Virus/Trojan Svchost.exe in windows dir.

Discussion in 'NOD32 version 2 Forum' started by jordi.c, Sep 14, 2008.

Thread Status:
Not open for further replies.
  1. jordi.c

    jordi.c Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    36
    Hi,

    I installed today the program called sftpdrive.

    When I was executing sftpd.exe NOD32 hopped in with a virus notify :'( .

    Ofc. I let NOD32 remove what it found. After removal I ran a Hijackthis log. In the log there was still svchost.exe in the windows dir what was labelled as nasty by hijackthis.de

    I'm thinking of reinstalling Windows XP to get totally rid of this nasty Virus/Trojan.

    My question is what is this for a kind of virus/trojan when it produce a svchost.exe in the windows dir?

    http://i176.photobucket.com/albums/w199/jordicc/nod32prtscrn.png

    [Edit: Let's not go down the VT comparison road - suffice it to say a number of products identified a trojan downloader - Blue]

    Yours Truly,
    Jordi
     
    Last edited by a moderator: Sep 14, 2008
  2. ASpace

    ASpace Guest

    It is not necessary to reinstall Windows just to get rid of this .



    It is some kind of trojan horse program . One cannot be 100% sure because from the screenshot we can see that the detection has been made by heuristics . However , it is not so important for you what kind of trojan this is , you should remove it.


    I would recommend you:
    1. Install and use the latest version of ESET NOD32 Antivirus - build 3.0.672
    www.eset.com/download
    2. Perform full scan with NOD32 and remove any threats found
    3. Perform full scan with the Microsoft online scanner (use the link in my signature)

    If you still have problems , you can contact ESET Technical Support or post in a forum where they provide malware cleaning services and advises
     
  3. jordi.c

    jordi.c Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    36
    Thx for your answer.

    AT the moment I'm scanning with MS Live.

    I will install v3.x.x, however I prefer v2.x.x because it is much lighter on my pc.
     
Thread Status:
Not open for further replies.