1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Unsure if this is a Trojan?

Discussion in 'General Software' started by Irish_PXzyan, Jul 30, 2007.

  1. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Hey.

    I have been attacked by something..I think...iam unsure what to think about it..but I do beleave its a trojan of some sort :eek:

    Here it is:

    At Startup it trys to install microsoft Word 2000..I click cancel but it comes back again...now it keeps doing this for 20 cancel clicks!!! then it all stops....when I Launch Tuneup Utilities and go to currently running programs..it shows 4 SVNhost files that look different from the other...they are RED and are shown as Dangerous. I terminate all 4 and they are gone...but of course they startup all the time...even if I uncheck them so they wont start up on boot.....they still come up anyway! so they are trojans right??

    They also take up 15megs of ram each also.

    Is there anything I can do to get rid of these annoying things??
  2. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    Do you have an anti virus? Go safe mode and do a system scan, also if u have the software called hi jack this, post a hi jack scan log, so other people can help out :D, but try doing a virii scan first :D
  3. HookeyStreet

    HookeyStreet Eat, sleep, game!

    Joined:
    Aug 29, 2004
    Messages:
    7,136 (1.95/day)
    Thanks Received:
    523
    Location:
    Great Yarmouth, England
    Just download NOD32, that will kill it, and another nasties that you have on your system ;)
  4. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    Yeah try that too :D been using that for a year now, and it beats crap out of norton, in terms of resource usage and scanning
    :D
    :rockout:
  5. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Yea I am aware of Anti-viruses and I know whats good out there!!

    I already have NOD32 lol. But it does nothing about it!
    I guess I should go into safe mode and do a virus scan!!! oh god..the damn effort!!

    Thanks alot peeps!
  6. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Ok downloaded that program and here is the log file!

    Should I restart the computer also and let those 4 trojans be running in the backround??
  7. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Ok downloaded that program and here is the log file!

    Should I restart the computer also and let those 4 trojans be running in the backround??

    Oh my bad!!

    Attached Files:

  8. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    do a scan before terminating those processes so others can see the hijack log :D
  9. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Yea I just done a scan! pitty tho..I am unsure what to make of it :p
  10. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    svchosts are system related files/processes, I don't know about svnhosts maybe virii, or worm, try using online scanners also run hijack log after boot or don't terminate those processes... and uhm a little googling for that exe file usually gives information about it.. Let's wait for the pros hehe
  11. Ben Clarke

    Ben Clarke

    Joined:
    Aug 10, 2006
    Messages:
    4,403 (1.50/day)
    Thanks Received:
    152
    Location:
    England
    svchost.exe is the only s__host file there should be running. You have a virus. Keep an eye out for scvhost as well, thats a virus too. It looks like the real thing, but the c and v are the wrong way round.
  12. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    W32/Agobot-GW - Worm - Sophos threat analysis
    as svnhost.exe and creates the following registry entries to run itself ... Microsoft Update Event = svnhost.exe. Registry entries are also created under: ...
    www.sophos.com/security/analyses/w32agobotgw.html

    Its a virii or malware found it off google.... Hope that helps out
  13. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Ok I had a feeling they were viruses! bloody hell..how did I manage to get them....I am careful on what I download....

    Ok so...I will restart the computer..let them do there annoying thing and do a scan..then come back here and put the log on here and see what yee guys can make of it.

    I will be gone for a good 15 mins btw! I need my mug of tea :p
  14. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    Last edited: Jul 30, 2007
  15. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    Ok I just restarted and here is the log file with those 4 running viruses.

    Attached Files:

  16. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    read my post above, I gave you a link on how to fix it, and another link with an information for it
    Irish_PXzyan says thanks.
  17. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    oh yes! I missed that hehe! thanks for the assistence!
  18. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    Anytime mate :D hope you get your system purified :D, I treat virii like the ghost/demons in exorcist :roll:
  19. Irish_PXzyan

    Irish_PXzyan

    Joined:
    Oct 30, 2006
    Messages:
    2,433 (0.85/day)
    Thanks Received:
    53
    Location:
    Republic Of Ireland
    hehe! ive never had any issues with viruses and take them seriously!! Now that I have bloody got them for the first time....my god..whats become of me!!!
    Next I will be calling a priest over here to bless my rig!
  20. psyko12

    psyko12

    Joined:
    Jun 5, 2007
    Messages:
    1,863 (0.70/day)
    Thanks Received:
    168
    LOL, I just treat my pc as a person, coz I've spent most of my earnings for it lol.. Am I crazy, hahaha well don't want to get my investment ruined.. Rofl glad your pc is safe and sound now :roll:
  21. DRDNA

    DRDNA

    Joined:
    Feb 19, 2006
    Messages:
    4,778 (1.53/day)
    Thanks Received:
    566
    Location:
    New York
  22. Steevo

    Steevo

    Joined:
    Nov 4, 2005
    Messages:
    8,239 (2.55/day)
    Thanks Received:
    1,155
    Comodo firewall. AVG Free,
    10 Million points folded for TPU

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page