attempt tremendous Anti-secret agent ware. it quite works tremendous and there is a free version. i have tried Spybot seek for and wreck and it did not the spyware and secret agent ware that tremendous Anti-secret agent ware receives. also, do not open emails that you don't understand who they're from or have attachments.

2

Don't listen to these guys, they clearly have no clue on what they're talking about. I am a developer at Microsoft so I know a thing or two about computers. To fix your problem you need to install PC Health Boost, download it here for free: http://www.pchealthcleaner.net



It's very light and it's the only antivirus/cleaner with a 99.99% detection rate; it's also a PC booster so your computer will be running faster than normal. Install it, hit run and problem solved. It shouldn't take you more than 5 minutes.

Hi,Lisa L



There are 3 step to repair svchost.exe error



If you got svchost.exe error then there is a 94% chance that your computer has registry problems. I think your computer is already very dangerous, and you should fix it immediately. There are many ways to fix svchost.exe error, according to my experience, I think the following method is very good, you can go and try it. I hope it can help you:



* Step 1 - Download a svchost.exe error repair tool,install this error repair tool.

* Step 2 - Click the Repair All Button.It will scan you pc for Free.

* Step 3 - Then click the Repair All Button again and your done! Enjoy it.



Here are the url of svchost.exe error repair tool:http://www.RepairError2010.com/ttfix-svchost.exe_error-zz0001

You can use SpywareNoMore.

As we all know Computer hackers seeking financial gain rather than thrills or notoriety are increasingly flooding the Internet with malicious software code (spyware, adware, key loggers, trojans). They are infecting computers with highly sophisticated programs that record surfing habits, bank passwords and other key financial data and send them to crooks over the Internet. These programs can be hard to spot, disguised in downloads such as toolbars, search engines, browser accessories, screen savers and other seemingly helpful utilities.



SpyNoMore anti-spyware safeguards your identity and restores system performance through fast, smart and powerful spyware protection.

http://www.mobi32.com/Other-Software/Other_Tools/SpyNoMore.html

Svchost.exe, or Service Host, is a Windows system file. It controls the various services or startup applications that run in the background of your Windows PC.



follow below steps to emove this..



Turn off System Restore if the operating system of the infected computer is operating with either Windows Me or Windows XP.



Restart the computer in safe mode and log in as an administrator. Press "F8" after the first beep occurs during start-up, before the display of the Microsoft Windows logo. Select the first option to run "Windows in Safe Mode" from the selection menu.



Remove any program files from the computer. Go to "Start," choose "Control Panel" and then select "Add/Remove Programs." Remove any programs referencing scvhost.exe. If none are listed, continue to next Step. The malware program does contain hidden files that may not be deleted as part of the software removal process. In this case, it is likely that the program will reappear upon reboot. Continue to follow the steps below completely to avoid reinstallation.



Use the Windows Search tool to determine if scvhost.exe exists on the hard drive. Go to "Start,"select "Search" and choose "All Files and Folders." Type "scvhost.exe" in the "All or Part of the File Name" section. Select "All Local Hard Drives" from the "Look in:" drop-down list for the best results. Click "Search."



Use the Windows Task Manager to end any scvhost.exe processes that are running. Press "Ctrl," "Alt" and "Del" simultaneously to open Task Manager. Select the "Processes" tab, select "scvhost.exe" and "End Process."



Click on "Start," select "Run" and type "msconfig." Press "Enter." Remove check marks next to any scvhost.exe and runouce.exe entries on the "Start-up" tab. Save changes and exit to the desktop.



Click on "Start," choose "Run" and type in "regedit." Press "Enter." Press "Ctrl+F," type "scvhost.exe" in the search field and delete all related entries. Repeat this search and remove process for runouce.exe entries. Exit the registry.



Click on "Start," choose "Run" and type in "cmd." Press "Enter" to access the command prompt and unprotect any files that need to be deleted. Type "cd", press the space bar and type "\windows\system" to access the directory where the virus files reside. From the command prompt, type "attrib -a -s -h -r scvhost.exe". Repeat this process for runouce.exe.



Rename each file to a text file so the program cannot load. Type "ren scvhost.exe scvhost.txt" and press "Enter." Then type "ren runouce.exe runouce.txt" and press "Enter."



Create new blank executable files with the same malware file names so the Trojan will not download new file copies and repair itself. Type "edit scvhost.exe" and press "Enter." Save the file and exit. Then type "edit runouce.exe" and press "Enter." Save the file and exit. Type "exit" from the command prompt and press "Enter" to return to the desktop operating system.



Use the Windows Search tool to locate and remove all temp files. Go to "Start," select "Search" and choose "All Files and Folders." Type "*.tmp" in the "All or Part of the File Name" section. Select "All Local Hard Drives" from the "Look in:" drop-down list for the best results. Click "Search." Right-click on each temp file and select "Delete" from the shortcut menu.



Reboot the PC normally.



for more technical help visit:http://windows7.iyogi.net/insights-windows-7-migration-anti-virus

This is one hell of a nasty bug, let me tell you.



I ran into this a few months back, tried everything in the book I could to solve the issue, but I could not get anywhere against it. I even called in an IT buddy of mine and he took a crack at it, no dice. Pretty much, it was unstoppable.



The good news is this, it will not jump to a flash drive or other media. So you can save your files that you don't want to lose. Once you've done that, format your hard drive. It was the only solution I could use and it worked for me.



Good luck.

0. Disable the process first. Using Procexp. http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

1. Use winrar. http://download.cnet.com/1770-20_4-0.html?query=WinRAR+32+bit&tag=404&searchtype=downloads

2. Navigate to C:/WINDOWS/System32/

3. Remember .exe dont have folder icon, delete 2 like folders of scvhost.exe, sccvhost.exe, you need to distinguished them from legitimate files and also delete blastclnn.exe.

4. Search .exe in all directories> SORT them in size> Delete them.

5. Reboot your PC, if the Window Process is finding the missing scvhost.exe, then it is gone.



Enable Task Manager

Method 1

REG add HKCU\Software\Microsoft\Windows\CurrentV… /v DisableTaskMgr /t REG_DWORD /d 0 /f

Method 2

Download and run this REG fix and double-click it.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\…

"DisableTaskMgr"=dword:00000000

Method 3

Click Start, Run and type Regedit.exe

Navigate to the following branch: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies\ System

In the right-pane, delete the value named DisableTaskMgr

Close Regedit.exe

Method 4: Using Group Policy Editor - for Windows XP Professional

• Click Start

• Click Run

• Enter gpedit.msc in the Open box and click OK

• In the Group Policy settings window

o Select User Configuration

o Select Administrative Templates

o Select System

o Select Ctrl+Alt+Delete options

o Select Remove Task Manager

o Double-click the Remove Task Manager option



Using Antivirus

http://bestfree-spyware-virus-trojan-protec.blogspot.com/

http://www.malwarebytes.com

Mcafee Avert Stinger removes most worms as long as you turn off system restore when running Mcafee Avert Stinger.



What is Avast & AVG finding & what is it path ?



Edit:



Win32:zbot-MOU [Trj]



Preparation Guide For Use Before Using HijackThis and other Malware Removal Tools, Instructions for receiving help in cleaning your computer



http://www.bleepingcomputer.com/forums/topic34773.html

Can you post the full name and location of the threat found that cannot be removed eg C\windows\temp\svchost.exe

When you say it cannot be removed, does MBAM, AVG etc say it cannot be removed OR does it say it has been removed but then returns ?



EDIT

Lisa, i believe this is a bit more serious than first thought. I have seen this type of infection before C\temp\ 4 random letters.tmp\svchost.exe. There aren't many thing that will get rid of this.Also you may find there is a rootkit involved that hooks into Atapi.sys, which cannot be simply deleted.This will result in a non bootable pc.



I would advise 2 more tools, they are hitmanPro an online scanner, (it requires activation of 30 day trial, to remove threats )that can repair Atapi.sys and DrWeb Cureit.Which used to cure the rootkit, Don't know if it still does.



My main advice to you is to seek advice from a professional malware removal forum .They will guide you through the use of Combofix. Best of luck



http://www.surfright.nl/en/hitmanpro

http://www.freedrweb.com/cureit/?lng=en ( best run in safe mode )



http://www.geekstogo.com/forum/forums.html



EDIT

Ok, this is my last try. Please try these recsue disks. They will scan your pc using Linux OS, so windows is dormant. Read carefully. APART from Avira the others are ISO files,you need to use burning software to burn the image.Your pc also needs to be set to boot from cd first ( probably is )



AVIRA http://forum.avira.com/wbb/index.php?page=Thread&threadID=82163

KASPERSKY iso http://www.techmixer.com/kaspersky-rescue-disk-load-kaspersky-antivirus-2009-using-dos/

BITDEFENDER iso ( use 2009 ) http://www.techmixer.com/bitdefender-rescue-cd-with-auto-update-virus-definition-features/

DRWEB LIVE CD iso http://www.freedrweb.com/livecd/how_it_works/



You can use free imgburn to burn iso files simply click on write image file to disc



http://download.cnet.com/ImgBurn/3000-2646_4-10847481.html



You should seek help at Geekstogo