Jump to content

svchost.exe is playing music


Recommended Posts

Well, I don't know how/when I got it, but a trojan/rootkit managed to get on my pc. 

 

My svchost.exe is playing ads in the background and using up a lot of memory.

I've read over other forum posts detailing this exact problem but none of them have fixed it.

 

Here's a list of programs i've run:

  • rKill
  • mbrScan
  • aswMBR
  • adwCleaner
  • RougeKiller
  • GMER
  • Junkware Removal Tool
  • Farbar Recovery Tool
  • TDSSKiller
  • MalwareBytes Anti-malware (Full scan, ran for an hour+)
  • MalwareBytes Rootkit Removal tool

Every time it seems like I manage to stop it or remove it, next login I see a "Launching application" window that says something like "Verifying application requirements" for a couple seconds and then it closes and I get the music/ads again.

 

Right now I have my PC locked down with my firewall to prevent any more connections from the trojan.

 

I also noticed in my Farbar tool logs it mentioned something about svchost having a fault.

And Spybot S&D added those links to my hosts file if anyone was wondering what they were.

 

I'll attach all my logs below, hope I can get some help, i'm at my wit's end. :/

Addition.txt

AdwCleanerR1.txt

ComboFix.txt

FRST_09-01-2014_03-23-54.txt

mbar-log-2014-01-09 (00-24-35).txt

MbrScan.log

Rkill.txt

RKreport0_S_01092014_025936.txt

system-log.txt

TDSSKiller.3.0.0.19_09.01.2014_12.11.55_log.txt

Link to post
Share on other sites

Using ComboFix......

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt, place it next to ComboFix.exe

CFScript.gif

Refering to the picture above, drag CFScript into ComboFix.exe

CAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.

After reboot, (in case it asks to reboot)......

Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.

MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.