As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
Services.exe constantly using 1.52% of CPU
Fort1tude
Registered User regular
Registered User regular
Windows xp home, service pack 3
I have suddenly noticed that services.exe is constantly using a little bit of CPU, it jumps to 2ish% every once in awhile but mostly stays at 1.52%
I have no other signs of infection
Using process explorer i have determined that it is either Event Log or Plug and Play (hovering my mouse over services.exe tells me that services.exe is only handling these two)
rootkitrevealer doesnt turn up anything suspicious (i think)
avast turns up nothing
where should I go from here?
I have suddenly noticed that services.exe is constantly using a little bit of CPU, it jumps to 2ish% every once in awhile but mostly stays at 1.52%
I have no other signs of infection
Using process explorer i have determined that it is either Event Log or Plug and Play (hovering my mouse over services.exe tells me that services.exe is only handling these two)
rootkitrevealer doesnt turn up anything suspicious (i think)
avast turns up nothing
where should I go from here?
Steam ID - Fort1tude
Fort1tude on
0
Posts
Infection sounds unlikely based on what you've already looked at, though I will admit that rootkits are nasty, horrid things I have a hard time analyzing. There are some second opinion type scanners you can look into if you really want to.
i am always interested in other scanning programs though
The first I'd recommend would be Malwarebytes Antimalware. The free version is an on demand, rather than on-access, scanner, so it should play nice with avast installed. If you really want to dig deep you can try running it in safe mode.
The other, deeper scanner I'd recommend if you're truly concerned about rootkits is Hitman Pro. It's a cloud-based scanner that uses several different engines to analyze your files after uploading them to the cloud. Scanning is free, but removal is not. It comes with a 30-day free trial, which only activates after the first removal (not scan), though. I'm not so well versed with Hitman as MBAM, but for a while Hitman was doing really well targetting rootkits.
Shameless Edit: We've also got a bit of a list of scanners (Antivirus, Antimalware, Anti-Rootkit) over in the Computer Security thread, if you want to take a look. I'd suggest starting with MBAM above all others, since it has an awesome track record, but if you find yourself wanting other options it's a good place to start.
trying it now
now the services.exe is jumping around erratically to 2.94% and back to 1.52
looking under the threads tab inside its properties it says "kernel32.dll!createthread+0x22" is what is using all the CPU usage
i have a vague understanding of threads so i dont know how to interpret this
EDIT: i was mistaken, apparently i didnt change the setting so it wasnt actually removed the first time, so its suddenly jumping around for some other reason
Chances are the file it found might've been a false positive. If what I've read is correct, Hitman tends to be a little overzealous sometimes. If only one engine detected it, I wouldn't worry. Or you can upload it to VirusTotal if you really want.
Doing some googling about "kernel32.dll!createthread+0x22", though, seems to return a lot of results. Many have similar issues, only see up to 100% CPU usage! There's a thread over on the Nvidia forums, and the ultimate conclusion was:
I'll admit that I've only a very, very dim understanding of this, myself. I may not be of much use, but I sure hope the issue resolves for you soon.
i was fiddling with process explorers update speed, and noticed a correlation between the speed at which i set it to update and the amount of CPU used
so for whatever reason that influences it now, it didnt do it before but i am not worried about it anymore