CastleCops® svchost.exe Backdoor trojan

Need help? Click here to register for free! Absolutely zero advertisements on this site!

	Donation/Premium

	Donations. Become Premium Today!

	Security Central

	· Home · PIRT/Fried Phish · MIRT · SIRT · Deutsch · Wiki · Newsletter · O16/ActiveX · CLSID List · Contest2007 · Downloads · Feedback (send) · Forums · HijackThis · Hijacktrend · LSPs · My Downloads · O18 · O20 · O21 · O22 · O23 · O9 · Premium · Private Messages · Proxomitron · Reviews · Search · StartupList · Stories Archive · Submit News · WsIRT · Your Account · Acceptable Use Policy

Forum FAQ

Usergroups

Profile

Select FavForums

svchost.exe Backdoor trojan

This topic is locked you cannot edit posts or make replies

All -> FavForums -> Norton Anti-Virus

[del.icio.us!] [digg it!] [reddit!]

View previous topic :: View next topic

Author

Message

Tomas2000

Cadet
Cadet

Joined: Apr 30, 2004
Posts: 2
Location: USA

Posted: Sat May 01, 2004 11:53 am Post subject: svchost.exe Backdoor trojan

Hi- Not sure if this is the appropriate venue, but here's my question- I have Norton SystemWorks 2004, and I had an infection with the Gaobot worm that prevented me from using it. My IT adminstrator at work helped me rid myself of the worm, but I'm still having a problem with one remaining virus. The NAV scan lists "svchost.exe" as a backdoor Trojan, and attempts to quarantine or delete it are met without success. In addition, I am unable to access the symantec website, despite the fact that my internet connection is working, and I can go to any other website that I like. My brief and uneducated reading of the microsoft website made me think that I have the mydoom virus, but downloading and running their detection tool yielded no virus. Any suggestions? Thanks- Tom

Freddy57

Trooper
Trooper

Joined: Apr 30, 2004
Posts: 21
Location: Afghanistan

Posted: Sat May 01, 2004 7:34 pm Post subject:

You might try booting your computer into "safemode with networking" and then connect ot the symantech site and download virus tools. That should get you around the affects of the virus. _________________ Fred Free computer Tutorials http://www.stexams.com

BrainCruzin

Cadet
Cadet

Joined: May 14, 2004
Posts: 1
Location: USA

Posted: Sat May 15, 2004 1:28 am Post subject: SVCHost.EXE

It could be the Sdown.A trojan I had this myself and it got past norton. It is a backdoor trojan all norton will do is quarantine it. Until I sent 3 complaint letters to norton asking why it did not detect it it could not even detect it until the last week of April. The Backdoor Trojan apparently was discovered around April 4th or 6th. Same day I found it on the 4th. No info was available from anyone until the 10th... go to http://housecall.trendmicro.com They can identify this and get rid of it here is info on Sdown.A http://fr.trendmicro-europe.com/enterprise/security_info/ve_detail.php?Vname=TROJ_SDOWN.A This particular trojan can make svchost.exe use 99% processor time and will infect it. The two ways to identify and get rid of it check your processes list and see if a 5 digit random number or number letter combination is running... if so write this down and search for it on the hard drive also go to hkey_local_machine_software_microsoft_windows_current version_run and check for this same file delete the file itself and delete the registry entry this is the way to manually remove it. Hope this helps

	All -> FavForums -> Norton Anti-Virus	All times are GMT
Page 1 of 1

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


	2002-2008 � Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 134ppm 0.223s (0.039s) Making cybercriminals unhappy since 2002*