A new virus has spread and has course trouble to most of machine that don't realize it. Me too has been infected. It took my 1.5 days to recover back due to try n error a few solutions from the net. Most of the anti virus failed to recognize it as virus and if they do detect the virus and heal it, it will be back. It does not seem like a virus because you can't see any harm on it. Some of the problem it cause was disable Task Manager, disable command prompt or cmd, disable folder options, and disable regedit. You only realize it when it start to eat your CPU. The virus also cover himself by displaying its name as Yahoo Messenger (in Task Manager) and as a folder in System Root directory.
A few suggestion has been made and you guys could take a look on this link:
http://www.bleepingcomputer.com/startups/svichosst.exe-16926.html
http://spywarefiles.prevx.com/RRDGDH034148671/SVICHOSST.EXE.html
http://nz.answers.yahoo.com/question/index?qid=20080215020933AACTsO7
http://answers.yahoo.com/rss/question?qid=20080215020933AACTsO7
http://www.wackyb.co.nz/vb/archive/index.php/t-1018.html
or just google the virus name.
However, all don't really solve it. The best things to do once you get access to Task Manager, command prompt, and regedit command, was to delete the entry. Beside that, used ProcessExplorer and AutoRun by Sysinternal.
Go to Start -> Run. Then type 'regedit' and press enter. Your registry information shall appear. If not, then you should run few command listed above in the link. Once you are there, just do a total search on the name. FYI, the name is vary from each other. Mines have two 's'; svichosst.exe. Yours may just have one or three 's'. Do search for each possibility. Delete to what ever entry pointed to that name. Don't worry, but be carefully not to delete SVIHOST as it was needed by your system. See the 'C' between SVI and HOST letter. Once you have deleted all those entry, reboot your PC. It should be back to normal.
Have luck guys...
A few suggestion has been made and you guys could take a look on this link:
http://www.bleepingcomputer.com/startups/svichosst.exe-16926.html
http://spywarefiles.prevx.com/RRDGDH034148671/SVICHOSST.EXE.html
http://nz.answers.yahoo.com/question/index?qid=20080215020933AACTsO7
http://answers.yahoo.com/rss/question?qid=20080215020933AACTsO7
http://www.wackyb.co.nz/vb/archive/index.php/t-1018.html
or just google the virus name.
However, all don't really solve it. The best things to do once you get access to Task Manager, command prompt, and regedit command, was to delete the entry. Beside that, used ProcessExplorer and AutoRun by Sysinternal.
Go to Start -> Run. Then type 'regedit' and press enter. Your registry information shall appear. If not, then you should run few command listed above in the link. Once you are there, just do a total search on the name. FYI, the name is vary from each other. Mines have two 's'; svichosst.exe. Yours may just have one or three 's'. Do search for each possibility. Delete to what ever entry pointed to that name. Don't worry, but be carefully not to delete SVIHOST as it was needed by your system. See the 'C' between SVI and HOST letter. Once you have deleted all those entry, reboot your PC. It should be back to normal.
Have luck guys...
No comments:
Post a Comment