Hey guys I have been troubled by a virus named TVSC whenever I try to remove the .exe file it says windows is currently using that programme n cannot be removed ...what can I do further to remove it?? due to it my computer gets slow after few minutes of starting n it sends some games pop ups.

Any solutions would be highly appreciated, I tried ad- aware software ... I deleted the virus from it too does it mean that the virus is completely removed from my whole computer. If yes then why is the problem still the same????

Thanks n Happy new year.

Well im not a tech expert but if such things happen to me...i always end up formating. :)

Do you have an anti-virus software? How did you know it's the TVSC virus? What did you do to remove it? What error message do you get? Which OS are you using? Give us some more details and we might be able to help you out.
Thanks,
-LoGiN

okey the name of the virus was wrong there its 'IST svc' I came across it after I run ad aware software...I have Macfee as anti virus software n my OS is win 98.

The error message I get is :
Windows cannot delete this file, the file may be write protected or currently in use by windows....ok

I checked out in virus logfile of ad aware it says nothing about its removal but says it gives pop ups creating erro on internet explorer.

Okey guys thats the details I can give..please feel free to ask if u have further question....Thanks

sense bro, try doing it in WINDOWS SAFE MODE. IT will surely be removed.

to get to safe mode, as soon as u see the windows logo on ur computer screen, take the comp. jack out frm the wall and next next time when u restart it, it will give u an option for safe mode.(u might already know this stuff :P )

Confused, hahaha, you cracked me up... That's an awesome way to get to the safe mode... hehe... 98 ma ta restart garda safe mode option dincha hoina ra? I forgot... like when you are turning the machine off, you have a choice to restart in safe mode. ke ke ho... natra ... I think pressing F8 key while restarting will take you to the safe mode... natra msconfig ma gayera selective startup dine ni...

ctl-alt-del garera process kill garne ni natra, kill all except system tray... i guess... khoi yaar, ke ke ke ke... eh.

Sense,
Go to Add/Remove and see if there is any refernce to 'IST svc'. Remove it if it exists.

Install Spybot, update it and then run it.
http://www.safer-networking.org/en/download/index.html

Install HijackThis and post your scanlog here.
http://www.spychecker.com/program/hijackthis.html

Run the Spybot again in Safe Mode (Press F8 when window boots).
Make sure these files get deleted

Winshow.dll
ISTsvc (the folder in Program Files)
win32us.exe

Thanks,
-LoGiN

If that dosen't work out then go to system processes and kill istsvc.exe. Then go to the registry: Start->Run and type in regedit

Make sure you back up your registry before doing anything.
Then go to :
HKEY_LOCAL_MACHINE->SOFTWARE->WINDOWS->CURRENT VERSION->RUN and delete teh entry "istsvc.exe"

I would however recommend you to run Spybot first before going through this process.

Hope that helps.
-LoGiN

if it is being currently used by windows, then go to task manager, processes, then end the task and then delete. if still don't work then i'd recommend you the housecall site which is
- http://housecall.trendmicro.com/housecall/start_corp.asp

thanks guys for ur suggestion I tried to remove that programme I did remove it but my computer behaves the same...may be the virus is not completely removed

login I am send ing u my logfile from hijack Logfile of
HijackThis v1.99.0
Scan saved at 15:57:48, on 1/01/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\WEBSCANX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\SISTRAY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\KHOOKER.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\PROGRAM FILES\LOGITECH\IMAGESTUDIO\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\BACKWEB-8876480.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE
C:\PROGRAM FILES\NEPALI TIME MACHINE V.2002\NEPALITIMEMACHINE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\LOGITECH\IMAGESTUDIO\LOWLIGHT.EXE
C:\WINDOWS\MESSAGE.TXT .SCR
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE


contd.....

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=1000940
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=1000940
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kuleuven.net/login/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=1000940
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\PROGRAM FILES\SIDEFIND\SFBHO.DLL (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRAM FILES\DAP\DAPIEBAR.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\SYSTEM\SISTRAY.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\SYSTEM\khooker.exe
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winupdt] RUNDLL32.EXE C:\WINDOWS\GLMORICONS.DLL,_mainRD
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [WebRebates0] "C:\PROGRAM FILES\WEB_REBATES\WebRebates0.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\Program Files\Network Associates\VirusScan\AVSYNMGR.EXE
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Tsa2] C:\PROGRAM FILES\COMMON FILES\TSA\TSM2.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\Encoder\WMENCAGT.EXE
O4 - Startup: Nepali Time Machine V.2002.LNK = C:\Program Files\Nepali Time Machine V.2002\NepaliTimeMachine.exe
O8 - Extra context menu item: ImTranslator - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Gelijkwaardige pagina's - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Web Rebates - file://C:\PROGRAM FILES\WEB_REBATES\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\PROGRAM FILES\SIDEFIND\SIDEFIND.DLL (file missing)
O9 - Extra button: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html (HKCU)
O9 - Extra 'Tools' menuitem: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html (HKCU)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/1599f101a56ae6157423/netzip/RdxIE601.cab
O16 - DPF: {22D6F312-B0F6-11D0-94AB-0080C74C7E95} (Windows Media Player) - http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

HAPPY NEW YEAR....Hope u can help me ...I can delete some of those files but again I am not that computer professional to take a risk. THaNKS:)

Sense--
Seems like you have a lot of running processes. Did you run Spybot on safe mode? Did that make any difference? I don't think you've any viruses. If your anti-virus up-to-date? It's most probably spyware/adware issue. Download and run this program in addition to Spybot:
Adaware:
http://www.lavasoft.de/support/download/#freeCouple of things:

Then, Go to Add/Remove and remove
BackWeb, WEB_REBATES and any toolbars that you've downloaded (google.yahoo etc)

Go to the registry and back up your current registry by Registry->Export Registry Files (make sure you do this every time you modify the registry)

Then go to:
HKEY_LOCAL_MACHINE->SOFTWARE->WINDOWS->CURRENT VERSION->RUN

Delete these values it if exists:
-WebRebates
-win32us.exe
-QTTASK.EXE
-BackWeb
-MSNMSGR.EXE

Now did you delete the IST svc? Everytime you post, it would be helpful if you tell us what you did and what the outcome was. You have windows 98 SE, how much memory does it have? Processer? You might just need to add another memory stick in there to make it run faster. Try the above and let us know the outcome.

Peace,
-LoGiN

thanks login ...I guess now its back to track ...all I did was carefully distinguished unnecessary files from the log of hijack this n then removed them....it works fine ..I have been running computer for 3 hours today n its behaving perfect.

once again thanks ..I will definitely ask u some other questions u seem to be a comp. geneius:)
Have fun...rest of the guys thanks for ur suggestions too

U're very welcome.
Glad to hear your computer is working better now.

Peace!
-LoGiN