Since the suspected date of infection, computer gradually slows down, makes more critical errors, CPU behaves like there was always another input queued before mine, windows detects IP conficts in the network (mine's the only one in it), so my claim is that someone took control over it, like a puppetmaster.
Basically at this point my routine is to outrun the malware - start performance monitor right after login, then killing svchost.exe(netsvc) when it's starting to consume more and more resources. In following article How to remove SvcHost.exe malware (Virus Removal Guide) it is stated that the .exe file found in directory any other than C:\Windows\System32 can be considered malware. I've secluded all of the variants:
svchost.exe.mui:
C:\Windows\SysWOW64\pl-PL
C:\Windows\winsxs\x86_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_506792dd76f7a29c
C:\Windows\System32\pl-PL
C:\Windows\winsxs\amd64_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_ac862e612f5513d2
svchost.exe:
C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c
C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356
C:\Windows\SysWOW64
In a single folder and I'm tempted to use Bitdefender file shredder on them. I've had to re-asign files' ownership to Admistrator from TrustedInstaller for all of them in the first place.
So, i'm almost certiain that i'm infected. On the other hand so far all proved harmless, and my only clues come from the unusual behavior observed in performance monitor.
Basically at this point my routine is to outrun the malware - start performance monitor right after login, then killing svchost.exe(netsvc) when it's starting to consume more and more resources. In following article How to remove SvcHost.exe malware (Virus Removal Guide) it is stated that the .exe file found in directory any other than C:\Windows\System32 can be considered malware. I've secluded all of the variants:
svchost.exe.mui:
C:\Windows\SysWOW64\pl-PL
C:\Windows\winsxs\x86_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_506792dd76f7a29c
C:\Windows\System32\pl-PL
C:\Windows\winsxs\amd64_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_pl-pl_ac862e612f5513d2
svchost.exe:
C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c
C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356
C:\Windows\SysWOW64
In a single folder and I'm tempted to use Bitdefender file shredder on them. I've had to re-asign files' ownership to Admistrator from TrustedInstaller for all of them in the first place.
So, i'm almost certiain that i'm infected. On the other hand so far all proved harmless, and my only clues come from the unusual behavior observed in performance monitor.