Welcome to the PC Matic Process Library. We maintain an extensive list of common processes running on today’s PCs. Within this library you can learn more about the processes running on your machine.
Vendor: |
Product: |
Vendor Website: |
Last Seen by PC Matic: No Data |
Purpose: svdhost.exe - CA Description:
"Win32/Lioten is a family of worms that spread via network shares. Early variants spread via network shares only, and had no payload, but modern variants can also spread by exploiting Windows vulnerabilities and act as IRC controlled backdoors. Lioten worms are often found packaged with variants of Win32.Ranck trojan.
This particular variant of Lioten is distributed as a 49,559 byte Win32 executable, that exhibits the following specific characteristics:
When executed this variant copies itself to the %System% directory as SVDHOST.EXE and makes the following modifications to the registry to ensure that this file is executed at each Windows system start:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Com Port Manager = "svdhost.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Microsoft Com Port Manager = "svdhost.exe"
Note: '%System%' is a variable location. The malware determines the location of the current system directory by querying the operating system. The default installation location for the System directory for Windows 2000 and NT is C:\Winnt\System32; for 95,98 and ME is C:\Windows\System; and for XP is C:\Windows\System32.
For more detailed information regarding the functionality of the Win32.Lioten family, please visit the Win32.Lioten description elsewhere in our encyclopedia."
svdhost.exe is malware. If this process is running on your machine, we strongly advise that you remove it. Depending on the type of malware it may be doing harm to your computer and your information.
Percentage of recently scanned PC's with this process running: 0.00%
Average CPU use for this program: null%
Average RAM for this program: null MB
Program Name | MD5 Count |
---|---|
svdhost.exe |