svchost.exe (1 Viewer)

[stinger]

whenever i'm on the internet (dial up) after a couple of mintues
| svchost.exe has had an error ... and error log is being made ... you will need to restart the program |

wtf?? i press ok ... most things still work, but i can't right click- open new window ... some applications have not enough memory?

i have no clue what this is

help

 

[Huy]

Svchost.exe is a generic host process name for services that run from dynamic-link libraries (DLLs).

The Svchost.exe file is located in the %SystemRoot%\System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load.

Multiple instances of Svchost.exe can run at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can run, depending on how and where Svchost.exe is started. This allows for better control and easier debugging.

Svchost.exe groups are identified in the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Svchost

To view the list of services that are running in Svchost:
Click Start on the Windows taskbar, and then click Run.
In the Open box, type CMD, and then press ENTER.
Type Tasklist /SVC, and then press ENTER.

Sorry this does not help you, but it will explain the function of svchost. See your error report/log which will identify the cause(s) of svchost's termination.

 

[stinger]

hmmm ... drwatson or whatever it is?

i just see a whole bunch of numbers which i have no idea as to what they mean

 

[Jesus]

i get that sometimes, usually i press ok and its fine, it says something cannot be attached right?

 

[stinger]

erm ... not really
here's the direct quote

program error
svchost.exe has generated errors adn will be closed by windows
you will need to restart the program

an error log is being created

 

[JRasnier]

i fixed it before for meeh and my gf's computer by making my firewall block svchost from accessing the net....worked for meeh, and i noticed it only started i think after service pack.....

 

[Jeo]

that could certainly be blaster worm........... GL........... http://iinet.net.au/support/security/exploits/ms03026.html

 

[Jeo]

http://www.redhat.com/

 

[flyin']

That things, stuffed up my comp for like a week

 

[Soliah]

Sounds to me like the blaster worm.

Do you happen to be on Win2k?

 

[flyin']

I was (and still am) on XP. I ended up using a firewall, and that worked... and then read another thread about a patch.

 

[Comedy_Al]

The blaster worm doesn't do that... it just sends uot millions of pings & packets, sownloads the latest service pack then seletes itself. The worst it can do is slog up a network or net connection.

 

[Soliah]

Originally posted by Comedy_Al
The blaster worm doesn't do that... it just sends uot millions of pings & packets, sownloads the latest service pack then seletes itself. The worst it can do is slog up a network or net connection.

I beg to differ (on 2K). On an unpatched Win2K the worm is able to screw up svchost remotely. I don't know why or how, but I assume it's due to the fact that since the machine would be open to the worm, a infected PC would just send the DCOM RPC vunerablity to it, causing the RPC service to buffer overun or cause a error in svchost. I few friends of mine blocked only the TCP port 135, and as such still had problems with svchost, being unpatched. However after the RPC patch from MS, such errors stopped.

http://www.atomicmpc.com.au/forums.asp?s=2&c=9&t=3476

There ^^ are a few people who've had that problem.

 

[Winston]

Originally posted by Soliah
I beg to differ (on 2K). On an unpatched Win2K the worm is able to screw up svchost remotely. I don't know why or how, but I assume it's due to the fact that since the machine would be open to the worm, a infected PC would just send the DCOM RPC vunerablity to it, causing the RPC service to buffer overun or cause a error in svchost. I few friends of mine blocked only the TCP port 135, and as such still had problems with svchost, being unpatched. However after the RPC patch from MS, such errors stopped.

http://www.atomicmpc.com.au/forums.asp?s=2&c=9&t=3476

There ^^ are a few people who've had that problem.

well the blaster worm isnt much of a scare, i mean just enable firewall, and just use the symantec fix tools, but the flaws in which the RPC exposes to malicious kiddies, is a concern, but once again this is windows we're talking about

the whole entire Win 32 API is flawed, thats why MS would not expose their underlying code, woah if its exposed, think of the amount of viruses we'll be seeing per millisecond

 

[enak]

the whole entire Win 32 API is flawed, thats why MS would not expose their underlying code, woah if its exposed, think of the amount of viruses we'll be seeing per millisecond

You could just decompile the code

 

[Winston]

Originally posted by enak
You could just decompile the code

er no.. it's not that easy

the people at MS aren't really that stupid

well i mean everything is possible but it will take time to decompile it all

let alone compiling it takes a week at least...

and besides they use their own compiler which is written just for them

and also.. they use additional obfuscators to scramble the source code

it's not as easy

 

[Huy]

...and now I know why I didn't choose SDD!

 

[Winston]

Originally posted by Huy
...and now I know why I didn't choose SDD!

haha huh?...

why?...

oh no u dont learn this shit in SDD...
sdd is 90 % documentation thats a load of shit

the real shit isnt learnt here

 

[enak]

Originally posted by Winston
er no.. it's not that easy

the people at MS aren't really that stupid

well i mean everything is possible but it will take time to decompile it all

let alone compiling it takes a week at least...

and besides they use their own compiler which is written just for them

and also.. they use additional obfuscators to scramble the source code

it's not as easy

Point taken

 

[Winston]

Originally posted by enak
Point taken

woah break..
im glad i got that over with in one post, gees...