SCVHOST is sucking up my processor

Status
Not open for further replies.

Zabador

Baseband Member
Messages
41
ok, im having problems with scvhost .exe under local services. it is sucking up my processer and is realy causing alot of lag and greif in games. im more of a hardware guy so i have no clue where to begin.

help?
 
scvhost.exe could mean you have a virus. svchost.exe is a Windows process. Do a virus scan and see if you find anything.
 
the SCVHOST is a type-o sorry its SVCHOSt. the legit program.

ive gone through the web sites and nothing turned up of concern. ive noticed that windows seems to do this with several programs. winlogin, svchost, lsass, etc.

any other ideas?
 
Please do this. Click here: http://www.sherrylynn.us/HijackThis.exe to download Hijack This. Save it to itÂ’s own folder (not temporary files or the desktop).
Close all open windows and open HIJACK THIS. Click “Scan”. When the scan is finished (it only takes a second), the scan button will change to “Save Log”. Click on “Save Log” and save it to NotePad. Copy the entire log and paste it here.

DO NOT FIX ANYTHING YET, most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise.


lets see if it is legit
 
AMD Duron processor 1.30 GHz
632MB or RAM
38.2 gb hard dirve (root drive for programs n such)
111gb hard drive (secondary for media...ANIME!!)
cd r/rw drive
dvd drive
ethernet card
ati tv wonder ve

thats bout it...its not much but i built it my self :D
 
i do have the c:\WINDOWS\svchost.exe path but nothing comes up on a virus scan, last nite i was in safe mode and ran about 3 virus scans with both norton 2003 and mcaffy and fix-it (dunno if you guys know that one, not that popular but its nice)

i ran that file indepenently n nothing came up still
should i delete or what?
 
can you run a hjt log please

Please do this. Click here: http://www.sherrylynn.us/HijackThis.exe to download Hijack This. Save it to itÂ’s own folder (not temporary files or the desktop).
Close all open windows and open HIJACK THIS. Click “Scan”. When the scan is finished (it only takes a second), the scan button will change to “Save Log”. Click on “Save Log” and save it to NotePad. Copy the entire log and paste it here.

DO NOT FIX ANYTHING YET, most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise.
 
Logfile of HijackThis v1.97.7
Scan saved at 7:42:35 PM, on 4/20/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Norton Personal Firewall\SymProxySvc.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Norton Personal Firewall\NISSERV.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Personal Firewall\IAMAPP.EXE
C:\Program Files\QUICKENW\QAGENT.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Norton Personal Firewall\ATRACK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\PROGRA~1\NORTON~1\navw32.exe
C:\Hijank\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.searchant.com/sp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.searchant.com/sp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.zestyfind.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.searchant.com/sp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = www.searchant.com/sp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.searchant.com/sp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.topfivesearch.com/search.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.topfivesearch.com/search.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.searchant.com/sp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = www.searchant.com/r=6&s=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50032
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.google.ca/"); (C:\Documents and Settings\jer\Application Data\Mozilla\Profiles\default\sgcj1noz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_06.src"); (C:\Documents and Settings\jer\Application Data\Mozilla\Profiles\default\sgcj1noz.slt\prefs.js)
O1 - Hosts: 206.230.228.10 auto.search.msn.com
O1 - Hosts: search.netscape.com
O1 - Hosts: ieautosearch
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.95-big.dll
O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll (file missing)
O3 - Toolbar: 2020SEARCH2 - {4E7BD74F-2B8D-469E-92C6-CE7EB590A94D} - C:\PROGRA~1\TOOLBA~1\2020SE~1.DLL (file missing)
O3 - Toolbar: Band Class - {BDF6CE3D-F5C5-4462-9814-3C8EAC330CA8} - C:\WINDOWS\AdRoar.dll
O3 - Toolbar: byte atom - {48A3851F-7992-F224-4584-D3B6CCBEF709} - C:\PROGRA~1\MULTIB~1\FRAGWAVE.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Personal Firewall\IAMAPP.EXE
O4 - HKLM\..\Run: [saSyncMgr] rundll32.exe sasync.dll,SyncWait app=SearchAnt wait=10
O4 - HKLM\..\Run: [QAGENT] C:\Program Files\QUICKENW\QAGENT.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Grokster Support - file://C:\Program Files\websearch\System\Temp\grokstershop_script0.htm
O8 - Extra context menu item: Si&milar Pages - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page - res://c:\windows\GoogleToolbar_en_2.0.95-big.dll/cmtrans.html
O9 - Extra button: ATI TV (HKLM)
O9 - Extra button: Perfect Popup Killer (HKLM)
O9 - Extra 'Tools' menuitem: Perfect Popup Killer (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\aplsp.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3752108C-976A-4C03-A2AC-70B7EDECAE4F}: NameServer = 168.95.192.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E738B3C8-256B-49CA-9028-4B9DBB4632E5}: NameServer = 168.95.192.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3752108C-976A-4C03-A2AC-70B7EDECAE4F}: NameServer = 168.95.192.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3752108C-976A-4C03-A2AC-70B7EDECAE4F}: NameServer = 168.95.192.1

theres the result
 
Status
Not open for further replies.
Back
Top Bottom