Virus help and svchost help

  FOEYDO 23:15 09 Sep 07
Locked

Hi, I have Norton anti virus and it alerted me to some viruses that it quarantined, however then my pc froze and when I rebooted microsoft came up and said explorer was being shut down for prevention, so basically my pc would n't run. Explorer not ie. I have rebooted in safe mode and am running norton. A few questions, how can my pc get infected when it has an anti virus software running? How has it got infected? Also I see some files created today in C: WINDOWS system32 have been deleted. It says svchost.exe was modified just after the virus came in. What can I do about this as I understand it is an important part of XP, will it be ok if all the other files are deleted?

  birdface 23:20 09 Sep 07

I don't suppose that you can get into system restore,And restore it to a date before the problem started.

  skidzy 00:18 10 Sep 07

svchost is essential to windows and must not be disabled,though you should not be able to.

There are several instances on a general pc of svchost that perform various tasks such as controlling the execution of windows DLL'S and windows services.

Problem you may have is that some viruses disguise themselves as svchost but normally changing a letter into upper case or even changing the letters CV of svchost into bold in an attempt to fool you its legit.

How you got infected maybe one of many ways,received a file,install a file etc.

Personally my opinion is that Norton is not as good as it use to be.

I would as follows:

Disable system restore (you will lose all restore points)

Scan in safemode (tapping F8 on startup)

Once happy the virus is removed,i would consider removing Norton using the removal tool click here

and install a package from click here

If you would like expert help run HJT = Hijack this and post the log at the Malware removal forum,all the info is my previous link.

  FOEYDO 08:14 10 Sep 07

Hi can you tell me where the malware removal forum is and what hijack this is and where I get it, thanks a lot

  birdface 10:57 10 Sep 07
  skidzy 16:14 10 Sep 07

Have you looked through my last link ? all the info is there.

buteman has kindly posted the links to HJT and MWR,if you have no joy from the programs in my link below...then definately run HJT and post the log.
click here

  FOEYDO 10:25 11 Sep 07

can't even install hijack this or run it as pc freezing

  skidzy 16:49 11 Sep 07

If you can log into windows for long enough,try running the system file checker.

Start / run and type

sfc /scannow and enter

you may need your windows disc.

Understanding sfc click here

Also try booting into safemode and run your antivirus and anti malware/spyware apps.

This thread is now locked and can not be replied to.

Surface Pro (2017) vs Surface Pro 4

20 groundbreaking 3D animation techniques

How to mine Bitcoin on Mac