Click here to Run a
Free Scan for
Svchost.exe Related Errors
What is it?
Service Host Process - svchost.exe
What does it do?
Here's a direct quote from MS about this:
(source)
Svchost.exe is a generic host process name for services that are run from
dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32
folder. At startup, Svchost.exe checks the services portion of the registry to
construct a list of services that it needs to load. There can be multiple
instances of Svchost.exe running at the same time. Each Svchost.exe session can
contain a grouping of services, so that separate services can be run depending
on how and where Svchost.exe is started. This allows for better control and
debugging.
Svchost.exe groups are identified in the following registry key:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost
Each value under this key represents a separate Svchost group and is
displayed as a separate instance when you are viewing active processes. Each
value is a REG_MULTI_SZ value and contains the services that run under that
Svchost group. Each Svchost group can contain one or more service_names
extracted from the following registry key, whose Parameters key contains a
ServiceDLL value:
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService
If you're
running Windows XP Home edition then you'll have to download this file
HERE
and put it in your windows/system32 directory. If you're running XP Pro then you
won't need that file since you already have it.
1.) Start --> Run --> cmd
2.) Tasklist /svc >C:ianaginfo.txt
Here's
an example of what I got when I issued this command if you'd like to take a look
at an example.
A Description of Svchost.exe in Windows XP:
http://support.microsoft.com/?kbid=314056
More Info
More Info
Virus Precaution:
The original file from Microsoft gets placed in the Located in
C:WINDOWSSystem32 directory. If you find it anywhere else then you should be
suspicious for sure.
You'll want to keep an eye on
this google search for any known viruses. Fix Svchost.exe Errors: Free Scan
Recommendation: Run a
Free Performance Scan to automatically optimize memory, CPU and Internet Settings
Svchost.exe is a Windows System File and should be in a system directory. If
it is then this application is safe.
Startup DB Entries:
( 1 ) "Added by the DELF-UX TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
( 2 ) "Added by the DUMARDI-A TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
( 3 ) "Added by the CHEUKO-A TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
( 4 ) "CashToolbar Downloader-MY adware. Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup!"
( 5 ) "Added by the PARADROP-A WORM! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup!"
( 6 ) "Added by the PARADROP-AI WORM! Note - this is not the legitimate svchost.exe process which should not normally figure in Msconfig/Startup!"
( 7 ) "Added by the DELF-KR TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a C:DriverLoad folder"
( 8 ) "Added by the DELF-KR TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in a C:DriverLoad folder"
( 9 ) "Added by the BIFROSE-CH TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
( 10 ) "Added by the MIMAIL.L WORM! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
( 11 ) "Added by the DLOADER-NX TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
( 12 ) "Added by the ZAPCHAS TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup!"
( 13 ) "Added by the ZAPCHAS-R TROJAN! Note - this is not the legitimate svchost.exe process which should NOT appear in Msconfig/Startup and is always located in the System32 folder. This worm file is found in the System folder"
( 14 ) "Added by the ZAPCHAS-AA TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This one replaces svchost.exe in the System32 folder with a copy of Mirc on (NT/2K/XP) systems and just adds svchost.exe to the System folder on (9x/Me) systems"
( 15 ) "Added by the LINEAGE-V TROJAN! Note - this is not the legitimate svchost.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is located in the Winnt or Windows folder"
Disclaimer
Every attempt has been made to ensure the information about Svchost.exe is accurate but alot of malware applications try to pose as valid applications. If it is something other than what was posted above please leave some feedback in the forum.
Printer Friendly
| Aranjay | It's very good for system administartor. Can i get details about complet windows services.
| |
Submit your comment Comments ARE moderated! Please only submit once!
|
