Archive

Mar 28

svchost.exe causing 100% CPU usage takes

By adminComments Off

In the win.ini file, in the [Windows] Here, “run =” and “load =” it is possible to load the “Trojan horse” program means that they must watch and listen closely. Under normal circumstances, after the equal sign Shiyao they are not, and if found to have followed the path and file name is not familiar with your startup files, your computer may be in a “Trojan horse” of the. Of course, you have to look at, because a lot of “Trojan horse”, such as “AOL Trojan horse”, which put itself disguised as command.exe file, if not pay attention may not find it is not a true system startup files.

In the system.ini file, in the [BOOT] Here is a “shell = file name.” Correct file name should be “explorer.exe”, if not the “explorer.exe”, but the “shell = explorer.exe program name,” NA me that Toshiba Satellite a105 Battery procedure is followed by “Trojan horse” program, that you have in “Trojan horse” of the.

In the case of the most complex registry through regedit command to open the Registry Editor, click to: “HKEY-LOCAL-MACHINESoftwareMicrosoftWindowsCurrentVersionRun” directory, view the key in there they are not familiar with the automatic startup file with the extension EXE Here Remember: some of the “Trojan horse” program generated file like the file system itself, to muddle through camouflage, such as “Acid Battery v1.0 Trojan horse” that will registry “HKEY-LOCAL-MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun” button under the Explorer value to Explorer = “C: Window *** piorer.exe”, “Trojan horse” program between the Explorer and the only real “i” and “l” difference. Of course, there are many places in the registry can hide the “Trojan horse” programs, such as: “HKEY-CURRENT-USERSoftwareMicrosoftWindowsCurrentVersionRun”, “HKEY-USERS **** SoftwareMicrosoftWindowsCurrentVersionRun” directory are likely the best way VAIO VGN-NR490E battery is to “HKEY-LOCAL-MACHINESoftwareMicrosoftWindowsCurrentVersionRun” found under the “Trojan horse virus, also known as the” Code Red II (Code Red 2) “virus, and the earlier the English system popular in the West” Code Red “virus a bit contrary, to be called VirtualRoot (virtual directory) virus. The worm using Microsoft known overflow vulnerabilities to spread through the 80 ports to other Web page server. the infected machine by hackers to run the request through the Http Get scripts / root.exe to the infected machine to gain complete control over it.

When the infection was successful after a server, if the infected machine is Chinese system, the program will sleep 2 days, other machines sleep 1 day. When time to sleep later, the worm will cause the machine to restart. The worm also checks whether the machine is 10 months or the month if the year is 2002, if the infected server will restart. When the system starts Windows NT, NT system will automatically search for the files under the root directory C explorer.exe, by the network worm infected explorer.exe file on the server that is the Internet worm program itself. The file size is 8192 bytes, VirtualRoot worm program is executed by the program. At the same time, VirtualRoot network worm will cmd.exe file system directory from the Windows NT, copy to another directory, to open the door for hackers. It will also modify the system registry entries, modify the NIKON D90 battery project through the registry, the worm can create a virtual directory C or D, the resulting virus name. It is worth mentioning that in addition to the network worm file explorer.exe, the rest of the operation is not based on the file, but directly in memory for infection, transmission, and this has brought more difficult to capture.

Program’s file name, and then you can search the entire registry.

We look at how Microsoft describes the svchost.exe. In the Microsoft Knowledge Base 314056 in the following description of svchost.exe: svchost.exe is from a dynamic link library (DLL) to run the service generic host process name.

In fact, Windows XP, svchost.exe is a core process. svchost.exe is not just only in Windows XP, use the Windows NT kernel system will have the presence of svchost.exe. General svchost.exe process in Windows 2000, the number is 2, and in Windows XP, svchost.exe process to increase the number to more than 4 and 4. Therefore, the system processes the list to see several svchost.exe NA me do not worry.

svchost.exe in the end do Shiyao used for?

First, we need to understand that it is in the NIKON Coolpix P80 battery process of Windows system is divided into: the independence process and sharing process of the two. Since Windows system services, more and more limited system resources in order to save a lot of system services, Microsoft made to the shared mode. It is as svchost.exe in the middle of what kind of role?

svchost.exe work is as the host of these services, from svchost.exe to start these services. svchost.exe is responsible for the conditions of these services launch, its own can not achieve the function of any service can not provide any services for users. svchost.exe service calls for these systems through the dynamic link library (DLL) way to start system services.

svchost.exe is a virus of any such statement is elected?

Because svchost.exe can host as a service to start the service, so the virus, Trojan writers also rack their brains to take advantage of svchost.exe to confuse users of this feature to the invasion, undermining the purpose of the computer.

How can I identify what is normal for svchost.exe process, and what is a virus process?

