Do I have a virus?

Discussion in 'Malware Help (A Specialist Will Reply)' started by linfosoma, Sep 10, 2008.

  1. linfosoma

    linfosoma Private E-2

    Hi, first I want to say that I used the search feature but did not find an answer to my problem.

    Yesterday my computer started to run REALLY slow. It takes ages to boot up.
    Also, if I try to run a game it takes a very long time to load and then the sound is not properly synchronized or it loops during loading times.

    Everything is up to date and everything was working just fine yesterday so I figured it is a virus that´s causing this.

    Now, I checked under the task manager and I realized there was a process called "svchost.exe" that was using a lot of ram. Then I found out I had like 6 of those and that they seemed to be a trojan called "W32/Agobot-S".

    I checked how to remove this, you are supposed to remove the files that get it to run from the registry but I could not find it there.
    I do see it under "windows/system32/svchost.exe" but I cannot erase it.

    If I try to shut down the process from the task manager it restarts my computer.

    I booted up in safe mode and performed a full scan but I couldn´t find anything. Im using ZoneAlarm anti-virus and a few Anti-spyware utilities.

    I dont know what else to do.
    Im still not sure if this is caused by a virus or if it is a hardware problem.
    Any help would be apreciated!
     
    linfosoma, Sep 10, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    system32/svchost.exe is a required Windows system process. You must not delete this file. As long as it is running from the system32 folder it is okay and it is quite normal to have many of them running.

    If you want to check your PC for malware, please follow the instructions in the below link and attach the requested logs when you finish these instructions.


    READ & RUN ME FIRST. Malware Removal Guide
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    Notes:


    1. If you run into problems trying to run theREAD & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
     
    chaslang, Sep 11, 2008
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds