svchost.exe + NTDLL.DLL Causing high CPU Usage

Page 2 of 6 FirstFirst 1234 ... LastLast

  1. H2SO4
    Posts : 1,377
    Win7x64
       New #11

    Satanical Eve said:
    It just started doing it again. svchost.exe is at 49% right now. ntdll.dll!Tppworkerthread is at 48%. I have disabled most all of my PNP devices. My capture card is disabled and its not causing the issue. Im frustrated as to what device or thing is causing this.

    I had to restart the PC because it stopped doing it for a minute or so then suddenly spiked back up. I don't know if it has to do with the PNP devices I have or if its the Power portion underneath svchost
    Can you paste the stack of the offending thread now that you've configured ProcExp with the symbol path?
      My Computer
    Quote Quote

  3. seekermeister
    Posts : 6,618
    W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
       New #12

    It is not clear to me, everything that you said that you disabled is hardware. Did you disable all of the items that I mentioned in msconfig's startup tab? You might also install StartupCPL so that you can disable software items that are intialized by registry entries also.
      My Computer
    Quote Quote

  4. Satanical Eve
    Posts : 45
    Windows 7 Professional 64 BIT
    Thread Starter
       New #13

    ntdll.dll!TPPWaiterpthread
    Threads for it
    ntoskrnl.exe!KiSwapContext+0x7a
    ntoskrnl.exe!KiCommitThreadWait+0x1d2
    ntoskrnl.exe!KeWaitForSingleObject+0x19f
    ntoskrnl.exe!KiSuspendThread+0x54
    ntoskrnl.exe!KiDeliverApc+0x211
    ntoskrnl.exe!KiCommitThreadWait+0x3dd
    ntoskrnl.exe!KeWaitForMultipleObjects+0x271
    ntoskrnl.exe!ObpWaitForMultipleObjects+0x294
    ntoskrnl.exe!NtWaitForMultipleObjects+0xe5
    ntoskrnl.exe!KiSystemServiceCopyEnd+0x13
    ntdll.dll!NtWaitForMultipleObjects+0xa
    ntdll.dll!TppWaiterpThread+0x14d
    kernel32.dll!BaseThreadInitThunk+0xd
    ntdll.dll!RtlUserThreadStart+0x1d
    -----------------------------------------------

    For startup. I booted up with the minimum needed to run Windows and I still had the issue. I was wondering I have a Logitech EX110 series wireless keyboard and mouse, Could that be possibly causing the issue. Because if I totally disable svchost. The volume buttons on the keyboard do not work. Could that be the culprit all along or am I just looking in the wrong direction. Since the keyboards multimedia functions are running on the same svchost where the uh problem with the spike happens and I do notice when I use them my cpu does spike up to around 35-40%
      My Computer
    Quote Quote

  6. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #14

    Logitech likes to "call home" ....

    My curiosity is getting the best of me. I'd like to see a HJT log, please.
    Download HijackThis!
    HijackThis - Trend Micro USA

    Run as Administrator, save the log (it will be on a notepad.txt) and post it here please.
      My Computer
    Quote Quote

  7. logicearth
    Posts : 5,642
    Windows 10 Pro (x64)
       New #15

    Could try a simple keyboard and mouse, just to make sure it is not the current set.
      My Computer
    Quote Quote

  8. Satanical Eve
    Posts : 45
    Windows 7 Professional 64 BIT
    Thread Starter
       New #16

    Here you go guys.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:11:32 PM, on 11/10/2009
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\ooVoo\ooVoo.exe
    C:\Program Files (x86)\MagicDisc\MagicDisc.exe
    C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\mIRC\mirc.exe
    D:\dvbot\mirc.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Winamp\winamp.exe
    C:\Program Files (x86)\EvilLyrics\EvilLyrics.exe
    C:\Program Files (x86)\Last.fm\LastFM.exe
    C:\Program Files (x86)\MSI\TV@Anywhere Plus\PVR Plus\TVPlus.exe
    C:\Program Files (x86)\Pidgin\pidgin.exe
    C:\processexplorer\procexp.exe
    C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [oovoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
    O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Protocol: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files (x86)\NavNetApp\ComUtilities.dll
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: GB-PVR Recording Service - WelltonWay - C:\Program Files (x86)\Devnz\GBPVR\GBPVRRecordingService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10630 bytes


    Thats the whole entire log file
      My Computer
    Quote Quote

  10. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #17

    Did you install the "Ask Toolbar" on purpose? It does send and download advertizing to your computer ... I would uninstall it, then delete this folder:
    C:\Program Files\Ask.com

    You have quite a bit of Logitech running ... Go into services and set all instances to 'manual' (see if this helps the high CPU usage)

    Rescan with HJT and place a check mark next to these items:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com Search Engine - Better Web Search

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - Global Startup: Logitech SetPoint.lnk = ?

    Click 'fix checked' then exit out of HJT.

    Reboot and see if you're running any better.
      My Computer
    Quote Quote

  11. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #18

    You might also be interested in this (doesn't sound good to me :
    EVILLYRICS.EXE (Derivative 1668831821), Prevx
      My Computer
    Quote Quote

  12. Satanical Eve
    Posts : 45
    Windows 7 Professional 64 BIT
    Thread Starter
       New #19

    Jacee said:
    You might also be interested in this (doesn't sound good to me :
    EVILLYRICS.EXE (Derivative 1668831821), Prevx
    Thats just a winamp lyrics addon. It browses for lyrics to songs. Been using it since 2002 but I removed it.

    I also removed all the other stuff you checkmarked. Hopefully that'll fix it. I'll check back later if and when it starts acting up again. If it continues to work fine into tomorrow morning Ill come back and say its resolved
      My Computer
    Quote Quote

  13. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #20

    Thanks, I'd appreciate it one way or the other .... we could find that the problem still exists and try a couple of other things :)
      My Computer
    Quote Quote

 
Page 2 of 6 FirstFirst 1234 ... LastLast

  Related Discussions
High CPU Usage Due to svchost.exe
in Performance & Maintenance

So this problem just happened out of the blue today. I was just browsing with my desktop and it just so happens that I noticed the jittery/laggy movement of my cursor occasionally. So I checked the Task Manager and noticed that svchost is putting my CPU usage at 50%~75% constantly. The high CPU...
I have had that message a couple of times whilst on the Forum. Haven't noticed it when I am doing anything else. Here's the info I get when I click on more details; Here's a screenshot of Process Explorer which I think indentifies the problem. I'm just not sure what to do to rectify this. ...
To be honest, I started out investigating the wrong thing. This all started because I would have errors in Chrome. The Aww, Snap or It's Dead Jim errors, etc. Or Chrome would just crash and I would relaunch and restore. I did normal Chrome things like check the shockwave and flash files, disable...
i saw this process in task manager svchost.exe causing my system to have 50% cpu load at idle, after i end task it the windows gui desktop turns to classic and returns back to normal. how to fix this btw i have windows xp but i know you encounter or read some of this problems please help me fix...
This problem began yesterday. I noticed my CPU was at 90C constantly with very high CPU usage (>50%). I had no major programs running. I rebooted several times and the program persisted. 1. I went into safe mode and everything was normal. So this rules out hardware issues. 2. I reformatted and...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 23:16.
Find Us