Getting rid of a trojan. SVCHOST question
- by MasterPeter
My antivirus keeps notifying me of a trojan. svchost.exe keeps creating some 'drivers' (.sys files in the drivers directory under system32 of my Windows XP installation) each of which is marked as Bubnix.AB trojan.
The antivirus fails to remove many of the files as they are immediately used by svchost (I presume). How do I find out which service is the culprit? Why can't the antivirus effectively rid me of this plague?
Also, how many svchost processes is it normal to have running at any one time?
I am using Win XP SP3, and ESET NOD32 antivirus.