My problem is, i can’t analyse those apps because they are created for a short time only in the system32/ directory and then they are deleted(at least i cannot find them there).
I have a up to date Kaspersky Antivirus 2016 which found nothing.
Here my questions or feature requests:
I cannot see where the apps tried to connect. Is it possible?
I cannot see when they tried to connect.
In such cases it would be good to have as many information as possible…
That’s the point. I can upload anything to virustotal.com because the svc*.exe files are not there.
It seems they are created just to make a connection and then deleted…
GlassWire is the only program that have “seen” this files. So it would be good if GlassWire could give me more information about them…
This svc.exe is Spyware-not a virus/trojan it was/is used by Odysseus Marketing to collect your browsing data and distribute it back to source for analysis . This version could be a Far-East off-shoot of the original spy-ware or a sly way of covering its trail up . IN either case it must be removed from your computer the fact it is able to upload data from you means there is a hidden program somewhere or installed data that accepts its download and interrogation and allows its transmission outbound using Windows 32 . One virus program isnt enough this has been proved by many tech companies but you only can have one running so download a spyware detection program and run it you might have to try several but dont leave this alone .
Some apps to try JRT -junkware removal tool this is more powerful than it looks requiring an automatic reboot - R.Kill -Adware cleaner , there is more but one that gets into Win 32 and checks it out is Emsisoft Emergency KIt , its good .I changed task manager as default to Process Hacker spotted it right away although its not a fault/virus etc as I deliberately wanted it to change download it and update it then scan for malware it picks up even spy stuff.
