PC Security Forum

Full Version: Someone help me with a virus?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Every time I turn my computer on my Vipre antivirus software says that it stopped a trojan from the file path Svchost.exe . Here are some details.

File Path C:\Windows\system32\svchost.exe
Process ID 712
File Size 27136(B)
CRC8 C7061925B3380000
Application Rating 1 -- Known Good
Added To Always Allow List No
Company Microsoft Corporation
File Version 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name Microsoft® Windows® Operating System
Product Version 6.1.7600.16385
Description Host Process for Windows Services
Copyright © Microsoft Corporation. All rights reserved.



Attempted to modify the following file
File Path C:\Windows\assembly\temp\U\80000004.$
MD5 cad5f92045b581a877ec5cb1b738233d
CRC8 A73794F181CB0000
Application Rating 2 -- Known Bad
Threat ID 4150696



Action Taken
User Name \\NT AUTHORITY\SYSTEM
Action 2 -- Blocked
Reason 2 -- VIPRE Known
Svchost.exe is a legit file and part of OS. Svchost.exe is a generic host process name for services that run from dynamic-link libraries (DLLs). Looks like your system is infected and VIPRE has not been successful at cleaning it properly.

svchost.exe is located in windows system32 folder as you have pointed it rightly. Still make sure the name is svchost.exe and not any other variation like scvhost.exe which is definitely a virus.

I suggest you run the system in safe mode and then do a thorough scanning with VIPRE with updated definition. It should help.
You need a good anti virus who can easily remove trojan. You can go with macafee its able to remove this virus.
Reference URL's