Jump to content

Cannot remove trojan -- i htink svchost.exe


Recommended Posts

I have been targeted by a hacker ever since i discovered a group vicitimizing kids online and threatened them to tell he police (im 17 mself and the hacker is also young). A couple of months ago i knew nothing about malware removal but boy have i gotten a lesson and now im not bad. ive been able to beat eveyrthing she has thrown at me (and omg are some of these tings unreal) but svchost has totally schooled me. i have tried everything and i mean everything. it wont even let me nuke the hard drive because it has blocked me from effectively accesssing the bios. This  example of svchost looks legit because it is actully saved in system32. But it uses hte nternet 24/7 even after i disable all the things that windows does online in the background. it allows her accesst to my comp even when in airplane mode. When i wrote a rule against it in the firewall it wreaked havoc. sometimes it doeastn allow me to delete it and soemtimes i get the blue screen. it has corrupted the permissions window so that i had to repair it before taking ownershio of it. The one time i managed to remove it using iobit it was back in seconds. She has used it get a betteer idea of where i live and to turn on m cam. One day i was having an argument wtih her on messenger and she took control of my comp to move some windows araound to make a point (we actually are on decent terms -- i objet to who she works for more than who she is and i think this has saved me a lot of grief). She also tracks me using the trojan and will disrupt my online activities. in fact if i walked away from this post to eat or something there is a good chance it would be gone when i got back and that i would have trourel accessing this forum. .in fact, i hope you have an awesome firewall beacuse she wont think iwice about hacking you and posting a bogus reply to this. she would prabably make a joke of it.  This thing has put me on a leash. i hope you can help. im in your hands.

Link to post
Share on other sites

A hacker has put a trojan on my acer pc (Windows 10). She uses it to generally cause havoc, and specifically to spy on me and track my movements on the intenet. | think is is svchost. exe because whenever i tr to do anything with this file ti takes pretty aggressive evasive maneuvres and also attacks. That sads it is saved in system 32 wehre it is supposed to be. I have appended logs as directed. Many thanks. 

 

 

Addition.txt

FRST.txt

mbam log.txt

Link to post
Share on other sites

Please do not open new threads, keep all of your replies to this thread. I`ve merged your thread to avoid confusion....

I do not see any obvious malware or infection in those logs, continue with the following:

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.


Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Post those logs in your reply...

Thank you,

Kevin
Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.