Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SVCHOST.exe running at 75%, nonsensical command line strings,etc (w/Screenshots)


  • Please log in to reply
1 reply to this topic

#1 zero93

zero93

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 28 February 2015 - 11:25 PM

Hi everyone,

 

I've managed to replicate this issue of an svchost.exe (probably a malware or bitcoin mining piggyback.

This service always start on logon and has been utilizing 75% of my CPU usage on 3 threads. (25% each)

 

2uzq6x1.png

 

Can anyone make sense of it? I have a workaround where I create a SVCHOST.EXE folder in the windows temp, but every time I clear my Temp files it issue comes back again.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:57 PM

Posted 01 March 2015 - 05:43 PM

Download TDSSKiller and save it to your desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users