Hello,
I'm on W2K SP4 and recently I noticed that my firewall constantly blocks svchost trying to access different websites (www.yourfreeworld.com, www.TheGoldClick.Com, getpaideventoday.com and many others) in about 1-5 minute intervals. It's command line is "svchost -k rpcss". It survived repairing (not reinstalling) windows. AVG Rootkit and Virus scanners, Ad-Aware, SpyBot-S&D, SUPERAntiSpyware nor any other scanner reports anything. I'm stuck. Any help would be appreciated.
(ComboFix log was over 100kb so it's in two parts.)
EDIT:
killing one of KERNEL sub-threads under svchost stops the malware untill reboot. But it's not a solution.
Help please.
Thanks in advance,
Peter.
I'm on W2K SP4 and recently I noticed that my firewall constantly blocks svchost trying to access different websites (www.yourfreeworld.com, www.TheGoldClick.Com, getpaideventoday.com and many others) in about 1-5 minute intervals. It's command line is "svchost -k rpcss". It survived repairing (not reinstalling) windows. AVG Rootkit and Virus scanners, Ad-Aware, SpyBot-S&D, SUPERAntiSpyware nor any other scanner reports anything. I'm stuck. Any help would be appreciated.
(ComboFix log was over 100kb so it's in two parts.)
EDIT:
killing one of KERNEL sub-threads under svchost stops the malware untill reboot. But it's not a solution.
Help please.
Thanks in advance,
Peter.