Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow unresponsive computer, 100% cpu all the time


  • Please log in to reply

#31
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 39.60 0 K 24 K 0
procexp64.exe 20.49 25,948 K 46,052 K 1580 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
chrome.exe 5.56 13,620 K 35,060 K 6072 Google Chrome Google Inc. (Verified) Google Inc
avgcsrva.exe 2.61 16,192 K 172,372 K 480 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
explorer.exe 1.02 24,020 K 43,068 K 2800 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 4.63 68,528 K 72,828 K 1284 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
System 8.52 1,652 K 47,532 K 4
Interrupts 2.23 0 K 0 K n/a Hardware Interrupts and DPCs
svchost.exe 1.47 14,360 K 15,560 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.03 9,056 K 15,728 K 1100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgrsa.exe 0.94 11,756 K 30,396 K 396 AVG Resident Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
dwm.exe 1.36 42,220 K 22,972 K 2780 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1.68 6,520 K 12,492 K 1808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.29 37,688 K 34,136 K 2784 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.06 55,204 K 57,572 K 1124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgidsagenta.exe 0.26 12,832 K 26,904 K 1868 AVG Identity Protection Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
csrss.exe 0.98 2,448 K 11,844 K 804 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 19,892 K 19,988 K 1036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
CinemaNowSvc.exe 6,412 K 5,968 K 2040 CinemaNow Service Application CinemaNow, Inc. (Verified) Sonic Solutions
services.exe 0.05 6,080 K 9,984 K 912 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.75 5,548 K 10,308 K 6064 Google Chrome Google Inc. (Verified) Google Inc
lsass.exe 0.15 4,236 K 10,528 K 920 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.08 3,800 K 7,708 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgwdsvca.exe 0.08 12,752 K 27,876 K 2000 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
svchost.exe 3.03 89,428 K 93,876 K 1076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 15,800 K 15,520 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPSF.exe 41,144 K 5,496 K 5252 HP Support Assistant Hewlett-Packard Company (Verified) Hewlett-Packard Company
HPWA_Service.exe 41,068 K 32,332 K 5460 HPPA_Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
wmpnetwk.exe 0.06 9,580 K 5,088 K 5028 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.04 1,984 K 4,168 K 752 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 0.09 5,360 K 4,344 K 1880 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 2,240 K 3,872 K 932 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 0.02 1,040 K 2,964 K 5000 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
CompatTelRunner.exe 0.73 13,392 K 5,752 K 4980 Microsoft Compatibility Telemetry Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe 3.05 7,756 K 12,952 K 4156 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
reader_sl.exe 1,140 K 3,308 K 1764 Adobe Acrobat SpeedLauncher Adobe Systems Incorporated (Verified) Adobe Systems
DeviceDisplayObjectProvider.exe 0.01 6,632 K 13,180 K 5984 Device Display Object Function Discovery Provider Microsoft Corporation (Verified) Microsoft Windows
sftlist.exe 0.02 8,088 K 17,092 K 2840 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
avgui.exe < 0.01 7,080 K 20,620 K 4716 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
WR_Tray_Icon.exe 2,056 K 528 K 3696 Tweaking.com - Windows Repair Tray Icon Tweaking.com (Verified) Tweaking LLC
WmiPrvSE.exe 6,088 K 11,692 K 5272 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,776 K 7,368 K 3544 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,400 K 6,604 K 852 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,320 K 4,024 K 812 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.06 3,696 K 9,056 K 3480 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,004 K 6,192 K 4232 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,004 K 5,880 K 4144 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,136 K 3,228 K 4424 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 0.03 3,572 K 8,584 K 256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 60,440 K 8,864 K 2684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,316 K 5,528 K 1232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,064 K 2,828 K 4376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,044 K 10,016 K 3332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,228 K 5,984 K 3560 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,440 K 3,936 K 2252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,564 K 4,276 K 5800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 6,620 K 9,736 K 1644 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 1,020 K 288 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 1,296 K 4,220 K 2572 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
RtVOsdService.exe 20,060 K 13,888 K 5724 RtVOsdService Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtVOsd.exe 2,188 K 7,396 K 5760 Realtek OSD for Volume/Mute Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtkNGUI64.exe 9,212 K 9,728 K 4180 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,464 K 7,476 K 1200 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
mDNSResponder.exe 1,856 K 4,916 K 2020 Bonjour Service Apple Inc. (Verified) Apple Inc.
igfxpers.exe 2,344 K 8,416 K 4540 persistence Module Intel Corporation (Verified) Intel Corporation
HPWMISVC.exe 1,236 K 4,720 K 2224 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
HPSA_Service.exe 23,948 K 16,304 K 2468 HP Support Assistant Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
hpqwmiex.exe 2,000 K 6,812 K 5836 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hkcmd.exe 2,560 K 9,740 K 4532 hkcmd Module Intel Corporation (Verified) Intel Corporation
GWX.exe 3,148 K 1,008 K 4288 GWX Microsoft Corporation (Verified) Microsoft Windows
GWX.exe 3,552 K 1,032 K 4024 GWX Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 1,996 K 5,876 K 3440 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 7,176 K 15,260 K 4088 Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
ctfmon.exe 2,012 K 4,152 K 5516 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
CompatTelRunner.exe 984 K 528 K 4128 Microsoft Compatibility Telemetry Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 1,524 K 4,228 K 5964 Google Chrome Google Inc. (Verified) Google Inc
avguix.exe 10,696 K 20,568 K 4672 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgsvca.exe 6,528 K 18,480 K 1888 AVG Service Process AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgnsa.exe 8,612 K 15,104 K 3096 AVG Online Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgemca.exe 2,624 K 7,320 K 3104 AVG E-mail Scanner AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
audiodg.exe 17,968 K 17,380 K 3804 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1,124 K 3,696 K 1784 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AERTSr64.exe 752 K 2,292 K 1840 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
chrome.exe 5.56 13,620 K 35,060 K 6072 Google Chrome Google Inc. (Verified) Google Inc
avgcsrva.exe 2.61 16,192 K 172,372 K 480 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
explorer.exe 1.02 24,020 K 43,068 K 2800 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 4.63 68,528 K 72,828 K 1284 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
System 8.52 1,652 K 47,532 K 4
Interrupts 2.23 0 K 0 K n/a Hardware Interrupts and DPCs

 

 

Normally Chrome, explorer, System should be 0.  Trusted Installer not being zero may mean it is trying to install an update.  Interrupts should be under 1.5 - before we had a much smaller number.  Perhaps a driver is acting up.

 

Are you doing something in Chrome?  Close Chrome and any other programs and then make a Process Explorer log.  Remember to wait one minute between starting Process Explorer and running the log.


  • 0

#33
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
my mistake since it takes so long for things to happen, i went to open chrome figuring that the five-eight minutes it would take to open, the report would be open. sorry.

