Persistant Vista rootkit infection - virus scanners aren't all they're cracked up to be.
July 2, 2011 9:15 PM Subscribe
Tracking down and killing a virus - my virus scanner (Avast) is telling me scvhost.exe keeps trying to open malicious URLs. It also tells me I have a rootkit in the MBR. It doesn't seem capable of fixing either of these problems. What can I do? Windows Vista.
posted by Jimbob to Computers & Internet (9 answers total) 3 users marked this as a favorite
I understand scvhost.exe basically executes DLLs, and I'm assuming the scvhost.exe file itself isn't compromised (maybe it is...) - how do I find out which DLL it's running that is trying to open malicious URLs?
In terms of the cause of the problem, the rootkit in the MBR, Avast tells me it's going to restart my computer and fix the problem, but when I let it do that, the virus is still there, and Avast alerts me to the same MBR problem. I would be inclined to fdisk /MBR but I run Ubuntu on another partition, and don't want to nuke it, because it's actually the main OS I run. How do I fix my MBR without losing my dual-boot system? I assume it's something I can do from within Ubuntu (10.04), possibly by reinstalling GRUB, but I'm always tentative about messing around with that stuff - I've been burnt in the past.