[Infection] \Winbooterr\svchost.exe


  1. Posts : 215
    Windows 8 Professional x64
       #1

    [Infection] \Winbooterr\svchost.exe


    Hi everyone, i was noticing that my PC was slow, so i run an scan with Microsoft Security Essentials. It detected no threats. So i opened msconfig and go to the startup tab. And saw 2 entries for: %WINDIR%\system32\Winbooterr\svchost.exe

    So i googled winbooterr and people said it was an virus.
    Microsoft Security Essentials seem to didnt detect anything, while its up-to-date

    I installed Malware Anti-Bytes after that, and ran an quick-scan. It detected 12 threats instead of 0 on Security Essentials.

    All threats are removed, restarted my computer, ran msconfig utility, still 2 entries for Winbooterr!

    I heard this virus can eat up your resources, so how can i remove this virus?

    Thanks.
      My Computer


  2. Posts : 2,132
    Windows 7 Ultimate x64
       #2

    CommandoBob said:
    Hi everyone, i was noticing that my PC was slow, so i run an scan with Microsoft Security Essentials. It detected no threats. So i opened msconfig and go to the startup tab. And saw 2 entries for: %WINDIR%\system32\Winbooterr\svchost.exe

    So i googled winbooterr and people said it was an virus.
    Microsoft Security Essentials seem to didnt detect anything, while its up-to-date

    I installed Malware Anti-Bytes after that, and ran an quick-scan. It detected 12 threats instead of 0 on Security Essentials.

    All threats are removed, restarted my computer, ran msconfig utility, still 2 entries for Winbooterr!

    I heard this virus can eat up your resources, so how can i remove this virus?

    Thanks.
    Download and install Hitman Pro. It uses 5 Anti-Virus Engines (Emsisoft, Dr. Web, IKARUS, G DATA and PrevX).
      My Computer


  3. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #3

    You have a "backdoor Trojan" ...
    These Trojans are one of the worst infections there are, and they allow the hacker total access to the infected machine, so much access in fact, that they have as much control of the machine as if they were sitting in front of it.

    What this Trojan does:

    # Turns off anti-virus applications
    # Allows others to access the computer
    # Steals information
    # Downloads code from the internet
    # Reduces system security
    # Records keystrokes

    I've emphasized several issues that, depending on how
    you use this system, may put a system owner at risk for identity theft.

    The question to ask yourself is: What sort of personal identifying and/or
    financial information is on this system?

    Frankly, a system that has been compromised by this sort of infection cannot
    be trusted, simply because the tools available to us cannot guarantee
    it will have been totally cleaned. The only way to be sure is to completely
    reformat and rebuild the system.
    I'm sorry to be the 'bearer of bad news', but it is important that you be as
    fully informed about the risks as possible.
      My Computer


  4. Posts : 262
    MS Windows 7 Home Premium 64-bit
       #4

    frzwin7 said:
    CommandoBob said:
    Hi everyone, i was noticing that my PC was slow, so i run an scan with Microsoft Security Essentials. It detected no threats. So i opened msconfig and go to the startup tab. And saw 2 entries for: %WINDIR%\system32\Winbooterr\svchost.exe

    So i googled winbooterr and people said it was an virus.
    Microsoft Security Essentials seem to didnt detect anything, while its up-to-date

    I installed Malware Anti-Bytes after that, and ran an quick-scan. It detected 12 threats instead of 0 on Security Essentials.

    All threats are removed, restarted my computer, ran msconfig utility, still 2 entries for Winbooterr!

    I heard this virus can eat up your resources, so how can i remove this virus?

    Thanks.
    Download and install Hitman Pro. It uses 5 Anti-Virus Engines (Emsisoft, Dr. Web, IKARUS, G DATA and PrevX).
    finally, someone who suggest hitman instead of mAlwarebytes, YES
      My Computer


  5. Nem
    Posts : 375
    Win7 Home Premium x64 SP1, Archlinux x86_64. Elementary Luna
       #5

    Not likely to pick up anything as the person that created the server(virus) with the name svchost most likely crypted it making it undetectable by everything..untill of course it gets noticed by some AV Campany. Sadly i know of a site that does these things.

    Seeing how some of it was detected but not all of it.. he's better to do what Jacee suggested.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:26.
Find Us