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
svchost.exe 92.94 48,268 K 36,744 K 1124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 3.94 24,016 K 41,296 K 4400 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
dwm.exe 0.37 47,636 K 21,132 K 2780 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
CompatTelRunner.exe 20,304 K 2,960 K 4980 Microsoft Compatibility Telemetry Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.32 0 K 0 K n/a Hardware Interrupts and DPCs
procexp64.exe 1.35 25,904 K 22,624 K 1580 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
csrss.exe 0.21 2,720 K 3,528 K 804 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.16 25,544 K 32,252 K 2800 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
System 0.44 1,656 K 2,832 K 4
CinemaNowSvc.exe 0.12 6,408 K 2,208 K 2040 CinemaNow Service Application CinemaNow, Inc. (Verified) Sonic Solutions
SearchProtocolHost.exe 0.02 4,604 K 5,388 K 4236 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 14,472 K 9,992 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgwdsvca.exe 0.01 12,832 K 13,904 K 2000 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgidsagenta.exe 0.01 16,052 K 18,884 K 1868 AVG Identity Protection Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
lsass.exe 0.02 4,968 K 7,504 K 920 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 9,536 K 10,076 K 5028 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
sftlist.exe < 0.01 8,088 K 3,740 K 2840 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 55,468 K 17,748 K 2684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPSFUpdater.exe 0.01 42,528 K 41,260 K 3496 HPSFUpdater Hewlett-Packard Company (Verified) Hewlett-Packard Company
taskhost.exe < 0.01 8,212 K 5,888 K 3480 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 8,964 K 7,952 K 1100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
conhost.exe < 0.01 1,040 K 452 K 5000 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 3,504 K 3,756 K 256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 6,708 K 6,172 K 1808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 16,360 K 8,900 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPSFdetect.exe < 0.01 32,072 K 22,352 K 5204 HPSFdetect Hewlett-Packard Company (Verified) Hewlett-Packard Company
avgrsa.exe < 0.01 15,992 K 39,892 K 396 AVG Resident Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
SynTPEnh.exe < 0.01 7,768 K 2,448 K 4156 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
HPSA_Service.exe < 0.01 29,424 K 17,440 K 2468 HP Support Assistant Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
csrss.exe < 0.01 2,024 K 1,976 K 752 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 98,512 K 91,144 K 1076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avgui.exe < 0.01 7,112 K 6,788 K 4716 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
WR_Tray_Icon.exe 2,056 K 676 K 3696 Tweaking.com - Windows Repair Tray Icon Tweaking.com (Verified) Tweaking LLC
WmiPrvSE.exe 3,168 K 4,612 K 3544 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 4,292 K 7,732 K 4064 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,396 K 1,560 K 852 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,320 K 520 K 812 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe < 0.01 41,948 K 16,852 K 1284 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,004 K 2,320 K 4144 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
System Idle Process 0 K 24 K 0
SynTPHelper.exe 1,136 K 304 K 4424 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 3,832 K 4,244 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 18,480 K 10,480 K 1036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,444 K 2,100 K 1232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,440 K 456 K 2252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,228 K 548 K 3560 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,992 K 1,604 K 3332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,564 K 624 K 5800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 6,568 K 2,116 K 1644 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 372 K 384 K 288 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 1,296 K 384 K 2572 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
services.exe 6,208 K 4,976 K 912 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 66,664 K 59,928 K 2784 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 1,752 K 5,156 K 3688 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
RtVOsdService.exe 20,056 K 2,596 K 5724 RtVOsdService Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtVOsd.exe 2,188 K 4,344 K 5760 Realtek OSD for Volume/Mute Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtkNGUI64.exe 9,212 K 1,064 K 4180 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,456 K 6,108 K 1764 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
procexp.exe 2,464 K 2,232 K 1200 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
mDNSResponder.exe 1,888 K 2,264 K 2020 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe < 0.01 2,236 K 1,732 K 932 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
igfxpers.exe 2,344 K 808 K 4540 persistence Module Intel Corporation (Verified) Intel Corporation
HPWMISVC.exe 1,236 K 424 K 2224 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
HPWA_Service.exe 0.02 41,436 K 11,456 K 5460 HPPA_Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
hpqwmiex.exe 2,012 K 1,480 K 5836 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hkcmd.exe 2,560 K 836 K 4532 hkcmd Module Intel Corporation (Verified) Intel Corporation
GWX.exe 3,820 K 2,400 K 4024 GWX Microsoft Corporation (Verified) Microsoft Windows
GWX.exe 3,688 K 2,436 K 4288 GWX Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 7,176 K 2,076 K 4088 Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
ctfmon.exe 2,012 K 404 K 5516 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
CompatTelRunner.exe 984 K 448 K 4128 Microsoft Compatibility Telemetry Microsoft Corporation (Verified) Microsoft Windows
avguix.exe 10,936 K 7,028 K 4672 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgsvca.exe < 0.01 6,872 K 10,760 K 1888 AVG Service Process AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgnsa.exe 9,000 K 8,748 K 3096 AVG Online Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgemca.exe 2,624 K 1,424 K 3104 AVG E-mail Scanner AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgcsrva.exe 16,384 K 147,740 K 480 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
armsvc.exe 1,124 K 384 K 1784 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AERTSr64.exe 752 K 352 K 1840 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
  • 0

#34
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

OK.  This time we have

 

svchost.exe 92.94 48,268 K 36,744 K 1124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

 

 

Can you run this again:

 

Without rebooting:

 

Copy the next line:

TASKLIST /SVC /FO LIST > \junk.txt
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter 
 
Now Type:
Notepad \junk.txt

Hit Enter.  Copy and paste the text from notepad into a Reply.

 

This will allow me to see what services are on the the bad SVCHOST.


  • 0

#35
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Image Name: System Idle Process
PID: 0
Services: N/A

Image Name: System
PID: 4
Services: N/A

Image Name: smss.exe
PID: 288
Services: N/A

Image Name: avgrsa.exe
PID: 396
Services: N/A

Image Name: avgcsrva.exe
PID: 476
Services: N/A

Image Name: csrss.exe
PID: 748
Services: N/A

Image Name: csrss.exe
PID: 800
Services: N/A

Image Name: wininit.exe
PID: 808
Services: N/A

Image Name: winlogon.exe
PID: 848
Services: N/A

Image Name: services.exe
PID: 908
Services: N/A

Image Name: lsass.exe
PID: 916
Services: KeyIso
SamSs

Image Name: lsm.exe
PID: 924
Services: N/A

Image Name: svchost.exe
PID: 100
Services: DcomLaunch
PlugPlay
Power

Image Name: svchost.exe
PID: 760
Services: RpcEptMapper
RpcSs

Image Name: svchost.exe
PID: 1032
Services: AudioSrv
Dhcp
eventlog
HomeGroupProvider
lmhosts
wscsvc

Image Name: svchost.exe
PID: 1068
Services: AudioEndpointBuilder
HomeGroupListener
Netman
PcaSvc
SysMain
TrkWks
UxSms
WdiSystemHost
Wlansvc

Image Name: svchost.exe
PID: 1092
Services: EventSystem
fdPHost
FontCache
netprofm
nsi
WdiServiceHost
WinHttpAutoProxySvc

Image Name: svchost.exe
PID: 1116
Services: AeLookupSvc
Appinfo
BITS
Browser
EapHost
IKEEXT
iphlpsvc
LanmanServer
ProfSvc
Schedule
seclogon
SENS
ShellHWDetection
Themes
Winmgmt
wuauserv

