Identifying activity svchost.exe

Status
Not open for further replies.

PeterFS

New Member
Thread author
Jan 25, 2024
1
Hi,

My desktop with Windows 10 is running something unknown, that stops as soon as I open task manager or process explorer. That's why I can't discover what it is, and can't remove it. The process uses some 30% of CPU capacity.
 

icotonev

Super Moderator
Verified
Staff Member
Mar 9, 2017
538
Hello ..! Welcome to MalwareTips..! :)

My name is icotonev and I'm here to help you remove malware ..! Before we begin, please note the following:
  • First, please keep in mind most of us at MalwareTips volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.
  • It is important to not run any tools or take any steps other than those I will provide for you.Also, do not uninstall or install any software during the procedure, unless I ask you to do so.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.
  • Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
  • Please attach all logs into your post unless otherwise requested.
  • When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
  • If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

Please follow the following instruction ..:

Rkill
  • Please download all 3 versions of RKill by Grinler, not including the zip version, and save them to your desktop
  • Disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double click on Rkill to launch the program. If one download version does not launch try a different one.
  • Note: You may have to run Rkill a few times before it is successful
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • Please copy and paste the contents of the Rkill report that will appear on your desktop in your reply (file is also located at c:\Rkill.log)
  • Do not reboot your computer after running Rkill. If your computer reboots run Rkill again before continuing on
  • If nothing happens or if the tool does not run, please let me know in your next reply.

Next ....:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.
If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

Note:
You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

In your next reply, please include:
  • Rkill log
  • FRST.txt
  • Addition.txt
 

icotonev

Super Moderator
Verified
Staff Member
Mar 9, 2017
538
Due to lack of activity, this topic is now closed.
If you still need help, open a new topic, and wait for a new helper.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top