Home > Help Please > Help Please - Norton Reports Trojan In System32\explorer.exe Undetected By TrendMicro

Help Please - Norton Reports Trojan In System32\explorer.exe Undetected By TrendMicro

If you terminate a certain instance, it WILL cause windows to shut down and restart. Affected Platforms This Trojan runs on Windows NT, 2000, XP, and Server 2003.

Analysis By:Zeus M. Flrman1, Aug 10, 2004 #4 Cinamon Thread Starter Joined: Aug 10, 2004 Messages: 15 Flrman - thank you. I was thinking of burning some files onto a dvd, but are there any websites that allow me upload files that are big? (I'm talking about 20 Gigs) Flag Permalink This http://inc1.net/help-please/help-please-trojan-trojan-win32-pakes-bpw-and-more.html

Uncheck the Hide file extension for known file types check box. Sciader in this moment stolen all my Ram!!!! Jim Yes, svchost's multiple copies (wierd) on my computer keep trying to access different servers. Shut down and restart your computer.

andrew these file can be deny access to internet. See also: Link Martin Normally safe but can represent a disguised parasite. also most spy ware programs dont pick up all the spyware...

When you are sure you are clean turn it back on and create a restore point. gzibret a new dial up connection can't created even existing one not open. Select Show all files, then click OK. • On Windows 2000, XP, and Server 2003 Open Windows Explorer. Tom Easy to contract, even with some virus & Firewall protection, Hard to remove!

The process in itself is harmless, but it can be used for harmful purposes. it is also using a lot more memory than the others. be patient as the 1st Responders are pretty busy. More Bonuses Preview post Submit post Cancel post You are reporting the following post: Help Please!!!!

I can remove these pests using Pest Patrol, but they just keep reappearing, esp on windows startup. This Trojan uses rootkit techniques which allow it to hide its running processes and files. Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Well, I tried running the Computer Associates online scanner, it detected something that Zone Alarm and Norton did not find, something that infected Java and its temporary files.

The list is not all inclusive.Note: ComboFix may require some anti-virus programs to be uninstalled before running the tool. C. Looks like I'm going to end up formatting, thanks for the effort guys. I don't know why it used 100%of the CPU because it didn't on my computer.

Virus with same file name: Symantec Security Response - W32.Welchia.Worm Symantec Security Response - [email protected] McAfee - W32/Jeefo Microsoft Conficker worm Click to Run a Free Scan for svchost.exe related errors http://inc1.net/help-please/help-please-subseven-backdoor-trojan-horse.html I suspect the CPU usage thing may be more a software than malware problem--potential XP service pack 2 glitches. and i got 2 other svchost.exe The one is Local Service and the other is Network service :S XambeR its taking 100% cpu .dont know what Sometimes, it uses 99% of Turn off System Restore: On the Desktop, right-click My Computer.

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged I disabled the DNS client service and the problem is gone with no side effects. See also: Link Craig It is a Windows file, but is annoying in that you can have multiple instances of it running and sucking up RAM resources. http://inc1.net/help-please/help-please-trojan-gen.html and its still there, i didnt even connect to the internet and i saw the Svchost.exe on task manager, I do end process or end process tree and i it shows

Running Trend Micro Antivirus If you are currently running in safe mode, please restart your system normally before performing the following solution. It sends a special packet. If kill an instance that is running a critical service, you'll probably have to shutdown your computer.

they are good like that!

Usually under 10MB in the task manager, anything larger than 10MB, I end manually on systems with suspious files. but it got fixed when i updated windows update a couple of times... Set the Show List field to 10 seconds and click OK to save this change. svchost.exe is a microsoft program and is not a trojan/virus but can be attacked by other trojans.

I've had a LOT of problems with this little file. ComboFix will begin by showing a Disclaimer. Lonteo attempts to connect to a hacker site. have a peek at these guys Trojans hide themselves in the scvhost file, so when you boot your machine the virus is always launched, and you cannot shutdown the proccess.

Click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply. Error code: 2S136/C Contact Us Existing user? Guranteed its a virus Shatadal Mandal As "God" said, "...if it uses more memory than explorer it is a parsite if it dosn't its all gd." -- my svchost.exe uses about A real headache!

I am unable to scan in regular mode because the virus eventually takes over, I get about a million alerts from Norton and ZoneAlarm, and then the Blue Screen of Death I try always to block it's access See also: Link run cmd and go tasklist /svc and you'll see all the apps this "service" is running laughing This file is used Otherwise, it is malicious. sean Yee No danger.

Include the address of this thread in your request. I'm running Win XP sp2 Ver.5.01. See also: Link rupweb There are copycat virus' that have the same file name,even worms.I'm staring at one now that housecall found thats in the common files folder.So be carefull people. They can be re-installed after your machine has been cleaned.Please download ComboFix from one of the locations below and save it to your Desktop. <-Important!!!If you downloaded ComboFix previously, delete that

if it gets on to your internet files it doesnt' let you to go on some web sits About 100% memusage:It is most likely the rpc worm. I have a ton of .exe and .dll files of all different names. Enabling Show All Files This procedure allows you to access hidden malware files using Windows Explorer. • On Windows NT Open Windows Explorer. This allows for better control and debugging.

So do I believe Norton's trojan alert? rosana Part of the windows system, but called by MANY viruses/worms. If this occurs, please reboot to restore it.-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security.Do NOT use ComboFix unless you aristocrat.

Run an updated antivirus scan to get rid of it Vhailor svchost.exe is normally a critical system file. Do not mess with svchost, as you may damage your computer or force it to shut down. Anthony Tasklist /SVC is not working for me on XP Home .....