Author Topic: svchost (Read 9277 times)

cnnashman · « **on:** January 27, 2013, 06:02:53 pm »

Hi, Shane, i tried to download your SVC host program but a pop up keeps telling me that this is an unsafe program that will harm my computer and i'm afraid it's malware.

I should tell you that i currently have been trying to delete the Heur Trojan that Kasperskey detected but nothing has worked. I have tried just about all methods and programs described on the "greatest free security list in the world page" to no avail. Do you think the messages i'm getting from the program are from this Trojan?

As always, love your programs and i'm so greatful for your help and caring nature. Oh, even though the attachment claims to show a deleted Trojan i don't think it is deleted because i have tried deleting it following Kasperskys advice . They claim to click on it and go to it's original folder then select all and hit delete but it refuses to delete.

Shane · « **Reply #1 on:** January 27, 2013, 07:32:17 pm »

You didn't download my program, you downloaded the reimage.exe program from the ad from the top of the site.

My download buttons are on the page and say - Direct download or - Mirror #1 and so on

Shane

cnnashman · « **Reply #2 on:** January 27, 2013, 08:54:38 pm »

Oh, i apologize. The reimage program that i included in the screenshot i have had for 2 weeks . I didn't just get it, i have been trying to delete it to no avail
i know your programs are always 100% clean

Sorry for the mistake

Shane · « **Reply #3 on:** January 28, 2013, 10:45:16 am »

No problem

Shane

NoWhereMan · « **Reply #4 on:** February 07, 2013, 12:54:14 am »

If you have performed Shane's program steps "To The Letter" and have not cleaned the PC with ComboFix [ also, run as posted on BleepingComputer site], I believe that you may need to use one of the offline aka bootable scanning tools like:
Windows Defender Offline
==== quote ====
To use Windows Defender Offline, you need to follow four basic steps:
1.Download Windows Defender Offline and create a CD, DVD, or USB flash drive.
2.Restart your PC using the Windows Defender Offline media.
3.Scan your PC for malicious and other potentially unwanted software.
4.Remove any malware that is found from your PC.
==== quote ====
That particular nasty bug comes down through p2p, 'slimewire', etc, or 'cheap' games cds.
Some of the issue is also related to JAVA.
If it were me, I'd uninstall JAVA. Even the latest patches may not be sufficient to prevent exploits.
Disabling JavA instructions can be found at Sophos site as well as DHS.gov ..
This nasty burys itself in the system Restore, and sets a reg key to run at boot. It also creates Autorun.inf's on all drives - Delete Files ('D:\autorun.inf');('C:\autorun.inf');
You can also, GooGle [ How to remove HEUR.Trojan.Win32.Generic manually? ]
hth

cnnashman · « **Reply #5 on:** February 08, 2013, 03:14:23 pm »

Thanks very much No Where Man, i truly appreciate it and will let you know how it turns out.