AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > Data Security

Data Security Viruses, Firewalls and Safe computing


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 2nd October, 2004, 05:55 PM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

Unhappy whats this (scvhost.exe)

i have try'd removeing it by the (regedit) but it just jams up my windows xp. i was just going to start to instille a new copy of xp when i sew the repair so i did that and now it is working on all windows xp (but very slowstart up) plus games r ok but it is still in the WTeskM under processes i have all so tryed ending tesk but then i have got 60 secs to stop windows restarting but thats not a problam i can stop that with cmd command but when i restarts the pc it's back there any help on this please !!!!!!!

i have got 2 svchost.exe-------------as system

also got 1 showing up as network plus 1 as local

i have got a cable 1.5meg internet

i some times uses a linksys network router i think it got though there as both pc as got this in the wteskm under processes???????????????hlpe please!!!!!
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 2nd October, 2004, 06:32 PM
danrok's Avatar
AOA Staff
 
Join Date: March 2003
Location: Great Britain
Posts: 18,917

It's supposed to be there and usually more than once.
__________________
Desktop PC: AMD FX-8370E / Asus M5A99X Evo R2.0 Motherboard / 16GB DDR3 RAM / GeForce GTX 970
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 2nd October, 2004, 07:29 PM
XeroHouR's Avatar
Member/Contributer
 
Join Date: March 2004
Location: Osceola/Muncie IN
Posts: 1,264

when I had c2.lop*the worst spyware virus of all time* it caused that to crash. Essentially the functions I lost were Copy, Paste, cut, browsers wouldn't close etc. I think its a windows function utility...idk why it has more than one instance though.
__________________
Sony Vaio SZ220
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 2nd October, 2004, 08:22 PM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

well when i seach on the net it says that it is a virus but it is class as a low risk to the system and it uses the internet to get around on to othere system?????
i have scanned my pc with pc-cillin and it do not show any virus i think i'l have to get on to my isp to see if there knows why my internet is slow????

thxs for the help
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 2nd October, 2004, 09:12 PM
danrok's Avatar
AOA Staff
 
Join Date: March 2003
Location: Great Britain
Posts: 18,917

Hold on, do you mean svchost or scvhost?
__________________
Desktop PC: AMD FX-8370E / Asus M5A99X Evo R2.0 Motherboard / 16GB DDR3 RAM / GeForce GTX 970
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 3rd October, 2004, 04:59 PM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

svchost.exe
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 3rd October, 2004, 10:09 PM
danrok's Avatar
AOA Staff
 
Join Date: March 2003
Location: Great Britain
Posts: 18,917

svchost.exe is a valid windows process, but scvhost.exe is a virus.
__________________
Desktop PC: AMD FX-8370E / Asus M5A99X Evo R2.0 Motherboard / 16GB DDR3 RAM / GeForce GTX 970
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 4th October, 2004, 12:05 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

If it's svchost.exe, then it's a legitimate program. SvcHost is used as a "wrapper", and keeps a number of essential services running.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 8th October, 2004, 09:29 PM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

it's just like this = svchost.exe. how can i get it off my pc????????please qny help will do ??????
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 8th October, 2004, 09:56 PM
danrok's Avatar
AOA Staff
 
Join Date: March 2003
Location: Great Britain
Posts: 18,917

Like Aedan says, it's an essential part of windows.

Perhaps, a fresh install is called for?
__________________
Desktop PC: AMD FX-8370E / Asus M5A99X Evo R2.0 Motherboard / 16GB DDR3 RAM / GeForce GTX 970
AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #11 (permalink)  
Old 8th October, 2004, 10:01 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Quote:
Originally Posted by sasrob
it's just like this = svchost.exe. how can i get it off my pc?
svchost.exe is an essential part of Windows. Without svchost.exe running, you will lose the ability to use copy and paste, login, communicate with other computers, run programs and a whole bunch of other things. If you manage kill off the copy of svchost.exe that is dealing with RPC, then you will find that your computer rapidly grinds to a halt, as programs rely on RPC to communicate with each other. If you set the machine up so that RPC does not start, then you will no longer be able to boot the machine up again.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 9th October, 2004, 05:36 PM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

well my pc is running very slow and i have not seen this program be4 ???????
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #13 (permalink)  
Old 9th October, 2004, 06:13 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

svchost.exe has always been there; RPC runs as svchost, and you've already found out what happens if RPC dies. That's why your machine gave you the reboot in 60 seconds!

Check your event log and see if there's anything logged in there. The event log can be found in control panel -> Administrative Tools -> Event Viewer.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #14 (permalink)  
Old 11th October, 2004, 06:58 AM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

well what will i be looking for then ??????in the event viewer????


u r saying that it is a system processes but why have i got it under network service and local service plus i have got 2 under system?????
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #15 (permalink)  
Old 11th October, 2004, 10:25 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Anything that indicates an error basically. You'd be best looking in the System and Application logs.

Just for comparison, I have four svchost.exe instances on my machine. Two are running as SYSTEM, one is running as NETWORK SERVICE and one is running as LOCAL SERVICE. There is more information on what svchost.exe does on Microsoft's website.

Running tasklist /svc in a command window on my machine tells me that the following tasks are running under svchost:
Code:
svchost.exe                  848 RpcSs
svchost.exe                  872 AudioSrv, Browser, CryptSvc, Dhcp, ERSvc,
                                 EventSystem, helpsvc, HidServ, Irmon,
                                 lanmanserver, lanmanworkstation, Messenger,
                                 Netman, Nla, RasMan, Schedule, seclogon,
                                 SENS, SharedAccess, ShellHWDetection,
                                 srservice, TapiSrv, TermService, Themes,
                                 TrkWks, uploadmgr, W32Time, winmgmt,
                                 wuauserv, WZCSVC
svchost.exe                 1216 Dnscache
svchost.exe                 1240 Alerter, LmHosts, RemoteRegistry, SSDPSRV,
                                 WebClient
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #16 (permalink)  
Old 13th October, 2004, 07:28 AM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

thxs aedan do any 1 know any virus that use the internet alot?? as my 1.5 meg is running very slow??? plus this svchost.exe under system is useing over 30.200k of my mem usage???
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #17 (permalink)  
Old 13th October, 2004, 10:29 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

A virus isn't the only reason for an internet connection to be running slowly.

It might be worth monitoring the traffic on the network connection, to see if anything is actually going in and out when you're not using the machine. If you open up network connections, and then rightclick on the connection, you can see the "status", which will give you the activity. If there's not much activity there, then it's probably not caused by anything on your machine.

As far as the svchost.exe goes, most machines I've come across are using at least 30meg for it. That seems to be normal
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #18 (permalink)  
Old 13th October, 2004, 02:08 PM
sasrob's Avatar
Member
 
Join Date: March 2004
Location: BRISTOL UK
Posts: 445

sent=190.511 received 351.013 what would u say this activity is like then i'm not to sure i'v got the UK telewest blueyonder (http://www.blueyonder.co.uk/blueyond...age=bbs_faster) i pay for the 35 pounds hope some 1 can help !!!!!!!
__________________


sabertooth 990FX
amd FX8350 @4.2ghz
16GB 1600mhz hyperX ram
AMD HD7970 3GB asus DCPC graphics
hyperX 120GB SSD
WD 320GB hard drive
1TB,500GB working over usb3
corsair HX850 psu
aerocool cyclone black case
window 8.1
asus monitor 24" 1920x1200 res.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #19 (permalink)  
Old 13th October, 2004, 02:14 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

What you're looking for is the rate of change over time; IE, see how many packets flow out or in for a period of, say, five minutes. Try not to use the machine for anything like downloading or checking mail for those five minutes to minimise any activity you cause on the network.

That way you can see if any unexpected behaviour is happening.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #20 (permalink)  
Old 14th October, 2004, 08:29 AM
chrisbard's Avatar
Benchmarker
 
Join Date: March 2003
Location: Earth
Posts: 8,252
Send a message via Yahoo to chrisbard

"plus this svchost.exe under system is useing over 30.200k of my mem usage???"
Hi Sasrob,

don't bother about SVCHOST again, is has to be there and sometimes is using a lot of memory and that is normal! What is to be done in your case is a fresh install. That's just what I do. I'd save my work and reinstall a clean XP.

Chris
__________________
I've heard that linux community came up with better implemented security in it's latest Linux Mint Gold version, it's actually preventing the user to log in, thus posing 0 risk in contamining the computer with malware! Well done to the open source community!


Last edited by chrisbard; 14th October, 2004 at 09:37 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
whats this? calgar General Hardware Discussion 13 9th June, 2005 06:22 PM
whats EA up to!!!!!!! sasrob GAMES! OH YEAH! 1 1st August, 2004 07:43 PM
Whats Better mental AMD Motherboards & CPUs 3 6th September, 2003 12:50 PM
Whats up here? The Spyder General Hardware Discussion 4 7th June, 2003 01:04 PM
whats Going on !?!?!??! CaesaR CRASHED! 1 31st July, 2002 03:53 AM


All times are GMT +1. The time now is 06:46 AM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0