Possiible virus using svchost process and creating visible Recycler folder.
I have a virus infection. It results in one of the svchost processes taking more than 108MB of memory and more until the machine freezes. If I go to task manager and stop the boated svchost process & everything is OK for a while. I am running XP Pro. I am runnig current version of Trend Micro and have done a full scan and found nothing. Also ran Adaware in safe mode.
I also notice there are some folders that do not apear in safe mode that show up when the full system is up . They are off the root of the C: drive and show up in Win Explorer. One is called Recycler and it has folders that I cannot delete because the system says they are in use. There is also a folder called System Volumn Information that I cannot open. I did npt see these folders prior to this problem starting yesterday.
Whatever it is, it is also filling up my C: drive. I run C: on a small partition of the main hard drive, about 14GB and it is nearly full.
I am at a loss as to what to do next. The computer is unusable this way.
I also notice there are some folders that do not apear in safe mode that show up when the full system is up . They are off the root of the C: drive and show up in Win Explorer. One is called Recycler and it has folders that I cannot delete because the system says they are in use. There is also a folder called System Volumn Information that I cannot open. I did npt see these folders prior to this problem starting yesterday.
Whatever it is, it is also filling up my C: drive. I run C: on a small partition of the main hard drive, about 14GB and it is nearly full.
I am at a loss as to what to do next. The computer is unusable this way.
Boot into safe mode and run a full virus scan with updated definitions.
You could also try booting into Safe Mode with Networking - and run a full system scan from here: http://housecall.trendmicro.com/housecall/start_frame.asp
You could also try booting into Safe Mode with Networking - and run a full system scan from here: http://housecall.trendmicro.com/housecall/start_frame.asp
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I went to Windows Update to run it manually , just to be sure I had the latest security patches, that is when I noticed svchost running amok. I decided to let it go and it never got above 120MB as the update process ran. My C: partition had gotten full with various junk before this so I think the hard drive was to full for Windows Update to download files, causing it to crash. So, after freeing up about 5 GB and running Win Update manually, everything setled down and worked. The bttom line - no virus, just a full C: drive.
I would like to know how many of the WIndows Update files I can get rid of from Add/ Remove Programs without meesing up the system. I think it was the accumulation of those update foles that filled up my small C: partition. But hat's another question for another day.
Thanks to all.
I would like to know how many of the WIndows Update files I can get rid of from Add/ Remove Programs without meesing up the system. I think it was the accumulation of those update foles that filled up my small C: partition. But hat's another question for another day.
Thanks to all.
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx
Download this, and double click the offending service host. Post what services are listed under Services tab, and also click on the Threads tab. You should see the actual file causing svchost.exe to tank....
As for the Recycler, and Sys Vol Info folder, they are Hidden System folders, one being primarily for system resotre, and the other is the recycle bin. Dont mess with them, as there is no need to. You can open the recycler folder, and right click the items in there and Empty Recycle Bin.