1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

svchost.exe interfering with my internet connection

Discussion in 'General Software' started by Conall, Jul 19, 2009.

  1. Conall New Member

    Joined:
    Dec 22, 2007
    Messages:
    116 (0.04/day)
    Thanks Received:
    5
    I'm having an extremely annoying problem with a process called "svchost.exe" interfering with my internet connection when I'm playing online games.
    It has a large effect on my ping, making them nearly unplayable.

    I use COMODO firewall, and to check if svchost really was the culprit, I terminated all of its active connections and tabbed back into the game.
    For a few minutes, everything was fine.. Then the lag returned. I tabbed out, and found that svchost was connecting to something again. I repeated this several times to make certain, and it is indeed svchost causing this problem.

    I then tried blocking it from accessing the internet.
    I went to Firewall/Network Security Policy, found the file in the list, and set it to "Block All Incoming and Outgoing Requests", but that had absolutely no effect.
    As I type this, COMODO shows svchost.exe is responsible for 98.9% of my internet traffic despite it supposedly being blocked.

    I did a Google search for "svchost.exe", and found several different explanations as to what it is and does.
    I've read posts from other forums saying they've blocked it with their firewall with no ill effects, others say it prevents websites from loading if you do so.. However, I found no one complaining about being UNABLE to block it at all.

    Would anyone happen to know what I might be doing wrong, and how to go about successfully blocking this program?
     
  2. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    9,058 (2.53/day)
    Thanks Received:
    1,650
    Block it, just MS either trying to phone home, your system checking your internet connection, or you have spyware.
     
    10 Million points folded for TPU
  3. Conall New Member

    Joined:
    Dec 22, 2007
    Messages:
    116 (0.04/day)
    Thanks Received:
    5
    I said in my previous post that I was having trouble blocking it..

    Regardless, shortly after I created this topic, COMODO actually began blocking it from accessing the internet, and I have no idea what's changed to make that happen.
    I'll be keeping a close eye on it to make sure it stays that way.
     
  4. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    9,058 (2.53/day)
    Thanks Received:
    1,650
    Run me a hijack this log and post it.
     
    10 Million points folded for TPU
  5. Conall New Member

    Joined:
    Dec 22, 2007
    Messages:
    116 (0.04/day)
    Thanks Received:
    5
    I've never used "HijackThis" before.. I hope this is what you wanted.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:44:05 PM, on 7/20/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\COMODO\Firewall\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\COMODO\Firewall\cfp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\ATITool\ATITool.exe
    C:\Documents and Settings\G\Start Menu\Programs\Startup\Core Temp.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: Core Temp.exe
    O4 - Global Startup: ATITool.lnk = C:\Program Files\ATITool\ATITool.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242347688203
    O17 - HKLM\System\CCS\Services\Tcpip\..\{14FA6E2B-C834-4F25-8947-35906E1857F8}: NameServer = 209.244.0.3 209.244.0.4
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 5351 bytes
     
  6. kid41212003

    kid41212003

    Joined:
    Jul 2, 2008
    Messages:
    3,585 (1.37/day)
    Thanks Received:
    534
    Location:
    California

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page