Yet another SVCHOST ?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Bit Defender detected that c:\windows\system32\svc\svchost.exe was infected.
It was unable to repair or delete - hmmm. If I change the name (just in case)
and replace it, how do I know which one to use? There are several on my
system. BTW - I have already changed the name and extracted the one from my
WinXP Pro CD.
 
Fast Reply!! :))

By normal, do you mean not upgrade? There is another file in that folder
MSWINSCK.OCX 106K June 23, 1998 with a MS Digital Signature that is reported
as OK. The advanced tab on Digital Sig shows a serial number, etc.

Is this still OK? Is it OK to delete? Was it placed there by the Trojan? Or
from a prior MS OS install?
 
What I was saying was that sub-folder path isn't created by or a
standard part of an XP \System32 tree. Other applications can create
subfolders there (QuickTime,....) so the files may be a part of another
valid application. I would just rename the files to some non-functional
extension ( I move the normal 3 letter extension over and add .org
in front). So Svchost.Exe would become Svchost.orgexe. It just seems
suspicious to me that the subfolder is named like it is (\Svc). I did a
quick search and couldn't get a match for \Windows\System32\Svc
I would use the online TrendMicro free scan to see if it also indicts the
file and can clean/delete it for you.
 
=?Utf-8?B?SnVzdFVz?= said:
Bit Defender detected that c:\windows\system32\svc\svchost.exe was infected.
It was unable to repair or delete - hmmm. If I change the name (just in case)
and replace it, how do I know which one to use? There are several on my
system. BTW - I have already changed the name and extracted the one from my
WinXP Pro CD.
Click to expand...

Some viruses take the name of svchost.exe. Deal with it. Next time dont
download and install the virus. I dont.
 
Well Plato, I didn't know I had the virus until I tried BitDefender. If I
knew a file had a virus, I would not have downloaded it!! Would you? The
other detection tools I have let it pass. It is unknow when this was done. I
was able to to finally delete the file and directory. All is well. It is
interesting that Symantec has not responded to sending the file. BitDefender
responds within a very few hours - a real person on the other end of the
email.

And YES I dealt with it. And I suppose you have never had a
virul/malware/spyware detection either.
 
Back
Top