|
|
|
|
| Author |
|
|
Registered
Join Date: Jan 2002
Location: Long Beach CA, the sewer by the sea.
Posts: 37,797
|
sychost and svchost ??
I'm getting conflicting info off Google the legitimate application, if it is legit. What's a safe test?
|
||
06-17-2008, 04:00 PM
|
|
|
Registered
Join Date: Feb 2006
Location: Mt. Doom
Posts: 1,019
|
svchost is the legit process, there are multiple instances of svchost on windows machines since they run network services. Never seen sychost before.
__________________
3.2 targa |
||
|
06-17-2008, 04:05 PM
|
|
|
Slackerous Maximus
Join Date: Apr 2005
Location: Columbus, OH
Posts: 18,198
|
This appears to be a virus: http://www.liutilities.com/products/wintaskspro/processlibrary/sychost/
http://www.auditmypc.com/process/sychost.asp http://www.processlibrary.com/directory/files/sychost/ Looks a bit nasty  LEOX.B VIRUS
__________________
2022 Royal Enfield Interceptor. 2012 Harley Davidson Road King 2014 Triumph Bonneville T100. 2014 Cayman S, PDK. Mercedes E350 family truckster. |
||
|
06-17-2008, 04:54 PM
|
|
|
Registered
Join Date: Jan 2002
Location: Long Beach CA, the sewer by the sea.
Posts: 37,797
|
I saw the exact same 3 pages. Two or maybe all of them offered a "free scan" but it's a program. I didn't want to download anything until I checked. I don't think I have anything bad at this point, but the legit svchost.exe was using a ton of my processor when I booted this afternoon.
I get wary when my cooling fan is in 5th gear. 
|
||
|
06-17-2008, 05:31 PM
|
|
|
Back in the saddle again
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 56,233
|
no, svchost.exe is part of windows. I promise.
You'll normally see the svchost process several times if you do a ctrl-alt-del. svchost.exe is expected.
__________________
Steve '08 Boxster RS60 Spyder #0099/1960 - never named a car before, but this is Charlotte. '88 targa SOLD 2004 - gone but not forgotten
|
||
|
06-17-2008, 06:26 PM
|
|
|
Slackerous Maximus
Join Date: Apr 2005
Location: Columbus, OH
Posts: 18,198
|
Quote:
Discovered: March 20, 2004 Updated: March 22, 2004 03:15:18 PM PST Type: Worm Infection Length: 59,665 bytes Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP W32.HLLW.Leox.B is a variant of W32.HLLW.Leox. It is a worm that sends a URL using QQ, a Chinese instant messaging program. The URL points to a site that hosts the worm. The worm also emails password and equipment information from the game, Legend of Mir, to an email address at tom.com. ProtectionVirus Definitions (LiveUpdate™ Weekly) March 22, 2004 Virus Definitions (Intelligent Updater) March 22, 2004 Threat Assessment Level: Low Number of Infections: 0 - 49 Number of Sites: 0 - 2 Geographical Distribution: Low Threat Containment: Easy Removal: Moderate Damage Level: Low Releases Confidential Info: Steals various passwords and system information. Distribution Level: Medium Target of Infection: Spreads via the QQ instant messaging program. 1 year ago
__________________
2022 Royal Enfield Interceptor. 2012 Harley Davidson Road King 2014 Triumph Bonneville T100. 2014 Cayman S, PDK. Mercedes E350 family truckster. |
||
|
06-17-2008, 07:14 PM
|
|
|
|
Registered
Join Date: Nov 2003
Location: West of Seattle
Posts: 4,718
|
Run a virus scan. I use AVGFree with great success. Seems like it's perfectly likely that someone nasty is hiding under the name "svchost.exe" to make you think it's legit.
__________________
'86 911 (RIP March '05) '17 Subaru CrossTrek '99 911 (Adopt an unloved 996 from your local shelter today!) |
||
|
06-18-2008, 01:42 AM
|
|
