Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Lots of svchosts.exe as malicious files, and just some help please.

  • Please log in to reply
2 replies to this topic

#1 Harrison1220


  • Members
  • 6 posts
  • Local time:02:21 AM

Posted 07 July 2014 - 12:58 AM

So lately, Malware Bytes has been blocking some sites. One of it being a malicious one (Probably the fake java update, I'm not entirely sure), and it has been really (freaking, scaring?) me out.


It's most likely the java one, but how do I get ride of these? There are about 4-12 different svchosts being executed upon watching Youtube videos, and the like. 4-12 can extend to 4-20 some of the time.


Some notable svchost services are:


BFE, Base Filtering

DHCP, DHCP client

Event System

CryptSvc, Cyrptosomething



Policy Agent, IPSEC




These are obtained by doing show all processes, and clicking on 1 svchost, and pressing services.


Could someone also tell me what "FindWide" is on my Hitman Pro scan? There's a lot of it with a bunch of random letters/numbers combined in a code like numeric digit order.


I also scanned for 2 Hijackers, which are:

Default_Page_URL, HKU, and with Software\Microsoft\Internet Explorer\Main,


And Tabs, being the most interesting one, is HKLM\SOFTWARE\Wow6432Node\Microsoft--> same directory as above.


I may reset my PC for the sake of 88 threats on one virus scan, and 132 on another, so I may not be able to read it.


Please help, with advice or anything.





BC AdBot (Login to Remove)


#2 Harrison1220

  • Topic Starter

  • Members
  • 6 posts
  • Local time:02:21 AM

Posted 09 July 2014 - 05:36 PM

I really hate to bump this, but more malicious sites that aren't hosted from China are being inbound, and it's frequently happening more then last time.

#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,573 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:04:21 AM

Posted 10 July 2014 - 03:47 PM

FindWide is a potentially unwanted application. It changes the homepage and other redirects and should be removed.. It looks like there are more serious issues here also and we will need a deeper look to resolve them.

If running WIN 8 then just repost your issue per step 8.
If not ...
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users