Skip to main content

Fake explorer.exe and svchost.exe

My PC is a Pentium Dual Core E5700 3GHz, Intel G41 Express Chipset and 2GB of ram (Pretty rusty, but surprisingly good performance in Wii and Gamecube games) Windows 7 Ultimate 64 bit.

So recently, i see the 2 processes mentioned above, and one of them (It's always random) uses up 50% CPU, but the really weird thing is that whenever i open up "Dolphin.exe" (GC and Wii emulator) or sometimes another process, the .exe file is given the "hidden" property and the 2 processes open up, the result is that my PC gets really slow, however this isn't dolphin.exe's fault, as i could play games on it perfectly some time ago, nor is it other game as i have ran scans on it with MalwareBytes and Avast! giving no bad results.

I can't close any process as doing so will only cause the other process to open it up again instantly. I have managed to delete the 2 of them many times before, but they just come back when i open any .exe file, i have eliminated their "Runonce" entries in the Registry editor just after i delete the files (and i have tried before i delete them) but those entries get created again and the problem continues.

Runonce.exe is found in Syswow64 and System32 folders, but they can't be deleted since i need permission from trustedinstaller (Even then i can't change the permissions of the folders nor of runonce.exe)

I also have tried deleting the files and the entries in the registry in safe mode but it doesn't work, since as soon i go back to normal mode it starts again.

This is the most bullet proof virus i have ever seen on my PC, i have tried every method i know of to get rid of it but they never work.

And the handles in explorer.exe are: ntdll.dll!Userthreadstart (This one has 4 copies of it) explorer.exe (with one copy) ole32.dll

The handles in svchost.exe svchost.exe (with one copy) ole32.dll ntdll.dll!Userthreadstart (Between 3 and 6 copies)

That's all the information i can remember right now, by the way, i can't answer questions right now but tomorrow i will be able to answer all of them, so if possible try to post direct solutions.



Submitted August 31, 2017 at 04:54AM by TDRollinsR http://ift.tt/2wjX9JJ
Labels:

Comments

Post a Comment

Popular posts from this blog

certain keys on my keyboard dont work when "cold"

Hi guys, i have a Lenovo Y520-15IKBN (80WK) and certain keys on the keyboard don't work (e,g,h,8,9,Fn...) but only when the weather is cold. for example in the winter it used to work after certain amount of time when i first boot the laptop and stops working when i stop using it for a while, but now that the weather is hot it works just fine except for the first couple of minutes or when its colder. of course i do realise that it has nothing to do with the outside weather but with the temperature of the computer itself. can someone explain to me why this is happening and how it should be fixed as i cannot take it to the tech service until july even though it's still under warranty because i need it for school. ps: an external keyboard works fine. Submitted April 29, 2018 at 03:35PM by AMmej https://ift.tt/2KiQg05
Post a Comment
Read more

Old PC with a Foxconn n15235 motherboard needs drivers! Help!!

So my Pc corrupted and I had to fresh install windows on it, but now its missing 3 drivers and one of them is for the Ethernet controller! I've tried searching everywhere for the windows 7 drivers but all I seem to find are some dodgey programs saying they will install it for me. Problem is without the ethernet driver I can't bloody connect to the internet. I've been using a USB to try get some drivers on there, but they just end up being useless programmes . I'm also a bit of a noob at these things, I don't understand where to find the names of things in my PC, I've opened it up but I don't understand whats significant and what isnt. If someone has the drivers and can teach me how to install them I'd be very appreciative! Submitted April 29, 2018 at 02:47PM by darrilsteady https://ift.tt/2r76xMZ
Post a Comment
Read more