The key is svchost.exe “HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost”, shown in Figure 1. Figure 1, each key represents a separate svchost.exe group.

Microsoft also provides a look at our SONY np-qm91d battery systems are running in svchost.exe in the list of its services. To Windows XP as an example: In the “Run”, type: cmd, then type in command line mode: tasklist / svc. System shown in Figure 2 are listed in the list of services. Red box in Figure 2, the area is surrounded by svchost.exe start list of services. If you are using Windows 2000 system put in front of the “tasklist / svc” command to replace: “tlist-s” can be. If you suspect that your computer may be infected, svchost.exe abnormal if the service svchost.exe files by searching can find anomalies. Usually only found one in: “C: WindowsSystem32″ directory under the svchost.exe process. If you are found in other directory svchost.exe process, then it is probably poisoned.

There is also a confirmation whether the poisoning is svchost.exe in the Task Manager look at the process of execution paths. However, because the system comes with the Windows Task Manager can not look at the process of the path, so look to the process of using third-party tools.

The above brief introduction of the svchost.exe process the relevant circumstances. All in all, svchost.exe is a system of core processes, not the virus process. However, due to the particularity of svchost.exe process, so the virus will do everything possible invasion of PANASONIC cga-du14 battery svchost.exe. Svchost.exe process by looking at the execution path to confirm whether the poisoning.

Nov 23

Notebook CPU Base Knowledge

By admin20 Comments

The difference between them in place?

First Core 2 CPU support 64-bit mobile computing model for the future era of computing faster hardware to provide a solid foundation. High-end 7 Series II has 4MB cache, 2MB than the Core Duo has only twice higher than full! Larger secondary cache means that more powerful multitasking capabilities, the processing time will be greatly reduced. Originally Core 2 CPU’s FSB should be 800MHz, but three generations of Centrino platform in order to meet the needs of, or the same as the Core and 667MHz. Core 2 CPU has also joined with the SSE4 instruction set for EM64T support. Because of the EM64T support makes it can have more memory address space, the future face of memory killer – VISTA operating system, not only the capability, but also extend the life cycle of Core CPU. SSE4 instruction set, of course, compared to the SSE3 instruction set, Intel Core, more emphasis on speed and multimedia processing with multiple optimization.

Dell inspiron 1525 ac adapter Pentium desktop now there are two dual-core, one born before the Core 2 Duo, called the Pentium D, Core 2 Duo was born in a later, called the Pentium E. Dual-core Pentium D is a bad, high-frequency low-energy, power, heat is great, it has been eliminated, it is a basic buy pd. And after the birth of Core 2 Duo, with its excellent performance and low energy, low heat, low power consumption, overclocking and good performance by everyone of all ages, but suffer from too expensive, low-end users to bear, so it launched a Series castrated version of the Core 2 Duo, Intel gave him the name Pentium E, Intel may be the reason why so called to commemorate the one hand, the Pentium series of past achievements (or Pentium series already out), so that is Core Pentium E 2 low-end series, the full paragraph instead of in the past that lame pd, E Pentium Core 2 Duo features and exactly the same as using the same advanced architecture, only slightly lower frequency and secondary cache, so the performance slightly worse. On the other hand also want to use this division of Intel Core and Pentium boundaries.

Inspiron 1545 battery In the notebook field is the same, T2xxx is based on the latest Pentium Core 2 Duo dual-core architecture, and T5xxx and T7xxx is really in to high-end Core 2 Duo. Many businesses in order to deceive consumers, it will confuse all the T series Core 2 Duo, which is not correct, which is still a certain gap, like deliberately in the Exxx desktop Core 2 Duo are known as. E2xxx is a Pentium dual-core, and E4xxx and E6xxx is the Core 2 Duo. Intel order to reduce costs, derived from a variety of different CPU models, yet people look at the dazzling, especially T2XXX, as much as eleven Type: Core Duo T2500 T2400 T2450 T2300 T2300E T2250 T2350 T2050 Pentium dual-core T2130 T2080 T2060, compared as follows:
T2500,T2400,T2300,T2450,T2300E,T2050,T2060 T2500, T2400, T2300, T2450, T2300E, T2050, T2060