Image Name: svchost.exe
PID: 1224
Services: gpsvc

Image Name: svchost.exe
PID: 1328
Services: CryptSvc
Dnscache
LanmanWorkstation
NlaSvc
TermService

Image Name: svchost.exe
PID: 1432
Services: BFE
DPS
MpsSvc
WwanSvc

Image Name: spoolsv.exe
PID: 1588
Services: Spooler

Image Name: armsvc.exe
PID: 1752
Services: AdobeARMservice

Image Name: AERTSr64.exe
PID: 1788
Services: AERTFilters

Image Name: avgidsagenta.exe
PID: 1836
Services: AVGIDSAgent

Image Name: taskhost.exe
PID: 1932
Services: N/A

Image Name: avgsvca.exe
PID: 1992
Services: avgsvc

Image Name: dwm.exe
PID: 2024
Services: N/A

Image Name: explorer.exe
PID: 1196
Services: N/A

Image Name: SynTPEnh.exe
PID: 2152
Services: N/A

Image Name: RtkNGUI64.exe
PID: 2160
Services: N/A

Image Name: avgwdsvca.exe
PID: 2260
Services: avgwd

Image Name: GWX.exe
PID: 2272
Services: N/A

Image Name: mDNSResponder.exe
PID: 2328
Services: Bonjour Service

Image Name: CinemaNowSvc.exe
PID: 2364
Services: CinemaNow Service

Image Name: svchost.exe
PID: 2536
Services: FDResPub
SSDPSRV
upnphost

Image Name: hkcmd.exe
PID: 2832
Services: N/A

Image Name: igfxpers.exe
PID: 2840
Services: N/A

Image Name: avguix.exe
PID: 1292
Services: N/A

Image Name: avgui.exe
PID: 2284
Services: N/A

Image Name: HPWMISVC.exe
PID: 2376
Services: HPWMISVC

Image Name: svchost.exe
PID: 1460
Services: LPDSVC

Image Name: sftvsa.exe
PID: 3004
Services: sftvsa

Image Name: svchost.exe
PID: 1012
Services: stisvc

Image Name: svchost.exe
PID: 3132
Services: WinDefend

Image Name: SearchIndexer.exe
PID: 3232
Services: WSearch

Image Name: sftlist.exe
PID: 3276
Services: sftlist

Image Name: taskeng.exe
PID: 3652
Services: N/A

Image Name: WR_Tray_Icon.exe
PID: 3704
Services: N/A

Image Name: CVHSVC.EXE
PID: 2748
Services: cvhsvc

Image Name: ctfmon.exe
PID: 2116
Services: N/A

Image Name: avgnsa.exe
PID: 4068
Services: N/A

Image Name: avgemca.exe
PID: 1488
Services: N/A

Image Name: HPSF.exe
PID: 3900
Services: N/A

Image Name: svchost.exe
PID: 372
Services: p2pimsvc
p2psvc
PNRPsvc

Image Name: SearchProtocolHost.exe
PID: 4084
Services: N/A

Image Name: svchost.exe
PID: 3988
Services: PolicyAgent

Image Name: wmpnetwk.exe
PID: 3840
Services: WMPNetworkSvc

Image Name: msfeedssync.exe
PID: 2052
Services: N/A

Image Name: SynTPHelper.exe
PID: 4244
Services: N/A

Image Name: WmiPrvSE.exe
PID: 3368
Services: N/A

Image Name: svchost.exe
PID: 2568
Services: SDRSVC

Image Name: HPSA_Service.exe
PID: 4452
Services: HP Support Assistant Service

Image Name: HPWA_Service.exe
PID: 5088
Services: HP Wireless Assistant Service

Image Name: RtVOsdService.exe
PID: 4812
Services: RtVOsdService

Image Name: RtVOsd.exe
PID: 3552
Services: N/A

Image Name: hpqwmiex.exe
PID: 3204
Services: hpqwmiex

Image Name: TrustedInstaller.exe
PID: 2804
Services: TrustedInstaller

Image Name: taskeng.exe
PID: 2476
Services: N/A

Image Name: taskeng.exe
PID: 4784
Services: N/A

Image Name: SoftwareUpdate.exe
PID: 1044
Services: N/A

Image Name: sppsvc.exe
PID: 1940
Services: sppsvc

Image Name: WmiPrvSE.exe
PID: 4696
Services: N/A

Image Name: chrome.exe
PID: 4560
Services: N/A

Image Name: chrome.exe
PID: 3420
Services: N/A

Image Name: chrome.exe
PID: 2592
Services: N/A

Image Name: chrome.exe
PID: 2816
Services: N/A

Image Name: ielowutil.exe
PID: 3216
Services: N/A

Image Name: SearchFilterHost.exe
PID: 2440
Services: N/A

Image Name: audiodg.exe
PID: 4588
Services: N/A

Image Name: ielowutil.exe
PID: 5140
Services: N/A

Image Name: cmd.exe
PID: 5268
Services: N/A

Image Name: conhost.exe
PID: 5292
Services: N/A

Image Name: tasklist.exe
PID: 5368
Services: N/A
  • 0

#36
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Guess you must have rebooted between the last Process Explorer log and the "TASKLIST /SVC /FO LIST > \junk.txt"

 

I don't see a PID 1124 in the list.  Run Process Explorer again and if you see:

 

svchost.exe using a lot of CPU time (anything over 10%) then give me a new Process Explorer log and 

 

do the 

TASKLIST /SVC /FO LIST > \junk.txt"

notepad \junk.txt

again.  We need to find out what services are running on the svchost.  


  • 0

#37
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Image Name: System Idle Process
PID: 0
Services: N/A

Image Name: System
PID: 4
Services: N/A

Image Name: smss.exe
PID: 288
Services: N/A

Image Name: avgrsa.exe
PID: 400
Services: N/A

Image Name: avgcsrva.exe
PID: 480
Services: N/A

Image Name: csrss.exe
PID: 752
Services: N/A

Image Name: csrss.exe
PID: 804
Services: N/A

Image Name: wininit.exe
PID: 812
Services: N/A

Image Name: winlogon.exe
PID: 852
Services: N/A

Image Name: services.exe
PID: 912
Services: N/A

Image Name: lsass.exe
PID: 920
Services: KeyIso
SamSs

Image Name: lsm.exe
PID: 928
Services: N/A

Image Name: svchost.exe
PID: 380
Services: DcomLaunch
PlugPlay
Power

Image Name: svchost.exe
PID: 772
Services: RpcEptMapper
RpcSs

Image Name: svchost.exe
PID: 1040
Services: AudioSrv
Dhcp
eventlog
HomeGroupProvider
lmhosts
wscsvc

Image Name: svchost.exe
PID: 1072
Services: AudioEndpointBuilder
HomeGroupListener
Netman
PcaSvc
SysMain
TrkWks
UxSms
Wlansvc

Image Name: svchost.exe
PID: 1100
Services: EventSystem
fdPHost
FontCache
netprofm
nsi
WdiServiceHost

