[windows2000] Re: SVCHOST.EXE @ 100% Every 5 seconds..

  • From: "Martin, Eddie" <EMartin@xxxxxxxxxxxxx>
  • To: windows2000@xxxxxxxxxxxxx
  • Date: Mon, 13 Dec 2004 11:46:23 -0500

I downloaded it and used it, but under that one process there's tons of
information.

Token
WaitablePort
WindowStation
Thread
Semaphore 
Section
Process
Port
Mutant 
KeyedEvent
Key
File
Job
Event
Directory
Desktop

Those are all the different types that I see.  I don't see anything that
jumps out at me as being foreign or any directory or program referenced
inside that I would believe to be spyware, although I could be missing
something.  Not sure what I am looking for so it's a bit hard.  I
reinstalled my nic drivers.  I have been getting an influx of emails every
morning with the Sober virus attached, which leads me to believe I may be
infected by that.  I ran the Sober removal tool on Friday though and it
didn't find anything. I will try it again, I guess.  I don't really know
what else to try, and I don't want to reinstall everything.. :(

 

-----Original Message-----
From: Sorin Srbu [mailto:Sorin.Srbu@xxxxxxxxxxxxx] 
Sent: Monday, December 13, 2004 4:01 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: SVCHOST.EXE @ 100% Every 5 seconds..

Get Process Explorer from Sysinternals.com (it's free), install,
double-click the offiending svchost instance and check the threads running
in there. This should help in finding what's causing this problem. 

You know, it might be a valid thread that's doing this. Maybe you have some
performance meters running?

HTH.



--Original Message Text---
From: Martin, Eddie
Date: Fri, 10 Dec 2004 16:37:25 -0500

Hello All,  

I have tried a million and one things to try and get whatever is on my
computer off.  I ran Spybot Search and Destroy, Adawre SE Personal Edition,
CWShredder, HiJack This, and also downloaded about 5 different virus removal
tools from Symantec, ran them all and nothing was found as far as a virus
was concerned.  I am running Windows XP Pro behind a firewall with Symantec
Anti-Virus Corporate Edition.  My pc cpu usage spikes to 100% about every 5
seconds, with svchost.exe being the main culprit.  I have googled this and
it comes up with about 5 billion possibilities about what it could be and
how to fix it.  Does anyone else know what this could be?  BTW: I Also went
into hkey_local_machine, Software, Microsoft, Windows, Current Version, Run,
and removed anything that could possibly be starting up.  If I unplug my
network cable from the computer, it stops so it definately is a trojan of
some sort. 
Any help would be greatly appreciated. Ive never not been able to get
spyware, or a Trojan off of a pc, so this one is A #1 on the annoying, why
cant I figure this out list!  



BW,

Sorin

> Sorin Srbu, Systems Engineer          Web:
http://www.farmfak.uu.se/organisk/
> Dept of Medicinal Chemistry,          Phone: +46 (0)18-4714482 >> 3
signals >> GSM
> Div of Org Pharm Chem,                Mobile Phone: +46 (0)701-718023
> Box 574, Uppsala University,          Fax: +46 (0)18-4714474
> SE-751 23 Uppsala, Sweden             Visit: BMC, Husargatan 3, D5:512b
>
> Public PGP key available on request.
>
> ()  ASCII ribbon campaign - Against html E-mail /\
>
> Harmless tagline follows:
>
> BOFH excuse follows: Our POP server was kidnapped by a weasel.



********************************************************
This Weeks Sponsor SeamlessPlanet.com Domain Names Register your .com domain
name for as low as $7.85 One of the lowest prices on the web! Part of The
Kenzig Group.
http://www.seamlessplanet.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor SeamlessPlanet.com Domain Names
Register your .com domain name for as low as $7.85
One of the lowest prices on the web! Part of The Kenzig Group.
http://www.seamlessplanet.com
********************************************************** 
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts: