|
Donations |
|
 |
|
|
|
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
|
|
|
Survey |
|
|
|
|
|
|
|
|
Translate |
|
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
Tomas2000
Cadet
Joined: Apr 30, 2004
Posts: 2
Location: USA
|
 Posted: Sat May 01, 2004 7:53 am Post subject: svchost.exe Backdoor trojan |
|
|
Hi-
Not sure if this is the appropriate venue, but here's my question-
I have Norton SystemWorks 2004, and I had an infection with the Gaobot worm that prevented me from using it. My IT adminstrator at work helped me rid myself of the worm, but I'm still having a problem with one remaining virus.
The NAV scan lists "svchost.exe" as a backdoor Trojan, and attempts to quarantine or delete it are met without success. In addition, I am unable to access the symantec website, despite the fact that my internet connection is working, and I can go to any other website that I like.
My brief and uneducated reading of the microsoft website made me think that I have the mydoom virus, but downloading and running their detection tool yielded no virus.
Any suggestions?
Thanks-
Tom |
|
| Back to top |
|
 |
Freddy57
Trooper
Joined: Apr 30, 2004
Posts: 21
Location: Afghanistan
|
| Posted: Sat May 01, 2004 3:34 pm Post subject: |
|
|
You might try booting your computer into "safemode with networking" and then connect ot the symantech site and download virus tools. That should get you around the affects of the virus.
_________________
Fred
Free computer Tutorials
http://www.stexams.com
|
|
| Back to top |
|
|
BrainCruzin
Cadet
Joined: May 14, 2004
Posts: 1
Location: USA
|
| Posted: Fri May 14, 2004 9:28 pm Post subject: SVCHost.EXE |
|
|
It could be the Sdown.A trojan I had this myself and it got past norton. It is a backdoor trojan all norton will do is quarantine it. Until I sent 3 complaint letters to norton asking why it did not detect it it could not even detect it until the last week of April. The Backdoor Trojan apparently was discovered around April 4th or 6th. Same day I found it on the 4th. No info was available from anyone until the 10th...
go to http://housecall.trendmicro.com
They can identify this and get rid of it
here is info on Sdown.A
http://fr.trendmicro-europe.com/enterpr...OJ_SDOWN.A
This particular trojan can make svchost.exe use 99% processor time and will infect it. The two ways to identify and get rid of it check your processes list and see if a 5 digit random number or number letter combination is running... if so write this down and search for it on the hard drive also go to hkey_local_machine_software_microsoft_windows_current version_run and check for this same file delete the file itself and delete the registry entry this is the way to manually remove it.
Hope this helps |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
|
Powered by phpBB 2.0.8a © 2001 phpBB Group
Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
|
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