Image Name: svchost.exe
PID: 1124
Services: Appinfo
BITS
Browser
EapHost
IKEEXT
iphlpsvc
LanmanServer
MMCSS
ProfSvc
Schedule
seclogon
SENS
ShellHWDetection
Themes
Winmgmt
wuauserv

Image Name: svchost.exe
PID: 1232
Services: gpsvc

Image Name: svchost.exe
PID: 1328
Services: CryptSvc
Dnscache
LanmanWorkstation
NlaSvc
TermService

Image Name: svchost.exe
PID: 1448
Services: BFE
DPS
MpsSvc
WwanSvc

Image Name: spoolsv.exe
PID: 1636
Services: Spooler

Image Name: armsvc.exe
PID: 1768
Services: AdobeARMservice

Image Name: AERTSr64.exe
PID: 1832
Services: AERTFilters

Image Name: avgidsagenta.exe
PID: 1868
Services: AVGIDSAgent

Image Name: taskhost.exe
PID: 1944
Services: N/A

Image Name: avgsvca.exe
PID: 2032
Services: avgsvc

Image Name: dwm.exe
PID: 1204
Services: N/A

Image Name: explorer.exe
PID: 1588
Services: N/A

Image Name: SynTPEnh.exe
PID: 2172
Services: N/A

Image Name: RtkNGUI64.exe
PID: 2188
Services: N/A

Image Name: avgwdsvca.exe
PID: 2268
Services: avgwd

Image Name: GWX.exe
PID: 2304
Services: N/A

Image Name: mDNSResponder.exe
PID: 2348
Services: Bonjour Service

Image Name: CinemaNowSvc.exe
PID: 2388
Services: CinemaNow Service

Image Name: svchost.exe
PID: 2568
Services: FDResPub
SSDPSRV
upnphost

Image Name: hkcmd.exe
PID: 2816
Services: N/A

Image Name: igfxpers.exe
PID: 2828
Services: N/A

Image Name: avguix.exe
PID: 2076
Services: N/A

Image Name: avgui.exe
PID: 2120
Services: N/A

Image Name: HPWMISVC.exe
PID: 1360
Services: HPWMISVC

Image Name: svchost.exe
PID: 1180
Services: LPDSVC

Image Name: sftvsa.exe
PID: 1820
Services: sftvsa

Image Name: svchost.exe
PID: 1924
Services: stisvc

Image Name: svchost.exe
PID: 3144
Services: WinDefend

Image Name: SearchIndexer.exe
PID: 3296
Services: WSearch

Image Name: sftlist.exe
PID: 3464
Services: sftlist

Image Name: taskeng.exe
PID: 3900
Services: N/A

Image Name: WR_Tray_Icon.exe
PID: 3932
Services: N/A

Image Name: avgnsa.exe
PID: 3024
Services: N/A

Image Name: avgemca.exe
PID: 3580
Services: N/A

Image Name: CVHSVC.EXE
PID: 3320
Services: cvhsvc

Image Name: ctfmon.exe
PID: 3552
Services: N/A

Image Name: svchost.exe
PID: 4848
Services: p2pimsvc
p2psvc
PNRPsvc

Image Name: SearchProtocolHost.exe
PID: 5056
Services: N/A

Image Name: svchost.exe
PID: 1908
Services: PolicyAgent

Image Name: SynTPHelper.exe
PID: 3084
Services: N/A

Image Name: wmpnetwk.exe
PID: 4148
Services: WMPNetworkSvc

Image Name: WmiPrvSE.exe
PID: 4588
Services: N/A

Image Name: svchost.exe
PID: 1248
Services: SDRSVC

Image Name: HPSA_Service.exe
PID: 1696
Services: HP Support Assistant Service

Image Name: HPWA_Service.exe
PID: 4672
Services: HP Wireless Assistant Service

Image Name: RtVOsdService.exe
PID: 3104
Services: RtVOsdService

Image Name: RtVOsd.exe
PID: 2988
Services: N/A

Image Name: hpqwmiex.exe
PID: 1932
Services: hpqwmiex

Image Name: TrustedInstaller.exe
PID: 4180
Services: TrustedInstaller

Image Name: chrome.exe
PID: 4352
Services: N/A

Image Name: chrome.exe
PID: 2552
Services: N/A

Image Name: chrome.exe
PID: 2376
Services: N/A

Image Name: chrome.exe
PID: 2892
Services: N/A

Image Name: SearchFilterHost.exe
PID: 3676
Services: N/A

Image Name: WmiPrvSE.exe
PID: 4612
Services: N/A

Image Name: sppsvc.exe
PID: 2208
Services: sppsvc

Image Name: audiodg.exe
PID: 1312
Services: N/A

Image Name: cmd.exe
PID: 3060
Services: N/A

Image Name: conhost.exe
PID: 1632
Services: N/A

Image Name: tasklist.exe
PID: 4572
Services: N/A
  • 0

#38
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I'm sorry, it just hangs up so bad. i did reboot it last time. not this time.
  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

We seem to have a disconnect.  There should be a correlation between the PIDs shown in Process Explorer and the PIDs in the the tasklist but there isn't which means that there was a reboot between the two.

In the last tasklist there is a PID 1124 but none of the other PIDs line up.  I need both the process Explorer log and the tasklist taken together to determine what services are at fault.

This is from my Win 7:  

 

