|
Donations |
|
|
|
|
|
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
|
|
|
Survey |
|
|
|
|
|
|
|
|
Translate |
|
|
|
|
|
|
|
|
|
|
View previous topic :: View next topic |
Author |
Message |
Tomas2000
Cadet
Joined: Apr 30, 2004
Posts: 2
Location: USA
|
Posted: Fri Apr 30, 2004 11:26 pm Post subject: svchost.exe Backdoor trojan |
|
|
Hi-
Not sure if this is the appropriate venue, but here's my question-
I have Norton SystemWorks 2004, and I had an infection with the Gaobot worm that prevented me from using it. My IT adminstrator at work helped me rid myself of the worm, but I'm still having a problem with one remaining virus.
The NAV scan lists "svchost.exe" as a backdoor Trojan, and attempts to quarantine or delete it are met without success. In addition, I am unable to access the symantec website, despite the fact that my internet connection is working, and I can go to any other website that I like.
My brief and uneducated reading of the microsoft website made me think that I have the mydoom virus, but downloading and running their detection tool yielded no virus.
Any suggestions?
Thanks-
Tom |
|
Back to top |
|
|
qwiyet1
Private
Joined: Mar 12, 2004
Posts: 41
Location: USA
|
Posted: Sat May 01, 2004 2:28 pm Post subject: |
|
|
When trying to run your NAV are you in "safe mode"? Try booting you pc in safe mode and running the NAV again - may allow you to remove it when run in safe mode.
Try connceting to other anti-virus sites that offer a free network based virus check - may not remove the virus (unless you purchase their product) but may help determine exactly which virus you have. I'm not aware of any other than Norton (sorry) but searching the forums here may point out a few. |
|
Back to top |
|
|
qwiyet1
Private
Joined: Mar 12, 2004
Posts: 41
Location: USA
|
Posted: Sat May 01, 2004 6:49 pm Post subject: |
|
|
You probably can't reach the symantec website due to a BHO (Browser Helper Object) that won't let you get to it and will redirect you. I recently ran 'hijackthis' and removed several BHO's. One of which wouldn't allow me to connect to the sysinfo.org site - which tells you of known BHO's! |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
|
Powered by phpBB 2.0.8a © 2001 phpBB Group
Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
|