Home > Others

Svchost.exe what is the process and Svchost.exe virus removal

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Many friends are not familiar with the svchost process, sometimes in the task Manager once see a number of this process (the following figure has 6), they think their computer in the virus or trojan, in fact, not so! Under normal circumstances, You can have multiple Svchost.exe processes running at the same time in Windows, such as Windows 2000 with at least 2 svchost processes, more than 4 in Windows XP, and more in Windows 2003, so when you see multiple svchost processes , is not necessarily the virus!

 What is Svchost.exe?

The Svchost.exe file exists in the "%system Root%system32" (for example, c:windowssystem32) directory, which is an important process in Windows NT core (Windows 9X does not have the process) and specifically initiates various services for the system. For example, Svchost.exe invokes the Rpcss.dll file and starts the RPCSS Service (remote procedure Call).

Svchost.exe is actually a service host that does not provide any service to the user, but can be used to run dynamic-link library DLL files to start the corresponding service. The Svchost.exe process can start multiple services at the same time.

Svchost.exe is a core process of a system, not a virus process. However, because of the particularity of the Svchost.exe process, the virus will do everything possible to invade Svchost.exe. By looking at the execution path of the Svchost.exe process, you can confirm if you are poisoning. If you suspect that your computer may be infected with a virus, Svchost.exe services can find anomalies by searching Svchost.exe files. In general, you will find only one Svchost.exe program in the "C:windowssystem32" directory. If you find a Svchost.exe program in another directory, it is likely to be poisoned.

 Svchost Virus Removal method

1, with unlocker delete similar to C:sysdayn6 folder: such as C:syswm1i, c:sysad5d, and so on, these folders have a common feature, that is, the name is sys*** (* * * is three to five bits of random letters), so a few of the folder deleted several.

2, Start-run-enter "regedit"-Open the registry, expand the registry to the following location: Hkey_current_ Usersoftwaremicrosoftwindowscurrentversionpoliciesexplorerrun Delete all keys with a pure number name on the right, such as <66> <333> <50> <4>

3, restart the computer, the virus cleared.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
best free mac virus scan and removal free virus scan and removal for android best virus and malware removal tools what is best malware removal what is conficker virus what is mackeeper virus what is virus scanner

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More