May 27 2021
10:03 PM
- last edited on
Aug 03 2023
08:46 PM
by
TechCommunityAP
May 27 2021
10:03 PM
- last edited on
Aug 03 2023
08:46 PM
by
TechCommunityAP
hi.
my computer got infected by a malware i cleaned almost everything but turned out i didnt
disclamer:
i have tried all the recommended malware removal and didn't work keep detecting that there's a viruses and it cleaned it but still there's one.
so once i open my PC i got those 3 things running by default
and when i click on it to see exactly what is that, its "svchost.exe"
and that process install everytime i open my PC a chrome extention and everytime i remove it once i restart my PC its installed again
and as you see on the 2nd screeenshot the file bath when i go there and delete it it came back again over and over so no point of delete it manually
plus that all the malware apps says the my "rundll32.exe" is infected as well
so i have 2 main files is infected "svchost.exe" and "rundll32.exe" and i don't know what else is infected and what can i do
please help me with that problem, Thank you in advance.
May 28 2021 09:17 AM
Dec 07 2021 04:55 AM
@naelmedhatyou're in the wrong place.
This forum is for the Microsoft Forms application.
What you see there is a malicious piece of software that is likely running as a service on your computer.
Svchost (that's actually contraction of 'servicehost') is the operating system component that's responsible for hosting (running and protecting) system services, that's why you see that one. Rundll is another system component of similar nature - that means whatever you're fighting has taken root and is actively using multiple metods to ensure you DON'T root it out.
The simple/cheap/fast route advice? Rely on your backup (or on your cloud copies of files) and get your PC wiped completely - reset it to factory settings by formatting the hard drive/reloading from image. In many cases, that's gonna be faster than trying to sort out what malware you picked up and how to remove it.
And then, have a think what potentially unsavory site you were on recently, and don't go there ever again.