PC Pitstop Libraries > Process Library > svdhost.exe
Welcome to the PC Pitstop process library the most comprehensive and accurate library in the world. All PC Pitstop products are cloud based enabling greater tracking of the world's running processes including malware, good software and performance hogs.

Search For Processes

Process Name

  

What is svdhost.exe? Win32/Lioten.GG

Vendor:      
Product:     
Vendor Website:     
Last Seen by PC Pitstop:      No Data

Process is Bad PC Pitstop has analyzed this process and determined that there is a high likelihood that it is bad.
Process is questionablePC Pitstop has analyzed this process and determined that the safety of this process is questionable.
Process is goodPC Pitstop has analyzed this process and determined that there is a high likelihood that it is good.
Process is goodThis process is a Microsoft or Windows process, but many viruses use this file name to escape notice.

PC Pitstop Analysis

Purpose: svdhost.exe - CA Description:

"Win32/Lioten is a family of worms that spread via network shares. Early variants spread via network shares only, and had no payload, but modern variants can also spread by exploiting Windows vulnerabilities and act as IRC controlled backdoors. Lioten worms are often found packaged with variants of Win32.Ranck trojan.

This particular variant of Lioten is distributed as a 49,559 byte Win32 executable, that exhibits the following specific characteristics:

When executed this variant copies itself to the %System% directory as SVDHOST.EXE and makes the following modifications to the registry to ensure that this file is executed at each Windows system start:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Com Port Manager = "svdhost.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Microsoft Com Port Manager = "svdhost.exe"


Note: '%System%' is a variable location. The malware determines the location of the current system directory by querying the operating system. The default installation location for the System directory for Windows 2000 and NT is C:\Winnt\System32; for 95,98 and ME is C:\Windows\System; and for XP is C:\Windows\System32.

For more detailed information regarding the functionality of the Win32.Lioten family, please visit the Win32.Lioten description elsewhere in our encyclopedia."

svdhost.exe is a VIRUS. Stop all work until the virus is removed or you run the risk of spreading the virus to other people. Worse yet, the virus may be doing harm to your computer and your information.

PC Pitstop recommends WinPatrol Plus for monitoring all of the background activity on your PC. WinPatrol Plus provides an easy to understand descriptions of over 15,000 processes and programs.


svdhost.exe is known to be a bad process. Start this Free scan to check your other threats to your PCs security, like this file.
svdhost.exe could be a harmful process. Start this Free Scan to check for threats to your PC Security.
This information brought to you by PC Matic SuperShield. Start this Free scan to check your threats to your PCs security.
svdhost.exe is a Microsoft or Windows process but some versions of this exe carry viruses.
Check your PC for the bad versions of this file - with this
Free Security Scan.

svdhost.exe Technical Information

Percentage of recently scanned PC's with this process running: 0.00%
Average CPU use for this program: null%
Average RAM for this program: null MB

MD5 Hash Analysis

Program Name MD5 Count
svdhost.exe




Try a free diagnostic now

PC Pitstop is the undisputed leader in PC diagnostics. Our running process library is culled from our database of over 100 million PC diagnostics and scans.

Driver Scan
Total PC Care
Privacy Scan
Disk Scan
Internet Speed Tests
Get More Tips

Sign up for our FREE Newsletter


Tips from the Pit CrewSubscribe to TechTalk
Visit Our Forums

Important Note

A file name alone may not be enough for positive identification. PC Pitstop's Overdrive tests and spyware scan use information such as the company name, product name, or install directory.

If you are unable to identify a file, ask about it in our forums after running our full tests.