• We've upgraded our forums. Please post any issues/requests in this thread.

svchost.exe interfering with my internet connection

Conall

New Member
Joined
Dec 22, 2007
Messages
116 (0.03/day)
Likes
5
Processor E6850 3.0ghz
Motherboard GIGABYTE GA-P35-DS3L
Cooling ZEROtherm Nirvana NV120
Memory G.Skill 2x2GB DDR2 1066
Video Card(s) XFX GeForce 8800GT Extreme 512MB
Storage Western Digital Caviar 500GB
Display(s) Dell E193FP
Case XCLIO A380PLUS
Power Supply CORSAIR CMPSU-550VX ATX12V V2.2 550W
Software Windows XP Home
#1
I'm having an extremely annoying problem with a process called "svchost.exe" interfering with my internet connection when I'm playing online games.
It has a large effect on my ping, making them nearly unplayable.

I use COMODO firewall, and to check if svchost really was the culprit, I terminated all of its active connections and tabbed back into the game.
For a few minutes, everything was fine.. Then the lag returned. I tabbed out, and found that svchost was connecting to something again. I repeated this several times to make certain, and it is indeed svchost causing this problem.

I then tried blocking it from accessing the internet.
I went to Firewall/Network Security Policy, found the file in the list, and set it to "Block All Incoming and Outgoing Requests", but that had absolutely no effect.
As I type this, COMODO shows svchost.exe is responsible for 98.9% of my internet traffic despite it supposedly being blocked.

I did a Google search for "svchost.exe", and found several different explanations as to what it is and does.
I've read posts from other forums saying they've blocked it with their firewall with no ill effects, others say it prevents websites from loading if you do so.. However, I found no one complaining about being UNABLE to block it at all.

Would anyone happen to know what I might be doing wrong, and how to go about successfully blocking this program?
 
Joined
Nov 4, 2005
Messages
9,946 (2.25/day)
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#2
Block it, just MS either trying to phone home, your system checking your internet connection, or you have spyware.
 

Conall

New Member
Joined
Dec 22, 2007
Messages
116 (0.03/day)
Likes
5
Processor E6850 3.0ghz
Motherboard GIGABYTE GA-P35-DS3L
Cooling ZEROtherm Nirvana NV120
Memory G.Skill 2x2GB DDR2 1066
Video Card(s) XFX GeForce 8800GT Extreme 512MB
Storage Western Digital Caviar 500GB
Display(s) Dell E193FP
Case XCLIO A380PLUS
Power Supply CORSAIR CMPSU-550VX ATX12V V2.2 550W
Software Windows XP Home
#3
I said in my previous post that I was having trouble blocking it..

Regardless, shortly after I created this topic, COMODO actually began blocking it from accessing the internet, and I have no idea what's changed to make that happen.
I'll be keeping a close eye on it to make sure it stays that way.
 
Joined
Nov 4, 2005
Messages
9,946 (2.25/day)
Likes
2,309
System Name MoFo 2
Processor AMD PhenomII 1100T @ 4.2Ghz
Motherboard Asus Crosshair IV
Cooling Swiftec 655 pump, Apogee GT,, MCR360mm Rad, 1/2 loop.
Memory 8GB DDR3-2133 @ 1900 8.9.9.24 1T
Video Card(s) HD7970 1250/1750
Storage Agility 3 SSD 6TB RAID 0 on RAID Card
Display(s) 46" 1080P Toshiba LCD
Case Rosewill R6A34-BK modded (thanks to MKmods)
Audio Device(s) ATI HDMI
Power Supply 750W PC Power & Cooling modded (thanks to MKmods)
Software A lot.
Benchmark Scores Its fast. Enough.
#4
Run me a hijack this log and post it.
 

Conall

New Member
Joined
Dec 22, 2007
Messages
116 (0.03/day)
Likes
5
Processor E6850 3.0ghz
Motherboard GIGABYTE GA-P35-DS3L
Cooling ZEROtherm Nirvana NV120
Memory G.Skill 2x2GB DDR2 1066
Video Card(s) XFX GeForce 8800GT Extreme 512MB
Storage Western Digital Caviar 500GB
Display(s) Dell E193FP
Case XCLIO A380PLUS
Power Supply CORSAIR CMPSU-550VX ATX12V V2.2 550W
Software Windows XP Home
#5
I've never used "HijackThis" before.. I hope this is what you wanted.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:44:05 PM, on 7/20/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ATITool\ATITool.exe
C:\Documents and Settings\G\Start Menu\Programs\Startup\Core Temp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Core Temp.exe
O4 - Global Startup: ATITool.lnk = C:\Program Files\ATITool\ATITool.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242347688203
O17 - HKLM\System\CCS\Services\Tcpip\..\{14FA6E2B-C834-4F25-8947-35906E1857F8}: NameServer = 209.244.0.3 209.244.0.4
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5351 bytes