15 replies

virus not getting detected svchost.exe file

i have a virus on my computer, its not getting detected by Kaspersky, windows defender or virustotal.
but its clearly a virus, one of the parent files of the SVChost file is virus.zip and it connects to a bunch of other ips and domains
how should i go about this? deleting the file does not help, it keeps coming back.

not very good at this

https://www.virustotal.com/gui/file/949bfb5b4c7d58d92f3f9c5f8ec7ca4ceaffd10ec5f0020f0a987c472d61c54b/detection

it is indeed a virus right?

thanks

VirusTotal

Cyber Forum•8/31/23, 3:34 PM

Post created!

This post has been indexed in our web forum and will be seen by search engines so other users can find it outside Discord

Your user profile is private by default and won't be visible to users outside Discord, if you want to be visible in the web forum you can add the "Public Forum Profile" role in <id:customize>

You can mark a message as the answer for your post with

Right click -> Apps -> Mark Solution

Right click -> Apps -> Mark Solution

(if you don't see the option, try refreshing Discord with Ctrl + R)

w33t•8/31/23, 4:14 PM

Hey hey! This is a host process, so IP and domain connections are expected behavior. If you have a sample of the IPs and domains, we can check them out. Now, you mentioned virus.zip. Where are you seeing that? It sounds kind of sketchy.

w33t•8/31/23, 4:14 PM

You could also try this out: https://www.sophos.com/en-us/free-tools/hitmanpro

still-limeOP•8/31/23, 4:25 PM

still-limeOP•8/31/23, 4:26 PM

but im not really good at this, so it might be a misunderstanding from my side.

w33t•8/31/23, 4:47 PM

Definitely, that's not showing anything from your computer. That is basically just "these have been related in the past with all the data we've collected"", so it's not something to worry about

still-limeOP•8/31/23, 4:59 PM

but, 800 MB in just 4 hours? 2 of those hours i was idle