Re: svchost.exe is a virus! HELP!

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

"Devonshire" <Devonshire@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:5C907C2E-ECF3-4922-B50B-2C9DDFD0C454@xxxxxxxxxxxxxxxx
I am getting desperate here.

Stay cool and smile :)

Symptoms:

svchost.exe pops up before i can even log on. Once logged on the svchost
error messages are persistent.

Opening "My Computer" produces an scvhost.exe error pop up and the
flashlight starts searching, maybe it opens in 30-45 seconds.

Activating ANY and ALL apps triggers scvhost.exe errors. Any file saving or
opening in ANY and ALL apps causes a 30-45 second delay with a svchost.exe
error.

I have updates all the recomended Windows Update fixes, patches, windows
installer, etc. as recommended by Microsoft

I purged al cookies, temp files, ie history, etc.

CCleaner 1.41.544 is doing a great job
http://www.ccleaner.com/download
If Windows Defender is utilized go to Applications, under Utilities uncheck "Windows Defender".

I spent maybe 4 hours with Alienware tech support with no resolution. They
verified that my hardware is fine (we did EXTENSIVE hardware testing).

I spent another 4-5 hours on the phone with Microsoft Tech support to no
avail... MS tech support wanted me to unload all of my anti-virus,
anti-spyware apps and reboot. I did that and nothing has changed.

Which AV/A-S applications are you using and are these updated and current?

The System event log reports many DCOM and Service Control Manager errors

This is going way beond crazy...I can barely work at all. This is costing
me some serious lost revenue for my business...

Suggestions?

AV & A-S scan in safe mode.

Practice Safe-Hex
http://www.claymania.com/safe-hex.html

Read this also:
So How Did I Get Infected Anyway?
http://www.wilderssecurity.com/showthread.php?t=27971

Recommendations?

Process Explorer for Windows v10.21
http://www.microsoft.com/technet/sysinternals/Utilities/ProcessExplorer.mspx

Choose one (1)
Avira AntiVir® PersonalEdition Classic - FREE
http://www.free-av.com/antivirus/allinonen.html

Kaspersky® Anti-Virus 7.0 - Not Free
http://www.kaspersky.com/homeuser

ESET NOD32 Antivirus - Not Free
http://www.eset.com/
Have you seen these "extra settings for NOD32"?
http://www.wilderssecurity.com/showthread.php?t=37509

Take 'em all
SuperAntispyware - FREE
http://www.superantispyware.com/superantispywarefreevspro.html

Ad-Aware - FREE
http://www.lavasoftusa.com/products/ad_aware_free.php

Spybot Search & Destroy - FREE
http://www.safer-networking.org/en/download/index.html

Windows Defender - FREE
http://www.microsoft.com/athome/security/spyware/software/default.mspx

If all fails
Download David H. Lipman's MULTI_AV.EXE from the URL
http://www.pctipp.ch/downloads/dl/35905.asp

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode. This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can download the files and perform a scan in Normal Mode. Once you have downloaded the files needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key during boot] and re-run the menu again and choose which scanner you want to run in Safe Mode.
It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help file.
http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm

Good luck :)

.

Relevant Pages

  • Re: 0-length ntoskrnl.dll (NOT ntoskrnl.exe)
    ... | Windows xp system at all, so I am tempted to remove this file ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Virus that corrupts process names
    ... I tried to install Zone Alarm but it would not ... Finally I deleted the whole partition and reinstalled Windows. ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ...
    (alt.comp.anti-virus)
  • Re: Need help Pls..Is it a virus??
    ... | and Windows Defender. ... Download MULTI_AV.EXE from the URL -- ... This will bring up the initial menu of choices and should be executed in Normal Mode. ... It is suggested to run the scanners in both Safe Mode and Normal Mode. ...
    (microsoft.public.security.virus)
  • Re: Need help Pls..Is it a virus??
    ... My host file reads exactly as the original and my ... # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. ... Download MULTI_AV.EXE from the URL -- ... This will bring up the initial menu of choices and should be executed in Normal Mode. ...
    (microsoft.public.security.virus)
  • Re: Exlporer.exe crashes when opening folder
    ... | The subject of this email describes the problem: Occasionally, when opening ... | a folder I find that Explorer.exe crashes. ... FireWall to allow it to download the needed AV vendor related files. ... This will bring up the initial menu of choices and should be executed in Normal Mode. ...
    (microsoft.public.windowsxp.help_and_support)