I cannot remove scvhost.exe from my registry.
I read about 20 different tutorials about removing scvhost from my pc, but i still having the virus on!

I got Zone Alarm Security Suite 6.5.725.000 and Norton AntiVirus 2005, both with all updates. The problem starts when i removed the scvhost.exe from the folder system32 (winxp). But the Virus problems still, for example: I can't run regedit, the task manager doesn't update (i mean the task are like fridged, the cpu usage is always at 100% and if a run a new aplication doesn't appears in the task manager, i can't run the system recovery tool, etc.)

What do you suggest my to do?

Thank you!

My e-mail address is Juanpa@GobiernoFederal.com

Juanpa!, July 2006

1. Install CCleaner software
2. Then run it and go to tools.startup option
3. Disable the entry with
3.1. scvhost.exe
3.2. runouce.exe
4. Open dos by typing cmd in start>run
5. go to directory c:\windows\system32
6. Type this
7. attrib -h -s -r scvhost.exe
8. ren scvhost.exe scvhost.txt
9. edit scvhost.exe
10. save it
11. same proc. for runouce.exe (i.e. from step 7...10)
12. cd..
13. attrib +r system32
14. now you get rid of trojan.
15. restart your pc.

[NOTE: if you don't have CCleaner then use the alternate for step 1...3]
[
start system in safe mode.
now follow from step 4.
]

Shahid Jamil, May 2009

I had the similar scvhsot problem as Junapa .I followed Ronald's help on the same exactly word by word and it helped me solve the problem.Now i can use admin task bar, hidden files in folder options, cmd etc but I still get the message on boot up " Windows cannot find SCVHSOT.exe" What do do for this?????
Pls dont misread it as SCVHOST.exe .. The problem is of SCVHSOT.exe
thanks

abhishek, May 2008

a good fix in detail can be found at http://www.technibble.com/how-to-fix-svchost-using-100-cpu-memory-leak/

Mike, May 2008

hmmm... i have actually successfully removed this virus... and i posted the instructions how... in this link....

http://ronaldborla.blogsome.com/2008/02/29/how-to-remove-scvhostexe-new-folderexe-autoruninf-virus/

Just copy and paste the complete URL to your browser...
(^^,) Hope it helps...

Ronald, February 2008

oh and if u get the 60s shutdown popup goto start>run then cmd then enter shutdown -r and that will abort the shutdown that SCVHOST.exe started to stop it from being removed off ur pc

xnoddyx, February 2008

be for u try to delete SCVHOST.exe from system32 i ues to stop system restore then reboot into safemode then delete SCVHOST.exe then ues registry editor to find all entres of SCVHOST and delete them then boot as norm and no mater wot i do sumway sum how it allways gets back on my computer sumtimes after 6m or 12 and that cus the net is loaded wae it but after lots of looking n submiting dif verints to Eset NOD32 now stops it be for it starts :D

xnoddyx, February 2008

Use Avast Enable Resident Shield(On Access Protection) go to Standard Shield then Press Customize Option then go to Blocker(Menu item) then Click all Check Box's and then go to
Advanced(Menu item) then Click all Check Box's then Avast Resident Shield will ask your permission every time scvhost.exe tries to do something.

Pavan, December 2007

try to download an alternative to the taskmanager...
kill all "scvhost.exe" processess or any other unknown process..
search on the net how to enable regedit...
search "scvhost.exe" on regedit and remove all scvhost.exe there...


in the run> command

go to your windows folder....
just type this...
attrib -S -H -R scvhost.exe
then type...
del scvhost.exe


go to system32 folder in windows and do the same above...
scvhost is now removed from your system

Michael Go, December 2007

http://borgetech.blogspot.com/2007/09/remove-scvhostexe-from-pc.html

borge, October 2007

h**p://borgetechblogs.spaces.live.com/?_c11_BlogPart_BlogPart=blogview&_c=BlogPart

umesh, October 2007

.... svchost.exe is GOOD, SCVHOST.EXE is bad this is a trojan ... HELLOOOOOOOOO plsss research!

Earl, September 2007

dont use avg it missed over 725 wild virus last year. use nod 32 by far the best antivirus.

Cammo, July 2007

I see this everyone and people are making big mistakes in saying "SVCHOST.EXE" There's a new trojan going around that is actually named the same as the windows process. Only its placed in odd location like "C:\"

Tyrone, June 2007

Just to tweak aa's well-meaning advice... "scvhost.exe" does not exist in Windows. But "svchost.exe" does. I often see it running in at least three instances simultaneously.

Tom, March 2007

SVCHOST = GOOD
SCVHOST = BAD..

I hope this gets around.

scvhost is tricky, to say the least. I'm quite familiar with the registry and if you are too, you'll notice shell, load, run.. all missing.

or are they?

They aren't, the scvhost.exe actually HIDES the keys in the registry editor. open up regedit (search about online to re-enable it) and search for svchost.exe - it'll popup all over, but you can't ever see it. It says its there, but its not.

Export that key and look at it. You'll see, sure enough, it is there . What you have to do is boot into safe mode, and remove all instances of scvhost.exe.

Good luck.

Jonathan R, February 2007

Guys, you are both a bit off the mark here.
Juanpa, the scvhost.exe has changed your registry and stops system restore, task manager and most installed anti viruses from working. The bad news on this one to date is there is no complete 100% fix, the removal is easy enough to kill it from running, it's the damage it leaves behind. I spent a straight 22 hours trying to research and fix this, I'm afraid to say the only way was a dam reinstall! Sorry :-)

happy comping!

know it all, January 2007

SVCHOST.EXE is a Windows process.
SCVHOST.EXE is a trojan.
Follow aa's advice, and I'd suggest you also install AVG Free. It's one of the best anti-virus programs, and as the name suggests, it's free.

Big Softy, August 2006

try downloading ad-aware and spybot search and distroy from www.computeractive.co.uk install them and run the updates from the web then run them. scvhost.exe is not a virus and if you check your task manager you will see it running more than once on your system.

your problem I would say is down to malware that has got on your system rum both these programs and then select to fix the results and see how ou go

aa, July 2006