hi
I think I might have a virus on my machine! I was wondering how I find out which one it is and indeed if I have one at all. I have used the windows task manager and my processor is flickering at around 100% alot of the time and processes such as explorer.exe are using alot of memory (this continues to increment until I reboot). The number of processes is currently 39! I also see multiple processes called svchost and these are also using alot of memory. I have ran AV software aswell as spybot and adaware which finds some spyware and I have deleted them. I have to reboot my machine regularly as it becomes very slow. I also had a dialogue box pop up yesterday with some kind of suspicious jargon on it!

I think thats everything!

Many thanks in advance for your advice

Mark

Svchost.exe is a valid Windows file and will appear several times (4 in mine) in Task Manager.

Do a search for "svchost.exe", the legitimate file is located in C:\Windows(WINNT)\System32\. If you find one in any other location, delete it.

_________________________
Computers work with absolute flawless perfection, until the first person touches them!

you could possibly have a virus, although you dont, i dont know if u edit your startup a lot, but you should, click start, go to run, and type in msconfig, then go to the tab that says startup, if you dont do aynthing with you startup then your problem probably comes from there. Take a look at the list, NONE OF THOSE FILES NEED TO START UP, you can take out as many as you want, of course leave any programs you use on startup, virus scanners, firewalls etc, and remove the rest, these slow your startup and if you have a lot can also cause your computer to slow down a lot.

As for svchost, i would leave it, it pretty much controls proccesses.

all the other things, simply type into google, eg. "svchost.exe" i think the first page everytime will explain what it is.

hi markw,
you may have some sort of malware.
hit the start button, go to run and type in the word command, then click ok, a dos prompt screen will open, at the prompt type in netstat, then a space, then type in
-an.
an active connections box will open where you will see Proto, Local Address, Foreign Address, and State.
Proto is for your protocols TCP and UDP,
Local Address is where you will see your local connections including the ports and address that are being used.
Foreign Address is where you will find where your computer is connected to, so if there is anything there take note of it including the ip address, and port.
This maybe some sort of virus, trojan, and or worm, spyware, adware and it may tell you where the malware is coming from, and the open port to which it is connected to.
State will tell you if it is in listening, closed, or if you are malwared, Established mode.
If you do have some sort of virus, by looking at the Foreign Address Section, go to www.thepublicworks.com security section, link to Tantalo Ports, do a search on the open port(s) and find out the name of the trojan. once found go to simovits consulting, and find out the info you need on that specific trojan, always noting the port and file name.
While at thepublicworks.com, if you wish download, free RegProt (free Registry monitor), Sysinternals for a free process monitor(process explorer, and procmon, a free port monitor) also hit the Free Ants link to download the free A Squared anti-trojan, get the latest definitions, and scan your machine.
hope this helps, all the best,
murve