Entries Tagged as 'SSCVIHOST.exe'

Removing the SSCVIHOST.exe worm virus

I’m going to make this as short and as clear on the instructions as possible. Take note however that I’m not an expert on viruses so I advice you to consult an expert first or, if you are willing, just go a head and follow my instructions. I was once a programmer, but I didn’t pursue that field, and I moved on to web development. Anyway I have encountered many viruses in my daily use of computers, and as much as I know programing and how code works, I can usually remove it without using any anti-virus software. However, be warned that the following procedure will require you to edit your Registry and thus no mistakes must be made there. Or else you may end up with a messed OS.

Introduction

SSCVIHOST.exe according to my research has many names, the popular are W32/Sohana-AO (Sophos) and W32.Imaut.AY (Symantec/Norton). Basically this is a type of worm virus that spreads via USB thumb drives and/or Yahoo! Messenger. A worm virus, technically, doesn’t destroy your files, it just add tons of of useless files in order to fill up your hard drive or slowdown your system resources. We don’t like that do we?

Anti-virus softwares

Most major anti-virus products with the latest definition files installed, detects this virus so you don’t have to worry about it spreading through your hard drive. Sophos, Symantec Norton, TrendMicro PcCillin, already detects this. I’m not sure about McAffe, AVG, or ESET NOD 32. But I will tell you this, BitDefender, even with the latest update installed doesn’t detect this. So you have that anti-virus program, chances are, SSCVIHOST.exe will eventually reach your computer.

Symptoms

  1. CLTR+ALT+DEL is not working
  2. Folder Options is missing from your TOOLS menu
  3. Registry Editor (RegEdit) is not working
  4. Your system is slowing down gradually
  5. There seems to be a lot of hard drive activity even if you are doing nothing
  6. You have a New Folder.exe in every folder and in each sub folder

Preparation

This is the actual procedure I did when the worm infiltrated my PC. Before you start on the procedure, you have to download this file from Symantec.

UnHookExec.inf (click to go to the website and the download link).

The file will enable RegEdit and other commands disabled by the virus. Save this file in your desktop. Now let’s start.
[Read more →]

Category: Think Talk by Ryman
121 Comments »