identifying svchost.exe
Started by
rcoups
, Jul 18 2005 04:57 PM
#1
Posted 18 July 2005 - 04:57 PM
#2
Posted 18 July 2005 - 05:01 PM
about 13kb, and it lives in c:\windows\system32
6 instances of svchost.exe is not unusual......it is a generic service host-er...many functions will use it to run.
Why do you think it is a problem?
6 instances of svchost.exe is not unusual......it is a generic service host-er...many functions will use it to run.
Why do you think it is a problem?
#3
Posted 18 July 2005 - 07:46 PM
Because this file is created by so many Trojans and Worms and under Processes in Task Manager the file sizes are: 3,260 k
20,156 k
5,328 k
5,428 k
4,436 k and
6,552 k
and even though I run 1 GB of Ram, these files and opthers are slowing my system down.
20,156 k
5,328 k
5,428 k
4,436 k and
6,552 k
and even though I run 1 GB of Ram, these files and opthers are slowing my system down.
#4
Posted 18 July 2005 - 08:42 PM
you misunderstand...the file it self is 13k...those measurements you are referring to are the processes that run through the svchost generic process.
This is not a sign of infestation...necessarily.
have you gone through the malware detection removal steps?
This is not a sign of infestation...necessarily.
have you gone through the malware detection removal steps?
#5
Posted 18 July 2005 - 08:42 PM
Please go to the malware forum and follow the instructions at the top....Especially the CLICK HERE .
That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.
If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.
That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.
If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.
#6
Posted 18 July 2005 - 08:47 PM
svchost functions a lot like rundll and rundll32 in earlier windows, except in the case of XP, even more so. It loads libraries into RAM memory and it needs to be on standby in memory to do its job. It "hosts" services by putting them into memory.
#7
Posted 19 July 2005 - 02:20 PM
I haven't gone through the malware detection steps listed in this forum yet. I do run SpySweeper, Ad-Aware SE and SpyBot S & D regularly in addition to weekly NAV scans. I was just hoping that the file size of some of the svchost.exe files might point to an infection and I could delete some of them. I will look on sysinfo.org for some of the other processes that are running on my system that I can't identify as legitimate files. Thanks for your input. Apparently the svchost files can be left alone for now.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users