also @ TechSpot: Leaked next generation iPhone casing photos validate multiple rumors

TechSpot

Some kind of svchost.exe virus

Discussion in 'Virus and Malware Removal' started by Silith, Aug 17, 2009.

Thread Status:
Not open for further replies.

  1. Silith Newcomer, in training

    Hello.
    I had a fight for over a week almost against one virus and i can't win this battle alone.So i'm asking you for a help.
    This is the situation :
    First i don't know how did i get it cuz i haven't been visiting sites a months before virus nor downloaded anything from msn...
    Anyhow,i scanned my pc with : Kaspersky,avast,malwarebytes,combofix,AVG and few rootkit removers.
    Found few worms and i deleted them,but still i have one that cannot be detected by any of those AV above.
    When i turn on pc a message pops up.Generic host process win32 or something like that...
    It does absolutely nothing till i connect to the internet,then it changes the tray from blue to white old style and it blocks my internet.I can't do a thing and can't use my mozilla...absolutely nothing except restart my pc and try to look on google for some advice and helped (fast paced before it freezes my internet)
    When i installed kaspersky it always detected some invader that tries to inject into svchost.exe and all i could is to block it...couldn't delete/disinfect or anything else but still block didn't helped.He detected it exactly when the tray turns to a white old style (because when i restart my pc it goes back to blue) ....problem is that i can't find it with anti-virus, even in safe mode.
    Please help,thanks in advance !
    Silith, Aug 17, 2009
    #1

  2. Bobbye Helper on the Fringe

    Okay, let's try and put things into perspective:

    1. What is Generic Host Process for Win32? What is svchost.exe and what does it do? http://support.microsoft.com/kb/894391
    2.
    Not a good thing to do on your own. Combofix and Rootkit removers should ONLY be run if suggested by a helper and with supervision. You can fatally damage your system by indiscriminately running programs because you are desperate.
    3.
    You can't go randomly blocking without removing. You will need to follow an "organized" malware removal program, and provide the logs for review. If you are still needing help with this issue, we are temporarily short of helpers on TS. But I suggest you go HERE Follow the preliminary removal instructions.
    4. And something that makes a big difference:
    Okay, you've got a 'He' and an 'I'. Which is it?

    While malware can get in to the svchost.exe processes, it is also perfectly normal to see 5, 6, 7 of these processes running (I have 7-9) in the Task Manager for legitimate processes and Services. If you start blocking them, you're going to cause further damage.
    Bobbye, Aug 20, 2009
    #2

  3. Silith Newcomer, in training

    Thx for advices but look...
    I'm not new with those things and i always used to eliminate virus on my own using combofix and malwarebytes' anti-malware.But i just couldn't find the b****rd.
    I know how to use rootkit removers,combofix,avenger etc...
    And i know that 6-7 svchost.exe process' are running at the same time...it was just weird for me that everytime i connect to internet he starts his job which was really frustrating for me.I don't know what happened with his stealthiness :) but one day i just scanned pc with malwarebytes and he found trojan.banker (luckily i got no bank accounts or similar on my pc) in system volume information and i removed it now it's working all fine.I was asking for help cuz i didn't know what else to do when i can't detect him and he is working...
    Anyway thx for advices and your time : )
    Silith, Aug 22, 2009
    #3

  4. Bobbye Helper on the Fringe

    Again, you're referring to 'he' so it appears you are working on someone else's computer.
    Or are you using the pronoun 'he' referring to the malware programs? At any rate, I will not assume any responsibility for programs that you are running on your own or what you do with what they find.
    Bobbye, Aug 22, 2009
    #4

  5. Silith Newcomer, in training

    I'm referring to HE as an anti virus not other pc.....he...the anti virus found....on my pc.Nobody said you are supposed to assume any responsibilities oO i just explained the situation.I know how to use it and i always used them....just asked for some help ....
    Silith, Aug 22, 2009
    #5

  6. Bobbye Helper on the Fringe

    Bobbye, Aug 22, 2009
    #6
Thread Status:
Not open for further replies.