Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Slow computer, potentially fake svchost.exe causing issue [Closed]

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 1 posts


A couple of months ago I unintentially downloaded malware via an executable. This caused lower performance, added a search bar to my desktop, and other various add-ons and extentions and browser redirects. Forgive me if I miss what all happened that day, but MalwareBytes and Avast were installed that day to run and clean my computer, as well as ending processes that were harmful and deleting them from their locations in Windows Explorer. Everything has seemed fine for the most part, and I had resumed normal activity with occasional virus scans to ensure everything was working normally.


However, it seems like ever since that day, my computer ran a little slower.


After getting frustrated today with Firefox seemingly running slowly and thinking that most performance issues are due to applications using more RAM, I checked the Resource Monitor to see what exactly was using up so much RAM. I saw that svchost.exe was using tons of this RAM, found the file location, and am unsure if this is a legitimate version of the executable. My worries solidified when I searched the file location to find Malware Removal threads, one even on this website.


I am new to this sort of thing, but if any more information is needed I will gladly provide it.


Thanks in advance for your patience, and hopefully I do not neglect or forget any important details.









  • 0




    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know if this stops the alerts

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4178455710-1139096639-4141711176-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
2015-07-10 19:04 - 2015-07-10 19:04 - 00003090 _____ C:\Windows\System32\Tasks\{63750B9B-82BA-4358-AFDC-8F5DD306FE83}
Task: {017A6AB0-5B5A-42D6-917C-32C3934AA8AA} - System32\Tasks\{C01A2868-298E-40BA-B307-CF57BDFD94FC} => pcalua.exe -a C:\KISS\JX^Ch3D\Installer.exe -d C:\KISS\JX^Ch3D -c /luninst1
Task: {258D0234-BEDF-48F8-9D97-39CA4CE44EEB} - \WebBarUpdateTask No Task File <==== ATTENTION
Task: {31976F2A-2783-4631-965A-44A1B417D7F9} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {5A4A18A6-5D57-41C1-B10D-930B52ABC1AA} - \WebBarLaunchTask No Task File <==== ATTENTION
Task: {857A9B0A-762A-42C0-B903-E0CBF5D232B5} - System32\Tasks\{E8E74794-8550-47CA-ADEB-678A106AAEDE} => pcalua.exe -a C:\KISS\JX^Ch3D\Installer.exe -c /luninst1
Task: {B6159FCD-2D82-434F-B999-A812BFC7CCCE} - \Run_Bobby_Browser No Task File <==== ATTENTION
Task: {F9DD9A17-EA4E-4B96-B44C-F3835B39008F} - System32\Tasks\PostPoneInstall => C:\Users\MattMac\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0



    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP