Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: virus possibly related to svchost.exe

30 Nov 2013   #31
architech

Windows 7 64 Bit
 
 

I don't know why I didn't think of this before, but looking over the attachment limitations for file types, I just zipped the file together and it allowed me to upload. The setupapi.dev.log is attached. Thanks for the help.




Attached Files
File Type: zip setupapi.dev.zip (711.2 KB, 2 views)
My System SpecsSystem Spec
.
30 Nov 2013   #32
cottonball

Windows 7 Home Premium
 
 

Thanks for providing the report.

Must let you know that reading device driver logs is definitely not my thing.

With that said, there appears to be a group of Hardware Initiated calls on the setupapi.dev.log related to
some drivers.

You may want to post your concerns and the setupapi.dev.log in the Drivers forum:
Drivers - Windows 7 Help Forums

Someone there may be able to provide some guidance on this issue.
My System SpecsSystem Spec
30 Nov 2013   #33
architech

Windows 7 64 Bit
 
 

How would you suggest I phrase that in the Drivers Forum? Like I said, I don't know what the issue is or how to title it, so any help with that would be appreciated.
My System SpecsSystem Spec
.

30 Nov 2013   #34
cottonball

Windows 7 Home Premium
 
 

Hold off for a day or so!

After posting, thought of an advisor who is well qualified to deal with these types of issues (I think), and asked for him to take a look at the log posted.

He is in England, so there is a time difference involved.

Hopefully, he will be here sometime tomorrow.
My System SpecsSystem Spec
01 Dec 2013   #35
tom982

Microsoft Community Contributor Award Recipient

Windows 8.1 Pro x64
 
 

Hi guys,

These driver installation logs aren't really my forte, but I've had to deal with them in the past so have a little experience with them. The good news is that I can't see any unrepaired errors in your log, but the bad news is that the problem must lie elsewhere. Let's get an up to date FRST log and see what things look like there:

Farbar Recovery Scan Tool (FRST)
  1. Run FRST.
  2. Click Scan to start FRST.
  3. When FRST finishes scanning, a log, FRST.txt, will open.
  4. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Also, whilst we review this, I would like you to follow these instructions:

How to perform a clean boot in Windows 8.1, Windows 8, Windows 7, or Windows Vista

Click on this to expand the instructions:

How to determine what is causing the problem by performing a clean boot

Then click on:

Windows 7 and Windows Vista

Then, when you have finished narrowing down the culprit (if you do find one), revert your startup files to their normal values by following the instructions under:

How to reset the computer to start as usual after clean boot troubleshooting

Tom
My System SpecsSystem Spec
01 Dec 2013   #36
architech

Windows 7 64 Bit
 
 

The results of the FRST scan are attached. It still takes a significant amount of time to run compared to my other machine. I set up the clean boot but it is taking awhile (over an hour) to run the restart. The restart/ shutdown process has been dragging on since this issue, but I will attempt to narrow it down to see which service is causing it. Thanks for the instruction.


Attached Files
File Type: txt FRST.txt (42.1 KB, 4 views)
My System SpecsSystem Spec
01 Dec 2013   #37
tom982

Microsoft Community Contributor Award Recipient

Windows 8.1 Pro x64
 
 

What are your thoughts on these cottonball/Jacee? I'm not allowed to remove any malware yet, but these don't look very good to me:

S3 Asynrsrvbfr;
S1 aleglkvm; \??\C:\Windows\system32\drivers\aleglkvm.sys [x]
S1 bhszzscg; \??\C:\Windows\system32\drivers\bhszzscg.sys [x]
S1 fbbhzhmo; \??\C:\Windows\system32\drivers\fbbhzhmo.sys [x]
S1 fizrehbq; \??\C:\Windows\system32\drivers\fizrehbq.sys [x]
S1 tgefigxr; \??\C:\Windows\system32\drivers\tgefigxr.sys [x]
S1 vtizivqe; \??\C:\Windows\system32\drivers\vtizivqe.sys [x]
S1 yoyloawn; \??\C:\Windows\system32\drivers\yoyloawn.sys [x]

Tom
My System SpecsSystem Spec
01 Dec 2013   #38
architech

Windows 7 64 Bit
 
 

I managed to run a clean boot a couple times, but the computer is still slow, even with the other processes not present, so I think it may be a Windows issue. Now when I load in safe mode, it runs more 'normal' as it did prior to whatever issue. My question is what Windows processes are not run in safe mode that may be loaded in a clean boot? I think the problem may lay with one of those, which I am now guessing is a possible hardware issue.
My System SpecsSystem Spec
01 Dec 2013   #39
cottonball

Windows 7 Home Premium
 
 

Let's nuke those drivers/service in Post #37, and see if it makes any difference...

