Here's the problem: My computer has been infested with the incomprably evil SVC Host virus. In an effort to get rid of it I tried various methods I found on the internet, none of which worked. I have at this point formatted my computer AT LEAST 6 times and yet the virus comes back every single time. I have even low-level formatted my hard drive and right after I re-installed Windows I installed Norton Antivirus and the XP Service pack. Everything seemed to be going okay, but, somehow, less than a day later the virus is back up and running. I don't have a clue how I can fix this. The only sollution I can come up with is to buy a new hard drive, but I really don't want to do that if I can avoid. So, if anyone knows what to do about the SVC Host virus I would really appreciate your help.

I really wish I knew who made that virus, because I would go to their house and punch them right in the face...

Okay. First thing's first. The virus (I believe you are referring to MS Blaster) gets onto your system through a vulnerabilty in Windows XP. I first recommend closing the hole before removing the virus. To do so, enable the built-in XP firewall. To do this, open up your network settings (i think you can get to it by going to "start -> connect to" and click on "show all connections" or get there through the control panel. Right click on the connection you use to connect to the internet (should be local area connection if you use broadband) and choose properties. Click the Advanced tab, and check the box to enable internet firewall.

Next, download DCOMbobulator <a href="http://grc.com/dcom/" target="blah">here</a>. Run it and the hole is now closed. Now it's time to remove the virus. This is the part I hate because it's not always easy. Go to <a href="http://www.symantec.com" target="hi">Symantec's website</a> and look for the removal tool of MS Blaster. There are various strings of the virus and it's hard to know which one you have. I'd probably just reformat, but remember to perform the previous steps immediatly. Run the DCOMbobulator before connecting your computer to the internet, and enable the firewall right after you connect to the internet for the first time.

When the virus is gone and the hole has been closed, it's now time to go to Windows update and download all the patches, NOT service pack 1. That can wait once you've downloaded all critical updates.

How about the neck? Neck punching is the shiz niz!

Well, my anti-virus utility managed to actually catch this before, and completely rid me of it. I suggest eTrust's antivirus suite. It's not as well known as Norton or McAffee, but it's generally considered to be better than both. I think that's in part due to the fact that it's NOT as well known so virus makers don't consider it when making their viruses. I'll add that it has two seperate engines built in (Innoculate and Vet) so if one doesn't do the job, the other usually will.

Well, enough selling out :D. If you want it, there's many flavors. Since it was originally a business solution, the standard release is rather expensive (that's how I managed to get it in fact, again via my computery dad who gets these things for free all the time at work when they decide to just get rid of all the install disks they didn't use, yes a model of efficiency...). Mine's actually a version behind the current model, and upgrades ain't free, but it's fine by me to stay as I am for now (until that company's next upgrade :D). For you though, there's a free solution. They've got an EZ version for home use that's completely free, but it's only a trial for one year. Still, it should manage to clean it up at least.

As for why formatting your drive didn't do the trick, how did you go about reinstalling your system? Did you have to use a floppy boot disk? If so, that may have been infected, so I'd suggest making a brand new boot disk on a clean computer and not even putting it in the drive until you have wiped your machine first (XP does random A: searches, well not random but they happen often enough, generally when using any program that can load stuff from A:).

Oh yes, are you sure you did a FULL format? Formatting uses a program in and of itself, generally accessing a format function on the disk. This is stored "off" the actual partition, and in fact this area (I know, I'm not telling a good description, bear with me...) holds a sort of OS for the disk itself. This is accessed in order to manage running anything on the disk. It's possible this very area is what was infected. I'm not entirely sure what low-level means, but I assume you mean you already tried completely wiping the disk including this area using some special programs that do that sort of thing. If that's not the case, then try finding something that can do that. If that IS the case, and you're sure your floppy, if you were using one, wasn't even infected, then there's one last horrifying possibility. You may have an infected BIOS. In that case, depending on the motherboard you'll have to find individual solutions.

Now one last thing, I'm not sure if this virus can even infect the BIOS. I haven't really read up on it at all so I'm not sure how it works. If I were you I'd go to MS and the big name anti-virus company's main sites and look up this virus to find out how it operates.

I download lots of stuff but only got a virus infected file once... and Norton caught it and got rid of it. Lucky I guess. Of course I don't use Word or Outlook and never open e-mail attachments unless I know I'm getting them...

Well, I'm not saying Norton is bad. Both of them do their jobs well enough. Thing is, Norton for some time was a huge resource hog, and as of late, McAfee is the glutton. eTrust however is designed to be very resource friendly, mainly due to it's primary target audience, business servers and such, where resource hogging is immediatly noticed and can cause some major problems. Well, actually a while back they had a bug in one of their releases that caused the program to go giant sized in memory in some configurations after a certain amount of time. Fortunatly, they are very prompt in fixing such memory leaks.

Alright, I turned on the firewall and ran the DCOMbobulator and, although the virus is still technically on my computer, most of it's effects i.e. sucking up your comp's processing power appear to have been nuetralized!! Now I just need to get rid of it completely.

Well, I'm not saying Norton is bad. Both of them do their jobs well enough. Thing is, Norton for some time was a huge resource hog, and as of late, McAfee is the glutton. eTrust however is designed to be very resource friendly, mainly due to it's primary target audience, business servers and such, where resource hogging is immediatly noticed and can cause some major problems. Well, actually a while back they had a bug in one of their releases that caused the program to go giant sized in memory in some configurations after a certain amount of time. Fortunatly, they are very prompt in fixing such memory leaks.

I meant lucky I've only got one, not lucky that Norton caught it... though that is true too because I don't have it do full scans very often, and it doesn't check email on online stuff and the version I have doesn't seem to be able to hook into Netscape so it doesn't check files I download off the web either... or, obviously, stuff from filesharing...

I wish I could attribute the hideous state of non-working-right my computer is in most of the time, but unfortunately it's not... it's just not much free HDD space, WinME and its memory leaks, WinME and its crashing tendencies, and other related problems I guess... though my comp wasn't like this for the first year. It got bad at some point... but now it's been messed up in one way or another most of the time for over a year now...

I only Got a Trojan horse virus once , It chewed up my d drive and we had to reinstall a new d drive and then quickly install norton anti virus before the d drive was gone again and we eventually cleaned out the virus. I now have both norton and mc afree firewall service.I never had this MS blaster thing but I know someone who makes worms and viruses and even got a party at his house with 6-10 hackers who all worked together making a crazy all in one virus.I am not certain but he could have created the Mydoom virus but I am not sure if he is just bull shitting, Alot of these worms and viruses are made by angry anti american Asian campus students in hong kong and elsewhere who attack U.S computer networks with these worms in revenge for invading Iraq.

Actually Norton said it wasn't good to delete that file with a virus or something so it's been in quarantine ever since...

Hey check this out!

http://www.microsoft.com/security/protect/cd/order.asp

Microsoft will send you a free CD containing security patches for 98/ME/2000/XP up to Oct. 2003. That mean it covers the MS Blaster worm!

I hate reformatting because of all the patches I have to download, and simply connecting to the internet makes a freshly installed XP system vulnerable to Blaster. This way, I can install most of the updates before I even connect to the internet. Very nice.

Definitely a good thing to have. Especially for people stuck with dial-up.

I eventually had to format my hard drive anyway, but now the worm is gone and everything is running smoothly.