Results 1 to 10 of 10
  1. #1
    New Lounger
    Join Date
    Apr 2010
    Location
    Beaverton, OR
    Posts
    7
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Unhappy SVChost.Stealth.keylogger infection

    Have a laptop that has the SVCHost.Stealth.Keyloger infection that will not let me install a antivirus program. Internet access is blocked. Cannot install Avenquest SystemSuite 14 AV software even after running their bug cleaner program. Are there any free bug eliminator programs out there that I could put on a thumb drive and run and/or install that would kill this infection.

    Any suggestions would be greatly appreciated.

  2. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,436
    Thanks
    372
    Thanked 1,457 Times in 1,326 Posts
    Brirwood,

    I'd suggest you get to another machine with a USB Thumb drive and download Windows Defender Offline and install it to the Thumb drive. Then on your computer boot from the thumb drive and run the program at Full Scan level. HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  3. The Following User Says Thank You to RetiredGeek For This Useful Post:

    Brirwood (2013-07-18)

  4. #3
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,795
    Thanks
    117
    Thanked 799 Times in 720 Posts
    Is internet access blocked in safe mode with networking? If not, try downloading and running Malwarebytes: www.malwarebytes.org

    Jerry

  5. The Following User Says Thank You to jwitalka For This Useful Post:

    Brirwood (2013-07-18)

  6. #4
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,492
    Thanks
    284
    Thanked 577 Times in 480 Posts
    I've seen offline scanners like WDO turn PC's into a non-bootable state; they often cannot repair an infected System file, if that file (usually a driver, *.sys) is needed at Boot and an infection (or the file itself) has been removed, it is then broken and triggers a repeated crash at each boot. The safest option is to get a full diagnosis done before attempting the correct repair routine.

    The best-equipped and trained people for that are those at the many reputable Malware forums, I use Majorgeeks, TechSupportForum, GeeksToGo, Sysnative, BleepingComputer ... there are many others too.

  7. The Following 2 Users Say Thank You to satrow For This Useful Post:

    Brirwood (2013-07-18),Dick-Y (2013-07-17)

  8. #5
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,436
    Thanks
    372
    Thanked 1,457 Times in 1,326 Posts
    Satrow,

    Good advice. Additionally, users should make a System Recovery Drive (Win 8) or equivalent in earlier versions. This can be used to fix the boot system as can the original Windows Disk Media if you have one. Also, as Medico would say Image, Image, Image, and of course create a bootable device to restore that image, which can fix the boot partition in a matter of minutes. HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  9. The Following User Says Thank You to RetiredGeek For This Useful Post:

    Brirwood (2013-07-18)

  10. #6
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,795
    Thanks
    117
    Thanked 799 Times in 720 Posts
    The resources Satrow gave you are good but they can take awhile to fix the problem. You typically get one step a day as the experts are working with multiple cases at a time so it could take a week or more to solve your problem. I've used them for an extremely tough infection but they are a last resort for me.

    Satrow is right in that automated malware removal programs can leave your systems into a non bootable state but this is very rare and is usually fixable. Taking an image as RG suggested before running a Malware removal program will give you the option of restoring back to your previous state if anything goes wrong.

    Jerry

  11. The Following User Says Thank You to jwitalka For This Useful Post:

    Brirwood (2013-07-18)

  12. #7
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,436
    Thanks
    372
    Thanked 1,457 Times in 1,326 Posts
    Quote Originally Posted by jwitalka View Post
    Taking an image as RG suggested before running a Malware removal program will give you the option of restoring back to your previous state if anything goes wrong.
    Jerry
    Jerry,

    Good point, but I was referring to having an Image of BEFORE the infection occurred which would make this whole discussion mute. That's why I keep multiple generations of Images for all my machines backing out of problems becomes a 20-30 minute exercise vs days on end.
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  13. The Following User Says Thank You to RetiredGeek For This Useful Post:

    Brirwood (2013-07-18)

  14. #8
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,795
    Thanks
    117
    Thanked 799 Times in 720 Posts
    Quote Originally Posted by RetiredGeek View Post
    Jerry,

    Good point, but I was referring to having an Image of BEFORE the infection occurred which would make this whole discussion mute. That's why I keep multiple generations of Images for all my machines backing out of problems becomes a 20-30 minute exercise vs days on end.
    You're correct. That would be ideal but I'm sure he didn't do that so the discussion is not moot.
    Cheers

    Jerry

  15. The Following User Says Thank You to jwitalka For This Useful Post:

    Brirwood (2013-07-18)

  16. #9
    Banned Member
    Join Date
    Aug 2013
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Keylogger programs are not viruses or malware and will not be detected as such.
    Nowadays, many parents often use keylogger software as parental control to protect their children. As I know that my auntie has used a keylogger for nearly six months to watch out her son’s computer usage.
    Last edited by satrow; 2013-08-17 at 15:45.

  17. #10
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Good call.
    Since the OP hasn't posted back a response, it might not be such a good idea to help him/her remove something that
    might have a very good reason for being there in the first place. Usually these things will have a password protected
    uninstaller or something of the like. If your that intent, then I recommend a full format & clean install with a Linux boot disk.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •