POISONED.,THERE S A SCVHOST EXE IN THE STARTUP THAT CAN T BE DELETED.

It's a system file.,Can't delete it.,If it's in your program startup,It's possible that it's a virus program You can find the startup folder and delete it.,But generally speaking, it shouldn't be a virus.,Everyone has this program in their computer Like mine, there's one.,There's a lot in the process If you close it, you'll be dead.,If the web page is changed, you're **Tencent tt or other browsers,And then add the one that automatically appears**Add to the blacklist。

The virus protogen is still there, go to the next Kingsoft cleanup expert or use 360 to kill a Trojan horse to try, if there is still one, go to the next micropoint active defense software to try, like this kind of inexplicable things are easiest to deal with with micropoints.

--The things here are very important, the Trojan horse program with rootkit technology is not easy to deal with, although many antivirus software say that they can hide the rootkit, but the real ability to kill this virus is still a small number of antivirus software, you can choose to use another antivirus software to kill the virus, these things are loaded into the system service, it is difficult to deal with, it is not recommended to brute-force delete class operations, viruses are data, sometimes formatted ** can't be, It is recommended to use some professional software to detect, 360 is just a tool, use streng to try.

Look at where the svchost is, if it's not c: windows system32, go directly to that location and delete it, and then go to the registry regedit to find the run under hcu-software-microsoft-windows-currentversion, and delete that thing.

You're tough, I've been running naked for months without being poisoned, you're actually! Reinstall the system, delete things you don't recognize, and install other software if needed.

Well, what you're talking about is poison, and the normal one is in system32. The shock wave 7 years ago was still a ** wave, and it seemed to be this, and within a few minutes, the computer automatically restarted the countdown. Anyway, this one of yours is poison...

Enter safe mode, find him and delete it, but don't delete the good system files, and then go into the registry and start it to delete.

Suggestion: The next Windows Cleanup Assistant, check and kill Trojans in safe mode (Trojans are very effective), and it is best to scan again after killing and restarting.

Format the C drive! System reloaded!! ok!

It seems that the system files are not poisonous.

What he's talking about is that there's one in the startup item in the Start menu.

This virus generally has the following conditions.

1. It is directly this file but placed in other directories. The removal method looks for this file directly. Except for the windowssystem32 directory, all other directories are deleted.

2. Turn the o inside into 0. Namely. This is the case with the well-known online banking thief virus.

Some viruses don't necessarily poop, but add a letter or add a letter to it. Like what. Reach the point of confusing the computer user.

This virus is not very powerful. It is usually a theft of information entered by the user's keyboard and sent to a specified mailbox. This virus can be well solved by all pandemic antivirus software.

Simply updating the antivirus virus database to the latest version can completely eliminate this virus.

3. The CPU usage rate of the process is 100%. In this case, it is not a problem of its own. Rather, it is caused by a process in the system using this process a lot.

For example, a module uses a lot of network resources. For example, an antivirus software auto-updater. This is suitable for you can end the applications one by one, and then check whether the CPU usage of the process is still 100% to determine which program is the problem.

If there is still no way to solve it, you can go to Microsoft** to update this program!

Hello is a key process of the system, not necessarily a virus.

Then use PC Manager - Antivirus - to check and kill.

PC Manager has 2 major cloud antivirus engines, which can help you detect the hidden Trojan viruses in your computer through intelligent cloud identification, and then completely**.

If you have any other questions and problems, please come to the computer manager business platform again to ask questions, and we will do our best to answer your questions.

Now there is a kind of pseudo-system file Trojan, and it is recommended that the next 360 security guard can kill it.

You can delete it directly in the DOS interface.

It can be a disguised virus. Kaba Chacha is killing.

It is recommended that the landlord install Tencent Computer Manager to carry out antivirus, restart the computer and press F8 to enter the Anzi full mode - open Tencent Computer Manager - lightning antivirus - full disk scanning - complete restart the computer on it, Tencent Computer Manager is a free security software, which can effectively prevent and solve common security risks on the computer, and is also China's first antivirus and optimization management function two-in-one security software.

Tencent PC Manager has the functions of cloud detection and killing of Trojans, system acceleration, vulnerability fixing, real-time protection, network speed protection, computer clinic, etc., and has pioneered the pioneering function of "management + antivirus".

Relying on the second-generation self-developed anti-virus engine "Eagle Eye", Little Red Umbrella, Butler System Repair Engine and Kingsoft Cloud Detection and Killing Engine, Tencent Computer Manager has passed the anti-virus tests of three global authoritative evaluation institutions, creating the best results in domestic anti-virus operation.

It is recommended that you can install Tencent PC Manager anti-virus software, a comprehensive anti-virus program, and on the basis of the electronic pickpocketing and knowing brain manager cloud anti-virus engine + Kingsoft cloud anti-virus engine, you can add the internationally renowned trend anti-virus engine, creating a leading performance of the "3-core" anti-killing effect. It has been upgraded again and introduced the Little Red Umbrella anti-virus engine with a more effective detection and killing effect, thus developing into a security tool with "4 cores", doubling the leading position of PC Manager in the field of Trojan virus detection and killing.

It is recommended that the landlord**Install Tencent Computer Manager to enter the Ant Bihan Line Antivirus,Restart the computer and press F8 to enter safe mode--Open Tencent Computer Manager--Antivirus--Full Scan--Open the Toolbox after completion--Stubborn Wood Killer--Deepen the scan--Finish restarting the computer on it,The landlord usually does not accept the files sent by strangers and**,It is very likely that the Trojan virus will be added,For the danger**It is recommended not to enter,There are also Trojan horses inside。

I hope this can help the sneering landlord.

is the name of the common host process of the service running in the Dynamic Link Library (DLL). This program is very important for the proper functioning of the system and cannot be terminated. It is recommended to go to a normal computer and make a new copy, location:

c:\windows\system32\ ，

There are multiple variants, as many as dozens, and initially appeared only as hacking Trojans, until now it is more integrated with the ability of worms, using the RPC vulnerability used by the "blaster" to make it spread extremely fast, causing much more harm than the earlier flood of "shockwave" (virus carrying). When the virus occurs, the poisoned user's computer will be unable to copy, paste and other operations, and cannot use software such as Office and Internet Explorer normally, and a large amount of system resources will be wasted, resulting in the phenomenon of speed crazy and hidden object drop, and even crash. The virus will also use IRC software to open the backdoor and wait for remote hackers to control it, trying to steal important information such as the serial number of the genuine software used by users, causing direct economic losses.

In order to ensure its survival, viruses will also suspend a large number of well-known anti-virus software and network security software.

1. Since the system services are implemented in the form of dynamic link libraries (DLLs), they point the executable program to the SCVHOST, and the CVHOST calls the dynamic link library of the corresponding service to start the service. Viruses often disguise this process file as having a change in the case of a character, that is, it can survive in multiple forms.

System call viewing: Here you can open the "Control Panel" and "Management Tools" service in turn, double-click the "clipbook" service, and you can find the corresponding executable file path in its properties panel ". Double-click the "alerter" service, and you can find that its executable file path is "c:".

k localservice", while the executable path to the "server" service is "-k netsvcs".

When the path of the executable file is outside the C:WindowsSystem32 directory, then it can be determined that it is a virus disguise.

Number of system process lines: There are generally two processes in Windows 2000 system, one is the RPCSS (RemoteProcedureCall) service process, and the other is the one shared by many services; In Windows XP, there are typically 4 to 5 service processes. If the number of processes is more than 5, the user should be careful, it is likely that the virus is fake.