JonSnow 0 Posted November 8, 2013 Share Posted November 8, 2013 Hello,I just noticed that when I run the database update of smart security v7,one of the svchose.exe process takes a huge spike in memory usage(around 300mb).After a while,it goes back to normal usage.Is the update whats causing this or something else? Off-topic questions:Is the smart scan considered a quick scan ?And when I press on statistics tool I noticed that the pc is scanning some files in background without me starting a scan,is it something normal? Thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 4,703 Posted November 8, 2013 Administrators Share Posted November 8, 2013 Hello, svchose.exe is not a system process, it sounds fishy. The legit system process is svchost.exe (C:\Windows\System32\svchost.exe) but maybe you made a typo. As for the increased memory consumption by svchost.exe, I don't think that signature updates would cause this, I assume it's rather Windows update which utilizes svchost.exe As for the smart scan, it should be relatively quick. If you don't want to scan inside archives, you can perform scans even quicker. However, since startup scans are run upon every computer start and after every update, I'd consider running on-demand scans on a frequent basis unnecessary. Regarding the statistics, real-time protection scans all files that are accessed by the operating system or 3rd party applications so it's normal that files are continually being scanned. Actually I'd be worried if no files were shown as being scanned : ) Link to comment Share on other sites More sharing options...
JonSnow 0 Posted November 8, 2013 Author Share Posted November 8, 2013 Thanks for the reply,sorry it was a typo I configured windows update to not update or search for update automatically,but eset alone searched for windows updates.Maybe this is what caused it,so I'll check again when another database update is released to see if it really wasnt the one that caused it.Since I used other antiviruses,I am getting confused with the type of scans in eset,the smart scan is like a quick scan and the in depth scan is considered a full scan?After every database update, does it scan everything or just commonly used files? Link to comment Share on other sites More sharing options...
SweX 871 Posted November 9, 2013 Share Posted November 9, 2013 Yes you could say that the "smart scan" is what other vendors/products would call a quick scan. After every update the scan that is runned is not a quick scan, or deep scan, but a startup scan that is a much quicker scan that should finish within 10sec. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,703 Posted November 9, 2013 Administrators Share Posted November 9, 2013 ... eset alone searched for windows updates. ESET doesn't search for Windows updates, it receives a list of available updates from Windows Management Instrumentation. Link to comment Share on other sites More sharing options...
JonSnow 0 Posted November 9, 2013 Author Share Posted November 9, 2013 (edited) Oh I see , thank you both for the replies.Sorry for going off-topic alot,but one last question before you can mark it as solved.Everytime I connect to the internet,the firewall(set to interactive) asks about the application Sytem trying to connect to a remote computer of ip 192.88.99.1. 192.88.99.1 is not my default gateway so is it ok to allow it or should I deny access like I do everytime?EDIT:now i get a different remote computer ip with the application System.Can anyone explain? Edited November 9, 2013 by JonSnow Link to comment Share on other sites More sharing options...
Arakasi 549 Posted November 10, 2013 Share Posted November 10, 2013 JonSnow, The IP 192.88.99.1 is coming from a 6to4 relay router, which is used in converting IPv4 to IPv6, allows IPv6 packets to be transmitted over an IPv4 network. Your personal Gateway may be setup for this function. Your options are to allow with ESET, or you can go to your Network adapter on your PC and disable IPv6 OR on your router and disable IPv6 transmissions. It should get rid of this problem, you wont need IPv6 on your local network using a private IP, however browsing the web you will run into instances for IPv6. You should post the new IP you are seeing if it is different then 192.88.99 subnet. Thanks Link to comment Share on other sites More sharing options...
JonSnow 0 Posted November 10, 2013 Author Share Posted November 10, 2013 Thanks for the reply , the new IP I recieved is 24.254.130.49 which I blocked. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted November 10, 2013 Share Posted November 10, 2013 Cox Communications Inc. NETBLK-COX-ATLANTA-8 (NET-24-248-0-0-1) 24.248.0.0 - 24.255.255.255Cox Communications NETBLK-HR-RDC-24-254-128-0 (NET-24-254-128-0-1) 24.254.128.0 - 24.254.191.255 Link to comment Share on other sites More sharing options...
JonSnow 0 Posted November 10, 2013 Author Share Posted November 10, 2013 What does this mean ?Why is it connecting to this company ? Link to comment Share on other sites More sharing options...
Arakasi 549 Posted November 10, 2013 Share Posted November 10, 2013 Who do you have internet service with? What state are you in, if inside USA? Link to comment Share on other sites More sharing options...
JonSnow 0 Posted November 10, 2013 Author Share Posted November 10, 2013 No I dont live in the USA,not even close.I'm from the middle east.I ran a full scan with ESET and then with malware antibyes,nothing suspicous was found.Also blocking this connection caused nothing these past days ,so I guess problem solved. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted November 11, 2013 Share Posted November 11, 2013 Thats strange. Cox is a legit company here in USA. They provide internet and communication services. It may be trade or advertisement based. Ok to block it seems Link to comment Share on other sites More sharing options...
Arakasi 549 Posted November 11, 2013 Share Posted November 11, 2013 If your name is from Game of Thrones. I like it Link to comment Share on other sites More sharing options...
Recommended Posts