Solved

conhost.exe CPU is almost 99%

Posted on 2011-09-02
11
3,492 Views
Last Modified: 2012-05-12
My computer is very slow. I look at the Processes running and I see that conhost.exe is running at96=99% of the CPU. . what is? Malware?  Virus? Using Windows XP with Outlook 2010 running.  . .
0
Comment
Question by:Starquest321
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 28

Accepted Solution

by:
burrcm earned 100 total points
ID: 36477081
conhost is a process introduced in Vista and Win7. In XP it is likely a virus/trojan. Search for the executable file. If it is anywhere but system32 it is definitely a bug. Give Malwarebytes a run.

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

Chris B
0
 
LVL 28

Expert Comment

by:burrcm
ID: 36477429
Notwithstanding the uninformative and misdirected copy and paste above, conhost.exe is not part of XP and should be dealt with accordingly.

The use of a registry cleaner is almost never a good idea. Most do not do what is advertised and generally will make any problem worse.

Chris B
0
 
LVL 30

Assisted Solution

by:IanTh
IanTh earned 100 total points
ID: 36477516
malware :
http://en.wikipedia.org/wiki/Malware

I have seen virus and malware / trogens appearing more and more in the last 12 months
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 28

Expert Comment

by:Dr. Klahn
ID: 36478143
Recommend you download a copy of Microsoft Autoruns and run it on the afflicted system.  This will tell you where the offending program is located, how it is being started, and allow you to disable it from being run at startup.
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 200 total points
ID: 36486807
The symptom as you have described it is almost certainly due to Malware, as already stated above, and Malwarebytes(MBAM) may well resolve it.
Run MBAM in normal mode.

Tutorial, if required:
http://www.bleepingcomputer.com/forums/lofiversion/index.php/t169669.html

If MBAM won't run, download and run Rkill first.
Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools:
http://www.technibble.com/rkill-repair-tool-of-the-week/

Do not re-boot after running Rkill, then run MalwareBytes.

An alternative to Rkill is Rogue-Killer.  Here is a good instructive article:
http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html 

If MBAM still doesn't resolve it, try running TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

Download the file TDSSKiller.zip and extract it into a folder
Execute the file TDSSKiller.exe.
Wait for the scan and disinfection process to be over.
Close all programs and press “Y” key to restart your computer.
Please post the resulting log here.

More detail TDSSKiller tutorial:
http://support.kaspersky.com/viruses/solutions?qid=208280684
0
 

Author Comment

by:Starquest321
ID: 36493559
So this is the first time I installed malwarebytes - and it keeps "blocking" access to potentially malicious sites. Which software is trying to access it? HOw can I tell?
0
 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 100 total points
ID: 36499327
There could be some process (created by Virus/Malware) in the background which is trying to get the access to the Malicious sites.

You would need to run the full system scan with MalwareBytes to clean the system as suggested above by various experts.
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 36501072
You can trust Malwarebytes(MBAM) but remember, if you are unable to run MBAM, run Rkill or Rogue-Killer first, and do not re-boot after running either of them.

As requested earlier please post the MBAM and TDSSKiller logs here, it will help us to identify your problem.
0
 

Author Comment

by:Starquest321
ID: 36501092
The problem was so bad - I had to simply format the machine. What I don't understand is what advantage does the malware have over a virus? Does my computer send out spam or is it just damage?
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 200 total points
ID: 36501121
>Does my computer send out spam or is it just damage<

The problem can be for a number of reasons, but usually a computer can be disinfected and not require a re-format ...sorry you had to do that.

You may find that some of the explanations in these two links will be helpful>
http://en.wikipedia.org/wiki/Malware
http://en.wikipedia.org/wiki/Computer_virus
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question