Solved

Anti-virus auto-protection and regedit are disabled !!!

Posted on 2004-03-21
7
4,088 Views
Last Modified: 2007-12-19
my OS is xp. my PC is affected by virus so i format my HD and install XP with network cable disconnected so as not to affected by virus during the long-time installation. after the xp installation finished, the HD shld be "blank" except the xp system files. so i install the Norton anti-virus first with network disconnected. after the Norton installation, i have to run the Live!update virus definition, all these are OK. the problem is after the Live!update, the Norton will do full system scan and start auto-protection, at this time Norton is disabled, email scan, full system scan and auto-protection all are disabled. when i tried again, even if i click on the Norton icon, it doesnot make any sense. i use the symantec "fixWelth","fixblast",and Macfee "Stinger" scan my full system with network disconnected, some virus "Svchose.exe""welchia" are deleted, but the Norton anti-virus atill doesnot work and the "CPU usage" in "task manager" is 100%, someone says this is due to the duplication of SVchost.exe.Another more important is when i tried to run "regedit", the "regedit" window will close soon automatically before i take any measures. Can some one tell me what virus it is ,how to remove, and how to enable my Norton anti-virus ? thanks a lot!
0
Comment
Question by:fluuuuu
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 10648393
I would start over:
Wipe the drive with the manufacturer's destructive test utility, wdclear or killdisk.
Power cycle the machine.
Boot from the XP CD and do your install.
Create your partitions but leave one  big enough to make a drive image of (5GB or so FAT32 partition)
Connect fromo behind a NAT router, with none of your other LAN machines running - and register - do services packs and all updates. At this point I'd run the baseline security analyzer
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
and once you've got the machine to your liking make a ghost image in the fat 32 partition
now install your AV software and do updates, if that goes well, replace the drive image with the current working image

now start to work on you applications, etc

0
 

Author Comment

by:fluuuuu
ID: 10655480
so complicated. is this a virus ? is there any removal tools ?
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 10656280
You can try one of the online scanners: www.mcafee.com to see what it finds.

0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Expert Comment

by:CyberQuad
ID: 10660350
Scan your PC with the FREE online scan here: http://us.mcafee.com/root/mfs/default.asp?cid=9059
Make a note of the viruses it finds.
Post your virus findings here and I will give you further instructions on how to remove the virus for good and tell you how to protect your system from future infection from viruses.

-Brian
0
 

Author Comment

by:fluuuuu
ID: 10667180
thanks to all of you. i think i will re-install OS this week. and if it still doesnot work,i come back
0
 

Accepted Solution

by:
korsuas earned 30 total points
ID: 10800286
man, dont jump to reintalling so soon - even though it's prb the best solution.

what I did i my case - same problem - I extracted the original svchost.exe from the xp kit.
I booted of a clean diskette, overwritten the bad svchost with the new one extracted fromthe kit.

voila, no more problems:)

that's all you have to do.
if any other system files are believed to be virused, do the same.

easy as 3.14159265...:)

regards,
Adrian Korsuas
0
 

Expert Comment

by:korsuas
ID: 10812475
for all of you that handle security q, please keep in mind that there is a default program in windows called: sfc
whis is and does
Microsoft(R) Windows XP Windows File Checker Version 5.1
(C) 1999-2000 Microsoft Corp. All rights reserved

Scans all protected system files and replaces incorrect versions with correct Mi
crosoft versions.

Tested it, but don't know if it's good for smtg. Expecially now that I hace SP2 installed:))
Anyway, just a thought...

rgds,
Adrian Korsuas
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question