scvhosting problem

[GY]

Hi,

Our company's Win2k computers has been infected by virus which can't be
detected by SAVCE8.0.

The symptom caused by this undetectable virus is new registry entry for
executing a file "scvhosting.exe" from C:\WINNT\system32\ under
HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run, Runonce and
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run, Runonce,
RunEX, RunServices. User can only see a blank blue desktop with only a timer
only, he/she must need to Log Off by pressing Ctrl+Alt+Del and login again
in order to gain normal desktop back in control. But, still user can't use
the desktop since a process scvhosting will running at background which
eating up all the CPU resource. Does anyone know how to get rid of this
virus??

Thanks a lot.

 

[Dave Patrick]

Give these a go.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SDBOT.RU
http://www.symantec.com/avcenter/venc/data/w32.ircbot.e.html
http://www.sophos.com/virusinfo/analyses/w32forbots.html

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Hi,
|
| Our company's Win2k computers has been infected by virus which can't be
| detected by SAVCE8.0.
|
| The symptom caused by this undetectable virus is new registry entry for
| executing a file "scvhosting.exe" from C:\WINNT\system32\ under
| HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run, Runonce
and
| HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run, Runonce,
| RunEX, RunServices. User can only see a blank blue desktop with only a
timer
| only, he/she must need to Log Off by pressing Ctrl+Alt+Del and login again
| in order to gain normal desktop back in control. But, still user can't use
| the desktop since a process scvhosting will running at background which
| eating up all the CPU resource. Does anyone know how to get rid of this
| virus??
|
| Thanks a lot.
|
|
|