svvchost

I am looking for info on this paticular file that I found in my start-up folder. I have nod 32 & spysweeper installed on an xp2 cpu.

thanxs
tom

 

Hello,

is that a typo with the extra V?

If not, googling svvhost brings up links that are basically bad news,

http://fileinfo.prevx.com/adware/qq8f8a23967886-SVVC18316765/SVVCHOST.EXE.html

Does your security programs find anything?



snowbound

 

svvchost... yep that's what I copied down but when i get home i'll double check.

I was checking spysweepers start-ups tab and decided to uncheck a few things when i saw this file 3 times in start-up. i googled it too and i was hoping it wasn't as bad as prvix says it is.

nod32 or spysweeper as of yet has not flag it.

what now

tom

 

First i would make sure of the spelling as it's important with this.

I'm certainly no expert at this but if it turns out to be svchost, here's some info on that,

http://www.neuber.com/taskmanager/process/svchost.exe.html

When i open taskmanager on my system i most always have 5 instances of svchost running all the time.



Cameltoe(aka snowbound)

Oops i accidently logged in under my GF's username.

 

He is talking of svvchost not svchost-- but I can see he is not sure( Edit)--

 

Are u addressing me?

If so, i realize that.



snowbound

 

Either way.....I have never seen the legit svchost in that location.

 

Good point.


snowbound

 

This is what i copied down... microsoft svc host-svvchost.exe. I know about svchost in taskmanager but this is definitly in start-up not once but 3 times.
I googled it and became worried but when i looked in wilders i couldn't find anything pertaining to svvchost so i assumed i might have copied it wrong but i don't think i did. because this file starts with microsoft i figured i better see what it does before i click it off.

thanx for the help everyone
tom

 

Do not think "clicking it off", it allows itself to be, will do the trick as it will probably re-start, re-install itself at the next boot. It, and it`s source will need to be removed\uninstalled. Let us know how you do.

 

No, I was addressing to Cameltoe.

 

If i'm to rid myself of this bug methinks i am going to need a lot of help. Do i have to buy another av or as or is there a better way.

 

snicker oops Sorry. Snowbound accidentally logged in under the wrong User name. So, in a sense, you were. sorry, but I needed a little chuckle and you two just provided it. Thank You.

 

What do you use now? Were you able to terminate it via Task Manager? Have you or anyone installed any new software recently?

 

nod32... spysweeper... no recent installs

 

I know a cheaper way.

After u have answered TZ's questions and if u are unable to terminate the process permanently, one option is u could post a Hijackthis log over at this site,

http://gladiator-antivirus.com/forum/index.php?showtopic=10517

If u decide to do so, just follow the instructions at the link, post your log there for analysis and the malware experts will give u recommendations on removal of potential infections.



snowbound

 

Please list your current security apps. before downloading and installing the program from my provided link. Sure do not want to cause any conflicts and increase your problems. Many here claim good results with this -> http://http://fileinfo.prevx.com/adware/qq8f8a23967886-SVVC18316765/SVVCHOST.EXE.html I believe the first scan and clean is free. After that it can be left on your PC for detection purposes but must be purchased for any further removals. Or of course it can be un-installed.

 

ok thanx tz & sb... i'll try to terminate using taskmanager first then i'll try previx

sp2
windows firewall
nod 32 2yrs
spysweeper 2 yrs

till tomorrow then

tom

 

So you are saying neither of them detects it doing full scans? Also that you have not recently installed any new software. If you choose to try Prevx, I do not see any potential conflicts. Keep us posted.

 

svvchost does not show up in taskmanager also now a new start-up has shown up called kernalfaultcheck %systemroot%/system32/dumprep o-k

 

That is related to System Properties\Advanced tab\Startup and Recovery, settings button\System Recovery and has to do with memory dumps. Probably happened when you attempted to stop the process. Are you sure of the spelling of the process in question? Have you run full scans with you two fully updated security applications?


Edited; Sorry, Just re-read the whole thread. Have you checked properties on these folder? Size, creation date? Have you simply tried deleting them.

 

i will do a complete sweep with both programs. since i just installed spysweeper last week i thought i had 5.2 but only have 5.0 i will download later tonight
nod32 1.1856

thanx for your help

 

http://spywarefiles.prevx.com/RRDGGH18316765/svvchost%252Eexe.html is an alternative view. That shows the most common use of the svvchost.exe filename in the Prevx database and a link (at the bottom) to other uses of it.

BTW, Prevx1 is free for 32 days after it first detects malware. There's no point uninstalling it after your first detection as the 32 days will still count down. If you install again 30 days later you will only get 2 free days!!!! To get your full 32 days of free protection from Prevx1 you will need to keep it installed.

 

The real and good svchost.exe is at X:\WINDOWS\System32
Any other location is bad.

~~ snip ~~ LowWaterMark

 

As I googled it seems to be a mass mailing worm. I wonder why NOD32 and SpySweeper are not detecting anything at all.