Posted: 5/11/2005 3:49:44 PM EDT
|
Hey guys, I have an issue with my computer. I keep getting these automatic shutdowns caused by the remote procedure call terminated unexpectedly. I went into the admin tools and eliminated the automatic shutdown, but now it blue screen crachs after a while. I think it's a fucking virus, but I am trying to get a project done and don't have time to mess around with it. The one thing that that looks fishy to me is that I have 5 processes named svchost.exe I am doing a full Panda scan right now, but was hoping someone here could help me out. Thanks, Echap |
|
www.liutilities.com/products/wintaskspro/processlibrary/svchost This should fix it and the problem it says is what is happening. |
|
svchost - svchost.exe - Process Information Process File: svchost or svchost.exe Process Name: Microsoft Service Host Process Description: svchost.exe is a system process belonging to the Microsoft Windows Operating System which handles processes executed from DLLs. This program is important for the stable and secure running of your computer and should not be terminated. Note: svchost.exe is a process which is registered as the W32.Welchia.Worm. It takes advantage of the Windows LSASS vulnerability, which creates a buffer overflow and instigates your computer to shut down. To see more information about this vulnerability please look at the following Microsoft bulletin: www.microsoft.com/technet/security/bulletin/ms04-011.mspx This is a registered security risk and should be removed immediately. Please see additional details regarding this process Go to free.grisoft.com/freeweb.php/doc/1 and download the free AVG software. Its the best ive used and it should fix you up..... Sounds like you have a worm on your PC...... |
|
Is that update not part of SP2 for WinXP? I am running WInXP Pro and have Panda platinum Antivirus that updates every day automatically. Edit to add, it said that SP2 did not need this patch. Any other ideas? This is pissing me off (the worm or virus, not you guys) |
Thanks, already did that one. Just did a scan for the W32,welchia worm and the Symatec tool said that I did not have it. Maybe fdisk is not such a bad idea. I hate MS windoze. |
Did Panda detect any trojans, viruses, or hijackers on your PC? After looking more it seems svchost.exe can be used by alot of different spyware programs as well as windows programs. Probably why you have so many. Here is a way to check your system and see what services are useing the svchost.exe to run... YOu should get a screen looking like this  support.microsoft.com/?kbid=314056 You may be able to use it to see if they are valid programs or functions. If they are you could have another issue and svchost.exe may have nothing to do with it..... See whats associated with it and let us know... Will keep looking into it more. Also a little more info on another virus/worm associated with it. windowsxp.mvps.org/svchost.htm This kinda thing interests me sooo much. Im not A+ certified but I try and have run circles around some guys I know that are..... Now to just get a techy job instead of pissy auto parts sales lol |
| you may have memory issues such as bad memory. run memtest86. burn this image onto a cdrom as an image. then restart and boot from the cd. let the program run for a few hours while it test your memory. |
|
Run this MS tool: www.microsoft.com/security/malwareremove/default.mspx Run an online scan here: housecall.trendmicro.com/ |
The Microsoft scan was clean. I also loaded the new microsoft spyware buster beta version and that scan said I was clean. I am going to try the memtest asl sugested above. THANKS GUYS!!!! Eric |
|
The blaster virus won't show up in a virus scan, because the shutdown is caused by signals from other computers on the internet. Download and install this patch from Microsoft, which should fix it. Edit: The patch is slightly bigger than a floppy, so you may need to burn it to CD from another computer, depending on whether yours will stay up long enough to download without rebooting. After your project is done, make absolutely certain that you upgrade to SP2 before you do anything else on that computer. At least yours is turning itself off to let you know that not having security updates is a bad thing. |