Darn trojan

[BaldLoonie]

Got this sucker Malwarebytes finds but won't remove. Been suggested to use Combofix to get rid of it. Anybody used that program before?

[Elfshadow]

I would not touch combofix unless you have a rootkit installed on the system and you know what you are doing. It can nuke your system. I only touch it for really infected comps.

I would just let malware remove it and see if it pops back up. Also you should check any system connected to your network. What OS you running win7 or xp??

[ga-hvac-tech]

See if you can find the exact name of the malware in question... then google it. Usually there is a specific patch available to 'cure it'. Sometimes one needs to run two different malware programs to catch all the 'stuff' out there.

Along with running Kaspersky and Nod32 (the latter is manually only--AV/malware programs tend to not mix well...need to shut one down before starting the other); I have my IT guy come by once a year and wipe/rebuild the entire software on my workstation. Takes around 3-4 hours to get all the apps and routines set up again on a fresh Windows install... and costs me around a C note... however it also rids me of 'build-up'. This time I will leave WinXP pro and go to Win7Pro64. Hardware will handle 64bit... I have some new photo-processing software that does not run on XP... and M$FT is not gonna support XP much longer.

Try the google approach.

You could also try CCcleaner... it is a registry tool... WARNING... one can delete most of the cookies and DLL's if they are not careful... and take hours to get all your apps and routines working again.

[Elfshadow]

If you do decide to go ahead and try it, make sure you download it from bleeping computers. If I remember correctly someone has the domain for combofix and is hosting something different there.

[Elfshadow]

If this is the type of Trojan that is coming back I would try this out. I have heard good things but have not had a chance to try it out yet. This is malwarebytes anti-root kit tool.

http://www.malwarebytes.org/products/mbar/

One last thing, you might want to check your router out if you keep getting this sorta infection back. I have seen viruss that will login to the router and set it up the DNS so everything goes through say Russa. This can also be done on your computer through the dns and proxy settings.

[Senior Tech]

The title of this thread could go many directions

I'm thinking Dad would be the one to ask about it....he's a computer geek and a darn good one compared to me

[timebuilder]

And here, I thought someone had just become a grandfather again.

As for computer trojans, get the name and search Major Geeks. They have some top notch members.

I use CCleaner, malwarebytes, registry mechanic, super anti-spyware, and Avira free edition.

[Space Racer]

I recently ran most of the scanners I found here:

https://support.mozilla.org/en-US/questions/938759

The one that found a trojan on my computer was the microsoft security scanner. It took 3 hours.

[amd]

svchost isn't the bad process itself - it's just an executable file which hosts some processes.

You have to find and delete the infected files, then remove the registry keys associated with it.

ccleaner only finds invalid registry references - it doesn't remove trojans.

[jmac00]

The title of this thread could go many directions

I'm thinking Dad would be the one to ask about it....he's a computer geek and a darn good one compared to me

I thought the same thing, this thread is not what I was expecting

[chaard]

I was thinking someones gonna be a daddy.

[Mr Bill]

Weird, I always thought svchost.exe was a normal windows program. I use Malwarebytes Pro, it actively does malicious website blocking and file system protection, so for all has been well. I would also try booting in "F8" safe mode and run Malwarebytes, might be better.

[BaldLoonie]

Sorry boys, not those kind of Trojans

Regular Malwarebytes doesn't touch it. What is the MB anti-root tool thingie? Might it get what the regular one doesn't? I'll sure try Bill's suggestion of running it in safe mode.

My IT friend who suggested combofix did say getting it from bleeping computer.

This is at work with a crazy network and a crazy IT lady who keeps finding ways to blame me for it like using Firefox not IE, going on Facebook for 30 seconds to send a message to a customer or running Outlook with the preview pane open. I pointed out I do lots riskier things at home without a problem.