February 5th, 2012 
Whitesmoke 
I’m using avast and it “detected and blocked the svchost.exe trojan horse and removed” it. A minute later my computer slows down and i find that svchost is using up 50-90% of my processes. It also installed “whitesmoke translator” onto my computer. I found a bunch of different methods of removing this virus on google but don’t know which one to use. WHICH ONE? Also, should I dump Avast? It didn’t block it like it said. Thanks in advance.
For those of you who don’t know, svchost.exe is used by Windows XP, Vista…etc. This virus disguises itself as svchost (i think). I’m using XP.
Chosen Answer:
How to Fix svchost.exe using 100% CPU / Memory Leak
As a computer technician, here is a problem I have been coming across more and more. About 30secs to 1 minute after booting into Windows the computer starts lagging heavily. When CTRL+ALT+DEL is pressed it shows that svchost.exe is using up maximum CPU resources and only occurs when Automatic Updates is enabled. Microsoft has recognized this problem and has released a patch. However, on all computers I have worked on with this problem, the Microsoft patches don’t fix the problem. This is a guide on how to fix this problem with svchost using maximum CPU.
First of all, to identify if you have this problem you need to press CTRL+ALT+DEL all at the same time, go to the “Processes Tab” and then press “Mem Usage”. If you have this svchost.exe memory leak bug after about 1 minute you will see that the amount of memory usage svchost.exe uses will keep increasing until CPU becomes 99 or 100%. Below is an example of what this looks like:
How to stop svchost.exe using up 100% system resources (Windows XP Only):
* Visit the Microsoft website and Download Windows Update v3 WindowsUpdateAgent30-x86.exe and save it to your C:\ drive
* Download this file fix_svchost.bat (right click and choose save as..) and save it to your C:\ drive
* Download this file WindowsXP-KB927891.exe and save it to your C:\ drive
* Reboot the computer and log in to Windows XP in safe mode. To do this, press F8 just before the WindowsXP logo shows up during boot and press up to choose “Safe Mode”
* Once Windows has loaded and you have the option of which user account to use, log on as “Administrator”.
* Click Start > Run, choose the Browse button and find the fix_svchost.bat file you saved before, press Open, then OK.
* A black screen will pop up and white text will scroll past. Wait for this process to finish as it could take several minutes. It will close itself when its finished.
* Once the black screen disappears, Click Start > Run, choose the Browse button and find the WindowsUpdateAgent30-x86.exe file you saved before, press Open, then OK. Follow the prompts as it installs.
* When Windows Update Agent finishes installing, Click Start > Run, choose the Browse button and find the WindowsXP-KB927891.exe file you saved before, press Open, then OK. Follow the prompts as it installs.
* Reboot the computer
And Download and Scan by Using Rkill press here http://www.bleepingcomputer.com/forums/topic308364.html
Download and Scan By Using Malwarebytes’ Anti-Malware http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=contentMain;contentAux
Download and Scan By Using Super Anti-Spyware Press here http://www.superantispyware.com/
Download ATF is a new, freeware, temporary file cleaner for Windows, IE, Firefox and Opera with a simple, easy-to-use interface.
The main screen allows the user to either clean all temporary files, or select files for cleaning. The program also knows if Firefox and or Opera is being used, and gives the option of cleaning the temporary files associated with those applications.
ATF Cleaner provides the user with a window showing the total bytes freed upon completion. The program is small (36kb), quick to run and no installation required. to Download ATF Cleaner press this link http://download.cnet.com/ATF-Cleaner/3000-18512_4-89432.html
Please Give me the feedback and Rate Me
by: ilknur K
on: 10th February 11
Posted in 
Tags: 
What I recommend for any kind of virus removal is Malwarebytes. Go to http://www.malwarebytes.org and download the free version of Malwarebytes. If it won’t let you download it, try ending Svchost.exe in task manager. If you end it, it may restart itself in a minute, so you will have to work fast. Download it and install the program. Then, update it to the latest database, and then run a quick scan. Quarantine anything it finds, including SVCHOST. Then, run a full scan, and do the same.
