Solved REGSRVC32, RunDLL, svchost has been infected

reizhu

New member
Local time
1:38 PM
Messages
2
sorry for bad tittle cause idk really know into which categories my problem, the problem is my laptop processor lately running in high peak even though im just listening to music or browsing, after searching in process explorer i found it was REGSRVC32, RunDLL and svchost everytime i try to delete the service its keep changing its name and have no clue what background program running to run this service, i try Malwarebytes but its not detected any problem, im using laptop HP 14-r017tx, if u guys can't really see whats written in SS here it is
"C:\Windows\syswow64\svchost.exe -o xmr-us-east1.nanopool.org:14444 -u 49ptuU9Ktvr6rBkdmrsxdwiSR5WpViAkCXSzcAYWNmXcSZRv37GjwMBNzR7sZE3qBDTnwF9LZNKA8Er2JBiGcKjS6sPaYxY -p x -k --donate-level=1 --max-cpu-usage=100 --cpu-priority 3"
thanks in advance for any assistance
 

Attachments

  • Proces explorer properties.jpg
    Proces explorer properties.jpg
    173.4 KB · Views: 7

My Computer My Computer

At a glance

Kalimantan Timur
Computer type
PC/Desktop
Computer Manufacturer/Model Number
HP
OS
Kalimantan Timur
Welcome to the forum. svhost is a tool that runs other software so its likely its not infected just being used. download Download RKill run it what it does is kill all things running that are not oficial windows once you reboot it ends. see what the log says its stopped.
check msconfig and task shedule stop anything thats funny or is in the rkill logs you should then be able to delete the files
 

My Computer My Computer

At a glance

win 8 32 bit
Computer type
PC/Desktop
OS
win 8 32 bit
thanks for advice, Rkill not detected anything but i did find the problem in task scheduler once again thanks man:D
 

My Computer My Computer

At a glance

Kalimantan Timur
Computer type
PC/Desktop
Computer Manufacturer/Model Number
HP
OS
Kalimantan Timur
Back
Top