Please open notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents inside the code box below (Do not copy the word 'code') to Notepad.
Save it to the Desktop, and name it: fixlist.txt

Code:
start
S3 Asynrsrvbfr; 
S1 aleglkvm; \??\C:\Windows\system32\drivers\aleglkvm.sys [x]
S1 bhszzscg; \??\C:\Windows\system32\drivers\bhszzscg.sys [x]
S1 fbbhzhmo; \??\C:\Windows\system32\drivers\fbbhzhmo.sys [x]
S1 fizrehbq; \??\C:\Windows\system32\drivers\fizrehbq.sys [x]
S1 tgefigxr; \??\C:\Windows\system32\drivers\tgefigxr.sys [x]
S1 vtizivqe; \??\C:\Windows\system32\drivers\vtizivqe.sys [x]
S1 yoyloawn; \??\C:\Windows\system32\drivers\yoyloawn.sys [x]
C:\Users\Steve\AppData\Local\Temp\NVI2_29.DLL
end
NOTICE: This script is written specifically for this computer!!!
Running this on another computer may cause damage to the Operating System.

Now, please run FRST, and press the Fix button, just once, and wait.

When done, the tool creates a report on the Desktop called: Fixlog.txt
Please post the Fixlog.txt in your reply.
My System SpecsSystem Spec
01 Dec 2013   #40
architech

Windows 7 64 Bit
 
 

Looks like those services were deleted. Fixlog.txt is attached. No noticeable immediate change. It is attempting a restart now.


Attached Files
File Type: txt Fixlog.txt (1.2 KB, 2 views)
My System SpecsSystem Spec
Reply

 virus possibly related to svchost.exe




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
BSOD D1 possibly portcls.sys related
Seriously need help with BSOD. Started 13 Oct 2013 and happens at least once each day. Same errors every time. portcls.sys is mentioned every time. A new version of this was installed about that time when a Windows monthly update happened. I found an older version and installed it but BSOD...
BSOD Help and Support
Possibly CPU failure related BSODs
Hello everyone, A week ago I have had reinstalled the OS; since then I got random BSODs, around 4; one related to a failure with system update - I got it fixed. Then, one related with Ethernet drivers, I got it fixed too by installing original drivers from CDs instead of downloading them from the...
BSOD Help and Support
BSOD Possibly LoL Related; ntkrnlmp.exe
Hey All, My brother recently talked me into downloading League of Legends, and ever since then my computer has been giving me BSODs like crazy. The first few were only while the LoL download was running, then more came when the installer was going. I decided to give up on it, but he talked me...
BSOD Help and Support
Svchost.exe (netsvcs) and download related issue
hello everyone, i hope this is the right place to post this. it started about 2 weeks ago, i noticed that this process, Svchost.exe (netsvcs), is always downloading something, i tried alot of ideas that i read about online and non of them worked, i was using certain anti-virus when it happened....
Network & Sharing
Possibly driver-related BSoDs
Hi I'm new here and have a nasty BSoD problem going on. I've been searching for days for threads or info to help out but nothing's quite worked out. I've so far managed to narrow it down (I THINK) to a driver in my Atheros WLAN card. A recurring theme in my BSoDs seems to be athrx.sys so I've...
BSOD Help and Support
BSOD in Win7, possibly USB related
Note: I first posted this to superuser.com, but this seems like a better forum for it. Win7 Ultimate x64, full install. My new HP Pavilion Elite HPE-450t has been plagued by BSDO crashes since I got it about 6 weeks ago. The crashes are somewhat rare, sometimes not occurring for 3 or 4 days....
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 13:10.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App