|Last Seen by PC Pitstop: No Data|
Purpose: svdhost.exe - CA Description:
"Win32/Lioten is a family of worms that spread via network shares. Early variants spread via network shares only, and had no payload, but modern variants can also spread by exploiting Windows vulnerabilities and act as IRC controlled backdoors. Lioten worms are often found packaged with variants of Win32.Ranck trojan.
This particular variant of Lioten is distributed as a 49,559 byte Win32 executable, that exhibits the following specific characteristics:
When executed this variant copies itself to the %System% directory as SVDHOST.EXE and makes the following modifications to the registry to ensure that this file is executed at each Windows system start:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Com Port Manager = "svdhost.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Microsoft Com Port Manager = "svdhost.exe"
Note: '%System%' is a variable location. The malware determines the location of the current system directory by querying the operating system. The default installation location for the System directory for Windows 2000 and NT is C:\Winnt\System32; for 95,98 and ME is C:\Windows\System; and for XP is C:\Windows\System32.
For more detailed information regarding the functionality of the Win32.Lioten family, please visit the Win32.Lioten description elsewhere in our encyclopedia."
svdhost.exe is a VIRUS. Stop all work until the virus is removed or you run the risk of spreading the virus to other people. Worse yet, the virus may be doing harm to your computer and your information.
PC Pitstop recommends WinPatrol Plus for monitoring all of the background activity on your PC. WinPatrol Plus provides an easy to understand descriptions of over 15,000 processes and programs.
Percentage of recently scanned PC's with this process running: 0.00%
Average CPU use for this program: null%
Average RAM for this program: null MB
|Program Name||MD5 Count|
PC Pitstop is the undisputed leader in PC diagnostics. Our running process library is culled from our database of over 100 million PC diagnostics and scans.› Driver Scan