conhost.exe CPU is almost 99%

My computer is very slow. I look at the Processes running and I see that conhost.exe is running at96=99% of the CPU. . what is? Malware?  Virus? Using Windows XP with Outlook 2010 running.  . .
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

conhost is a process introduced in Vista and Win7. In XP it is likely a virus/trojan. Search for the executable file. If it is anywhere but system32 it is definitely a bug. Give Malwarebytes a run.

Chris B

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Notwithstanding the uninformative and misdirected copy and paste above, conhost.exe is not part of XP and should be dealt with accordingly.

The use of a registry cleaner is almost never a good idea. Most do not do what is advertised and generally will make any problem worse.

Chris B
malware :

I have seen virus and malware / trogens appearing more and more in the last 12 months
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

Dr. KlahnPrincipal Software EngineerCommented:
Recommend you download a copy of Microsoft Autoruns and run it on the afflicted system.  This will tell you where the offending program is located, how it is being started, and allow you to disable it from being run at startup.
The symptom as you have described it is almost certainly due to Malware, as already stated above, and Malwarebytes(MBAM) may well resolve it.
Run MBAM in normal mode.

Tutorial, if required:

If MBAM won't run, download and run Rkill first.
Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools:

Do not re-boot after running Rkill, then run MalwareBytes.

An alternative to Rkill is Rogue-Killer.  Here is a good instructive article: 

If MBAM still doesn't resolve it, try running TDSSKiller:

Download the file and extract it into a folder
Execute the file TDSSKiller.exe.
Wait for the scan and disinfection process to be over.
Close all programs and press “Y” key to restart your computer.
Please post the resulting log here.

More detail TDSSKiller tutorial:
Starquest321Author Commented:
So this is the first time I installed malwarebytes - and it keeps "blocking" access to potentially malicious sites. Which software is trying to access it? HOw can I tell?
Sudeep SharmaTechnical DesignerCommented:
There could be some process (created by Virus/Malware) in the background which is trying to get the access to the Malicious sites.

You would need to run the full system scan with MalwareBytes to clean the system as suggested above by various experts.
You can trust Malwarebytes(MBAM) but remember, if you are unable to run MBAM, run Rkill or Rogue-Killer first, and do not re-boot after running either of them.

As requested earlier please post the MBAM and TDSSKiller logs here, it will help us to identify your problem.
Starquest321Author Commented:
The problem was so bad - I had to simply format the machine. What I don't understand is what advantage does the malware have over a virus? Does my computer send out spam or is it just damage?
>Does my computer send out spam or is it just damage<

The problem can be for a number of reasons, but usually a computer can be disinfected and not require a re-format ...sorry you had to do that.

You may find that some of the explanations in these two links will be helpful>
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.