Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Svchost hogging CPU

This is a discussion on Svchost hogging CPU within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hi, I posted the following under Win 7/ Vista problems but was asked to repost here Svchost hogging CPU Hi


Closed Thread
 
Thread Tools Search this Thread
Old 01-06-2016, 05:57 PM   #1
Registered Member
 
Join Date: Dec 2005
Location: UK
Posts: 37
OS: XP, Vista, Win7 home 64bit



Hi,
I posted the following under Win 7/ Vista problems but was asked to repost here

Svchost hogging CPU
Hi there,
Will you please help with a maddening problem?
I run Vista home premium on a Compaq 6820S after a reinstall following a hd crash, using an iso from getintopcs.com (dodgy?)
Drivers were installed from HP.
Everything works, but performance is terribly sluggish due to almost 100% cpu usage by svchost.
Process Explorer shows the svchost running taskeng.exe to be the culprit. There are actually 2 instances of taskeng, one seemingly legit but access denied to the other.
Numerous malware scans came up clean.
Starting in safe mode shows normal CPU usage.
Prior to the HD crash there were no problems.
I'll attach a Hijackthis logfile, fwiw.
I'd appreciate any help tremendously.
Grateful thanks,
Martin.


I was also asked to check Task Scheduler which I did:
I did go to Task Scheduler and found an unsigned entry with a long history of errors that I deleted, to no avail. Similarly in User_feed_synchronisation there were numerous errors. Disabling it did not help either. The rest are seemingly legit.
I did notice a button in Firefox labelled "Foxstart" that irritates me. I can't kill it either!

I run Vista Home premium 32 on a Compaq 6820S.


DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005
Run by Martin at 1:21:26 on 2016-01-07
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2047.1010 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Martin\Desktop\Process explorer\procexp.exe
C:\Windows\system32\mmc.exe
C:\Windows\System32\notepad.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{025292EF-13EE-4405-9A05-EFAF82401F3E} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{452C8EB5-3ACB-41CC-A84E-18DFB743DD90} : DHCPNameServer = 192.168.1.254
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\47.0.2526.106\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\martin\appdata\roaming\mozilla\firefox\profiles\1cm5qqm3.default-1451036340661\
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/
FF - plugin: c:\program files\google\update\1.3.29.1\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2015-12-23 49776]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2015-12-23 209432]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-12-23 794952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-12-23 436360]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-12-23 24016]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-12-23 81168]
R2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2015-12-23 226440]
R3 aswStmXP;Avast StreamFilter Driver;c:\windows\system32\drivers\aswStmXP.sys [2015-12-23 165104]
S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [2015-12-29 19984]
.
=============== Created Last 30 ================
.
2015-12-30 00:22:11 -------- d-----w- c:\programdata\Malwarebytes
2015-12-29 23:01:50 19984 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2015-12-29 21:17:21 -------- d-----w- c:\program files\CCleaner
2015-12-29 20:54:45 -------- d-----w- C:\AdwCleaner
2015-12-29 20:23:24 30848 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-29 20:23:16 -------- d-----w- c:\programdata\RogueKiller
2015-12-29 20:19:28 -------- d-----w- c:\windows\pss
2015-12-28 16:19:32 53248 ----a-w- c:\windows\system32\CSVer.dll
2015-12-28 16:19:00 -------- d-----w- C:\Intel
2015-12-24 03:57:28 -------- d-----w- c:\windows\Panther
2015-12-24 03:57:12 -------- d-sh--w- C:\Boot
2015-12-23 21:17:46 -------- d-----w- c:\users\martin\appdata\local\Google
2015-12-23 21:17:40 50063360 ----a-w- c:\program files\GUTCE86.tmp
2015-12-23 21:17:40 -------- d-----w- c:\program files\GUMCE47.tmp
2015-12-23 21:11:56 -------- d-----w- c:\users\martin\Bluetooth Software
2015-12-23 21:10:59 -------- d-----w- c:\users\martin\appdata\roaming\AVAST Software
2015-12-23 21:09:50 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-12-23 21:09:50 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-12-23 21:09:11 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-12-23 21:09:11 165104 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-12-23 21:09:09 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-12-23 21:09:08 81168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-12-23 21:09:08 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-12-23 21:09:06 794952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-12-23 21:08:50 43112 ----a-w- c:\windows\avastSS.scr
2015-12-23 21:04:44 -------- d-----w- c:\program files\Cisco
2015-12-23 21:03:55 -------- d-----w- c:\windows\system32\no-NO
2015-12-23 21:03:51 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll
2015-12-23 21:03:51 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2015-12-23 21:03:51 3502080 ----a-w- c:\windows\system32\bcmihvui.dll
2015-12-23 21:03:50 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll
2015-12-23 21:03:50 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2015-12-23 21:03:50 -------- d-----w- c:\program files\Broadcom
2015-12-23 20:53:42 -------- d-----w- c:\program files\AVAST Software
2015-12-23 20:53:01 -------- d-----w- c:\programdata\AVAST Software
2015-12-23 20:48:46 80936 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2015-12-23 20:48:46 16168 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2015-12-23 20:48:45 80424 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2015-12-23 20:48:35 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2015-12-23 20:48:20 -------- d-----w- c:\windows\system32\es-MX
2015-12-23 20:48:20 -------- d-----w- c:\windows\system32\es-AR
2015-12-23 20:48:19 -------- d-----w- c:\program files\WIDCOMM
2015-12-23 20:45:16 12800 ----a-w- c:\windows\HPNICVersion.dll
2015-12-23 20:45:16 -------- d-sh--w- c:\windows\Installer
2015-12-23 20:45:14 -------- d-----w- C:\SWSetup
2015-12-23 20:31:47 -------- d-----w- c:\users\martin\appdata\local\Microsoft Games
2015-12-23 20:30:04 -------- d-----w- c:\users\martin\appdata\local\Mozilla
2015-12-23 20:29:55 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-12-23 20:20:59 -------- d-----w- c:\programdata\a1b27eb7-7375-0
2015-12-23 20:20:58 -------- d-----w- c:\programdata\a1b27eb7-1651-1
2015-12-23 20:16:14 2422272 ----a-w- c:\windows\system32\wucltux.dll
2015-12-23 20:15:57 88576 ----a-w- c:\windows\system32\wudriver.dll
2015-12-23 20:15:47 33792 ----a-w- c:\windows\system32\wuapp.exe
2015-12-23 20:15:47 171904 ----a-w- c:\windows\system32\wuwebv.dll
.
==================== Find3M ====================
.
.
============= FINISH: 1:24:48.65 ===============

I really appreciate your time and effort,
Many thanks,
Martin
Attached Files
File Type: txt attach.txt (1.5 KB, 20 views)
Margrove is offline  
Sponsored Links
Advertisement
 
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Svchost hogging CPU
Hi there, Will you please help with a maddening problem? I run Vista home premium on a Compaq 6820S after a reinstall following a hd crash, using an iso from getintopcs.com (dodgy?) Drivers were installed from HP. Everything works, but performance is terribly sluggish due to almost 100% cpu...
Margrove Windows 7 , Windows Vista Support 1 01-06-2016 03:06 PM
DAILY BSOD's FOR MONTHS-PLS. HELP!!
Hi Moderators: I've been having a BSOD problem with my Dell Studio540 desktop for months now and finally have some time to try and fix the problem. :banghead: It's my main computer and I use for business as well as personal. Per "JCGRIFF2"'s instructions on BSOD posting, here are the...
BIGBEARJEDI BSOD, App Crashes And Hangs 1 03-03-2013 12:20 PM
Many programs have lag spikes
Recently without any apparent reason every random amount of time when im using a program it randomly hangs for like a second or two. Idk if it affects all programs but it happens with the video player games and internet browser and audio player. If i switch windows i can see that the rest of...
rayquaza88 Windows 7 , Windows Vista Support 41 05-19-2012 09:11 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 11:13 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts