Hi,
To check whether your pc is infected with SVCHOST.EXE virus, go to task manager by pressing ctrl+alt+del. In that click on processor tab, If there is any process running with Image Name as svchost.exe and the User Name is your login account name, then its a virus. Other than that all other svchost.exe that runs with username as LOCAL SERVICE OR NETWORK SERVICE OR SYSTEM are genuine windows processes.
Image Name = svchost.exe : User Name = login account name -> virus
Image Name = svchost.exe : User Name = LOCAL SERVICE OR NETWORK SERVICE OR SYSTEM -> Not virus
Right click on that virus and select “END PROCESS TREE”
Once u found that u have virus, go to command prompt by pressing (windows+r) and type “cmd” ( quotes for clarity) and click ok.. once you are in command prompt navigate to c:/windows/system32.
enter the command : dir /ah
it will list all the hidden files, if you find any file other than *.manifest files, they are viruses. There will be the svchost.exe file which is a virus. Delete them using the command “del filename” . if you get access denied error use the command “del /f/a filename”
step0: End the process tree in the task manager
step1: open command prompt
step2: Navigate to c:/windows/system32
step3: command -> dir /ah
step4: command -> del filename. If the file didnt get deleted and u get “ACCESS DENIED ERROR” then go to step5
step5: command -> del /f/a filename
Repeat the steps till you delete all the files except *.manifest files.
If you still cant get rid of that virus, feel free to leave a comment, i will suggest you someother workaround.
