svhost.exe

[bj229r]

I have 11 of these things (XP Pro) Some system...some network...some me (user) Tried closing some at random in Task Manager....2nd one, computer got mad at me, and told me it was shutting down. ("I can't let you do that , Dave")

How does one find out
A: WHY they are there/what are they attributed to
B: which ones can be safely killed

I've got a process on my box that taps my bandwidth every 5-10 seconds (not a virus, according to 2 different programs)--as I get the thing down to about 24 processes, I sort them by cpu usage, and one of the "SVHOST" thingies keeps spiking cpu by 1% or so, at about the same frequency. Teeny little network blurb isnt a problem on high speed, IS on dialup. When the 3G on my Verizon phone is running smooth, I can see the teeny spike on net stat, but it has no real effect on combat, but the 3G thing isn't a permanent answer. (And YES, a steady dialup ping of 250 plays this game FINE, you just can't surf the web on climbout )

[MrRiplEy[H]]

I have 11 of these things (XP Pro) Some system...some network...some me (user) Tried closing some at random in Task Manager....2nd one, computer got mad at me, and told me it was shutting down. ("I can't let you do that , Dave")

How does one find out
A: WHY they are there/what are they attributed to
B: which ones can be safely killed

I've got a process on my box that taps my bandwidth every 5-10 seconds (not a virus, according to 2 different programs)--as I get the thing down to about 24 processes, I sort them by cpu usage, and one of the "SVHOST" thingies keeps spiking cpu by 1% or so, at about the same frequency. Teeny little network blurb isnt a problem on high speed, IS on dialup. When the 3G on my Verizon phone is running smooth, I can see the teeny spike on net stat, but it has no real effect on combat, but the 3G thing isn't a permanent answer. (And YES, a steady dialup ping of 250 plays this game FINE, you just can't surf the web on climbout )

If it's svhost it's most likely a virus. Svchost is a host process for windows functions and is normal. There are viruses/malware that hide behind the svchost also so if your computer is constantly transmitting something somewhere and you don't have skype or similar on - you're most likely infected with some kind of malware.

You can try to do netstat -an several times in a short period of time on your command prompt to see to which ip your computer 'talks to'. You shouldn't have any active 'established' connections if your internet browsers are closed and skype etc. are switched off.

[Bizman]

Download and run Process Explorer by Mark Russinovich. Having multiple svchosts is normal, they cover many Windows tasks and processes. Just a hover on with the mouse on each process will tell you what it hides.
 

[MaSonZ]

Download and run Process Explorer by Mark Russinovich. Having multiple svchosts is normal, they cover many Windows tasks and processes. Just a hover on with the mouse on each process will tell you what it hides.
 

can that be used for 7 too?

[FLOTSOM]

Download and run Process Explorer by Mark Russinovich. Having multiple svchosts is normal, they cover many Windows tasks and processes. Just a hover on with the mouse on each process will tell you what it hides.
 

you beat me to it!!!! great lil program works wonders!!!! that one and hijackthis ae 2 of my favorites!!!

[bj229r]

Thanks guys, I'll give all aspects a whirl when I get back in town

[Drano]

Process explorer will identify all of the things each incidence of svchost is dealing with too, which is handy.

[bj229r]

Unlikely I have a virus, I just never do the kind of stuff that awards you that crap, I never turn on cookies, unless it's to learn them into specific sites like Amazon, then they are 'allowed', and turned back off.....but one never knows. Anyhow, the 'Process Explorer' identified something like 4 or 5 of them as HP crap....which makes sense, as I've gone through 4 or 5 HP printers/scanners, dvd players/ video capture devices over the years, and I'm sure there's a flat ton of drivers, etc still on the box for equipment they will never see. Haven't had any time to log onto AH, will try yet again when I'm back home Friday.

(I'm thinking, there ARE programs that can hunt down obsoleted DLL files and squish them? One of the field guys at work learned that scenario the hard way---powered down a customer's PC, yanked their Nvidia card, (forgot to uninstall its drivers) plunked in an ATI, got it working, drove 200 miles home, to find out you CAN'T uninstall the drivers for the old card unless said card is in the box. They sent him back the next day to do just that)

[MrRiplEy[H]]

Unlikely I have a virus, I just never do the kind of stuff that awards you that crap, I never turn on cookies, unless it's to learn them into specific sites like Amazon, then they are 'allowed', and turned back off.....but one never knows. Anyhow, the 'Process Explorer' identified something like 4 or 5 of them as HP crap....which makes sense, as I've gone through 4 or 5 HP printers/scanners, dvd players/ video capture devices over the years, and I'm sure there's a flat ton of drivers, etc still on the box for equipment they will never see. Haven't had any time to log onto AH, will try yet again when I'm back home Friday.

(I'm thinking, there ARE programs that can hunt down obsoleted DLL files and squish them? One of the field guys at work learned that scenario the hard way---powered down a customer's PC, yanked their Nvidia card, (forgot to uninstall its drivers) plunked in an ATI, got it working, drove 200 miles home, to find out you CAN'T uninstall the drivers for the old card unless said card is in the box. They sent him back the next day to do just that)

Cookies are the last thing to worry about while browsing the internet. Do you have adobe flash player installed to your browser? Congrats, you just opened a highway for the malware. Some ads on websites contain malware and they inject it to your computer just by visiting some innocent website.