T
Tom Gordon
Yesterday, I got a Trojan Horse virus alert for the following program:
C:\WINDOWS\SYSTEM32\SVC.EXE
Norton Antivirus could not repair it, but it did quarantine the
program. However, I kept getting alerts for it.
So I went into the XP registry and found the following entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
pointing to the SVC.EXE program.
I deleted that key from the registry and shut down the system (powered
off) but after I rebooted, the next time I ran anything like Internet
Explorer or Explorer, I got the virus alert again. The program itself
no longer exists (I deleted it from the NAV Quarantine folder. But
something kept putting the registry entry back.
Then I read about turning off System Restore, because it can restore a
previous version of the registry. I turned it off, and deleted the
registry key (again). I powered down again to erase make sure memory
was cleared, but the virus alert still came back. I have no ideas
left. Can anybody help me? There is no specific removal tool on
Symantec's website for this generic Trojan Horse.
C:\WINDOWS\SYSTEM32\SVC.EXE
Norton Antivirus could not repair it, but it did quarantine the
program. However, I kept getting alerts for it.
So I went into the XP registry and found the following entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
pointing to the SVC.EXE program.
I deleted that key from the registry and shut down the system (powered
off) but after I rebooted, the next time I ran anything like Internet
Explorer or Explorer, I got the virus alert again. The program itself
no longer exists (I deleted it from the NAV Quarantine folder. But
something kept putting the registry entry back.
Then I read about turning off System Restore, because it can restore a
previous version of the registry. I turned it off, and deleted the
registry key (again). I powered down again to erase make sure memory
was cleared, but the virus alert still came back. I have no ideas
left. Can anybody help me? There is no specific removal tool on
Symantec's website for this generic Trojan Horse.