Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lots of svchosts.exe as malicious files, and just some help please.


  • Please log in to reply
2 replies to this topic

#1 Harrison1220

Harrison1220

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 07 July 2014 - 12:58 AM

So lately, Malware Bytes has been blocking some sites. One of it being a malicious one (Probably the fake java update, I'm not entirely sure), and it has been really (freaking, scaring?) me out.

 

It's most likely the java one, but how do I get ride of these? There are about 4-12 different svchosts being executed upon watching Youtube videos, and the like. 4-12 can extend to 4-20 some of the time.

 

Some notable svchost services are:

 

BFE, Base Filtering

DHCP, DHCP client

Event System

CryptSvc, Cyrptosomething

FDrespub

RpcSs

Policy Agent, IPSEC

stisvc

SDRSVC

 

These are obtained by doing show all processes, and clicking on 1 svchost, and pressing services.

 

Could someone also tell me what "FindWide" is on my Hitman Pro scan? There's a lot of it with a bunch of random letters/numbers combined in a code like numeric digit order.

 

I also scanned for 2 Hijackers, which are:

Default_Page_URL, HKU, and with Software\Microsoft\Internet Explorer\Main,

 

And Tabs, being the most interesting one, is HKLM\SOFTWARE\Wow6432Node\Microsoft--> same directory as above.

 

I may reset my PC for the sake of 88 threats on one virus scan, and 132 on another, so I may not be able to read it.

 

Please help, with advice or anything.

Thanks.

 

 

 



BC AdBot (Login to Remove)

 


m

#2 Harrison1220

Harrison1220
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:31 PM

Posted 09 July 2014 - 05:36 PM

I really hate to bump this, but more malicious sites that aren't hosted from China are being inbound, and it's frequently happening more then last time.



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:31 PM

Posted 10 July 2014 - 03:47 PM

FindWide is a potentially unwanted application. It changes the homepage and other redirects and should be removed.. It looks like there are more serious issues here also and we will need a deeper look to resolve them.

If running WIN 8 then just repost your issue per step 8.
If not ...
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users