|
zoranb ::Teo ::
istaliro sam kav i naso mi je Worm.Win32.Welchia virus koji je obriso ali kad sam gledo na sajtu kasperkog naso sam da se taj virus sastoji iz dva dela iz dllhost.exe i svchost.exe folder dllhost.exe je detektovo kav i izvriso a folder svchost.exe se jos nalazi u mom konpjuteru i kav nepokazuje da je virus...sta da radim,dali jos imam virus...uradio sam Disk Defragmenter jos pre koji dan... ali to nema veze sa ovim... evo vec sam na netu 10 min. i nije poceo konpjuer da mi koci,ali sta bi sa dllhost.exe failmom dali je i on virus?
Pojasnjenje
Svchost (1) Svchost.exe
--------------------------------
(Microsoft) Service Host – Generic Host Process for Win32 Services. Windows 2000/XP only. SVCHOST is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup SVCHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them. There can be many instances of SVCHOST running, as there will be one instance of SVCHOST for every DLL-based service or grouping of services (the grouping of services is determined by the programmers who wrote the services in question). Under Windows XP Professional you can find out what DLL-based services SVCHOST is running by typing Tasklist /SVC at a Command Prompt (MS-DOS Prompt – this command is not available in Windows XP Home), while under Windows 2000 you need to use the TLIST –s command from a Command Prompt (MS-DOS Prompt).
Recommendation :
An integral part of the operating system, leave alone – multiple instances of SVCHOST is a normal occurrence. If you experience SVCHOST errors, the problem is most likely not with SVCHOST but with the DLLs it is hosting.
Svchost (2) SVCHOST.EXE
----------------------------------
(???) Many viruses masquerade themselves as SVCHOST to escape detection. Some have names that are similar, such as SCCHOST, while others actually drop a program file called SVCHOST in the Windows or Windows System directory.
Recommendation :
The first recommendation is a simple one : always have a good antivirus product which is regularly updated (automatically preferably) and always renew your updates subscription when it expires. To detect if you have a virus that calls itself SVCHOST, first see if it shows up in Starter – if it does, then it is almost certain you have a virus. Secondly, if you have Windows 95/98/ME rather than WinNT4/2000/XP, then it is almost certain you have a virus. Thirdly, go to "Control Panel \ Administrative Tools \ Services" and look for any of the following services – if you find any of them, then you probably have a virus :
System Important Message service
Dllhost DLLHost.exe
-------------------------------
(Microsoft) DCOM support module for DLL based COM objects (DCOM = Distributed Component Object Model). DCOM is a software architecture model which is an intrinsic part of Windows, of most Microsoft products, and of many non-Microsoft products. In most cases you should never see DLLHOST in your Task List, as, typically, DLLHOST starts, does what it has to do, and then terminates. However, sometimes, if a Java COM object runs (this could happen if you are browsing the Internet and come to a page which has Java code), DLLHOST may not terminate, which is when you would see it in your Task List.
Recommendation :
Do not "End Task" it as there is no way to determine whether DLLHOST has completed its task or not. For the more advanced users, however, deleting the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Java VM\MSDebug" can often solve the problem of DLLHOST constantly appearing in the Task List. Finally, if you keep getting DLLHOST errors on a Windows 2000/XP/2003 PC, then you may have the Welchia virus.
_________________
Nocna patrola sajta
http://www.mycity.rs/phpbb/viewtopic.php?t=1299&highlight=svchost+exe
|
