Malware, as already stated above, and Malwarebytes(MBAM) may well resolve it.
Run MBAM in normal mode.

Tutorial, if required:
http://www.bleepingcomputer.com/forums/lofiversion/index.php/t169669.html

If MBAM won't run, download and run Rkill first.
Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools:
http://www.technibble.com/rkill-repair-tool-of-the-week/

Do not re-boot after running Rkill, then run MalwareBytes.

An alternative to Rkill is Rogue-Killer.  Here is a good instructive article:
http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html 

If MBAM still doesn't resolve it, try running TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

Download the file TDSSKiller.zip and extract it into a folder
Execute the file TDSSKiller.exe.
Wait for the scan and disinfection process to be over.
Close all programs and press “Y” key to restart your computer.
Please post the resulting log here.

More detail TDSSKiller tutorial:
http://support.kaspersky.com/viruses/solutions?qid=208280684
0
 

Author Comment

by:Starquest321
ID: 36493559
So this is the first time I installed malwarebytes - and it keeps "blocking" access to potentially malicious sites. Which software is trying to access it? HOw can I tell?
0
 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 400 total points
ID: 36499327
There could be some process (created by Virus/Malware) in the background which is trying to get the access to the Malicious sites.

You would need to run the full system scan with MalwareBytes to clean the system as suggested above by various experts.
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 36501072
You can trust Malwarebytes(MBAM) but remember, if you are unable to run MBAM, run Rkill or Rogue-Killer first, and do not re-boot after running either of them.

As requested earlier please post the MBAM and TDSSKiller logs here, it will help us to identify your problem.
0
 

Author Comment

by:Starquest321
ID: 36501092
The problem was so bad - I had to simply format the machine. What I don't understand is what advantage does the malware have over a virus? Does my computer send out spam or is it just damage?
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 800 total points
ID: 36501121
>Does my computer send out spam or is it just damage<

The problem can be for a number of reasons, but usually a computer can be disinfected and not require a re-format ...sorry you had to do that.

You may find that some of the explanations in these two links will be helpful>
http://en.wikipedia.org/wiki/Malware
http://en.wikipedia.org/wiki/Computer_virus
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month19 days, 7 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question