TROJAN: svchost.exe(1036)

This is a win32 variant.

The computer is an acer ASPIRE ONE Netbook.

NOD32 anti-virus, and Malwarebytes are installed.

Assistance would be greatly appreciated.

.

When was last A/Virus update?
Try going into safe mode and run virus scan or can't you?

google.com
download rkill, and all it's variants.
pick one, and run it, THEN when it's finished run malware bytes and it should be removed.

__________________
John HAUL AWAY, OR CRUSHED CARS!!! HELP ME keep the cars out of the crusher! A/C Thread
"as I ride with my a/c on... I have fond memories of sweaty oily saturdays and spewing R12 into the air. THANKS for all you do!

My drivers:
1987 190D 2.5Turbo
1987 190D 2.5Turbo
1987 190D 2.5-5SPEED!!!

1987 300TD
1987 300TD
1994GMC 2500 6.5Turbo truck... I had to put the ladder somewhere!

Might not be able to get in.

Let us know if you can boot into safe mode. Right before the Windows loading screen press F8 and select "Safe mode without networking". Then run the A/V software. Safe mode will only load the most essential drivers to run. Svchost is network-related so you should select without networking...I am not positive if it loads or not anyways but that's your best first move.

__________________
TC
Current stable:
- 2004 Mazda RALLYWANKEL
- 2007 Saturn sky redline
- 2004 Explorer...under surgery.

Past: 135i, GTI, 300E, 300SD, 300SD, Stealth

Virus signatures update every hour.

Tried safe mode, wasted many hours, the Trojan is found but can not remove it.

.

What OS? Any files on the machine she needs?

-J

__________________
1991 350SDL. 230,000 miles (new motor @ 150,000). Blown head gasket

Tesla Model 3. 205,000 miles. Been to 48 states!
Past: A fleet of VW TDIs.... including a V10,a Dieselgate Passat, and 2 ECOdiesels.
2014 Cadillac ELR
2013 Fiat 500E.

Just finished loading them on a thumb drive.
Loading into her machine now.

.

windows xp home sp3
unknown school stuff.


.

NOD32 still finds but will not touch it.

Malwarebytes is running now.

The Trojan is taking huge resources = slow...

I recently had an issue where I was able to go back and have the computer reset a day or so earlier. I don't remember how I went about it. If I remember I'll let you know.

Can you go back to set it some time in the past?

__________________
Jim

If you reset more than a week to a previous set point, Malwarebytes will work in non-safe (normal)mode,or always has for me.

__________________
Strelnik
Invest in America: Buy a Congressman!

1950 170SD
1951 Citroen 11BN
1953 Citroen 11BNF limo
1953 220a project
1959 180D
1960 190D
1960 Borgward Isabella TS 2dr
1983 240D daily driver
1983 380SL
1990 350SDL daily driver alt
3 x Citroen DS21M, down from 5
3 x Citroen 2CV, down from 6

It is called system restore, and I have had to do it a few times before too! If it has Windows Vista or Windows 7 you can search at the bottom of the Start Menu. Just search System Restore. They you can go back a few days, and you shouldn't have the Trojan anymore, unless it was acquired before the reset.

If you still have the problem, go to www.bleepingcomputers.com and find the virus section. Post a good description of your computer, operating system, and what's happening. They will have you download several programs which list the files on your computer. You will post the results for them to inspect. They will get back to you in about two days with a recommendation of how to fix it along with links so you can download the appropriate virus programs.

It is a computer geek forum and they can basically fix anything. Pretty much.

Daughter here--
I was helped by an awesome guy on NOD32's tech support. He used remote access to get the nasty thing taken care of. Thanks for the help, everyone!


.