SVCHOST

PaulStat

PaulStat

PaulStat

Soldato
Joined
1 Mar 2003
Posts
5,508
Location
Cotham, Bristol
What is this service? It seems to be a system service that takes up 98% of my processing time for the first 10 minutes of start up, making everything run very slowly.
 
Hi Google

Image Name PID Services
========================= ====== =============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 656 N/A
csrss.exe 728 N/A
winlogon.exe 752 N/A
services.exe 796 Eventlog, PlugPlay
lsass.exe 808 PolicyAgent, ProtectedStorage, SamSs
svchost.exe 964 DcomLaunch, TermService
svchost.exe 1040 RpcSs
svchost.exe 1140 AudioSrv, BITS, CryptSvc, Dhcp, dmserver,
ERSvc, EventSystem,
FastUserSwitchingCompatibility, helpsvc,
HidServ, lanmanserver, lanmanworkstation,
Netman, Nla, RasMan, Schedule, seclogon,
SENS, SharedAccess, ShellHWDetection,
srservice, TapiSrv, Themes, TrkWks, W32Time,
winmgmt, wscsvc, wuauserv, WZCSVC
svchost.exe 1188 Dnscache
svchost.exe 1240 LmHosts, RemoteRegistry, SSDPSRV, WebClient
spoolsv.exe 1604 Spooler
explorer.exe 1728 N/A
rundll32.exe 1824 N/A
CTHELPER.EXE 1840 N/A
nod32kui.exe 1884 N/A
QuickDVB-T.exe 1892 N/A
mm_tray.exe 1908 N/A
DAP.exe 1916 N/A
daemon.exe 1924 N/A
MMDiag.exe 1948 N/A
msmsgs.exe 1944 N/A
ctfmon.exe 1964 N/A
WZQKPICK.EXE 1984 N/A
mim.exe 284 N/A
MDM.EXE 1272 MDM
sqlservr.exe 1328 MSSQL$SQLEXPRESS
nod32krn.exe 1480 NOD32krn
nvsvc32.exe 1516 NVSvc
alg.exe 2832 ALG
wuauclt.exe 3704 N/A
iexplore.exe 1656 N/A
cmd.exe 3644 N/A
wmiprvse.exe 392 N/A
tasklist.exe 3596 N/A
 
It's almost certainly Microsoft Update searching for updates. Obviously check your system for spyware, but it's probably not doing any harm - it's a common issue with Microsoft Updates, particularly on single-core machines with several products supported by the update (e.g. Microsoft Office, Visual Studio, etc).

If you disable Microsoft Updates and revert to Windows Update alone (assuming you're using Microsoft Update) it will probably speed up a lot - or if you remember to update regularly, disable automatic updates altogether. There is a "hotfix" available by email from Microsoft, but this only says it will reduce the time taken for the update service to run on "some ocassions" - or something like that - I can't find it right now though.
 
Well here's the log, although I think the auto update thing was probably right. Just have that annoying little bubble pop up now though

Logfile of HijackThis v1.99.1
Scan saved at 11:33:01, on 27/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\AVerTV DVB-T\QuickDVB-T.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\hijack\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickDVBT] C:\Program Files\AVerTV DVB-T\QuickDVB-T.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1166226068140
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
 
Hi guys,

I've been looking for a solution to this problem and I thought I'd add to this post.

I have been having the same problem where, around the time when a windows update takes place, the svchost.exe service shoots up to about 99% and stay theres for about 10 mins. THe machines at work arent the fastest machines and this really brings things to a halt for a while, also ******* off staff :S

Ive tried the microsoft hotfix, the problem is however that the workstations receive their updates from a local WSUS server, so the options to disable automatic updates locally is greyed out anyway.

Does any1 know of a solution for a workstation obtaining updates from a local WSUS server?
 
The 916089 hotfix has been replaced by a hotfix for an issue introduced by that hotfix :rolleyes: so you need to go to the link below for the hotfix to fix both the original issue and an issue caused by the first hotfix

http://support.microsoft.com/kb/927891/

This hotfix also fixes errors on Automatic Update/WSUS clients where you get Appication Error in SVCHOST... The memory could not be "read" errors while/after installing updates. I look after a few clients who run WSUS & this hotfix has fixed these issues on their client machines.
 
PinkPig said:
If you disable Microsoft Updates and revert to Windows Update alone (assuming you're using Microsoft Update) it will probably speed up a lot.
Click to expand...

This worked for me when I had the same problem last month sometime.
 
Do you have Zone Alarm installed? and if so have you just upgraded to the 7.x version. If so that could be the cause of your problems as I had a similar thing after I upgraded Zone Alarm. Where it would take between 10 and 30 mins to boot into windows.

If this is the case uninstall v7.x and go back to v6.5.

Hope that helps

Taff
 
You must log in or register to reply here.
Back
Top Bottom