Hope this helps!
How to Fix svchost.exe using 100% CPU / Memory Leak
As a computer technician, here is a problem I have been coming across more and more. About 30secs to 1 minute after booting into Windows the computer starts lagging heavily. When CTRL+ALT+DEL is pressed it shows that svchost.exe is using up maximum CPU resources and only occurs when Automatic Updates is enabled. Microsoft has recognized this problem and has released a patch. However, on all computers I have worked on with this problem, the Microsoft patches don’t fix the problem. This is a guide on how to fix this problem with svchost using maximum CPU.
First of all, to identify if you have this problem you need to press CTRL+ALT+DEL all at the same time, go to the “Processes Tab” and then press “Mem Usage”. If you have this svchost.exe memory leak bug after about 1 minute you will see that the amount of memory usage svchost.exe uses will keep increasing until CPU becomes 99 or 100%. Below is an example of what this looks like:
How to stop svchost.exe using up 100% system resources (Windows XP Only):
* Visit the Microsoft website and Download Windows Update v3 WindowsUpdateAgent30-x86.exe and save it to your C:\ drive
* Download this file fix_svchost.bat (right click and choose save as..) and save it to your C:\ drive
* Download this file WindowsXP-KB927891.exe and save it to your C:\ drive
* Reboot the computer and log in to Windows XP in safe mode. To do this, press F8 just before the WindowsXP logo shows up during boot and press up to choose “Safe Mode”
* Once Windows has loaded and you have the option of which user account to use, log on as “Administrator”.
* Click Start > Run, choose the Browse button and find the fix_svchost.bat file you saved before, press Open, then OK.
* A black screen will pop up and white text will scroll past. Wait for this process to finish as it could take several minutes. It will close itself when its finished.
* Once the black screen disappears, Click Start > Run, choose the Browse button and find the WindowsUpdateAgent30-x86.exe file you saved before, press Open, then OK. Follow the prompts as it installs.
* When Windows Update Agent finishes installing, Click Start > Run, choose the Browse button and find the WindowsXP-KB927891.exe file you saved before, press Open, then OK. Follow the prompts as it installs.
* Reboot the computer
And Download and Scan by Using Rkill press here http://www.bleepingcomputer.com/forums/topic308364.html
Download and Scan By Using Malwarebytes’ Anti-Malware http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=contentMain;contentAux
Download and Scan By Using Super Anti-Spyware Press here http://www.superantispyware.com/
Download ATF is a new, freeware, temporary file cleaner for Windows, IE, Firefox and Opera with a simple, easy-to-use interface.
The main screen allows the user to either clean all temporary files, or select files for cleaning. The program also knows if Firefox and or Opera is being used, and gives the option of cleaning the temporary files associated with those applications.
ATF Cleaner provides the user with a window showing the total bytes freed upon completion. The program is small (36kb), quick to run and no installation required. to Download ATF Cleaner press this link http://download.cnet.com/ATF-Cleaner/3000-18512_4-89432.html
Please Give me the feedback and Rate Me
Yes, svchost.exe is a valid, normal windows process, so don’t delete it!
You also don’t need to do all the things that the answerer above me suggested. The svchost.exe memory leak that she is talking about was fixed 3 1/2 years ago.
All you have to do to get rid of your virus is this:
Restart your computer. As computer is beginning to restart, tap F8 key repeatedly. When screen comes up, choose Safe Mode with Networking.
Download Malwarebytes-a free virus remover- update it and run full scan. Delete whatever it finds. Then, run another scan.
http://www.malwarebytes.org/
*Note* To all Y!A posters answering questions: When copying and pasting text from websites, you must include a link to that website in the source box or in the body of your answer.
It is only fair to give credit where credit is due.