What is svc.exe, How to remove svc.exe
svc.exe is a harmful program.
 |
It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program. If that does not help, then ask us for help in the Spyware removal forum. |
Name: svc
Filename: svc.exe
Registry key:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetLog
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETLOG
Command: %WinDir%\svc.exe
Startup Type: Driver
DDS/Combofix/RSIT Line Line:
R3 NetLog;NetLog;c:\windows\svc.exe
Description: trojan also known as Suspicious.MH690 [Symantec], New Malware.n [McAfee], Mal/EncPk-BW, Mal/EncPk-BW [Sophos], Trojan-Banker.Win32.Banker [Ikarus], Packed/Upack [AhnLab], packed with UPack [Kaspersky Lab]
Notes: installed with l84alx.exe, msgciutr.dll, wmiprves
How to remove: use the steps below.
1. Download OTM by OldTimer from here and save to your desktop.
Run OTM, copy,then paste the following text in “Paste Instructions for Items to be Moved” window (under the yellow bar):
:services
NetLog
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
“tcyz46″=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“tghlig”=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“wmiprves”=-
:files
C:\WINDOWS\system32\msgciutr.dll
:Commands
[emptytemp]
[Reboot]
Click the red Moveit! button. If you are asked to reboot the machine choose Yes. When the tool is finished, it will produce a report for you.
2. Download Malwarebytes Anti-malware. Install, perform a scan and let it remove what it found. Reboot afterwards (important).
Leave a Reply