Jump to content


Photo
- - - - -

Svchost.exe does not go away.

svchost

  • This topic is locked This topic is locked
29 replies to this topic

#21 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 26 February 2012 - 12:06 PM

Hello,
Winkey is the Windows key on your keyboard (lower left-hand on keyboard). Most all modern-day keyboards have it.

Let's try this registry fix to see if it helps your current issue.
Please download ExeFix.reg by farbar and save it to a flashdrive or on the root of the system drive (usually C:).
  • Important: Boot your computer into the account that has trouble running exe files.
  • Right-click it and select Merge.
Logoff & Restart system fresh. Tell me, How is it now?

Also, I need for us to square away your anti-virus program situation: Logs showed presence of Norton/Symantec & AVG.
Was AVG the latest one that you setup?
Did Norton come pre-installed from factory?
There should only be one active anti-virus app & it needs to be current & up-to-date.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#22 Jonkiote

Jonkiote

    New Member

  • Members
  • Pip
  • 19 posts

Posted 26 February 2012 - 03:15 PM

Awesome, that fixed the exe problem!
Norton was preinstalled when I bought the comp, and I did have AVG, but I uninstalled it months ago because I thought it conflicted with MBAM.

#23 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 26 February 2012 - 04:49 PM

Alright. WTG.
Kindly make it plainly clear to me: which one of the anti-virus is currently installed?
Cause you will need to run a cleanup tool to completely remove the other.

Also, Check to insure your Adobe Reader is up-to-date for any patches/fixes.
Start Adobe Reader. Go to the Help menu item, select the Check for Updates option, and follow the prompts.

Next, you already have Security Check utility. Run it one more time. Then copy/paste the new Checkup.txt
Tell me if all else is OK ?

I think on next round we can have you do the final closure steps.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#24 Jonkiote

Jonkiote

    New Member

  • Members
  • Pip
  • 19 posts

Posted 26 February 2012 - 07:27 PM

I believe Norton is currently installed. I could have sworn I uninstalled avg already using avg remover.
Yes, all else seems to be fine. All systems green!
Results of screen317's Security Check version 0.99.31
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
Java™ 6 Update 31
Adobe Flash Player 11.1.102.62
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (10.0.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

#25 Jonkiote

Jonkiote

    New Member

  • Members
  • Pip
  • 19 posts

Posted 26 February 2012 - 07:29 PM

That's weird. Why does it say my adobe reader is out of date? I checked for updates, and there was none. I have v9.5.0.

#26 Jonkiote

Jonkiote

    New Member

  • Members
  • Pip
  • 19 posts

Posted 26 February 2012 - 07:57 PM

So, I went to the adobe site, and downloaded the latest adobe reader there. Here's the new Security check log:

Results of screen317's Security Check version 0.99.31
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
Java™ 6 Update 31
Adobe Flash Player 11.1.102.62
Adobe Reader X (10.1.2)
Mozilla Firefox (10.0.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

#27 Jonkiote

Jonkiote

    New Member

  • Members
  • Pip
  • 19 posts

Posted 26 February 2012 - 10:39 PM

Besides the antivirus problem, the only question I have left is regarding my ipod/USB. When I had the trojans and infections, I did frequently plug them in. Does that mean my usb/ipod could be infected too? (I have not plugged anything into the computer ever since my first post on this site).

#28 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 28 February 2012 - 09:47 AM

On the USB-flash-drive: Do a couple of scans on it.
press and hold the SHIFT key & then insert it, and then do a scan on it with MBAM & then with your anti-virus.

We can wrap this up now. I see that you are clear of your original issues.
If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used.

We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it combofix Posted Image),
put that name in the RUN box stated just below.
The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.
Note the space before the slash mark.
The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk.

  • Highlight the line in this CODEBOX.
    Select & Copy the entire line within this codebox (so that it is in Windows clipboard memory)
    c:\users\Carelessjon\Desktop\ComboFix /uninstall

  • Start >> type in cmd >> press the Ctrl+Shift+Enter keyboard combination and cmd.exe will be launched as if you selected Run as Administrator. You will then see a User Account Control prompt asking if you would like to allow the Command Prompt to be able to make changes on your computer. Click on the Yes button and you will now be at the Elevated Command Prompt.

    Do a Right click within the command prompt window and select Paste. This must show the line from Codebox above.
    Then tap Enter

IF in the case Combofix un-install has an issue, skip that step.

NEXT
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use on a regular basis to backup the system registry.

Be very sure you have registered Norton I.S., have a current license, and that it is up-to-date on definitions !

If these are leftover, delete these tools:
aswMBR
RogueKiller
TDSSKiller

We are finished here. Best regards.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#29 Jonkiote

Jonkiote

    New Member

  • Members
  • Pip
  • 19 posts

Posted 28 February 2012 - 04:09 PM

Great! Thank you for your help Maurice. I've learned a lot.
Time to make a restore point and then use the internet!
Cya! :D

#30 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 28 February 2012 - 04:14 PM

Posted Image Good.
Please make sure you also use backups & image-backups to offline media, like CD/DVD or external drives. Having current total image backups is the best insurance.

All the best.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users