• We've upgraded our forums. Please post any issues/requests in this thread.

Help with virus removal?

Joined
Dec 2, 2005
Messages
704 (0.16/day)
Likes
30
Location
Chicago
System Name Woot
Processor AMD FX-9590
Motherboard ASUSTeK m5a99fxpro r2.0
Cooling Corsair H100i gtx
Memory 24GB G.SKILL PC3-12800
Video Card(s) MSI GTX 970GTX
Storage 2X 256GB SANDISK SSD 3X1TB MIXED HD
Display(s) 2x 32" Sony LCD
Case CoolerMaster Storm Trooper
Audio Device(s) 5.1 Surround Onboard
Power Supply Corsair 750W
Mouse Junk
Keyboard Junk
Software Windows 10 Pro x64
Benchmark Scores Anti-Gigabyte rig!
#1
Ok, well my computer was running choppy so I looked in task manager what is wrong.. I have 400 running processes. Over a hundred of them are called conhost.exe, about 10 fah.exe, and another over a hundred of ftp.exe. Any idea what it could be? I used a couple programs like spybot to look for viruses but nothing..
 
Joined
Feb 20, 2008
Messages
4,435 (1.24/day)
Likes
733
Location
where everyone wants to be
System Name Everchanging
Processor Core i7 4790K
Motherboard ASUS ROG Maximus VII Hero
Cooling Custom loop
Memory 4x4GB Corsair Dominator Platinum 2800MHz 11-14-14-35
Video Card(s) 2xEVGA GTX 970 SSC
Storage SSD Main, 7TB backups
Display(s) Samsung 40" 4k UHD
Case Corsair 900D
Audio Device(s) Soundblaster thingy
Power Supply Enermax Revolution 85+ 1050w
Mouse Steel Series Sensi
Keyboard Thermaltake eSports Posiden Z Cherry Blues
Software Windows 10 x64
#2
conhost.exe will open with some programs automatically, i think it helps the program work with windows, could be horribly wrong, but yes over 100 is odd, fah.exe i would think has to do with Folding@home, but if youre not running that, its odd. ftp.exe might be the bad program cause every ftp client or server i've run never used just ftp.exe. spybot is more for browser hacks and adware from web browsers. 2 good programs to try are combofix and malwarebytes anti-malware
 
Joined
Dec 2, 2005
Messages
704 (0.16/day)
Likes
30
Location
Chicago
System Name Woot
Processor AMD FX-9590
Motherboard ASUSTeK m5a99fxpro r2.0
Cooling Corsair H100i gtx
Memory 24GB G.SKILL PC3-12800
Video Card(s) MSI GTX 970GTX
Storage 2X 256GB SANDISK SSD 3X1TB MIXED HD
Display(s) 2x 32" Sony LCD
Case CoolerMaster Storm Trooper
Audio Device(s) 5.1 Surround Onboard
Power Supply Corsair 750W
Mouse Junk
Keyboard Junk
Software Windows 10 Pro x64
Benchmark Scores Anti-Gigabyte rig!
#3
tried those too nothing helped. i installed process explorer. found out that folding@home bs (which i never recall installing) is somehow linked with ftp and conhost. seems like the problem is solved.. for now.
 
Joined
Jan 17, 2010
Messages
10,033 (3.47/day)
Likes
6,639
Location
Oregon
System Name Delta // Alpha-HTPC
Processor Intel i7 6700K // Intel i5 4570
Motherboard GIGABYTE Z270X-Gaming K7 // Gigabyte H97M -D3H
Cooling Corsair H80i V2 // Silverstone NT-06 Pro
Memory Corsair DDR4 3000 32gb //G.SKILL Ripjaws X Series 8GB 1600
Video Card(s) EVGA GTX980ti// EVGA GTX 1050ti
Storage Samsung 950 Pro 512, 2 Tb FireCuda// Samsung 850 Pro, 1 X 4 Tb HGST, 1 x 6Tb Toshiba
Display(s) ASUS PB278Q 27" 1440X 2560 // 50" Samsung Plasma 720p
Case Corsair Obsidian Series 550D // Silverstone Granada GD05
Audio Device(s) ASUS Xonar DGX // HDMI to Yamaha RX V571
Power Supply Corsair TX850M // SeaSonic G Series 550w
Mouse Logitech G502
Keyboard Corsair K70
Software Windows 10 64bit // Windows 7 64bit with Kodi
#4
Format! It the only way to be sure
 
Joined
Mar 19, 2012
Messages
377 (0.18/day)
Likes
35
Location
Rizal, Philippines
System Name Poor Man's Build
Processor Intel i7 3960X 4.9Ghz Sandy Bridge E
Motherboard MSi X79A-GD65 8D
Cooling XSPC 240mm and 360MM (External) Rad
Memory 64Gb Corsair Dominator Platinum
Video Card(s) EVGA GTX770 SC ACX SLI (non water cooled yet)
Storage Intel 520 240GB SSD x2 /x2 WD Caviar Black 3TB 7200RPM 64MB Cache
Display(s) ASUS 27" 2560X1440 x3
Case Corsair 900D (upgraded from my lvl 10 gt and 600T)
Audio Device(s) Asus Xonar Essence STX
Power Supply Corsair AX1200i 80PLUS Platinum
Software Windows 7 Ultimate (FPP)
#5
lol i remember the time I had driver issues where I lost some files or something. took me 5 days trying to fix it to no end, lots of people here at tpu were trying to help too but a simple format which took me less than 2 min fixed it. if you got no way just format that slut ^_^
 
Joined
Mar 26, 2010
Messages
7,646 (2.71/day)
Likes
1,983
Location
Jakarta, Indonesia
System Name micropage7
Processor Intel G4400
Motherboard MSI B150M Bazooka D3
Cooling Stock ( Lapped )
Memory 16 Gb Team Xtreem DDR3
Video Card(s) Nvidia GTX460
Storage Seagate 1 TB, 5oo Gb and SSD A-Data 128 Gb
Display(s) LG 19 inch LCD Wide Screen
Case HP dx6120 MT
Audio Device(s) Stock
Power Supply Be Quiet 600 Watt
Software Windows 7 64-bit
Benchmark Scores Classified
#6
if you have internet connection you could try online virus scanner, just google it and check
 

de.das.dude

Pro Indian Modder
Joined
Jun 13, 2010
Messages
8,201 (2.99/day)
Likes
2,389
Location
Pune
System Name la de da... | Samsung NP355V5C-S05IN
Processor FX 8320 | AMD A8-4500
Motherboard ASRock 990FX Extreme 4 | Samsung something something
Cooling CM Hyper 212 EVO push:pull+ 1 panaflow 113CFM + 2 x 120mm NZXTs | Coolermaster Notepal
Memory 2x4GB DDR3 Corsair Vengeance 1600MHz CL9 | Samsunng 4GB + 2GB DDR3 1600MHz
Video Card(s) AMD 7790 GHZ edition! | 7670M + 7640G
Storage 1TB WD10EZEX | W.D 500GB Green AADS | Samsung 1TB
Display(s) dell S2240l 1080p IPS 21.5" | Samsung antiglare 15.6"
Case NZXT Guardian 921RB(@home) and Antec ASK4000B U3(Current)
Audio Device(s) Realtek ALC892 with THX True Studio | Realtek something
Power Supply Corsair GS600 | 90W Brick, 6 cell 48000mAh battery
Mouse Logitech G400, GOD TIER MOUSE!! LOGitech F310 gamepad!
Keyboard Logitech K200
Software Windows 8.1 x64 | Windows 8.1 x64
Benchmark Scores real men do bench presses not bench marks.
#7
tdss killer and malwarebytes.
 
Joined
Nov 12, 2013
Messages
74 (0.05/day)
Likes
2
#8
If you will need malwarebytes and combofix regular virus programs can't even see rootkits, you have to use malwarebytes in safe mode and even sometimes you have to rename the mbam.exe file because rootkits are programmed to recognize it and disable it