Jump to content
Compatible Support Forums
Sign in to follow this  
Ace

Virus

Recommended Posts

Yea, my McAfee 6.0 program detected a virus but when I try to delete it, it tells me that I don't have access or something so I can't delete. I have only one account on my Windows XP and I have full control over everything. All I could do was jsut press "Stop." This happened to another virus detected right after, then the first virus file popped up again and I said "Stop" then the pop-ups stopped.

 

So has the virus gone away now, or should I do something else?

Share this post


Link to post

I had a the same problem not to long ago. It was some kind of trojan running as a process. Pull up the task manager and check your running processes. If this is the case simply end the process and rescan. You should be able to delete it with no problem.

 

Hope this helps

 

Chris

Share this post


Link to post

Ok, so I ended up restarting the computer, then scanning the virus with McAfee. It found two infected files and I cleaned them. But when I look into my Task Manager, there's three applications running with the file name svchost.exe, which the filename of the virus. Now the user name though were Local Service, Network Service, and System. So is this is a coincidence or something?

Share this post


Link to post

you should only have 4 svchost.exe's and its quite common for people to name the virus as something you would already have in hopes the user wont realize it...in run box type msconfig...select startup tab...svchost should not be on there..if so delete it...you can actually uncheck anything there and windows will operate fine, its mostly 3rd party programs taht run here

 

make sure you have a good firewall...get zonealarm, they have a free version thats gotten great reviews to make sure the virus doesnt send any personal data....especially if its a keylogger..it will log any keystroke you type so its impossible to say what might have already been sent so its imperative that after you remove the virus you change all your passwords, if you ever typed your credit card info when ordering online then you should cancel that card and ask for a new one..there are many keyloggers that antivirus doesnt detect as well

www.keyspy.net is one of them...this keylogger has a binder available to members seperatly thats used to attach the spy to any file type..even .jpg or .mp3..the spy itself cant be detected and can be named to anything...there are many like this thats undetectable by antivirus so make sure you check whats running at startup from time to time get a firewall...a antispy scanner can help too...www.pestpatrol.com has a very good one with lots of good info about spys

Share this post


Link to post

Yea, in the msconfig, it is not there. I do have ZoneAlarm Pro as my firewall and I have lots of Spyware software to scan and monitor my computer. But the virus name actually is Exploit.DCOM-RPC.gen. This is the virus that McAfee detected the file as. There are two files that it detects, svchost.exe and Wkspatch.exe. I keep deleteing them both with McAfee but they keep on coming back and infecting my computer. So any ideas there?

Share this post


Link to post

See if you can use the recovery/emergency disks that you get when you install McAfee. Then, boot the system with the floppies and scan for it then. Also, look up the virus at McAfee and perform whatever steps are indicated.

 

http://vil.nai.com/vil/content/v_100516.htm#RemovalInstructions

 

If you go there, you will see the simple directions of "can all files with the issue". However, WinME and WinXP both have system restore running by default, and that service has a lock on those files which will keep you from deleting them. So, you will probably want to disable system restore, rescan, delete the viruses, and then patch the system if possible. Then, reboot, and rescan with the offline virus removal tool to make sure. Rinse and repeat as necessary...

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×