• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

svchost.exe sound device using 10% network utilization 24/7 ???

P

phpdog

Senior member
Hi ,

I got a letter recently saying someone recieved spam emails from my IP and 1 of my systems may have been infected with spyware .

So i was cleaning out 1 of my systems and monitoring the Internet connection and found this annoying thing which i cant work out .

When i turn everything else of and its just basic windows resources running , my LAN connection shows 10% Utilization at a constant perfect stream along the Networking Graph in Win XP Task Manager .

The only thing that stops this device using the LAN connection it to disable the 1 instance of svchost.exe thats using the most RAM .

Then the LAN connection shows 0% Utilization but it also turns the sound device off ???

Can anyone tell why this is and if its a problem ?

None of my other systems show this , The LAN Connection shows 0% in use when i close all browsers and apps .

 
Why is this a problem? You've already been informed your infected and generating spam, you find a system who is sitting there generating network traffic, and you want to know if thats bad?

Nuke the site from orbit, it's the only way to be sure 😉

Seriously, disenfect that machine (off line), or nuke it and reinstall.

What av and fw programs are you running?

Bill


 
Reinstalling is not an option ,

I use BitDefender , PC Cillin Hijack This and CCleaner and ive scanned and cleaned everything i can think of and still cant find where its hiding .

Its sending a constant stream Inbound 5.84 K Outbound 5.83 K , thats why im asking here if anyone can help with this , so i dont have to go to extremes and nuke everything .

Does anyone know of a site or app that can help root out the origin / destintion of this network traffic ?
 
If its a custom trojan you really should reinstall. If its a known trojan one of the better av products should pick it up.

But from your post I didn't think you were in a position to dig out the piece (since you mentioned service host but didn't mention which service in question it was).

Do a taslist /svc and lets see what actual services you have running. You should be able to match the PID up from taskman and get a list of which services are housed by the svchost in question.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top