Need more help :D

There are many different operating systems; which one will you choose?

Need more help :D

Post by feenixb1o7 on Fri Sep 12, 2008 9:14 am
([msg=11483]see Need more help :D[/msg])

I don't know if this should really go in here but it's the only forum I thought was slightly relavent, When I boot up my PC everything is fine for a few minutes but after a while everything starts to lag out, so I open up task manager to see whats going on, I find that one of my "SVCHost.exe" apps is running at anywhere from 80-95% of my CPU resources... I used "processexplorer" to see which programs are running under it and it is mostly my windows theme, my volume controll and audio mixers and some other random system programs. If I end the program everything goes back to normal although sometimes my theme dissappears leaving me with the windows classic view (the horrible grey boxes like 98 had) but my system keeps running, also my volume controll no longer works and if I load a video in VLC it has no sound. Can anyone tell me why this is doing it?
feenixb1o7
New User
New User
 
Posts: 14
Joined: Sun Sep 07, 2008 6:10 pm
Blog: View Blog (0)


Re: Need more help :D

Post by leonidas_heaven on Fri Sep 12, 2008 10:06 am
([msg=11486]see Re: Need more help :D[/msg])

Simply that's a virus the process you mentioned is ("svchost.exe") not :twisted: "SVCHost.exe" :twisted: .you should open task manager and see whether the process is running with your username like "explorer.exe" - Leonidas or is it running with the username "system".If it is running under your username then 95 % it is a virus.And if it is Running under "system" then also it could be a virus..but you have to do some more tests.You can search your system32 folder for the name "SVCHost.exe". if you find it try to delete it.If you can't delete or if it says "Access denied".Restart your computer in safe mode than you can surely delete that on...

And if you know about REG EDIT you can also remove the entries made by that virus..or just try "msconfig" at run and see if u find any suspected file running at start up...

I hope this much will help you...

One more thing you didn't post at the right position you can post under malware section in forums....i have a good experience dealing with more than 10,000 of these types ...have fun
Challenges are not meant to be taken easily,rather they are meant to be taken Seriously
leonidas_heaven
Experienced User
Experienced User
 
Posts: 66
Joined: Sun Jun 01, 2008 5:20 am
Location: Uttarakhand,India
Blog: View Blog (0)


Re: Need more help :D

Post by pompalomp2 on Fri Sep 12, 2008 10:09 am
([msg=11487]see Re: Need more help :D[/msg])

DO NOT DELETE THIS FILE!!!!

Although he is right in the fact that it could be a virus do not do anything without being certain. Also do not follow his instructions as they may cause more harm than good.

If you want more info about SVChost.exe you can look at these links:

See here for details:http://www.liutilities.com/products/wintaskspro/processlibrary/svchost/
also look here: http://www.processlibrary.com/directory/files/svchost/24778/

If you are think you have a virus i recommend going here:
http://icrontic.com/forum/forumdisplay.php?f=57 and posting your problems

The people on this site have undergone months of training which is more than i can say for leonidas_heaven. Please read the rules about posting, be patient and remember that they are doing this out of the kindness of their hearts.

As a final note you should have posted this in the malware section.

If an administrator could move this to the correct location i would be grateful.

Regards,

Pompalomp
Pompalomp
pompalomp2
New User
New User
 
Posts: 14
Joined: Fri Sep 12, 2008 7:32 am
Blog: View Blog (0)


Re: Need more help :D

Post by leonidas_heaven on Sat Sep 13, 2008 2:24 am
([msg=11542]see Re: Need more help :D[/msg])

Hey pompalomp2
I have not forced him to follow my instructions and moreover i have said him to make certain test to confirm whether it is a virus or not.And after that he could perform deletion of that file..
you have provided some link that does not mean that i would apologize for what i have said..whatever i have said is good to my knowledge ..

The people on this site have undergone months of training which is more than i can say for Leonidas_heaven


For this i would like to say yes there are many on this site who have a good & more knowledge than me.But for some particular thing i have a good knowledge.
Challenges are not meant to be taken easily,rather they are meant to be taken Seriously
leonidas_heaven
Experienced User
Experienced User
 
Posts: 66
Joined: Sun Jun 01, 2008 5:20 am
Location: Uttarakhand,India
Blog: View Blog (0)


Re: Need more help :D

Post by pompalomp2 on Sat Sep 13, 2008 10:29 am
([msg=11585]see Re: Need more help :D[/msg])

leonidas_heaven

You have told him to check if it's a virus but you haven't really given DETAILED instructions. If he deletes this file himself he can cause a huge amount of damage. also there are quite a few different types of malware related to SVChost
see here for a few of them:

http://www.processlibrary.com/search/?q=svchost.exe

As you can see the first in the list shows that svchost.exe is legitimate and is used to control alot of things in windows such some of the visual affect which is why feenixb1o7 complains that when he ends the process he loses some of the visual affects. Also you can see that the list includes quite a few infections including bitfrose, trojan.downloaders and backdoor trojans. The removal instructions for these are different and you can't really give a blanket fix for all of them. There is also the possibility that if it is a trojan downloader then he may have multiple infections on his system which will need to be fixed.

And if you know about REG EDIT you can also remove the entries made by that virus..or just try "msconfig" at run and see if u find any suspected file running at start up...

even though you have said to use regedit if he knows what he is doing. By the sound of the origional post it sounds like he doesn't and even suggesting reg edit is very dangerous.
I have a good experience dealing with more than 10,000 of these types ...have fun


Any chance of seeing any links to these logs?

Regards,

Pompalomp
Pompalomp
pompalomp2
New User
New User
 
Posts: 14
Joined: Fri Sep 12, 2008 7:32 am
Blog: View Blog (0)


Re: Need more help :D

Post by Bv202 on Sat Sep 13, 2008 11:12 am
([msg=11599]see Re: Need more help :D[/msg])

You can search your system32 folder for the name "SVCHost.exe". if you find it try to delete it.If you can't delete or if it says "Access denied".Restart your computer in safe mode than you can surely delete that on...


Lol. If he manages to delete that file, he'll be in big trouble :lol:
Like Pompalomp2 said, get to a forum where you can get REAL help with malware related problems. Don't follow the advice from Leonidas. Also don't try to edit things in REGEDIT by yourself, if your not experienced with it, you'll get in trouble ;)
Bv202
New User
New User
 
Posts: 6
Joined: Sat Sep 13, 2008 11:08 am
Blog: View Blog (0)



Return to Operating Systems

Who is online

Users browsing this forum: No registered users and 0 guests

cron