Simviation Forum - Malware... URGENT

Jan 9^th, 2009 at 6:20am

An-225 Ex Member

I have five svchost.exes running, two in SYSTEM, one in LOCAL SERVICE and two in NETWORK SERVICE.

As of right now: Local Service: mem usage: 4,128K
Network Service: 3,924K and 3,328K
SYSTEM: 4,488K and 38,236K.

The last one CANNOT be right, downloading AVG right now. Done a cache dump. No slow-down through normal PC use, only some slowdown in the Stalker: Shadow of Chernobyl menu. This slowdown is what prompted me to check through task manager.

Back to top

IP Logged

Reply #1 - Jan 9^th, 2009 at 6:35am

Mazza Offline
Colonel
:D
Melbourne, Australia.

Gender:
Posts: 3184

You have a virus for sure.... Run scans Wink

Sunset Chasing...RULES

AMD 9550 2.43 X4 - 2Gb RAM 800Mhz DDRII - Asus 4670
Corsair TX-750W

Back to top

IP Logged

Reply #2 - Jan 9^th, 2009 at 6:55am

Vodka Burner Ex Member

errr.

Svhost are windows services grouped together.

I have five.

Everyone has five.

start, run, services.msc .... disable them there

Back to top

IP Logged

Reply #3 - Jan 9^th, 2009 at 7:14am

An-225 Ex Member

Eh, I have only ever noticed up to three at one time. Did a scan and there was a trojan lurking around in System 32, it should have been deleted but just in case I'm scanning again.

Back to top

IP Logged

Reply #4 - Jan 9^th, 2009 at 8:25am

Wii Offline
Colonel
Space

Gender:
Posts: 2787

Quote:

Eh, I have only ever noticed up to three at one time. Did a scan and there was a trojan lurking around in System 32, it should have been deleted but just in case I'm scanning again.

I have 10 svchost.exe's running ranging from local service to network service to system. Wink

&&http://352photography.webs.com/

Back to top

IP Logged

Reply #5 - Jan 9^th, 2009 at 10:26am

Groundbound1 Offline
Colonel
No, I don't work for Mythbusters...
Michigan, USA

Gender:
Posts: 1745

Yup, I have six running myself, and no viruses or malware that I know of. (I do my best to avoid such things)

Specs: Asus Crosshair nForce 590 SLI,
AMD Athlon X2 6400+ w/ZeroTherm BTF90,
4GB G.Skill PI Series DDR2-800,
Sapphire HD4870 512MB,
PC P&C 750 Quad, in a CoolerMaster HAF932

Back to top

IP Logged

Reply #6 - Jan 9^th, 2009 at 12:23pm

T1MT1M Offline
Colonel
Hello!
Naboo

Gender:
Posts: 398

Lol i lose. I have 15. But its so much effort to go through and shut all the ones down that i don't use.

I think I'll do it after format Tongue

.

Back to top

IP Logged

Reply #7 - Jan 9^th, 2009 at 5:41pm

a1 Offline
Colonel
Tied In A Knot I Am

Gender:
Posts: 8217

I have about 5. You are mistaken to another one that looks like it. I was too until I read closer. Wink

790i : QX9650 : 4Gb DDR3 : GeForce 8800 GTX : 1 WD Raptor : 1 WD VelociRaptor 150

Back to top

IP Logged

Reply #8 - Jan 9^th, 2009 at 10:08pm

NickN Offline
Colonel
FSX runs fine... the problem
is you or your system

Posts: 6317

normal function of Windows

your seeing nothing abnormal

If you are worried about Malware... download install, update and do a full scan with Malwarebytes

all gone

It wont fix the payload if you have already been hit but it will kill the mother bug

http://www.malwarebytes.org/

getting rid of the payload is a different story and sometimes takes special tools to do it such as Combofix and SDfix (dangerous to use without supervision)

Back to top

IP Logged

Reply #9 - Jan 10^th, 2009 at 3:02am

T1MT1M Offline
Colonel
Hello!
Naboo

Gender:
Posts: 398

At work we found a good way of getting rid of extremely bad viruses that most programs won't fix but this only works if the main virus isn't attached to an important windows file. Find the file that is the virus delete it everywhere you can find it in the registry then simply rename the file, restart and delete it Tongue

.

But you gotta know what is what when your using that method.

Back to top

IP Logged

	Search the archive: