Author Topic: svchost  (Read 4822 times)

0 Members and 1 Guest are viewing this topic.

Offline cnnashman

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 42
  • Karma: 2
    • View Profile
svchost
« on: January 27, 2013, 06:02:53 PM »
Hi, Shane, i tried to download your SVC host program but a pop up keeps telling me that this is an unsafe program that will harm my computer and i'm afraid it's malware.

I should tell you that i currently have been trying to delete the Heur Trojan that Kasperskey detected but nothing has worked. I have tried just about all methods and programs described on the "greatest free security list in the world page" to no avail. Do you think the messages i'm getting from the program are from this Trojan?

As always, love your programs and i'm so greatful for your help and caring nature. Oh, even though the attachment claims to show a deleted Trojan i don't think it is deleted because i have tried deleting it following Kasperskys advice .  They claim to click on it and go to it's original folder then select all and hit delete but it refuses to delete.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: svchost
« Reply #1 on: January 27, 2013, 07:32:17 PM »
You didn't download my program, you downloaded the reimage.exe program from the ad from the top of the site.

My download buttons are on the page and say - Direct download or - Mirror #1 and so on :wink:

Shane

Offline cnnashman

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 42
  • Karma: 2
    • View Profile
Re: svchost
« Reply #2 on: January 27, 2013, 08:54:38 PM »
Oh, i apologize. The reimage program that i included in the screenshot i have had for 2 weeks . I didn't just get it, i have been trying to delete it to no avail
i know your programs are always 100% clean


Sorry for the mistake

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: svchost
« Reply #3 on: January 28, 2013, 10:45:16 AM »
No problem :-)

Shane

Offline NoWhereMan

  • Newbie
  • *
  • Join Date: Jan 2013
  • Posts: 13
  • Karma: 2
    • View Profile
Re: svchost
« Reply #4 on: February 07, 2013, 12:54:14 AM »
If you  have performed Shane's  program steps "To The Letter" and have not cleaned the  PC with ComboFix [ also, run as posted on BleepingComputer site], I believe that you  may need to use one of the  offline aka bootable scanning tools like:
Windows Defender Offline
==== quote ====
To use Windows Defender Offline, you need to follow four basic steps:
1.Download Windows Defender Offline and create a CD, DVD, or USB flash drive.
2.Restart your PC using the Windows Defender Offline media.
3.Scan your PC for malicious and other potentially unwanted software.
4.Remove any malware that is found from your PC.
==== quote ====
That particular nasty bug comes down through p2p, 'slimewire', etc, or 'cheap' games cds.
Some of the issue is also related to JAVA. 
If it were me, I'd uninstall JAVA. Even the latest patches may not be sufficient to prevent exploits.
Disabling JavA instructions can be found at Sophos site as well as DHS.gov ..
This nasty burys itself in the system Restore, and sets a reg key to run at boot. It also creates  Autorun.inf's on all drives - Delete Files ('D:\autorun.inf');('C:\autorun.inf');
You  can also, GooGle [ How to remove HEUR.Trojan.Win32.Generic manually? ]
hth


Offline cnnashman

  • Newbie
  • *
  • Join Date: Dec 2012
  • Posts: 42
  • Karma: 2
    • View Profile
Re: svchost
« Reply #5 on: February 08, 2013, 03:14:23 PM »
Thanks very much No Where Man, i truly appreciate it and will let you know how it turns out.