Jump to content

svchost.exe virus?


Recommended Posts

Hi all, I've search the forum about this problem but I get too many returns as every HijackThis file has multiple hits!

I run ZoneAlarm alongside Malware Pro. One of the (few) things I like about ZA is the traffic meter running in the start bar.

Recently this has been banging away showing in/out traffic when nothing should be using the bandwidth ie. when I have just booted and no other bandwidth using programs are open (browser, mail etc).

I downloaded TCPview which showed that it was svchost.exe using the traffic and stopping the process stops the bandwidth leak. A quick search on the net shows that this can also be a virus. I have run several scan that come up clean.

My questions are 1. am I infected? 2. how can I clean it and 3. if I am infected why doesn't Malwarebytes see it?

Cheers, Russell

Link to post
Share on other sites

1. am I infected?

That is always a possibility, but remember that svchost is a system file that is often used for things such as networking. Did TCPView show the IP addresses it was sending to to be outside of your local network?

2. how can I clean it

That depends on what it is. If it is nothing malicious, then there is no need to clean it up.

3. if I am infected why doesn't Malwarebytes see it?

If it is an infection, it could be something new that our heuristics don't yet account for. It could also be protected by a rootkit that we cannot detect.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.