svchost.exe malware not detected

[citydweller]

I've had at least 2 instances of svchost.exe (win7) seeming to come up and hijack all my cpu and most of my memory while running mozilla (firefox and t-bird). I saw a number of people on mozilla.org reporting a similar problem so I thought it was amozilla issue.

 

Today though, when it started acting up I rebooted, and without opening any software I started the task manager. There were 2 instances of svchost.exe already sucking up all the cpu and memory. So, not mozilla's fault.

 

I started Resource Monitor, and saw taht he two svchost's were connected to separate ip's, and were furiously sending and receiving packets. A full trace of those ip's (23.0.160.198 and 23.62.6.65) revealed that they were going to hentzler.de, while pretending to go to akamai.net.

 

So, clearly intruders. Microslop security totally didn't see them, and a friend recommended and praised MWbytes as god-like, so I downloaded it to a flash drive on another device, rebooted my laptop in safe mode, installed it and ran it, twice, with it set o look for rootkit infestations as well.

 

Hours later, MWbytes totally didn't see them either.  I'm stumped. Still booted in safe mode, but wondering if I need to reboot in normal mode and connect to the router, then allow the svchost monsters to come alive, for them to be detected.

 

Thoughts on all of this? I'm posting from a tablet, and I really need my laptop back, without hackers, bitcoin miners or terrorists running amok on my pc.

[daledoc1]

Hello and :

We are not permitted to work on possible malware-related issues here in this section of the forum.
Such work is conducted in a special forum area reserved for that purpose, or at the help desk.

So, for expert assistance, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested, preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue - the helper will guide you through scanning, cleanup and repair.

Thanks,

[citydweller]

Okay... I posted here because I thought it was an issue with not using MWbytes right, or if I should be scanning while in normal mode and connected to the network. My impression from reading up was that if I could see it without any super powers, then MWbytes should see it too.

 

Am I wrong?

[daledoc1]

Hi:
 
Alas, no one security product, not even MBAM, can possibly detect and remove 100% of all the malware in the world.
This is explained in detail here: The complexity of finding, preventing, and cleanup from malware
 
It's impossible to say for sure what's going on with your computer without more data in the form of diagnostic logs from special malware removal tools.
Such work is not permitted in this particular area of the forum.
 
That's why it was suggested that you seek free expert help from one of the malware experts, either in the malware removal section of the forum, or at the help desk.
As such, I suggest that you might want to please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested, preliminary steps to expedite the process.
As previously mentioned, malware analyst will assist you with looking into your issue - the helper will guide you through scanning, cleanup and repair.

Thanks,