There is also a possibility that you have one of the Fake Antispyware infections which affect "svchost.exe". So, please try the steps below:
Download ALL of the tools below on a separate, CLEAN computer and copy them to a CD or flash drive, then transfer them to the problem machine.
First, please download and run the following tool to help allow the removal programs below to run. (courtesy of Grinler at BleepingComputer.com)
There are 4 different versions. If one of them won't run then try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.
IMMEDIATELY after running the "Rkill" tool above, run/install the Malwarebytes and SuperAntispyware installer and update files from the links below which you've also copied to a CD or flash drive, and transfered to the problem machine. Do NOT restart the computer after running Rkill.
Once downloaded and before transferring Malwarebytes and SuperAntispyware to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.
Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
Malwarebytes Manual Updater link
Next, install and run a full system scan with the SuperAntispyware program and the manual updater from the links below. As before, you may need to rename the installer file to get the program to install.:
SuperAntispyware Manual Updater
In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder....
Hope this helps.
1) You have to install the windows security patches all the patches tell date
2) Install latest VSE patch and engg
3) Run the normal full san in safe mode
If still infection is there then run the san in safe mode with command promote
Here are the instructions for running a complete command line scan.
Please note that this process can be done quicker if all temp folders have been emptied, the temporary internet files, history, and cookies have been deleted.
1. Create a folder on the root of the System Drive (typically C:\) and name it "scan" (without the quotes)
a) Double-click on 'My Computer'
b) Double-click on the System Drive (typically C:\)
c) Click FILE
d) Highlight NEW
e) Click FOLDER
f) Type: scan
g) Press [ENTER]
2. Set the "scan" folder to Read-Only
a) Right-click on the scan folder & select Properties
b) Place a checkmark in the Read-only box
c) Click APPLY
d) Click OK
3. Download the latest SuperDAT file from:
4. Make sure to save the sdatxxxx.exe (where xxxx is the current
version number) to the "scan" folder.
5. Restart the computer and go into 'Safe Mode with Command Prompt'
a) Reboot the system
b) Press [F8] when prompted
c) Select 'Safe Mode with Command Prompt'
d) Press [ENTER] NOTE: This is necessary due to the possibility of a file infecting virus, Trojan, or worm still running in memory. Rebooting the computer will remove the virus, Trojan, or worm from memory. Logging into 'Safe Mode with Command Prompt' will prevent 99% of all viruses, Trojans, or worms from loading into memory.
6. Type "cd\" (without the quotes) and hit [ENTER]
7. Type "cd scan" (withoutthe quotes) and hit [ENTER]
8. Type "sdatxxxx.exe /e" (without thequotes and where xxxx is the version of the current SuperDAT file) and hit [ENTER]
9. After approx.45 seconds, the extraction will be complete and you will then need to copy the Extra.dat to this directory.
10. Type"scan.exe /clean /all /adl /winmem /unzip /secure /report report.txt NOTE: YOU CAN CHANGE THE /CLEAN TO /DEL IN ORDER TO DELETE
ALL INFECTED FILES INSTEAD OF CLEANING THEM. NOTE: should be replaced with the location you want to save the report.txt file to (i.e. - C:, C:\scan, etc.) WARNING: You may receive an "error" tell you that an application is attempting to directly access the hard disk. You MUST click IGNORE or the scan will terminate. This will now scan your entire computer of viruses.
1. Restart the computer and boot into Windows.
2. Open the \report.txt and search through that for errors or infected files that were unable to be cleaned. This file is a report of the scan you generated in DOS.
3. If a file is listed there that was infected with something and it does NOT state it has been clean, deleted or renamed you will need to navigate to that directory through windows explorer, DOS, or My Computer and remove the file from the system.
Best of luck