My computer has blue screened on and off over the past week or so and a system restore had fixed this up until yesterday.
Yesterday I noticed that Norton Antivirus kept sending a notification that it had blocked an attack from a host website blah blah blah with a high risk and that no action was needed.
This was the third time this week I had seen this, and a google search lead to a post on the symantec forums by a guy with the same issue. I read that it might be a virus attempting to download other viruses from malicious sites. So I decided to run a full system scan.
I clicked on my Norton Icon in the bottom right hand corner of the screen and the action center popped up, then disappeared. I tried opening every known shortcut to the program and nothing worked. So I opened up the Norton recovery tool and my computer blue screened with the stop error 0x0000001E. I have a picture of all the other codes following that if needed. There was no error code in text. So I booted into safe mode and ran a full system scan which worked fine and found 30 tracking cookies -__- which of course mean nothing. I did a system restore to the 22nd and then used Mbam in normal mode.
Side note - Norton also had been sending notifications for high cpu usage by winrscmde.
I scanned with Malwarebytes and it detected a bunch of stuff, two of which were Trojans in Windows/Svchost.exe so I deleted them all then restarted. On the first restart it showed a black screen with Cursur so I forced it to shutoff and then I started it up again an it said svchost was trying to start so I quarantined it but I still couldn't open Norton.
Further reasearch lead me to download and run TDSS Killer by Kaspersky.
Resolution -
I ran TDSS killer and it detected and quarantined the svchost.exe virus, it disappeared from the windows folder for good. This looks like the only resolution to getting rid of the virus.
It's all summed up in this tutorial on how to remove the virus: http://averablog.blogspot.com/
