Been using Avast home edition, Avast can’t repair, move delete ot nothing, pops up warning constantly. I’ve read everything from its a false positive, to a list of of stuff I really don’t comprehend. I’m not a total idiot, but I can’t find a way to replace or restore the original svchost file. Something must be running in the backgorund because occasionally I’llfind it where it looks like another user is logged on, and its always coming up windows virtual memory running low. Can I reinstall XP over the top without losing my files? Its no big deal to lose everything , I deliberately don’t keep anything important on my online computer, whats the best way for me to deal with this? Whats the best way to back up my game and pic files? Can I remove or repair this somehow?
What is the location of the svchost.exe file avast detects ?
It isn’t unusual for malware to use system file names to confuse the user, but it isn’t in the correct location for the OS (what is your OS ?). Mine on win XP Pro is in the system32 folder.
If it is in that location it is possible that it is actually an infected system file and since this is a very essential file deletion or moving it to the chest could have very serious consequences, e.g your system may not restart. So avast is exercising extreme care and so should you.
Why couldn’t avast delete (not a good action, you have none left) or move to the chest, file in use etc. ?
A repair/install of the OS shouldn’t over write data files, but you would end up with a hugely out of date OS and need to reapply all SPs after the version on your CD and any security updates after that too, so this isn’t something to be entered into lightly and you should back-up data you don’t want to lose before doing anything.
There is a virus that is targeting system files but it isn’t generally the win32:trojan-gen malware, that is what makes me thing that this svchost.exe isn’t in the correct location.
Try this tool - DrWeb CureIt! - See http://www.freedrweb.com/cureit/ - Download ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe (Free) Fairly effective against file infectors, Virut (infects .exe, .scr, .mp3 & .wmv), more so when used in safe mode.
DrWeb also do a Live CD if you are unable to get into your system see, http://www.freedrweb.com/livecd/?lng=en, documentation ftp://ftp.drweb.com/pub/drweb/livecd/LiveCD-en.pdf
Yes you can, but I suggest you get clean first.