Help Needed With Virus
help can some1 help me
//-----------------------------------------------------------------
//
// ProductBitDefender Antivirus Plus v10
// Product10.2
//
// Created on: 27/12/2007 19:23:05
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\
\
Folders : 4060
Files : 231745
Memory processes scanned : 37
Archives : 14710
Runtime packers : 22860
Identified viruses : 2
Infected files : 1
Memory processes infected : 1
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 0
I/O errors : 48
Scan time : 00:31:12
Scan speed (files/sec) : 123
Spyware Statistics
Registry keys scanned : 292
Registry keys infected : 0
Cookies scanned : 7
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 962380
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1198754585.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
<System>=>C:\WINDOWS\system32\svehost.exe (memory dump) Infected: Generic.Malware.G!SI!!MWX!!g.4EEF956B
<System>=>C:\WINDOWS\system32\svehost.exe (memory dump) Disinfection failed
<System>=>C:\WINDOWS\system32\svehost.exe (memory dump) Move failed
<System>=>C:\WINDOWS\system32\svehost.exe (full dump) Infected: Generic.Malware.G!SI!!FLMWX!!Bg.ED035EA9
<System>=>C:\WINDOWS\system32\svehost.exe (full dump) Disinfection failed
<System>=>C:\WINDOWS\system32\svehost.exe (full dump) Move failed
Comments
-
ehmmm i really need help
0 -
Please do the following, prefferably in safe mode:
1) Open your Taks-Manager, by pressing CTRL + ALT + DEL. Please search any instance of the malware, and, if you find any, kill it.
2) Go to C:\WINDOWS\system32\ and delete the file svehost.exe
3) Open the registry editor, by going to START -> Run, type in Regedit, and hit enter. Browse to the following keys:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, and delete any value which contains a refference to the malware. Do exactly the same for the following jey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
Post if you got ride of it.
Cheers!0 -
ok i did not understand by instance of the malware..how do i find that?
and i could not find the file svehost.exe
and in HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
i found nothing but msn, bitdefender
however in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
i found the microsoft update:svehost so do i delete it?0 -
Yep, delete that key. Don't forget to also kill the process associated with this program and delete it.
0 -
ok i did not understand by instance of the malware..how do i find that?
and i could not find the file svehost.exe
and in HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
i found nothing but msn, bitdefender
however in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
i found the microsoft update:svehost so do i delete it?
Hi,
1. malware= svehost.exe. The MS legit file is svchost.exe but this one (svehost.exe) is malware and you should delete it. But first follow the instruction given :1) Open your Taks-Manager, by pressing CTRL + ALT + DEL. Please search any instance of the malware, and, if you find any, kill it.
2. If you can't find the file it may be hidden, to find the file first unhide the file by going to start-control panel- folder options- view- check display the contents of system folders, check show hidden files and folders. uncheck hide extention for known files types then click apply.
3. The given run registry item (to remove) refers to: C:\WINDOWS\system32\svehost.exe
Success0
