Asked by c7c4c7
at 2024-07-01 23:30:59
Point:0 Replies:9 POST_ID:828928USER_ID:11828
Topic:
Windows Server 2008;;
The server has all updates applied. The machine started hanging up and when we looked the machine was running at 100% CPU occupancy. Eventually found that there were numerous svchosts being kicked off 40-50 of them
Running Process explorer the svchosts are all running syswow64.
Opened up the location of the program using task manager and ran a scan against syswow64, but it does not appear to be infected.
I also generated a .dmp file from the task manager of the svchost causing the problem but do not know how to work with this type of .dmp file I am only familiar with the ones created by a blue screen.
I did find a couple of files in the default users startup folder that were identified as viruses from doing a scan of the machine. They were qiutzi.exe suaze.exe, they were cleaned up but problem persists
I searched online for references to the above two files but did not find anything that would help.
The svchost's get generated after the machine is up and running for about 30 minutes, I don't see anything getting kicked off and am running out of ideas.
Any ideas?
Thanks
Running Process explorer the svchosts are all running syswow64.
Opened up the location of the program using task manager and ran a scan against syswow64, but it does not appear to be infected.
I also generated a .dmp file from the task manager of the svchost causing the problem but do not know how to work with this type of .dmp file I am only familiar with the ones created by a blue screen.
I did find a couple of files in the default users startup folder that were identified as viruses from doing a scan of the machine. They were qiutzi.exe suaze.exe, they were cleaned up but problem persists
I searched online for references to the above two files but did not find anything that would help.
The svchost's get generated after the machine is up and running for about 30 minutes, I don't see anything getting kicked off and am running out of ideas.
Any ideas?
Thanks