Process CPU Private Bytes Working Set PID Description Company Name
System Idle Process 97.68 0 K 24 K 0
procexp64.exe 0.82 25,444 K 46,532 K 4092 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
Interrupts 0.36 0 K 0 K n/a Hardware Interrupts and DPCs
AvastSvc.exe 0.22 311,676 K 47,800 K 1520 avast! Service AVAST Software
svchost.exe 0.19 13,012 K 17,076 K 5432 Host Process for Windows Services Microsoft Corporation
csrss.exe 0.10 3,936 K 17,992 K 676 Client Server Runtime Process Microsoft Corporation
chrome.exe 0.10 182,792 K 275,984 K 6764 Google Chrome Google Inc.
svchost.exe 0.07 39,712 K 57,124 K 1072 Host Process for Windows Services Microsoft Corporation
System 0.06 340 K 7,384 K 4
dwm.exe 0.06 31,716 K 33,504 K 3832 Desktop Window Manager Microsoft Corporation
chrome.exe 0.05 192,672 K 249,308 K 3768 Google Chrome Google Inc.
svchost.exe 0.03 8,392 K 13,404 K 5492 Host Process for Windows Services Microsoft Corporation
BrYNSvc.exe 0.03 4,500 K 9,236 K 4832 BrYNCSvc Brother Industries, Ltd.
chrome.exe 0.03 249,276 K 283,384 K 6836 Google Chrome Google Inc.
chrome.exe 0.02 88,580 K 127,932 K 6148 Google Chrome Google Inc.
speedfan.exe 0.02 7,808 K 21,516 K 2588 Almico Software (almico.com)
TomTom MyDrive Connect.exe 0.02 82,196 K 112,168 K 5788 TomTom MyDrive Connect TomTom
svchost.exe 0.02 33,012 K 31,268 K 480 Host Process for Windows Services Microsoft Corporation
ABService.exe 0.02 23,336 K 11,764 K 1960 AOMEI Backupper Schedule task service AOMEI Tech Co., Ltd.
chrome.exe 0.01 206,876 K 186,348 K 1284 Google Chrome Google Inc.
chrome.exe 0.01 130,940 K 268,348 K 1364 Google Chrome Google Inc.
svchost.exe 0.01 4,668 K 10,176 K 900 Host Process for Windows Services Microsoft Corporation
TeamViewer_Service.exe 0.01 6,736 K 16,196 K 2088 TeamViewer 11 TeamViewer GmbH
BrStMonW.exe 0.01 18,404 K 26,240 K 1632 Status Monitor Application Brother Industries, Ltd.
explorer.exe 0.01 58,036 K 80,764 K 2120 Windows Explorer Microsoft Corporation
MOM.exe 0.01 27,064 K 11,744 K 4436 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
nusb3mon.exe < 0.01 2,068 K 5,768 K 1344 AMD USB 3.0 Device Detector Advanced Micro Devices, Inc.
svchost.exe < 0.01 130,136 K 62,380 K 1460 Host Process for Windows Services Microsoft Corporation
avastui.exe < 0.01 21,156 K 33,460 K 3232 avast! Antivirus AVAST Software
csrss.exe < 0.01 2,628 K 5,048 K 584 Client Server Runtime Process Microsoft Corporation
wmpnetwk.exe < 0.01 12,548 K 18,368 K 4072 Windows Media Player Network Sharing Service Microsoft Corporation
spoolsv.exe < 0.01 10,640 K 18,424 K 1636 Spooler SubSystem App Microsoft Corporation
taskhost.exe < 0.01 16,880 K 21,356 K 2788 Host Process for Windows Tasks Microsoft Corporation
TeamViewer.exe < 0.01 16,940 K 31,116 K 3776 TeamViewer 11 TeamViewer GmbH
tv_w32.exe < 0.01 1,404 K 5,256 K 4044 TeamViewer 11 TeamViewer GmbH
svchost.exe < 0.01 8,028 K 14,240 K 1708 Host Process for Windows Services Microsoft Corporation
chrome.exe < 0.01 116,020 K 141,104 K 3868 Google Chrome Google Inc.
svchost.exe < 0.01 12,032 K 23,424 K 1028 Host Process for Windows Services Microsoft Corporation
SearchProtocolHost.exe < 0.01 2,972 K 8,704 K 6804 Microsoft Windows Search Protocol Host Microsoft Corporation
SearchIndexer.exe < 0.01 20,360 K 14,976 K 6936 Microsoft Windows Search Indexer Microsoft Corporation
tv_x64.exe < 0.01 1,864 K 5,400 K 2776 TeamViewer 11 TeamViewer GmbH
AvastVBoxSVC.exe < 0.01 6,416 K 13,504 K 1400 AvastVirtualBox Interface Avast Software
WmiPrvSE.exe 10,036 K 15,300 K 3656 WMI Provider Host Microsoft Corporation
WmiPrvSE.exe 2,800 K 6,696 K 6308 WMI Provider Host Microsoft Corporation
winlogon.exe 3,296 K 7,832 K 808 Windows Logon Application Microsoft Corporation
wininit.exe 1,932 K 4,876 K 660 Windows Start-Up Application Microsoft Corporation
usb3Monitor.exe 1,940 K 6,600 K 3856 usbmonitor VIA Technologies, Inc.
unsecapp.exe 2,280 K 6,960 K 4680 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
TrustedInstaller.exe 46,904 K 49,972 K 1236 Windows Modules Installer Microsoft Corporation
svchost.exe 8,060 K 18,300 K 436 Host Process for Windows Services Microsoft Corporation
svchost.exe 5,516 K 9,452 K 1000 Host Process for Windows Services Microsoft Corporation
svchost.exe 82,848 K 67,400 K 2860 Host Process for Windows Services Microsoft Corporation
svchost.exe 16,312 K 18,940 K 1668 Host Process for Windows Services Microsoft Corporation
svchost.exe 3,860 K 8,136 K 1192 Host Process for Windows Services Microsoft Corporation
svchost.exe 5,244 K 10,792 K 2028 Host Process for Windows Services Microsoft Corporation
smss.exe 560 K 1,268 K 372 Windows Session Manager Microsoft Corporation
services.exe 5,832 K 9,924 K 716 Services and Controller app Microsoft Corporation
SearchFilterHost.exe 3,180 K 7,060 K 5796 Microsoft Windows Search Filter Host Microsoft Corporation
procexp.exe 2,400 K 7,688 K 724 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
PrintIsolationHost.exe 4,784 K 9,456 K 3068 PrintIsolationHost Microsoft Corporation
notepad.exe 1,924 K 7,140 K 4484 Notepad Microsoft Corporation
notepad.exe 1,932 K 7,128 K 4228 Notepad Microsoft Corporation
notepad.exe 2,024 K 7,072 K 3664 Notepad Microsoft Corporation
notepad.exe 1,928 K 6,960 K 488 Notepad Microsoft Corporation
notepad.exe 1,936 K 6,788 K 4388 Notepad Microsoft Corporation
notepad.exe 1,924 K 6,900 K 4656 Notepad Microsoft Corporation
lsm.exe 2,936 K 4,772 K 748 Local Session Manager Service Microsoft Corporation
lsass.exe 7,156 K 14,804 K 740 Local Security Authority Process Microsoft Corporation
GWX.exe 4,100 K 7,572 K 5128 GWX Microsoft Corporation
Fuel.Service.exe 5,348 K 11,520 K 1832 AMD Fuel Service Advanced Micro Devices, Inc.
ctfmon.exe 1,936 K 4,584 K 6972 CTF Loader Microsoft Corporation
conhost.exe 1,856 K 6,052 K 6180 Console Window Host Microsoft Corporation
cmd.exe 2,168 K 3,320 K 4016 Windows Command Processor Microsoft Corporation
chrome.exe 40,208 K 70,568 K 4584 Google Chrome Google Inc.
chrome.exe 65,840 K 64,248 K 3720 Google Chrome Google Inc.
chrome.exe 1,604 K 4,980 K 3748 Google Chrome Google Inc.
chrome.exe 27,452 K 58,088 K 1616 Google Chrome Google Inc.
CCC.exe 77,848 K 32,632 K 4172 Catalyst Control Center: Host application Advanced Micro Devices Inc.
BrCtrlCntr.exe 2,372 K 7,884 K 3056 ControlCenter Main Process Brother Industries, Ltd.
BrCcUxSys.exe 1,896 K 6,800 K 4668 ControlCenter UX System Brother Industries, Ltd.
audiodg.exe 18,296 K 18,508 K 4748 Windows Audio Device Graph Isolation Microsoft Corporation
atiesrxx.exe 1,736 K 5,108 K 288 AMD External Events Service Module AMD
atieclxx.exe 2,668 K 7,260 K 3492 AMD External Events Client Module AMD
armsvc.exe 2,348 K 8,900 K 2912 Adobe Acrobat Update Service Adobe Systems Incorporated
AMDQuickStream.exe 4,376 K 10,012 K 3680 AMD Quick Stream AppEx Networks Corporation
 
This is the tasklist output:
 
 
Image Name:   System Idle Process
PID:          0
Services:     N/A
 
Image Name:   System
PID:          4
Services:     N/A
 
Image Name:   smss.exe
PID:          372
Services:     N/A
 
Image Name:   csrss.exe
PID:          584
Services:     N/A
 
Image Name:   wininit.exe
PID:          660
Services:     N/A
 
Image Name:   csrss.exe
PID:          676
Services:     N/A
 
Image Name:   services.exe
PID:          716
Services:     N/A
 
Image Name:   lsass.exe
PID:          740
Services:     KeyIso
              SamSs
 
Image Name:   lsm.exe
PID:          748
Services:     N/A
 
Image Name:   winlogon.exe
PID:          808
Services:     N/A
 
Image Name:   svchost.exe
PID:          900
Services:     DcomLaunch
              PlugPlay
              Power
 
Image Name:   svchost.exe
PID:          1000
Services:     RpcEptMapper
              RpcSs
 
Image Name:   atiesrxx.exe
PID:          288
Services:     AMD External Events Utility
 
Image Name:   svchost.exe
PID:          480
Services:     AudioSrv
              Dhcp
              eventlog
              HomeGroupProvider
              lmhosts
              wscsvc
 
Image Name:   svchost.exe
PID:          436
Services:     AudioEndpointBuilder
              CscService
              HomeGroupListener
              Netman
              PcaSvc
              TrkWks
              UxSms
 
Image Name:   svchost.exe
PID:          1028
Services:     EventSystem
              fdPHost
              FontCache
              netprofm
              nsi
              WdiServiceHost
 
Image Name:   svchost.exe
PID:          1072
Services:     AeLookupSvc
              Appinfo
              BITS
              Browser
              iphlpsvc
              LanmanServer
              MMCSS
              ProfSvc
              Schedule
              seclogon
              SENS
              ShellHWDetection
              Themes
              Winmgmt
              wuauserv
 
Image Name:   svchost.exe
PID:          1192
Services:     gpsvc
 
Image Name:   TrustedInstaller.exe
PID:          1236
Services:     TrustedInstaller
 
Image Name:   svchost.exe
PID:          1460
Services:     CryptSvc
              Dnscache
              LanmanWorkstation
              NlaSvc
 
Image Name:   AvastSvc.exe
PID:          1520
Services:     avast! Antivirus
 
Image Name:   spoolsv.exe
PID:          1636
Services:     Spooler
 
Image Name:   svchost.exe
PID:          1668
Services:     BFE
              DPS
              MpsSvc
 
Image Name:   Fuel.Service.exe
PID:          1832
Services:     AMD FUEL Service
 
Image Name:   ABService.exe
PID:          1960
Services:     Backupper Service
 
Image Name:   svchost.exe
PID:          2028
Services:     DiagTrack
 
Image Name:   TeamViewer_Service.exe
PID:          2088
Services:     TeamViewer
 
Image Name:   PrintIsolationHost.exe
PID:          3068
Services:     N/A
 
Image Name:   AvastVBoxSVC.exe
PID:          1400
Services:     AvastVBoxSvc
 
Image Name:   atieclxx.exe
PID:          3492
Services:     N/A
 
Image Name:   svchost.exe
PID:          1708
Services:     FDResPub
              SSDPSRV
              upnphost
 
Image Name:   svchost.exe
PID:          2860
Services:     WinDefend
 
Image Name:   taskhost.exe
PID:          2788
Services:     N/A
 
Image Name:   dwm.exe
PID:          3832
Services:     N/A
 
Image Name:   explorer.exe
PID:          2120
Services:     N/A
 
Image Name:   TeamViewer.exe
PID:          3776
Services:     N/A
 
Image Name:   usb3Monitor.exe
PID:          3856
Services:     N/A
 
Image Name:   nusb3mon.exe
PID:          1344
Services:     N/A
 
Image Name:   tv_w32.exe
PID:          4044
Services:     N/A
 
Image Name:   AMDQuickStream.exe
PID:          3680
Services:     N/A
 
Image Name:   tv_x64.exe
PID:          2776
Services:     N/A
 
Image Name:   WmiPrvSE.exe
PID:          3656
Services:     N/A
 
Image Name:   avastui.exe
PID:          3232
Services:     N/A
 
Image Name:   BrStMonW.exe
PID:          1632
Services:     N/A
 
Image Name:   BrCtrlCntr.exe
PID:          3056
Services:     N/A
 
Image Name:   MOM.exe
PID:          4436
Services:     N/A
 
Image Name:   BrCcUxSys.exe
PID:          4668
Services:     N/A
 
Image Name:   unsecapp.exe
PID:          4680
Services:     N/A
 
Image Name:   BrYNSvc.exe
PID:          4832
Services:     BrYNSvc
 
Image Name:   CCC.exe
PID:          4172
Services:     N/A
 
Image Name:   wmpnetwk.exe
PID:          4072
Services:     WMPNetworkSvc
 
Image Name:   svchost.exe
PID:          5432
Services:     p2pimsvc
              p2psvc
              PNRPsvc
 
Image Name:   GWX.exe
PID:          5128
Services:     N/A
 
Image Name:   svchost.exe
PID:          5492
Services:     stisvc
 
Image Name:   TomTom MyDrive Connect.exe
PID:          5788
Services:     N/A
 
Image Name:   ctfmon.exe
PID:          6972
Services:     N/A
 
Image Name:   speedfan.exe
PID:          2588
Services:     N/A
 
Image Name:   chrome.exe
PID:          3768
Services:     N/A
 
Image Name:   chrome.exe
PID:          3748
Services:     N/A
 
Image Name:   chrome.exe
PID:          1284
Services:     N/A
 
Image Name:   chrome.exe
PID:          1616
Services:     N/A
 
Image Name:   chrome.exe
PID:          3720
Services:     N/A
 
Image Name:   chrome.exe
PID:          3868
Services:     N/A
 
Image Name:   notepad.exe
PID:          4484
Services:     N/A
 
Image Name:   notepad.exe
PID:          4228
Services:     N/A
 
Image Name:   notepad.exe
PID:          3664
Services:     N/A
 
Image Name:   taskmgr.exe
PID:          5024
Services:     N/A
 
Image Name:   notepad.exe
PID:          488
Services:     N/A
 
Image Name:   armsvc.exe
PID:          2912
Services:     AdobeARMservice
 
Image Name:   notepad.exe
PID:          4388
Services:     N/A
 
Image Name:   mmc.exe
PID:          4768
Services:     N/A
 
Image Name:   SearchIndexer.exe
PID:          6936
Services:     WSearch
 
Image Name:   notepad.exe
PID:          7096
Services:     N/A
 
Image Name:   notepad.exe
PID:          5560
Services:     N/A
 
Image Name:   chrome.exe
PID:          4584
Services:     N/A
 
Image Name:   chrome.exe
PID:          6764
Services:     N/A
 
Image Name:   chrome.exe
PID:          6836
Services:     N/A
 
Image Name:   notepad.exe
PID:          5672
Services:     N/A
 
Image Name:   chrome.exe
PID:          1364
Services:     N/A
 
Image Name:   chrome.exe
PID:          6148
Services:     N/A
 
Image Name:   audiodg.exe
PID:          4748
Services:     N/A
 
Image Name:   WmiPrvSE.exe
PID:          6308
Services:     N/A
 
Image Name:   dllhost.exe
PID:          5056
Services:     N/A
 
Image Name:   dllhost.exe
PID:          4868
Services:     N/A
 
Image Name:   cmd.exe
PID:          4016
Services:     N/A
 
Image Name:   conhost.exe
PID:          6180
Services:     N/A
 
Image Name:   tasklist.exe
PID:          4596
Services:     N/A
 
 

