| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 41783 | 2004-01-22 01:08:00 | Scvhost.exe!! Trojan!? Virus? | jase12 (4868) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 209191 | 2004-01-22 01:08:00 | Hi'ya! :) I've been suspect of a few things that are in my task manager (and have been for weeks!) :( Some one here gave me a website to try and it was great, i found out heaps, and it says scvhost is a trojan, when i try to shut it down they restart, if i continue it shuts down the internet and me! Wot i need to know is...where do i go to get rid of it!! Nortons didnt pick anything up.. :( | jase12 (4868) | ||
| 209192 | 2004-01-22 01:20:00 | It's neither a virus nor a trojan. It is a harmless system process | Craig (448) | ||
| 209193 | 2004-01-22 01:26:00 | I did a Google search on your problem and suggest that you look at this page Sophos virus analysis: W32/Randex-S |
Smurf (506) | ||
| 209194 | 2004-01-22 01:32:00 | sVChost . exe is a system process . sCVhost . exe is a nastie and can be related to the Blaster worm . Run SpyBot S&D from http://security . kolla . de/ install then update via the Online button . Configure for Advanced Mode rather than easy to get all the options . Is your Nortons up to date . Try Symantic's online scan or Trend Micro's, House Call version of the same . if you don't have a software firewall, get one pronto . Cheers Murray P |
Murray P (44) | ||
| 209195 | 2004-01-22 01:40:00 | I got a tip from here last week suggesting the windows process library (LIUtilities) and they have lists of suss processes, scvhost.exe comes up as Trojan??!! | jase12 (4868) | ||
| 209196 | 2004-01-22 01:50:00 | Sorry. Yeah svchost is the system process. scvhost is a trojan. Do a search on symantec.com, there is probably a removal tool there. | Craig (448) | ||
| 209197 | 2004-01-22 01:52:00 | > I got a tip from here last week suggesting the > windows process library (LIUtilities) and they have > lists of suss processes, scvhost.exe comes up as > Trojan??!! That is correct Scvhost.exe is nasty!!! Remove it ASAP! And SVChost.exe is OK |
stu140103 (137) | ||
| 209198 | 2004-01-22 01:57:00 | Here's part of the liutilities write up Process File: scvhost or scvhost.exe Process Name: Scvhost Description: Added to the System as a result of the W32/Agobot-S VIRUS! which is a IRC backdoor Trojan and network worm. W32/Agobot-S copies itself to network shares with weak passwords and attempts to spread to computers using the DCOM RPC and the RPC locator vulnerabilities Go to http://answersthatwork.com/ for a description of svchost.exe |
Rogerwilco (4455) | ||
| 209199 | 2004-01-22 01:58:00 | Yep . You'll need to stop it, clean it out and restore your system and make sure it, or others can't get back in (firewall, up to date anti virus & SpyBot/Adaware) . If its the Blaster worm you'll have install the MS updates which are OS and SP specific . See Removing MSBLAST . A ( . trendmicro . com/solutions/solutionDetail . asp?solutionID=15888" target="_blank">kb . trendmicro . com) and follow the links there to MS for patches, use MS KB824146 as a ref or search term . What OS are you using, 95, 98, ME, 2000 or XP? Cheers Murray P |
Murray P (44) | ||
| 1 | |||||