• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

svchost.exe trojan

D

duragezic

Lifer
Kaspersky 6 (and its online scanner) both indicated the Backdoor.Win32.Agent.wo trojan was present in c:\windows\svchost.exe and it can't be disinfected. So I can skip or delete.

What can I do?? Svchost.exe runs a lot of the Windows Services I thought. In my running processes I have about 4 of them running. One is a LOCAL service, one NETWORK, and two SYSTEM. So I don't know how I can get rid of the backdoor without messing with windows services! 🙁
 
The legit svchost.exe is located in c:\windows\system32

Delete the bogus file(s)
 
The Svchost.exe file is located in the %SystemRoot%\System32 folder. At startup, Svchost.exe checks the services part of the registry to construct a list of services that it must load. Multiple instances of Svchost.exe can run at the same time. Each Svchost.exe session can contain a grouping of services. Therefore, separate services can run, depending on how and where Svchost.exe is started.
Click to expand...


Quite normal to have more then one running ,as John as stated more important is to where there are located in your OS,FYI I have 5 in task manager and yes been virus scanned with Bitdefender and Kaspersky.

More info here.
 
Damn, I dont know how I missed that it wasn't in /system32/! I've been around long enough to know they pull that kind of ****** with virii and spyware.

So yeah, I deleted the fvcker.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top