svchost

Discussion in 'Malware Help (A Specialist Will Reply)' started by drinkycrow, Jan 12, 2014.

  1. drinkycrow

    drinkycrow Private E-2

    I must have picked up something surfing last night. I always run ccleaner at the end of a browsing session and saw there was alot of activity in my temp internet files. The task manager shows 7 instances running with one of them at 99% cpu. I ran through the "read and run me first" steps and the svchost activity continues. The only hiccup Ive incountered is roguekiller. It prescans fine but hangs up during a scan of the fake files. It doesnt crash but it wont complete the scan(it ran over night). Im attaching logs from the rest of the steps. Any help is appreciated. Thanks
     

    Attached Files:

    drinkycrow, Jan 12, 2014
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I don't know what you mean by fake files. I would like for you to attempt to run RogueKiller in safe mode please. Attach the log into your next reply.
     
    Kestrel13!, Jan 13, 2014
    #2
  3. drinkycrow

    drinkycrow Private E-2

    Im unable to run roguekiller, including safe mode. The scan gets to a point and then wont go any further. Near the status bar it says "looking for faked files". There is a selection box in options called check faked. It is selected by default. I also tried a scan with it unselected. The results were almost the same except "looking for patched files" is displayed. I appreciate you looking at this. Maybe there is a different app I can try? Let me know what you think.
    thanks
     
    drinkycrow, Jan 14, 2014
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please run the below anti-rootkit tool from Malwarebytes.

    http://www.malwarebytes.org/antirootkit/

    Attach a log from the above.


    Also in which forum are you already working that asked you to download the below registry patches? And why did they ask this?
    Code:
    "C:\Documents and Settings\Todd\Local Settings\temp\"
bits.reg      Jan 12 2014        4200  "BITS.reg"
shared~1.reg  Jan 12 2014        4200  "SharedAccess.reg"
wscsvc.reg    Jan 12 2014        4200  "wscsvc.reg"
wuauserv.reg  Jan 12 2014        4200  "wuauserv.reg"

    Also you did not download and run the current version of MGtools

    Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

    Run MGtools.exe ( Note: If using Vista, Win7, or Win8, make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )


    Now attach the below logs:
    • C:\MGlogs.zip
     
    Last edited: Jan 15, 2014
    chaslang, Jan 15, 2014
    #4
  5. drinkycrow

    drinkycrow Private E-2

    Thank you both for looking into this. The video card went bad a few days ago. Its an old computer with other issues. Looking forward to getting a new one. Thanks!
     
    drinkycrow, Jan 18, 2014
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Jan 19, 2014
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds