wwdc prompt and FP for tfwah.dll...

Hi malware fighters,

While opening Windows Worms Door Cleaner, I got the following prompt: “Your system seems to be infected by a virus, your SVCHOST virtual memory usage 32716Ko is beyond usual values. It is strongly advised to check your sytem with an anti virus up to date and an antiTrojan.”
I did so and I found nothing with MBAM and SAS, also various rootkit scans gave no hidden processes or files.
I suspect the iAVS update of my avast 4.8 doing this, because at an update my computer uses full cycles and other processes come to a complete standstill. I learned the new avast version won’t have this problem.
Again I did a full scan with DrWebCureIt and that flagged tfwah.dll in C:\program files\threatfire as a possible DLOADER trojan, which to me seems a FP. See: http://www.virustotal.com/nl/analisis/8d449eda452bcb13d8f33ff9d44d5044405824a0a2b384b5eee6d6e70a5b3363-1254518144
Question - how can I check upon the real value of SVCHOST virtual mem usage?
Is my analysis right?

polonus

Control + alt + Del
then go to performance tab.

if it goes to high then you may have a virus.
make sure you go to Process , if you find SVCED Hot open then you have a virus (Make Sure its not SVCED , IF ITS SVCED Then its a virus).

Hi Scan,

I have one instance of svchost.exe 6.944 kB with VM Size 32.552 kB, gonna check that one,

pol

I don’t think SVChost is a virus. SVC is a legal file , if you delete it your system is down.
if you use control and alt and delete and end task it , it will restart your computer.

please don’t do either.

SCVHost - SCVEDHost - SVCEDHost are Viruses.
While Those are virces , Their is some thing SVChost might be affected with.

According from what i heard , if SVCHost is affected
then you are exposed to hacking.

probably the trojan caused it.

EDIT: This Could Help

http://www.technibble.com/how-to-fix-svchost-using-100-cpu-memory-leak/

svchost.exe

http://www.systemlookup.com/search.php?type=filename&search=svchost.exe&s=

Hi malware fighters,

I have attached all the services on my XP machine that I obtained via the getservices batch file,

pol