Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Post-Virus Removal Browser (Google) Redirection, Windows Update (Automatic or otherwise) Blocking, and Svchost.exe process consumption

  • This topic is locked This topic is locked
1 reply to this topic

#1 Resolution


  • Members
  • 9 posts
  • Local time:11:24 AM

Posted 18 May 2011 - 03:40 AM

About a week ago I somehow acquired an extremely aggressive virus that masked itself as a Vista anti-virus scanner and a vista recovery program. It was by far my worst experience ever with a virus. It hid all the files on my hard drive, wiped out my Windows interface (Taskbar, background, icons, ect.)and disabled me from using task manager essentially commandeering my PC.

After a few hours of fiddling I was able to regain and remove the bulk of the virus by booting up with the command prompt assuming all was well, but I discovered later that my browser was still infected and would be redirected on nearly every click of Google search results. I also found out that my computer would slow to a crawl with a process called Svchost.exe. The process launches and eventually consumes more and more memory and CPU power until it reaches 100% and renders the computer inoperable if the process goes un-killed. Furthermore my Windows updater now will not initialize. When trying to check manually for updates it yields the following error:

Windows could not search for new updates. Windows update encountered an unknown error. Error code 80072EFE.

I have scanned with both Malwarebytes and Avira and they both turn up nothing, so the only conclusion I can come to is that the virus left some files corrupted or I just have some really well-hidden malware.

For the browser issue I tried both uninstalling and reinstalling Firefox and switching to Google Chrome, but I still would be redirected.

For the Svchost.exe consuming my CPU issue I was going to delete it from my system but apparently it's within my registry and is a vital Windows process, so I was unqualified to deal with it.

I consider myself a fairly competent guy, but this has just completely beaten me. I've exhausted every possible avenue that I can think of on my own, so all I have left to depend on before completely reinstalling the OS or just buying a new computer is you guys. Thanks in advance!

BC AdBot (Login to Remove)


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator

  • Moderator
  • 37,109 posts
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:24 AM

Posted 22 May 2011 - 09:03 AM


Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users