Svchost and Svchost.exe - Crashs, CPU maximization, viruses, exploits and more.

Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.

skay: I'd be tempted to block both directions.

doyle: you'll have to restore from your installation disk, or copy it back from another system.

Just one further clarification, Leo. I understand the need to block both directions - incoming and outgoing. As well as blocking for UDP and TCP. What I was asking about was whether or not I needed to block both LOCATIONS - remote and local ports. Maybe that's what you meant when you said you'd be tempted to block both directions. But I wasn't sure. TIA again. :-)

Ah... local. You're protecting yourself from incoming connections.

I installed the security updates, in safe mode and in normal but svchost still took up 50% of my processing power. (I'm thinking it probably would take up 100% but I have a hyperthreading processor, maybe that's why)

Then I used the awesome process explorer program and I went to the properties of the svchost that was taking up 50% of my processing power and found that there was a thread with the start address of kernel32.dll!RegisterWaitForInputIdle+0x4a or something like that. In fact there were two of those threads with that start address (at least they were very similar). Only one of them was taking up 50$ of the cpu. I killed the thread because I was so impatient to use the computer and now it seems to work, but of course this is a temporary fix. Do you know anything about that thread or what I should do about it?

Look at the properties for that instance of svchost and see what system service it's providing.

It's providing a lot of system services, and they all look pretty legit.

AudioSrv, BITS, Browser, CryptSvc, Dhcp, ERSvc, EventSystem, FastUserSwitchingCompatibility, helpsvc, lanmanserver, lanmanworkstation, Netman, Nla, RasMan, Schedule, seclogonSENS, SharedAccess, ShellHWDetection, TapiSrv, TermService, Themes, TrkWks, W32Time, winmgmt, wuauserv, WZCSVC

I'm running windows sp1. The only service without a description in Process Explorer is ShellHWDetection.

Thanks

Any particular reason you're not at sp2? That's one of the highly recommended approaches to dealing with these issues. This article has the steps to take for a successfull install: http://ask-leo.com/will_sp2_crash_my_machine.html

SP1 slowed down my machine, and I'm fearing that SP2 will slow it down further. Also, that security center seems pretty annoying.

Like most people who haven't installed SP2, I'm scared that some of my programs won't work, especially the multiplayer components of older games, like Red Alert 2 (even when the firewall is turned off).

I'm pretty sure the reaon I got this... malfunction... is because I was online without my ZoneAlarm firewall on (I just ugpraded and I didn't want to restart the computer).

So I tried to install service pack 2, and it failed so I eneded the task (normally, without end process) and when I restarted the computer it was trying to roll back the cahnges, then after the next restart after logging in, it said that Service Pack 2 did not install successfully and that the system was in an unstable state and that I had to uninstall SP2 using add/remove. After I clicked ok the computer crashed and restarted before the start menu appeared (or anything else)...

To post a comment on "Svchost and Svchost.exe - Crashs, CPU maximization, viruses, exploits and more.", please return to that article's main page.