# SVCHOST.EXE error!



## rakesh14021983 (Dec 27, 2008)

Hi all...

I have been facing a weird problem with my system.

After about 15 - 20 mins of normal functioning i get an error msg... 

"svchost.exe application error: The instruction at 0x6f8916e2 referenced memory at 0x00f8005c. The memory could not be read. Click on OK to terminate the program"

If i click on OK the system just hangs and i have to reboot (since svchost.exe is forcefully ended)... also.. if i leave the dialog box my system continues working.

I have scanned my pc with Spybot - Search n Destroy, Ashampoo Anti - Spyware 2 and Avast 4.8

The system was clean as a whistle.. I have tried endlessly to solve this but to no avail... 

Can someone please help me here?


----------



## alexanderthegreat (Dec 27, 2008)

Looks like a problem with windows update again! I had one back when I used WinXP. My error message was similar to yours but I don't remember the memory addresses. I had found a solution at ehow.com that worked for me, here is the link:-
*www.ehow.com/how_4480978_fix-svchostexe-application-error-windows.html

It is caused mostly when a service using svchost.exe gets corrupt. It can be any service. You might want to try disabling all services one by one and see if its stable. You can do this by running(Start>Run in XP, search for "run" in Vista) "services.msc" and editing the properties of any service you think might be corrupted to make its startup mode disabled. Restart each time and check if anymore svchost.exe errors are reported.

Hope this helps!


----------



## paroh (Dec 27, 2008)

Start Registry Editor (Regedit.exe) by clicking Start menu, and then click the Run icon.
In the small box that Opens, type: regedit then click the OK button.
The Registry Editor will now have opened…
Locate the following key in the registry:
HKLM\System\CurrentControlSet\Services\NetBT\Parameters
In the right-hand side of the window find an option called TransportBindName.
Double click that value, and then delete the default value, thus giving it a blank value.


The you must now navigate to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
You will see there is a String Value called: EnableDCOM
Set the value to: N (it should currently be Y)
Close the Registry Editor.
Shutdown and Restart your computer


----------



## ssnkalol (Jan 2, 2009)

paroh said:


> Start Registry Editor (Regedit.exe) by clicking Start menu, and then click the Run icon.
> In the small box that Opens, type: regedit then click the OK button.
> The Registry Editor will now have opened…
> Locate the following key in the registry:
> ...


I Have done this but then after my network is not working. 
i get this message while i am using tata easy to surf or dataone new blue modem i which we have to dial for login.


----------



## rakesh14021983 (Jan 2, 2009)

@paroh: Thank you so much! Your solution worked like an absolute charm..


----------



## paroh (Jan 2, 2009)

rakesh14021983 said:


> @paroh: Thank you so much! Your solution worked like an absolute charm..



Good to know that it works for u 

*www.thinkdigit.com/forum/member.php?u=61223


----------



## Ishan (Jan 2, 2009)

How did u get this paroh?
Obviously it wouldnt have strucked u all of a sudden!

was that from a past experience or did some searching?


----------



## rakesh14021983 (Jan 2, 2009)

Ishan said:


> How did u get this paroh?
> Obviously it wouldnt have strucked u all of a sudden!
> 
> was that from a past experience or did some searching?



Good point... even i would wanna know this paroh... cuz i had googled this problem for like 2 weeks and been to countless forums to no avail...


----------



## paroh (Jan 3, 2009)

> Start Registry Editor (Regedit.exe) by clicking Start menu, and then click the Run icon.
> In the small box that Opens, type: regedit then click the OK button.
> The Registry Editor will now have opened…
> Locate the following key in the registry:
> ...



The above  procedure closes the port 135 and 445 u can also use windows worms door cleaner to close the port 135 and 445

As there is a utlity that can block the worm doors (windows worms door cleaner).
I can't confirm it works independently without requiring the above procedure as i used it in combination with the above process. Try to use windows worms door cleaner independently and post ur result whether it works for u or not.Use the utility to  close 
port
135 DCOM RPC 
RPC Locator 445 port

As this is difficult to get as most of the people on the internet taking about a small service pack that will help in getting rid of the problem (service pack release in the date of 2004-2005) but my cousin pc is with xp sp3 or all the previous update are there in it but still i try to download the small service pack and try to apply  it gives error (u all ready have the updated version some think like this). This problem can also occurs with msblaster worm but as far as i know xp sp3 has all included this patch in it. As even the microsoft site is providing only the old service pack  that does not works if u all ready using sp3 patch. It also takes me more than a week to get to the proper working solution
*Windows Worms Doors Cleaner*


```
*download.softpedia.com/dl/31711c0aff2af0c7d627e8819d28dc9f/495ef702/100107294/software/security/firewall/wwdc.exe
```



ssnkalol said:


> I Have done this but then after my network is not working.
> i get this message while i am using tata easy to surf or dataone new blue modem i which we have to dial for login.



Try to enable net bios port by using the utility

```
*download.softpedia.com/dl/a5823a9e140ae47f49ff574c1f1f0f11/495ef880/100107294/software/security/firewall/wwdc.exe
```
If by opening netbios port it works it good other wise try to open other port also line wise line


----------



## kishtok (Jan 10, 2009)

Hi! 
I think I have the same problem.... I have installed XP SP3 and on the same day (!) I got the freakin' svchost error mesage. I edit the registry keys (as paroh said) and it seems like the error messages disappeared but I was unable to connect to other computers on the network (neither others could connect to mine) so I had to default the TransportBindName value from HKLM\System\CurrentControlSet\Services\NetBT\Parameters to get access. Nothing else worked... (and now the error messages returned) 
Any ideas how to preserve the network access? 
Thanks!


----------



## kishtok (Jan 14, 2009)

OK, guys! I fixed it!!! It was the conficker worm that messed the things up. The antivirus deleted it but I still had to download a patch from Microsoft 

*www.microsoft.com/downloads/detail...067B73D6A03&displaylang=en#QuickInfoContainer

So, to all those having having the svchost.exe error: download and apply the patch from MS (the above link)
Good luck!


----------



## curryfizzle (Jan 14, 2009)

kishtok said:


> OK, guys! I fixed it!!! It was the conficker worm that messed the things up. The antivirus deleted it but I still had to download a patch from Microsoft
> 
> *www.microsoft.com/downloads/detail...067B73D6A03&displaylang=en#QuickInfoContainer
> 
> ...



I installed the MS patch..but still no luck...the error keeps reappearing

any other suggestions?


----------