First, HP pavilion dv6000 ac adapter the tail number T2X00, the front-side bus are all 667MHz, secondary cache are to 2M, but with different frequency, T2500 clocked at 2.0GHz, T2400 clocked at 1.83GHz, T2300 clocked at 1.66GHz, the other models They can be seen as derivative. 
Compared with the T2500 T2450, T2350 and T2400 compared, T2250 and T2050 and T2300 compared to the secondary cache are as 2M, 667MHz front side bus dropped by a 533MHz, clocked at slightly different (T2450 and T2500 the same, T2350 is 1.86GHz , T2250 is 1.73GHz, T2050 is 1.60GHz).
T2300E and T2300 compared to abolish the VT virtualization technology that, while the T2050 with the T2300E in turn compared to the 667MHz front side bus down by the 533MHz, the T2300 can be seen as “castrated version.” Pentium Dual Core T2060 processor speeds and the same FSB and T2050, the same 1.6GHz and 533MHz. The only difference in the larger secondary cache, in the secondary cache, T2060 T2050 exactly half, only 1MB, which is “once again castration.”
T2300-cancellation VT = T2300E-front-side bus down to 533 = T2050-two cache down to 1MB = T2060
T2350,T2130 T2350, T2130
Pentium Dual Core T2130 can be the same as Core Duo T2350 again in the castrated version of the same frequency as the 1.86GHz, FSB is also 533MHz, while the secondary cache is then reduced to 1MB.
T2250,T2080 T2250, T2080
As a Pentium Dual Core T2080 Core Duo T2250 castration version, in addition to falling into the secondary cache 1M, system bus frequency and front end were the same with the T2250 1.73GHz, 533MHz.

li-12b battery 4MB-800MHz 4MB-800MHz
T7800    2.60GHz T7800 2.60GHz
T7700    2.40GHz T7700 2.40GHz
T7500    2.20GHz T7500 2.20GHz
T7300    2.00GHz T7300 2.00GHz
4MB-667MHz 4MB-667MHz
T7600    2.33GHz T7600 2.33GHz
T7400    2.16GHz T7400 2.16GHz
T7200    2.00GHz T7200 2.00GHz
2MB-800MHz 2MB-800MHz
T7250    2.00GHz T7250 2.00GHz
T7100    1.80GHz T7100 1.80GHz
T5470    1.60GHz T5470 1.60GHz
T5270    1.40GHz T5270 1.40GHz
2MB-667MHz 2MB-667MHz
T2700    2.33GHz T2700 2.33GHz
T2600    2.16GHz T2600 2.16GHz
T5750    2.00GHz T5750 2.00GHz
T2500    2.00GHz T2500 2.00GHz
T5600    1.83GHz T5600 1.83GHz
T5550    1.83GHz T5550 1.83GHz
T2400    1.83GHz T2400 1.83GHz
T5500    1.66GHz T5500 1.66GHz
T5450    1.66GHz T5450 1.66GHz
T2300    1.66GHz T2300 1.66GHz
T5250    1.50GHz T5250 1.50GHz
2MB-533MHz 2MB-533MHz
T5300    1.73GHz T5300 1.73GHz
T5200    1.60GHz T5200 1.60GHz
1MB-533MHz 1MB-533MHz
T2130    1.86GHz T2130 1.86GHz
T2370    1.73GHz T2370 1.73GHz
T2080    1.73GHz T2080 1.73GHz
T2330    1.60GHz T2330 1.60GHz
T2060    1.60GHz T2060 1.60GHz
T2310    1.46GHz T2310 1.46GHz

Today’s CPU had not used the mark frequency method, and use the difference between letters + digital way. Many friends of products to these strange numbers are impossible to start, under a simple explanation for all Core Duo and Core 2 CPU difference in the product numbering method. Given the current Core 2 CPU only T series, the other two products were not born.  The following mainly from the T series to start, and we talk about the difference between the two. General Core CPU are T2XXX encoded form, and there T5XXX Core 2 Duo and T7XXX two series.  Frequency terms from the Core Duo 2GHz CPU most products are the following, and are much more Core 2 Duo 2GHz or more. T5XXX series Core 2 Duo low-end products, the secondary cache and the Core Duo line. T7XXX frequency range of products in more than 2GHz, and the secondary cache to 4MB!
     
 T20X0 Series  T2X50 Series  T2X00 Series  Low-voltage version of Intel Core T5X00 Series  Core 2 Duo low-voltage version  T7X00 Series
            T7700 T7700
            T7600 T7600
            T7500 T7500
            T7400 T7400
            T7300 T7300
    T2700 T2700       T7200 T7200
    T2600 T2600        
    T2500 T2500   T5600 T5600 L5600 L5600 T7100 T7100
  T2450 T2450     T5300 T5300 L7500 L7500  
  T2350 T2350 T2400 T2400 L2500 L2500 T5500 T5500 L7400 L7400 T5470 T5470
T2130 T2130 T2250 T2250 T2300 T2300 L2400 L2400 T5200 T5200 L7300 L7300  
T2080 T2080 T2050 T2050       L7200 L7200 T5250 T5250
T2060 T2060     L2300 L2300      
          U7500 U7500  
      U2500 U2500      
      U2400 U2400      
      U2300 U2300      

Note: from top to bottom, CPU performance in descending order, that is, the performance of the highest T7700, U2300 performance minimum. The same type of performance CPU lines or less. (Without regard to function, etc.)
The parameters of the model notebook CPU

