Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help Me!. Asap!


  • This topic is locked This topic is locked
8 replies to this topic

#1 anjo03

anjo03

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 06 November 2007 - 10:50 AM

SCVSHOST.exe BLOCKS TASK MANAGER. I ALREADY USED HIJACKTHIS TO DELETE IT. BUT MY TASK MANAGER IS NOT YET WORKING. I STILL HAVE A BACK-UP OF THE DELETE.

SO ANY PRO THERE CAN HELP ME WITH THESE?..

AND PLEASE ALSO CHECK THE STATUS OF MY COMPUTER. IF IT IS RUNNING SMOOTHLY OR NOT.

THX AND MORE POWER.

BC AdBot (Login to Remove)

 


m

#2 anjo03

anjo03
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 06 November 2007 - 10:53 AM

I THINK IT WAS SENT TO ME BY YAHOO MESSENGER. I DON'T KNOW WHY IT SUDDENLY POP-UPED AN INSTANT MESSAGE WINDOW. THEN IT SENT ME A FILE, I CLOSED IT BUT IT STILL INFECTED MY COMPUTER. PLEASE HELP

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:59 PM

Posted 06 November 2007 - 12:26 PM

Are you sure about the spelling of SCVSHOST.exe and can you advise where it is located (full path)?

If the spelling is correct, please go to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of that file and submit (upload) it for scanning/analysis.
Post back with the results of the file analysis.

What type of anti-virus are you using? Have you performed any anti-spyware scans? Have you tried doing your scans in "SAFE MODE"? Are you doing scans while logged into the "Administrator Account" or an "account with administrator privileges"?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 anjo03

anjo03
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 06 November 2007 - 01:30 PM

IM SURE ITS SCVSHOST.exe ITS IN THE C:\WINDOWS AND EVEN IN THE C:\WINDOWS\system32

I THINK I GOT IT FROM YAHOO MESSENGER. IT SUDDENLY APPEARED AS A FILE BEING SENT TO ME.

ZoneAlarm Internet Suite. I HAVE TRIED TO SCAN IN SAFE MODE.

I WAS ASTONISHED THAT THE TASK MANAGER WONT OPEN WHEN IT WAS IN SAFE MODE. IT SAYS

TASK MANAGER HAS BEEN DISABLED BY THE ADMINISTRATOR, WHEN EVEN THERE IS ONLY ONE ACCOUNT ON THE PC.

#5 anjo03

anjo03
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 06 November 2007 - 01:32 PM

I DELETED IT BUT THE TASK MANAGER WON'T OPEN

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:59 PM

Posted 06 November 2007 - 01:38 PM

This error message occurs if there is a restriction in the registry. Sometimes this restriction is created by malware. In XP Professional it may be blocked via the "Local Group Policy" or "Domain Group Policy". See Task Manager has been disabled by your administrator and MS Article ID: 555546.

You can also repair Task Manager by doing this:

Download RatsCheddar.zip and save it to your desktop. This is a Policy Controller program written by Rathat to remove certain restrictions on XP systems often disabled by malware.
  • Extract (unzip) the file to the desktop. (Click here for information on how to do this if not sure.)
  • Double-click on RatsCheddar.exe to launch the tool.
  • Select Enable for everything listed, then click Exit.
  • Restart your computer.
Warning: This program was developed for Windows XP ONLY. Do not run this program in any other Operating System.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 anjo03

anjo03
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 07 November 2007 - 04:08 AM

OK. I WILL TRY TO DO IT IMMEDIATELY.

SIR CAN I POST MY HJT SCAN AND CAN YOU PLEASE TRY TO DETERMINE WHAT ARE THE INFECTED OR THREATENING FILES.

BTW THX FOR THE HELP.

#8 anjo03

anjo03
  • Topic Starter

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 07 November 2007 - 08:48 AM

sorry sir but i think i got someone helping me with the HJT scan.

thx for the help though

THANK YOU VERY MUCH!

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:59 PM

Posted 07 November 2007 - 08:58 AM

I see your log is posted here and you are already getting assistance.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

To avoid confusion, I am closing this topic.

Thanks for your cooperation and good luck with your log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users