Source: http://bizforums.itrc.hp.com/cm/QuestionAnswer/1,,0x57ef0ef61436a54dbc110a9d59e620fd,00.html

subject: Virus Warning scvhost.exe

Ron Kinner 
Sep 11, 2003 03:25:36 GMT

No, the above is not a typo. There are usually three of the benign
svchost.exe processes running on a basic Win2K box but the virus is
scvhost.exe. (v and c reversed) Task manager will show it being a CPU
hog. The amount of traffic the thing can generate is amazing and just to
make matters interesting it likes to forge the source addresses of the
packets it sends so you sometimes have to chase it down by following its
MAC address through the switch network. Once you locate it, disconnect
the network cable and remove the two entries ( "Config Loader" =
SCVHOST.EXE ) in the registry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersionRun
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersionRunServices

Restart and then go to winnt\system32 and delete the scvhost.exe file.
(And empty the recycle bin afterwards.) Patch with the MS03-001 (RPC
Locator) MS03-026 (Dcom RPC) patches from Microsoft before letting it
get back on line. Norton's LiveUpdate was dated 9/4 until about an hour
ago and the virus was discovered 9/5 so it was no help. Their
intelligent update supposedly did have the fix but since it took down
our internet link we had no way to get it.

http://vil.mcafee.com/dispVirus.asp?virus_k=100611

Moral of the story is don't rely on your firewall to protect you. Keep
your patches up to date and don't forget the people who were on vacation
or on a trip when you installed the patches the first time! Don't rely
on Norton's live update. Better to have a script download the
Intelligent updater file every day and put it on the NAV server. And
keep a supply of food at work so you don't starve when you have to work
all night fighting the thing like I did. Went home this morning at 5:30.
Came back at 11 to find it had flared up again. I hate laptops!