 Processor family  Dual-Core  Cache  FSB Energy conversion  64 移动平台 Mobile Platforms
 Core 2T7X00 odd Is 4M  800 Is Is Centrino 4
Core 2T7X00 even Is  4M  667 Is Is Centrino 3
 Low-voltage version of Intel Core 2T7X00 odd  Is 4M  800 Is Is Centrino 4
 Even low-voltage version of Intel Core 2T7X00 Is 4M 667 667 Is Is Centrino 3
 Core 2T5X50 Series Is 2M 667 Is Is Centrino 4
Core 2T5X70 Series Is 2M 800 Is Is  Centrino 4
 Ultra-low voltage Core 2U7X00 Is 4M  667 Is Is  Centrino 4
 Kunue 2T5X00 (667) Is 2M  667 Is Is  Centrino 3
 Low-voltage version of Intel Core 2L5X00 Is 2M 667 Is Is  Centrino 3
Core 2T5X00 (533) Is 2M  533 Is Is  Centrino 3
 Core T2X00 Series Is 2M  667 Is No Centrino 3
 Low-voltage version of Intel Core L2X00 Is 2M  667 Is No  Centrino 3
 Ultra-low voltage version of Intel Core U2X00 Is 2M  533 Is No  Centrino 3
Ultra-low voltage version of Intel Core U1X00 No 2M 533 Is No  Centrino 3
 Core T1X00 Series No 2M 667 Is No  Centrino 3
 Core T1X50 Series No 2M  533 Is No  Centrino 3
Core T2X50 Series Is 2M  533 Is No  Centrino 3
Core T1X50 Series No 2M  533 Is No  Centrino 3
 Pentium Dual-Core T2XX0 Series Is 1M 533 Is No  Non-Centrino
Celeron M5X0 Series No 1M  533 No No  Non-Centrino
Celeron M4X0 Series No 1M 533 No No  Non-Centrino

Note: 1. Core 2 T7X00 odd (or even) is the X is odd (or even).
2. Core 2 T7100 secondary cache is 2M, T7 series of other secondary cache 4M.

Dell inspiron e1505 ac adapter Mainstream notebook inventory of the type of CPU

Generation Centrino Banias:
Such CPU core uses 130-nanometer manufacturing process, the secondary cache 1M, FSB 100MHZ, bus 400MHZ. Chipset is the main adaptation 855 chipset. Frequency 1.3 1.4 1.5 1.6 1.7 Low-voltage frequency 900 1.0 1.1 1.2 moderator. Core voltage 1.388V – 1.484V, power consumption is about 24.5W. Heat <100 ° C.

Centrino II Dothan:
Such CPU core uses 90-nanometer manufacturing process, the secondary cache 2M, FSB 100MHZ, bus 400MHZ. Chipset is the main adaptation 855 chipset. main models 715,725,735,745,755 765. ULV model 723 733 753 773 low-voltage models 738,758,778,

Klic-7001 Battery Second-generation Centrino Sonoma:
Such CPU core uses 90-nanometer manufacturing process, the secondary cache 2M, FSB 133MHZ, bus 533MHZ, the main adaptation is the 915 chipset chipset. Main models 730,740,750,760,770 780. Core Voltage 1.287V-1.4V power 27W, heat <100 ° C.

Core duo Centrino three generations of Yonah: divided into single-core Core solo and dual-core Core duo

Core solo: 
Such CPU core 65-nanometer manufacturing process, single-core, secondary cache 2M, FSB 166MHZ, bus 667MHZ. Chipset is the main adaptation 945 chipset. Main models T1200 T1300 T1350 T1400 T1500. Core voltage 1.1625V – 1.404V Power 27W, heat <100 ° C.

Core duo: 
Such CPU core 65-nanometer manufacturing process, dual-core, secondary cache 2M, FSB 166MHZ, bus 667MHZ. Chipset is the main adaptation 945 chipset. Main models T2050 T2250 T2300 T2300E T2400 T2500 T2600 T2700 L2300 low-voltage version of a ULV are U1300 U1400 U2400 U2500., Heat <100 ° C.

Centrino four generations Merom:
Dell inspiron 6000 ac adapter Such CPU virtualization technology into Intel’s dual core, using 65-nanometer manufacturing process, FSB 166MHZ, 667MHz front side bus support, and extension of the current Napa platform with Intel Core (Core Duo) processors, two dual-core shared cache architecture , the secondary cache has two 2M and 4M: Socket P models were the first batch of six, including the mainstream product T7100, T7300, T7500 and T7700 and L7500 low-voltage versions and L7300; the processor TDP (thermal design power ) is about 35W.

Blue Taste Theme created by Jabox