The top svchost in my log is:

svchost.exe 0.19 13,012 K 17,076 K 5432 Host Process for Windows Services Microsoft Corporation

That's the PID in bold.  5432.

 

In the tasklist:

 

Image Name:   svchost.exe
PID:          5432
Services:     p2pimsvc
              p2psvc
              PNRPsvc
 
so I can see the 3 services that ride on it.  

  • 0

#40
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
svchost.exe 74.34 49,460 K 35,552 K 1124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 8.62 25,324 K 45,120 K 5432 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
avgnsa.exe 9,568 K 10,728 K 3024 AVG Online Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
svchost.exe 0.10 9,980 K 9,316 K 1100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Interrupts 0.95 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 2.34 48,968 K 21,556 K 1204 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.64 6,924 K 6,996 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
System 0.75 976 K 55,568 K 4
csrss.exe 0.32 2,756 K 3,592 K 804 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
CinemaNowSvc.exe 0.03 6,424 K 2,256 K 2388 CinemaNow Service Application CinemaNow, Inc. (Verified) Sonic Solutions
chrome.exe 0.08 92,068 K 65,424 K 2892 Google Chrome Google Inc. (Verified) Google Inc
avgidsagenta.exe 0.12 14,836 K 21,056 K 1868 AVG Identity Protection Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
SearchIndexer.exe 0.12 71,760 K 56,580 K 3296 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.07 4,328 K 4,448 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 7.76 28,480 K 26,400 K 1588 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
avgwdsvca.exe 0.01 13,500 K 19,600 K 2268 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgrsa.exe 0.11 17,508 K 39,256 K 400 AVG Resident Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
SearchProtocolHost.exe 0.35 4,444 K 7,596 K 5436 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.05 43,288 K 69,992 K 4352 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 1.40 14,832 K 10,076 K 1328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.01 1,976 K 2,040 K 752 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 10,824 K 10,384 K 4148 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 74,140 K 28,604 K 3144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe < 0.01 2,236 K 1,748 K 928 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.01 7,588 K 6,688 K 1944 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
sftlist.exe 0.01 6,928 K 3,844 K 3464 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
HPSA_Service.exe 0.01 29,200 K 5,008 K 1696 HP Support Assistant Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
SynTPEnh.exe < 0.01 7,620 K 2,796 K 2172 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
avgui.exe < 0.01 7,664 K 10,600 K 2120 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
svchost.exe 0.23 16,712 K 10,308 K 1448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WR_Tray_Icon.exe 2,044 K 820 K 3932 Tweaking.com - Windows Repair Tray Icon Tweaking.com (Verified) Tweaking LLC
WmiPrvSE.exe 3,024 K 4,480 K 4588 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,664 K 6,732 K 4776 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,384 K 1,768 K 852 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,312 K 548 K 812 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 53,940 K 44,544 K 4180 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,940 K 1,788 K 3900 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
System Idle Process 0 K 24 K 0
SynTPHelper.exe 1,132 K 500 K 3084 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 3,628 K 4,344 K 380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.17 20,708 K 11,812 K 1040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 96,220 K 78,412 K 1072 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 2,316 K 2,052 K 1232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,316 K 1,960 K 1908 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,712 K 996 K 1924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,464 K 608 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,636 K 904 K 1248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,304 K 1,924 K 4848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 6,120 K 2,880 K 1636 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 376 K 332 K 288 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 1,292 K 524 K 1820 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
services.exe 0.07 6,148 K 5,176 K 912 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 0.02 2,320 K 6,344 K 4980 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
RtVOsdService.exe 19,480 K 1,732 K 3104 RtVOsdService Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtVOsd.exe 2,204 K 4,956 K 2988 Realtek OSD for Volume/Mute Realtek Semiconductor Corp. (No signature was present in the subject) Realtek Semiconductor Corp.
RtkNGUI64.exe 8,984 K 1,600 K 2188 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,472 K 7,516 K 5096 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
mDNSResponder.exe < 0.01 1,948 K 2,364 K 2348 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsass.exe 0.38 4,796 K 5,576 K 920 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
igfxpers.exe 2,168 K 3,224 K 2828 persistence Module Intel Corporation (Verified) Intel Corporation
HPWMISVC.exe 1,084 K 504 K 1360 HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
HPWA_Service.exe 43,300 K 13,268 K 4672 HPPA_Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
hpqwmiex.exe 2,844 K 1,608 K 1932 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hkcmd.exe 2,368 K 1,620 K 2816 hkcmd Module Intel Corporation (Verified) Intel Corporation
GWX.exe 3,628 K 2,388 K 2304 GWX Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 7,252 K 2,240 K 3320 Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
ctfmon.exe 2,012 K 720 K 3552 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 65,204 K 47,016 K 2376 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,500 K 1,224 K 2552 Google Chrome Google Inc. (Verified) Google Inc
avguix.exe 11,396 K 7,424 K 2076 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgsvca.exe 6,944 K 8,868 K 2032 AVG Service Process AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgemca.exe 2,608 K 1,844 K 3580 AVG E-mail Scanner AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
avgcsrva.exe 0.87 14,808 K 204,472 K 480 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
armsvc.exe 1,112 K 500 K 1768 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AERTSr64.exe 736 K 360 K 1832 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics



Image Name: System Idle Process
PID: 0
Services: N/A

Image Name: System
PID: 4
Services: N/A

Image Name: smss.exe
PID: 288
Services: N/A

Image Name: avgrsa.exe
PID: 400
Services: N/A

Image Name: avgcsrva.exe
PID: 480
Services: N/A

Image Name: csrss.exe
PID: 752
Services: N/A

Image Name: csrss.exe
PID: 804
Services: N/A

Image Name: wininit.exe
PID: 812
Services: N/A

Image Name: winlogon.exe
PID: 852
Services: N/A

Image Name: services.exe
PID: 912
Services: N/A

Image Name: lsass.exe
PID: 920
Services: KeyIso
SamSs

Image Name: lsm.exe
PID: 928
Services: N/A

Image Name: svchost.exe
PID: 380
Services: DcomLaunch
PlugPlay
Power

Image Name: svchost.exe
PID: 772
Services: RpcEptMapper
RpcSs

Image Name: svchost.exe
PID: 1040
Services: AudioSrv
Dhcp
eventlog
HomeGroupProvider
lmhosts
wscsvc

