Help, Daughters Netbook computer has a trojan
 

TROJAN: svchost.exe(1036)

This is a win32 variant.

The computer is an acer ASPIRE ONE Netbook.

NOD32 anti-virus, and Malwarebytes are installed.

Assistance would be greatly appreciated.

.

When was last A/Virus update?
Try going into safe mode and run virus scan or can't you?

google.com
download rkill, and all it's variants.
pick one, and run it, THEN when it's finished run malware bytes and it should be removed.

Might not be able to get in.

Let us know if you can boot into safe mode. Right before the Windows loading screen press F8 and select "Safe mode without networking". Then run the A/V software. Safe mode will only load the most essential drivers to run. Svchost is network-related so you should select without networking...I am not positive if it loads or not anyways but that's your best first move.

Answer
 

Virus signatures update every hour.

Tried safe mode, wasted many hours, the Trojan is found but can not remove it.

.

What OS? Any files on the machine she needs?

-J

Thanks
 

Just finished loading them on a thumb drive.
Loading into her machine now.

.

Answer
 

windows xp home sp3
unknown school stuff.


.

Update
 

NOD32 still finds but will not touch it.

Malwarebytes is running now.

The Trojan is taking huge resources = slow...

I recently had an issue where I was able to go back and have the computer reset a day or so earlier. I don't remember how I went about it. If I remember I'll let you know.

Can you go back to set it some time in the past?

If you reset more than a week to a previous set point, Malwarebytes will work in non-safe (normal)mode,or always has for me.

It is called system restore, and I have had to do it a few times before too! If it has Windows Vista or Windows 7 you can search at the bottom of the Start Menu. Just search System Restore. They you can go back a few days, and you shouldn't have the Trojan anymore, unless it was acquired before the reset.

If you still have the problem, go to www.bleepingcomputers.com and find the virus section. Post a good description of your computer, operating system, and what's happening. They will have you download several programs which list the files on your computer. You will post the results for them to inspect. They will get back to you in about two days with a recommendation of how to fix it along with links so you can download the appropriate virus programs.

It is a computer geek forum and they can basically fix anything. Pretty much.

Daughter here--
I was helped by an awesome guy on NOD32's tech support. He used remote access to get the nasty thing taken care of. Thanks for the help, everyone!


.