N
-Nisko-
I should have said that I'm learning a lot from ALL you guys!!!
Thanks........
Thanks........
N
-Nisko-
Yesterday, I had to restart my PC many times before svchost did not hog my
resources. I used it til bedtime with no problem - left it running
overnight. When I looked this morning, explorer.exe was hogging my
resources - not svchost. Now, I just changes the properties in Plug and
Play, SSDP and UPnP and am going to reboot (10:52am EST).
If you are using Windows XP in default mode, where XP hides the Startup
Icons, this will restore the missing icons.
resources. I used it til bedtime with no problem - left it running
overnight. When I looked this morning, explorer.exe was hogging my
resources - not svchost. Now, I just changes the properties in Plug and
Play, SSDP and UPnP and am going to reboot (10:52am EST).
If you are using Windows XP in default mode, where XP hides the Startup
Icons, this will restore the missing icons.
G
Gabriele Neukam
Maybe you are suffering from the same bugged component as "dewey" -
namely the script scanner of McAfee. Turn it off and check if it is
better.
Gabriele Neukam
(e-mail address removed)
N
-Nisko-
Thanks - but I don't understand what you mean by 'dewey' and the script
scanner. Please tell me what to shut off and how to do it. I have been
running McAfee for several years now. This problem just appeared about a
week ago.
scanner. Please tell me what to shut off and how to do it. I have been
running McAfee for several years now. This problem just appeared about a
week ago.
G
Gabriele Neukam
He posted in alt.comp.anti-virus (see the subject "McAfee v11 is
killing my computer") and reported a similar problem. He identified the
McAfee script scanner (against malicious scripts in web pages and
mails) as the culprit, at least in *his* case.
I thought you had been hit by the same bug.
"peacekeeper" sent a reply to this thread, but sadly, it was below a
signature separator, which will make it invisibale to some readers. I'll
quote it here.
(quote)Just an Update a major patch is coming through this week . I have
seen the fixes and they cover most issues with vs11 and firewall.
including some installing annoyances Tony (end of quote)
HTH
Gabriele Neukam
(e-mail address removed)
N
-Nisko-
Thanks...now I understand. The McAfee scrip isn't causing my problem.
P
Peter Seiler
-Nisko- - 29.08.2006 03:48 :
there is absolutely no need for always fullquoting (~75 fullquoting line
snipped) only saying such short answers.
Another misbehavior is your quoting of the part after the sig delimiter
of your preposter (because of your topposting?).
The same arguments to "the creator". Please learn a better usenet
behavior. THX.
THX in advance for your kind understanding.
there is absolutely no need for always fullquoting (~75 fullquoting line
snipped) only saying such short answers.
Another misbehavior is your quoting of the part after the sig delimiter
of your preposter (because of your topposting?).
The same arguments to "the creator". Please learn a better usenet
behavior. THX.
THX in advance for your kind understanding.
N
-Nisko-
Hi Nisko,
I was told to have the Startup Icon load or be displayed at Boot to
disabled both SSDP Discovery Service and Universal Plug and Play Device
Host. When I did that, on reboot SVCHOST.EXE CPU Usage was very high. I
could not do a thing. Once I changed them to Manual Starting at least, and
started them manually, the CPU Usage dropped.
Do this: Open Task Manager and double-click on CPU. Purpose to sort
Processes by CPU Usage and bring the Processes that are using the CPU to the
top. Next Open Services and scroll down until you locate and find the status
of them. Whether they are disabled or Manual or Automatic. You can only open
one at a time, but the next time it occurs with High CPU Usage, open Task
Manager and open Services. Start the process(es) and see what effect it has
on your computer and CPU Usage.
Remember, you aren't deleting anything, just changing how the Services
start. So it really can't hurt your computer.
--
thecreator
my resources (used Process Explorer). Opened the Task Manager to monitor
CPU usage. Opened Services and, one by one, disabled them to see the result
on CPU usage. No change. I even stopped a couple of the processes - but I
wasn't allowed to start them until I rebooted. Can't figure this one out.
Did I do the procedure correctly?
I was told to have the Startup Icon load or be displayed at Boot to
disabled both SSDP Discovery Service and Universal Plug and Play Device
Host. When I did that, on reboot SVCHOST.EXE CPU Usage was very high. I
could not do a thing. Once I changed them to Manual Starting at least, and
started them manually, the CPU Usage dropped.
Do this: Open Task Manager and double-click on CPU. Purpose to sort
Processes by CPU Usage and bring the Processes that are using the CPU to the
top. Next Open Services and scroll down until you locate and find the status
of them. Whether they are disabled or Manual or Automatic. You can only open
one at a time, but the next time it occurs with High CPU Usage, open Task
Manager and open Services. Start the process(es) and see what effect it has
on your computer and CPU Usage.
Remember, you aren't deleting anything, just changing how the Services
start. So it really can't hurt your computer.
--
thecreator
OK, I determined the processes associated with the svchost that was using up-Nisko- said:
my resources (used Process Explorer). Opened the Task Manager to monitor
CPU usage. Opened Services and, one by one, disabled them to see the result
on CPU usage. No change. I even stopped a couple of the processes - but I
wasn't allowed to start them until I rebooted. Can't figure this one out.
Did I do the procedure correctly?
N
-Nisko-
optikl said:
Yes. Dell Latitude.
D
David H. Lipman
From: "Duane Arnold" <"Do forget about it"@PleaeDo.BET>
| You know, I have mentioned Process Explorer to numerous posters in
| various NG(s). It's only been twice in all that time that someone took
| PE and was able to spot something. Those two were skilled professionals
| that could tack down the culprit. One was a Web admin that used PE to
| find malware, that everything she used couldn't find it. The other one
| was a person who used PE to track down something MS had done to send
| svchost.exe out of control.
|
| Now, I am going back to watching Amreican Chopper. Paul Sr. and Jr. are
| in another heated argument and are ready to kill each other on who has
| control of the shop. ;-)
|
| Duane
I was given as notebook with a nasty non-viral malware infection.
A DLL was hooked into Winlogon Notify and the key was protected by the malware. Deleting
the key was useless as the DLL was able to recreate its self with a new name and the kry was
altered to the new DLL upon reboot.
ProcessExplorer was able to find the DLL that was running and it allowed me to kill that DLL
process which then allowed me to delete the Winlogon Notify key and to clean up the
notebook.
| You know, I have mentioned Process Explorer to numerous posters in
| various NG(s). It's only been twice in all that time that someone took
| PE and was able to spot something. Those two were skilled professionals
| that could tack down the culprit. One was a Web admin that used PE to
| find malware, that everything she used couldn't find it. The other one
| was a person who used PE to track down something MS had done to send
| svchost.exe out of control.
|
| Now, I am going back to watching Amreican Chopper. Paul Sr. and Jr. are
| in another heated argument and are ready to kill each other on who has
| control of the shop. ;-)
|
| Duane
I was given as notebook with a nasty non-viral malware infection.
A DLL was hooked into Winlogon Notify and the key was protected by the malware. Deleting
the key was useless as the DLL was able to recreate its self with a new name and the kry was
altered to the new DLL upon reboot.
ProcessExplorer was able to find the DLL that was running and it allowed me to kill that DLL
process which then allowed me to delete the Winlogon Notify key and to clean up the
notebook.
D
Duane Arnold
-Nisko- said:
By reading some of your replies, it seems you know how to use PE a
little bit.
Duane
D
Duane Arnold
-Nisko- said:
That may not be so as malware can be made to look legit. However, you
may be right too that everything is legit.
You can go to the svchost.exe in question and right-click it and go to
Properties and look from there. You can look at the information on the
Thread tab and see what processes within the SVchost.exe is sucking the
CPU within SVChost.exe. You can also look around on some other tabs as
well, like the Service tab and see what services the svchost.exe is
hosting. The service tab told another poster as to what service that
made svchost.exe spin out of control with high CPU usage.
Duane
O
optikl
This is what I would do. It won't cost you a thing. Go to start\run.-Nisko- said:
Type in services.msc. Find the service called Automatic Updates. Change
the setting to disabled. Aplly setting. Now stop the service. Reboot the
computer and see if this fixes your problem. If it does, report back and
I'll explain what you need to do to update Windows for services patches,
etc.
N
-Nisko-
Yes, I'm learning how to use it. Take a look at Security Task Manager
(Google it). You might find it does even more than PE. Let me know what
you think.
(Google it). You might find it does even more than PE. Let me know what
you think.
N
-Nisko-
Peter Seiler said:
I'm trying - but I don't understand either of the misdemeanors you just
mentioned.
N
-Nisko-
Duane Arnold said:That may not be so as malware can be made to look legit. However, you may
be right too that everything is legit.
You can go to the svchost.exe in question and right-click it and go to
Properties and look from there. You can look at the information on the
Thread tab and see what processes within the SVchost.exe is sucking the
CPU within SVChost.exe. You can also look around on some other tabs as
well, like the Service tab and see what services the svchost.exe is
hosting. The service tab told another poster as to what service that made
svchost.exe spin out of control with high CPU usage.
Duane
Please explain the thread tab - and how to use it. I'm not familiar with it
yet.
N
-Nisko-
It would help me learn a little more about how to use PE if you explainedDavid H. Lipman said:From: "Duane Arnold" <"Do forget about it"@PleaeDo.BET>
| You know, I have mentioned Process Explorer to numerous posters in
| various NG(s). It's only been twice in all that time that someone took
| PE and was able to spot something. Those two were skilled professionals
| that could tack down the culprit. One was a Web admin that used PE to
| find malware, that everything she used couldn't find it. The other one
| was a person who used PE to track down something MS had done to send
| svchost.exe out of control.
|
| Now, I am going back to watching Amreican Chopper. Paul Sr. and Jr. are
| in another heated argument and are ready to kill each other on who has
| control of the shop. ;-)
|
| Duane
I was given as notebook with a nasty non-viral malware infection.
A DLL was hooked into Winlogon Notify and the key was protected by the
malware. Deleting
the key was useless as the DLL was able to recreate its self with a new
name and the kry was
altered to the new DLL upon reboot.
ProcessExplorer was able to find the DLL that was running and it allowed
me to kill that DLL
process which then allowed me to delete the Winlogon Notify key and to
clean up the
notebook.
the above process in more detail. Thanks..
D
Duane Arnold
-Nisko- said:
The thread tab shows how much a programs gets of the cpu usage and
processing time on the CPU. A program runs on a processing thread a
slice of time for program execution on the CPU.
An exe program hosts other programs such as DLL(s). In a case of
svchost.exe, it's a multi threaded hosting application, which means
svchost.exe runs on the main thread. However svchost.exe and other
programs exe like Explorer spawns child threads to allow other programs
they are hosting to run on their own thread, while it runs.
An exe program may or may not host other programs such as DLL(s). An exe
program may or may not spawn child threads to allow other programs it is
hosting to run.
The Thread tab shows what program is getting processing time within
svchost.exe, how much cpu usage it's using and how much it's switching
between its thread and the thread the host exe is running on.
If you see high CPU usage and/or high Context Switching, that may be a
clue as to what is sucking up CPU usage within the host exe.
That's about as simple as I can explain it. ;-)
Duane
D
David H. Lipman
From: "-Nisko-" <[email protected]>
| I'm trying - but I don't understand either of the misdemeanors you just
| mentioned.
|
That's OK....
That's all peter does understand !
{ Just kidding Peter }
| I'm trying - but I don't understand either of the misdemeanors you just
| mentioned.
|
That's OK....
That's all peter does understand !
{ Just kidding Peter }
D
David H. Lipman
From: "-Nisko-" <[email protected]>
| It would help me learn a little more about how to use PE if you explained
| the above process in more detail. Thanks..
|
I can't. That was over a year ago. My ability to explain it would fall short of my ability
to demonstrate it.
| It would help me learn a little more about how to use PE if you explained
| the above process in more detail. Thanks..
|
I can't. That was over a year ago. My ability to explain it would fall short of my ability
to demonstrate it.