abdulmuhsee Posted February 11, 2010 For whatever reason, svchost.exe attempts to gain access to www.exitguide.ru about every 15 minutes, which I know is a malicious site, and obviously a malicious program is at work. However, superantispyware does not detect anything wrong with the computer. I have the latest updates and am running a complete scan, but my firewall is still blocking attempts to access exitguide.ru by svchost.exe. What is the problem here and how do I get rid of it? Also, after I posted this message, svchost.exe is attempting to access www.gravatar.com as well. Share this post Link to post Share on other sites
siliconman01 Posted February 11, 2010 For whatever reason, svchost.exe attempts to gain access to www.exitguide.ru about every 15 minutes, which I know is a malicious site, and obviously a malicious program is at work. However, superantispyware does not detect anything wrong with the computer. I have the latest updates and am running a complete scan, but my firewall is still blocking attempts to access exitguide.ru by svchost.exe. What is the problem here and how do I get rid of it? Also, after I posted this message, svchost.exe is attempting to access www.gravatar.com as well. 1. Make sure that you are running the latest SAS V4.33.1000 2. Make sure that you have the latest core/trace definitions update. www.superantispyware.com page shows the latest versions available for the core/trace definitions 3. Make sure that you have scanned using "Complete Scan" 4. Boot your computer into SAFE MODE and run a Complete Scan. 5. Check your HOSTS file - Navigate to C:\Windows\System32\drivers\etc and open folder etc - Right click on the file named HOSTS and open it with NotePad (The HOSTS file has no extension) - If you are running Windows 7, this file should be blank - If you are running Vista, the first two operational entries should be 127.0.0.1 localhost and ::1 localhost (Lines starting with # are comment lines and okay) - If you are running XP, ME, or 98 the first operational entry should be 127.0.0.1 localhost - Every operational entry thereafter should start with 127.0.0.1 If nothing above resolves your issue, create a support ticket to allow the SAS gurus to diagnose the problem and resolve it with you. https://www.superantispyware.com/precreateticket.html Share this post Link to post Share on other sites