Virus help.....!

Status
Not open for further replies.

sidewinder

Ambassador of Buzz
Hi guys.Plz help me to solve my problem.I use windows 2000 adv server and winxp as my operating systems.One day I was running my antivirus software manualy in winxp and it found some viruses in the c: drive where win2kadvsrvr is installed.After the scan was complete it healed all the viruses.But now whenever I log into win2k adv srvr it shows an error msg that svohost.exe is not found[The virus infected file] which was located in winnt/system32 folder.This entry is not in the startup folder.I have used various software like system mechanic,ashampoo etc which allows the editing the startup programs list but the entry is not found so I cant delete it.It seems editing some registry values is needed.Guide me through the steps....
 

ShekharPalash

Web Entrepreneur
It's actually SVCHOST.EXE (Service Host; which manages System Services in Windows Systems)
Disable Windows XP System restore Service on all drives, update your AV and rescan.
This sud fix da problem... also don't forget to patch ur both OSes...

order this free security update asia CD from MS here...

*s.microsoft.com/asia/security/ordercd_sec.asp

Also Visit www.microsoft.com/windows to order Windows XP SP2 FREE CD.... and download if u have high speed internet... it's a 80-266 MB download.

Always keep updated... u'll be more secure!!
 

Kl@w-24

Slideshow Bob
If u can boot into XP, then try this. Insert ur Win 2K AdvSvr CD and search for th file 'svchost.ex_'. It should be in th CD's 'i386' folder. Copy it to a folder on ur hard disk. Now search for 'expand.exe'. Once both files hv been found, type th following at MS-DOS prompt :

expand -r D:\svchost.ex_ D:\svchost.exe

This is, considering u hv copied svchost.ex_ to ur D:\drive.
Now copy th expanded file to ur WINNT/SYSTEM32 folder. Now try booting into Win 2K AdvSvr.
 
OP
sidewinder

sidewinder

Ambassador of Buzz
no guys its not svchost.exe.I know what svchost.exe is.The infected file was infact svohost.exe and it was infected by some agrobot virus....

I can boot into both the oses and both of them r working fine

I use nav 2004,Quick heal,Mcafee pro 8 and Avg free and all of them have latest definitions..

The problem is It after booting into advsrvr it shows a nagging error msg of which i want to get rid of
 

Kl@w-24

Slideshow Bob
Looks like th file is registered as a service. Run 'services.msc' from th Run dialog, and see what services are installed. If there is some service which refers to 'svohost.exe', disable it. Also, run 'Regedit' and search for 'svohost.exe'. Delete all entries mentioning it. Backup ur registry b4 attempting this !!
 
Status
Not open for further replies.
Top Bottom