Possible virus

M

mrknownothing

New member
Local time
10:15 PM
Messages
15
Hi guys,

I have 3 files, svc_update_client.exe, and svcUpdate.exe in C:\user\..AppData\Roaming\Microsoft folder. Those 2 created today except svchost.exe

They do not show as "Microsoft Corporation" when you hover the mouse over those files. Do they indicate as viruses? I ve checked with avast and it detects nothing but with VirusTotal - Free Online Virus and Malware Scan, 5 different virus checkers detect viruses contain those files.

Also shoudn't svchost.exe, svc_update_client.exe be & svcUpdate.exe in windows/system32 not in C:\user..\..roaming\folder?

Thanks in advance

Mike
 

My Computer

Computer Manufacturer/Model Number
Customised
OS
Windows 7 Ultimate x64
CPU
Q9550
Motherboard
ASUS P5Q-EM
Memory
8GB (Geil 800Mhz a pair of dual channels RAM) DDR2
Graphics Card(s)
none (integrated)
Sound Card
none (integrated)
Monitor(s) Displays
2
Hard Drives
128GB SSD
128GB SSD
2TB WD
2TB WD
1TB WD
PSU
Cosair 620w Modular
Case
Li Lian PC-A10
Cooling
Zalman
Internet Speed
10Mbps
Hi there, scan with malwarebytes.
 

My Computer

Computer Manufacturer/Model Number
Samsung NP530U4B-S02IN
OS
Windows® 8 Pro (64-bit)
CPU
Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB L3 Cache)
Motherboard
Samsung Electronics
Memory
6GB DDR3 System Memory at 1,333MHz (on BD 4GB + 2GB x 1)
Graphics Card(s)
AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
35.56cm (14.0) SuperBright 300nit HD LED Display
Screen Resolution
1366x768
Hard Drives
1TB S-ATA II Hard Drive (5400RPM) with ExpressCache 16GB SSD
Internet Speed
sucks
Antivirus
Microsoft Security Essentials
Browser
Google Chrome (Sync enabled)
mrknownothing said:
Hi guys,

I have 3 files, svc_update_client.exe, and svcUpdate.exe in C:\user\..AppData\Roaming\Microsoft folder. Those 2 created today except svchost.exe
Mike
Click to expand...
If convenient can you zip those files and upload to a file share site then pm me the link to download please?
 

My Computer

OS
7
Hi, they are detected as malware by Spybot program. I have deleted them. I am sorry that I cant send them to you before I delete them. I had a look at your profile photo, "me want malware", maybe you could have a second PC or vmware with no protection at all to collect several malware, trojans etc. Why do you need malwares?

Thank you Dinesh. I didnt use spybot for a month as I should have been. Thank you

Thank you guys for time.

M
 

My Computer

Computer Manufacturer/Model Number
Customised
OS
Windows 7 Ultimate x64
CPU
Q9550
Motherboard
ASUS P5Q-EM
Memory
8GB (Geil 800Mhz a pair of dual channels RAM) DDR2
Graphics Card(s)
none (integrated)
Sound Card
none (integrated)
Monitor(s) Displays
2
Hard Drives
128GB SSD
128GB SSD
2TB WD
2TB WD
1TB WD
PSU
Cosair 620w Modular
Case
Li Lian PC-A10
Cooling
Zalman
Internet Speed
10Mbps

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
mrknownothing said:
Hi, they are detected as malware by Spybot program. I have deleted them. I am sorry that I cant send them to you before I delete them. I had a look at your profile photo, "me want malware", maybe you could have a second PC or vmware with no protection at all to collect several malware, trojans etc. Why do you need malwares?

Thank you Dinesh. I didnt use spybot for a month as I should have been. Thank you

Thank you guys for time.

M
Click to expand...
Collecting/running malware samples is a hobby that I enjoy doing.

If the samples aren't detected by Malwarebytes then I post the Virus Total results along with the sample over at their forum.

I employ Sandboxie, Returnil and VM's to run samples and also have several hard drives with XP/Vista/7 installs that I plug in as to what I feel like using.

Images of all hard drives are stored on an external hd as well.

If you do get an undetected sample you can either post in Malwarebytes forum or use their Upload net.
Malwarebytes.org
 

My Computer

OS
7
You are welcome. :)
 

My Computer

Computer Manufacturer/Model Number
Samsung NP530U4B-S02IN
OS
Windows® 8 Pro (64-bit)
CPU
Intel® Core™ i5 Processor 2467M (1.60GHz, 3MB L3 Cache)
Motherboard
Samsung Electronics
Memory
6GB DDR3 System Memory at 1,333MHz (on BD 4GB + 2GB x 1)
Graphics Card(s)
AMD Radeon™ HD7550M 1GB DDR3 (Ext. Graphic)
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
35.56cm (14.0) SuperBright 300nit HD LED Display
Screen Resolution
1366x768
Hard Drives
1TB S-ATA II Hard Drive (5400RPM) with ExpressCache 16GB SSD
Internet Speed
sucks
Antivirus
Microsoft Security Essentials
Browser
Google Chrome (Sync enabled)
You must log in or register to reply here.
Back
Top