Image Name: svchost.exe
PID: 1072
Services: AudioEndpointBuilder
HomeGroupListener
Netman
PcaSvc
SysMain
TabletInputService
TrkWks
UxSms
Wlansvc

Image Name: svchost.exe
PID: 1100
Services: EventSystem
fdPHost
FontCache
netprofm
nsi
WdiServiceHost

Image Name: svchost.exe
PID: 1124
Services: Appinfo
BITS
Browser
EapHost
IKEEXT
iphlpsvc
LanmanServer
MMCSS
ProfSvc
Schedule
seclogon
SENS
ShellHWDetection
Themes
Winmgmt
wuauserv

Image Name: svchost.exe
PID: 1232
Services: gpsvc

Image Name: svchost.exe
PID: 1328
Services: CryptSvc
Dnscache
LanmanWorkstation
NlaSvc
TermService

Image Name: svchost.exe
PID: 1448
Services: BFE
DPS
MpsSvc
WwanSvc

Image Name: spoolsv.exe
PID: 1636
Services: Spooler

Image Name: armsvc.exe
PID: 1768
Services: AdobeARMservice

Image Name: AERTSr64.exe
PID: 1832
Services: AERTFilters

Image Name: avgidsagenta.exe
PID: 1868
Services: AVGIDSAgent

Image Name: taskhost.exe
PID: 1944
Services: N/A

Image Name: avgsvca.exe
PID: 2032
Services: avgsvc

Image Name: dwm.exe
PID: 1204
Services: N/A

Image Name: explorer.exe
PID: 1588
Services: N/A

Image Name: SynTPEnh.exe
PID: 2172
Services: N/A

Image Name: RtkNGUI64.exe
PID: 2188
Services: N/A

Image Name: avgwdsvca.exe
PID: 2268
Services: avgwd

Image Name: GWX.exe
PID: 2304
Services: N/A

Image Name: mDNSResponder.exe
PID: 2348
Services: Bonjour Service

Image Name: CinemaNowSvc.exe
PID: 2388
Services: CinemaNow Service

Image Name: svchost.exe
PID: 2568
Services: FDResPub
SSDPSRV
upnphost
wcncsvc

Image Name: hkcmd.exe
PID: 2816
Services: N/A

Image Name: igfxpers.exe
PID: 2828
Services: N/A

Image Name: avguix.exe
PID: 2076
Services: N/A

Image Name: avgui.exe
PID: 2120
Services: N/A

Image Name: HPWMISVC.exe
PID: 1360
Services: HPWMISVC

Image Name: svchost.exe
PID: 1180
Services: LPDSVC

Image Name: sftvsa.exe
PID: 1820
Services: sftvsa

Image Name: svchost.exe
PID: 1924
Services: stisvc

Image Name: svchost.exe
PID: 3144
Services: WinDefend

Image Name: SearchIndexer.exe
PID: 3296
Services: WSearch

Image Name: sftlist.exe
PID: 3464
Services: sftlist

Image Name: taskeng.exe
PID: 3900
Services: N/A

Image Name: WR_Tray_Icon.exe
PID: 3932
Services: N/A

Image Name: avgnsa.exe
PID: 3024
Services: N/A

Image Name: avgemca.exe
PID: 3580
Services: N/A

Image Name: CVHSVC.EXE
PID: 3320
Services: cvhsvc

Image Name: ctfmon.exe
PID: 3552
Services: N/A

Image Name: svchost.exe
PID: 4848
Services: p2pimsvc
p2psvc
PNRPsvc

Image Name: svchost.exe
PID: 1908
Services: PolicyAgent

Image Name: SynTPHelper.exe
PID: 3084
Services: N/A

Image Name: wmpnetwk.exe
PID: 4148
Services: WMPNetworkSvc

Image Name: WmiPrvSE.exe
PID: 4588
Services: N/A

Image Name: svchost.exe
PID: 1248
Services: SDRSVC

Image Name: HPSA_Service.exe
PID: 1696
Services: HP Support Assistant Service

Image Name: HPWA_Service.exe
PID: 4672
Services: HP Wireless Assistant Service

Image Name: RtVOsdService.exe
PID: 3104
Services: RtVOsdService

Image Name: RtVOsd.exe
PID: 2988
Services: N/A

Image Name: hpqwmiex.exe
PID: 1932
Services: hpqwmiex

Image Name: TrustedInstaller.exe
PID: 4180
Services: TrustedInstaller

Image Name: chrome.exe
PID: 4352
Services: N/A

Image Name: chrome.exe
PID: 2552
Services: N/A

Image Name: chrome.exe
PID: 2376
Services: N/A

Image Name: chrome.exe
PID: 2892
Services: N/A

Image Name: SearchProtocolHost.exe
PID: 5436
Services: N/A

Image Name: WmiPrvSE.exe
PID: 4776
Services: N/A

Image Name: SearchFilterHost.exe
PID: 3040
Services: N/A

Image Name: audiodg.exe
PID: 4556
Services: N/A

Image Name: cmd.exe
PID: 3480
Services: N/A

Image Name: conhost.exe
PID: 6112
Services: N/A

Image Name: tasklist.exe
PID: 3528
Services: N/A
  • 0

Advertisements


#41
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
OK this is the one.
 
Image Name: svchost.exe
PID: 1124
Services: Appinfo
BITS
Browser
EapHost
IKEEXT
iphlpsvc
LanmanServer
MMCSS
ProfSvc
Schedule
seclogon
SENS
ShellHWDetection
Themes
Winmgmt
wuauserv
 
There are three riding on this that tend to be problems:
 
BITS - Background Intelligent Transfer Service 
Winmgmt -  Windows Management Instrumentation
wuauserv -  Windows Update
 
If you search for
 
services.msc 
 
and hit Enter it should open up the services menu.  Try to Stop each of the three services and then check on Process Explorer to see if the amount of CPU used by the svchost suddenly drops after stopping a service.
 
Driving back to Colorado from Florida over the next 4 days so expect delays.

  • 0

#42
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Not a problem, i appreciate all your help. stopped and checked each one and the one that dropped cpu usage was the win update
  • 0

#43
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

I wonder if it is trying to download windows 10?  That can take forever.  If you go in to Control Panel (View: Large Icons) and select Windows Update does it have anything for you?  Have it check for updates 


  • 0

#44
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

It's not trying windows ten, but it is trying to update windows constantly. Unfortunately, eighty percent of them fail. other times it'll show it was successful but upon checking the update history it shows it's failed. or better yet, windows has never checked nor had an update. So, I'm not sure what to believe when it comes to the update department. yesterday 18 critical updates failed, today it shows there is only one important update to do, Malicious Software Removal Tool x64 - July 2016 (KB890830)  I have just started the update and will let you know how it goes. 


  • 0

#45
varylou

varylou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Well, it is saying that it succesfully installed that update and now there are 11 more updates, So lets try these again, maybe this time they'll install.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP