Discussion in 'malware problems & news' started by kof, Jan 13, 2007.
what kind of worm does 100% svchost.exe process?
the name & the removel tool, plz.
One "worm" can be Windows automatic updates, depending on your pc. Where is that svchost located?
This may Help!
it can also be caused by using custom hosts files if they are to large.
tnx u all
Did you figure it out?
If you still have problems, shoot!
expand running processes > expand (the various) svchost entries to reveal the dlls actually being employed
this box has three svchost instances w\ 46, 76 and 77 dlls running respectively
while I have a high confidence they are all legitimate, thats not always the case
were I suspicious Id compare them to known clean security benchmarks
(which need to be updated as you add software and further dependent here on what is actually running)
see > DLL injection
Separate names with a comma.