Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost.exe and Syswow64


  • Please log in to reply
2 replies to this topic

#1 Dumwan

Dumwan

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:04 PM

Posted 15 October 2015 - 07:13 PM

I have a process leading to svchost.exe in Syswow64 is this virus I don't seem to have any problems cept for a few days ago I couldn't get into my hidden files

I had stop bitdender mid scan though so I let it finish and restarted and it work again could this file be the cause though



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:04 AM

Posted 15 October 2015 - 07:56 PM

Hello, If you RUN A 64 bit copy of Windows, then path C:\Windows\SysWow64\svchost.exe points to a legitimate 32 bit Microsoft file.

If you do not run a 64 bit OS, then the file is highly suspicious.


or we can get a second opinion, submit it to one of the following online services that analyzes suspicious files:In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:04 AM

Posted 16 October 2015 - 02:28 PM

Just FYI....Microsoft created the folder named SysWOW64 for storing 32-bit .dll files. WOW64 equates to "Windows 32-bit on Windows 64-bit". This folder contains all the 32-bit .dll files required for compatibility which run on top of the 64-bit version of Windows. WOW64 is the x86 emulator that allows 32-bit Windows-based applications to run on 64-bit Windows but x86 applications are re-directed to the x86 \syswow64 when seeking the x64 \system32. The C:\Windows\System32 folder still exists in the 64-bit version of Windows but it is used as a repository for 64-bit .dll files.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users