How do I get rid of any fake svchost.exe's?

Help. I’ve uninstalled Comodo Firewall Pro (latest version) after several hours of having it in my computer, but Windows Security Center keeps reporting that Comodo Firewall Pro is still active. Windows Firewall has kicked back in but it warns me about having 2 firewalls running at the same time. I ran AVG Virus Scan, AVG Antispy, and AVG Rootkit Tool and they found nothing. windows security center problem has been solved through that script by Ewen or Esset (sorry, I’ve been up all night trying to solve this problem i can’t remember the name).

By the way, I had AVG Virus Scan Free Edition, Windows Defender, and both Comodo Firewall Pro and BOClean running at the time of suspected infection. I may have inadvertently allowed the fake svchost to run when Comodo Firewall asked me what to do. There were so many svchost notifications and all had internet explorer tied to them and I was using internet explorer so I thought it was just normal.

I think the problem started after I uninstalled Windows Defender to install a newer version. After reinstalling Windows Defender and trying to update, Comodo Firewall “encountered a problem and needs to close”. I restarted my computer and Comodo Firewall was forever “initializing” after that. That’s why I uninstalled it.

There’s a suspicious svchost.exe running when I look at the task manager. I’ve been monitoring running programs and I don’t think I’ve ever seen an svchost entry with such a high mem usage. Oh, and I got a questionable Microsoft Error Reporting window telling me to report an error regarding a failure to update “Mallware Signeture File”. That’s exactly how it was spelled. There were several entries of this sort in that supposed error log.

I ran hijack this on my system. Can somebody please take a look at the log file and help me analyze the results to see if I’ve really been infected? I would really appreciate it. Thanks.

P.S. How do I upload the hijack this log file? This is the first time I’ve used this application.

Hi nermal1978

I ran hijack this on my system. Can somebody please take a look at the log file and help me analyze the results to see if I've really been infected? I would really appreciate it. Thanks.

Hijack this logs need to be read by qualified people. Incorrect advice could leave you without a running system.
One point I will stress is DO NOT turn off system restore. It is better to have an infected restore point than none at all. Restore points are flushed when the system is declared clean by the expert.

Hijackthis logs are saved as a txt file and opened in notepad, then copy and pasted into a post.
There are a number of forums on the web that deal specifically with malware removal.
These are my recommendations

http://forum.securitycadets.com/
Also Castlecops and Bleeping Computer have hijackthis forums.
Read any relevant stickies at whichever forum you select.

Regards
Sullo