Expert: Keith Davis - 12/28/2009

Question
QUESTION: Hi Keith,

I have got a virus on my pc. It's on service.exe process which I think is white listed, so I tried to remove the virus using safe mode and it didn't work. It shuts my pc down randomly. Can you help?

ANSWER: The key here is to remember that services.exe is a process that your computer needs and runs on it's own. The services.exe malware program uses "RUN" class registry keys. First of all what kind of anti-virus and anti-spyware programs do you run?
There is one program you can download for free at http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
Download install, update, and run a scan with Malwarebytes. It is an excellent program and should detect and, when prompted, remove the problem.
If not we may have to go to more desperate measures.
Let me know how it goes.

Keith

---------- FOLLOW-UP ----------

QUESTION: Umm I downloaded malware bytes but when I was scanning the whole PC with it, Avg said that it's infected. What's up with that?

Answer
AVG 9.x will do that. You must set malwarebytes as a "safe" program in AVG. It usually detects programs at start up during it's optimization run. Can you right click on the malwarebytes installation (.exe) file and select scan with AVG?

You know I think the best thing to do would be to delete the file and download the program again from www.malwarebytes.org. My trust of cnet is about 99% but there is still that 1%. I have never had a problem with any files from there in close to 5 years. You never know.
I think malwarebytes is the fix for you. If not the infection is too serious not to reformat and reinstall the operating system.
Let me know if I can help further.
Keith