ok, i am really new to ethical hacking and i would l love to learn how for one thing. But that is a subject for another time. anyway my antivirus(s) are picking up a FAKE Svchost.exe dropper and it says that the virus is in windows and is svchost.exe. ok I know this sounds simple right? well I heard that svchost.exe under normal conditions is a legitimate system file. so when i remove it with my antivirus it asks me to reboot. so i do and run the scan after rebooting. it's still there. so should i boot into safe mode and remove it or is svchost actually supposed to be in my windows folder and i shouldn't remove it. if so, what can I do to get rid of it. when my antivirus isn't blocking it, it keeps firefox from running, and around 4:30 or so it makes all my files look empty and my computer is basically useless until i reboot. i know that its maleware so what should i do?

What if you scan again before boot?
Does it show again?

Nice article explaining Svchost.exe:

http://www.howtogeek.com/howto/windows-vista/what-is-svchostexe-and-why-is-it-running/