1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

iphlpsvcs.exe eating 1.5GB memory

Discussion in 'Virus & Other Malware Removal' started by eeelectric, Sep 13, 2012.

Thread Status:
Not open for further replies.
  1. eeelectric

    eeelectric Thread Starter

    Joined:
    Sep 13, 2012
    Messages:
    12
    Logs attached have been ran in safe mode.

    Since around a day back, I noticed my computer suddenly became extremely unresponsive. I opened task manager (which took 5 minutes), and saw that a process called iphlpsvcs.exe (probably trying to mimic the valid IP Helper service iphlpsvc) was taking up ~1.5GB of memory.

    I tried to google the problem and came up with only one similar case:

    twitter.com/twitosh/statuses/237613840316104704

    It's actually the exact same problem I'm having. Except that one of them solved it by an Avast scan the other one by deleting the relevant files in ubuntu.

    I tried an updated Avast scan in safe mode, it did not help. I searched for iphlpsvcs in Ubuntu, and it found 2 files, one in Prefetch, one in C:/Windows/SysWOW64. I deleted both, and it still didn't make a difference when I booted into Windows. In safe mode if I search for the same, I can still see a file with iphlpsvcs in it's name in Prefetch. I don't know what to do next.

    In short I've tried the following:

    1. Full scan with Avast
    2. Full scan with MSE
    3. Full scan with MalwareBytes
    4. Scan with Mircrosoft MRT
    5. Deleting relevant files in Ubuntu
     

    Attached Files:

  2. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,222
    First Name:
    Derek
    first uninstall avast as you have MSE and the 2 together will clash & make things worse

    then you are showing a proxy server set, that is possibly malware related
    In IE: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.
    then

    Run tdss killer from http://support.kaspersky.com/viruses/solutions?qid=208280684

    let it cure anything it fnds ( except SPTD.SYS or anything detected as UnsignedFile.Multi.Generic, which should be ignored) & then reboot

    post back with its log

    By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder.
    Logs have names like: UtilityName.Version_Date_Time_log.txt.
    E.g. C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1068752

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice