svchost.exe stuff

[steve]

I was recently getting a lot of slowdown on my computer,
so one of my friends suggested to look at the process's
running on my computer.

Upon checking, I noticed there were numerous listings of
svchost.exe programs. Can anyone tell me what the
svchost.exe program is, and is it a safe/malicious
program on my computer? Could this be what is causing the
slowdown?

I thank you for your replies and help with this issue.

 

[Touch Base]

A Description of Svchost.exe in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;EN-US;314056

 

[NT Canuck]

I was recently getting a lot of slowdown on my computer,
so one of my friends suggested to look at the process's
running on my computer.

google for below...useful programs with free version.
startup monitor (mike lin)
ad-aware (lavasoft)
grisoft AVG

place to find links/description of tools/programs...
http://lists.gpick.com/

Upon checking, I noticed there were numerous listings of
svchost.exe programs. Can anyone tell me what the
svchost.exe program is, and is it a safe/malicious
program on my computer? Could this be what is causing the
slowdown?

look into directory c:> windows/system32/drivers
and see if there is a "svchost.exe" in there..
if so...it doesn't belong there (not a device driver) and is probably
a virii/worm critter that needs tobe uninstalled in "safe mode"

Loading and running the anit-virus utility from grisoft should find
the critter (if that is problem), and ad-aware will find and clean
out any registry entries for malicious programs (make sure to
"update" definitions for ad-aware before running it).

I think that is the most likely problem...critter in /drivers.

 

[randy]

definition of a host:
Svchost.exe is a generic host process name for services that are run from
dynamic-link libraries (DLLs). The Svchost.exe file is located in the
%SystemRoot%\System32 folder. At startup, Svchost.exe checks the services
portion of the registry to construct a list of services that it needs to
load. There can be multiple instances of Svchost.exe running at the same
time. Each Svchost.exe session can contain a grouping of services, so that
separate services can be run depending on how and where Svchost.exe is
started. This allows for better control and debugging.

see article 314056. for XP and 250320

 

[NT Canuck]

definition of a host:
Svchost.exe is a generic host process name for services that are run from []
see article 314056. for XP and 250320

geez...at least give a real world description;
http://ntcanuck.com/tq/TQ_Page1.htm#Item_25
http://ntcanuck.com/tq/TQ_Pg08.htm#Item_203
http://ntcanuck.com/tq/TQ_Page7.htm#Item_187

*Given that he is experiencing "slowdowns" on the computer...
which should not occur under normal circumstances w/valid processes.

enter svchost.exe at...
http://search.symantec.com/custom/us/query.html

one with bagle...but there are more varieties...
http://www.google.ca/search?hl=en&ie=UTF-8&q=BAGLE+svchost&meta=

Anyways...any unusual behavior should be checked with anti-virus
scanner/anti-trojan scanner that has recent updates. Not unusual to
see 10 or more new worms/virii/exploits coming out EVERY day.

svchost in question may not be specific culprit, and it does exist as a
valid windows service...but svchost files are not always windows files.