Re: long sytem freeze
- From: "lesiofamily" <blm333@xxxxxxx>
- Date: Sun, 4 Jan 2009 10:33:22 -0500
ok, I in search I have found 3 svchost.exe with locations as follows:
C:\WINDOWS\$NtServicePackUninstall$
C:\WINDOWS\ServicePackFiles\i386
C:\WINDOWS\system32
does it mean that first 2 are fake/malicious?
if it is malware -
how do I remove them ? - just go to the folder and delete them?
how do I protect my PC in the future ?
I already have NIS (AV, firewall etc)
next interesting thing:
in my task manager I see 6 (six) svchost.exe :))
3 from system
2 from network service
1 from local service
they all using 0% CPU and peak mem usage below 6000K
except for one from system which had 181000K and is using currently 26788K
???
I will reboot my PC now to give you feedback if it still takes time to
reboot
--
lb
"Daave" <dcwashNOSPAM@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:OQ1KwQkbJHA.4380@xxxxxxxxxxxxxxxxxxxxxxx
"lesiofamily" <blm333@xxxxxxx> wrote in message
news:e33xQbibJHA.4412@xxxxxxxxxxxxxxxxxxxxxxx
using process explorer
I can see few svchost but they use 0% CPU
the highest is system idle process with 99-100% CPU usage
command line is blank, description blank, company name blank
I checked my other PC
system idle process takes approx 86- 97% CPU - for me it looks high but
it 10% less than my first PC
any comments?
Are we talking about a sporadic problem? That is, perhaps you were not
experiencing the "long system freeze" during the above timeframe? Does
your problem present itself during bootup usually?
If it is sporadic, Process Explorer will give you useful information, but
you need to be looking at it *during* the grinding of the gears (not
afterward). And since in another post you indicated that one of your
instances of svchost was through the roof memory-wise, the Bleeping
Computer tutorial should be helpful.
There have been reports of svchost.exe run amok after a particular
security update was applied. How up-to-date are you with your Windows
Updates? What Service Pack level are you at? Can you recall when you
started experiencing this particular problem as well as anything
significant that occurred at around that time?
Finally, I don't recall whether or not you confidently ruled out malware.
Sometimes an instance of svchost.exe running *is* malicious. Svchost.exe
is a valid file *if* it is in the correct location, which should be:
C:\WINDOWS\system32
If you have another svchost.exe in another loaction, it's surely malware.
Search your entire C: drive for svchost.exe. In "More advanced options,"
be sure to check "Search system folders" and "Search subfolders." Again,
if you see another instance of svchost.exe where it doesn't belong, you
have a malware infection!
Last idea: You stated you had NIS 2008. Norton is well-known for producing
the kind of behavior you are describing. Configure a clean boot (which
means, among other things, you will be temporarily disabling NIS 2008) and
see if your problem goes away. For more info:
http://support.microsoft.com/kb/310353
If your problem does go away, you should be able to use the process of
elimination to determine the cause. It wouldn't surprise me if it's
Norton.
.
- Follow-Ups:
- Re: long sytem freeze
- From: Gerry
- Re: long sytem freeze
- From: Daave
- Re: long sytem freeze
- References:
- long sytem freeze
- From: lesiofamily
- Re: long sytem freeze
- From: Daave
- Re: long sytem freeze
- From: lesiofamily
- Re: long sytem freeze
- From: Gerry
- Re: long sytem freeze
- From: lesiofamily
- Re: long sytem freeze
- From: Daave
- long sytem freeze
- Prev by Date: Re: SP 2 Software
- Next by Date: Re: long sytem freeze
- Previous by thread: Re: long sytem freeze
- Next by thread: Re: long sytem freeze
- Index(es):
Relevant Pages
|
