Welcome Guest ( Log In | Click here to Register a free account now! )
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.![]() ![]() |
Nov 27 2007, 01:51 PM
Post
#1
|
|
![]() Member ![]() ![]() Group: Members Posts: 18 Joined: 12-October 07 From: S.C,USA Member No.: 162,602 |
[qoute]O4 - HKLM\..\RunServices: [Microsoft Updates] svdhost.exe . It also shows up in other areas of log.[/quote] My question is it is aparently signed by Microsoft so I am assuming it is a Vista process and not a keyloggeras CC listed. QUOTE(CC) Orvell Monitoring 2003 - surveillance software that creates records of everything people do on a computer, ie, spying or monitoring depending upon how you call it. Note - asks for permission to contact the IP address of http://www.protectcom.com/ Next question is does this process have the ability to be hijacked and turn it into a keylogger? Thanks in advance for help. |
|
|
|
Nov 27 2007, 02:55 PM
Post
#2
|
|
|
Senior Member ![]() ![]() ![]() ![]() Group: Members Posts: 419 Joined: 7-May 07 From: Hull England Member No.: 129,329 |
hi,,, i think this might answer some questions,,,,, have a good read its crazy,,,
http://news.softpedia.com/news/Forget-abou...oft-58752.shtml by the way a lot of people are reporting that there rigs are doing alot of HDD thrashing when in idal,,,, this is not just down to the new auto defrag on vista its all these vista programs collecting info redy to send off on your next update,,,,,,,,, or i could be a parionoid nutball,,,,,,, i loged onto the black vipers site and closed down all un needed services & hey presto the thrashing stoped,,,,,, good luck,,,,,,,, figgis41 -------------------- Figgis,,,, LUFC
|
|
|
|
Nov 27 2007, 10:32 PM
Post
#3
|
|
|
Bleeping entraÎner ![]() ![]() ![]() ![]() ![]() ![]() Group: HJT Team Coach Posts: 1,738 Joined: 24-September 04 Member No.: 2,990 |
Is this item: O4 - HKLM\..\RunServices: [Microsoft Updates] svdhost.exe showing up in your HJT log?
If it is, you have an SDBot Trojan http://www.sophos.com/security/analyses/w32sdbotni.html This needs to be taken care of immediately Please do this first! From a known, "clean machine" (not the one that's infected), change all your passwords and notify your bank if you have any critical information, such as credit cards or online banking that you've used on the infected machine. Next, Download HijackThis™ here: http://www.trendsecure.com/portal/en-US/th.../hijackthis.php Right click on it and choose "Run as Administrator". Click 'Do a System Scan and Save log'. The HJT log will open in notepad. Copy and paste the contents of the HJT log into a NEW TOPIC in "HijackThis Logs and Malware Removal" http://www.bleepingcomputer.com/forums/forum22.html Please be patient as we have a lot of people with malware infections and most all of our HJT Team members work on several forums. -------------------- MS MVP Windows-Security 2006-2008
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators Admin PC Pitstop |
|
|
|
Nov 27 2007, 11:12 PM
Post
#4
|
|
![]() Member ![]() ![]() Group: Members Posts: 18 Joined: 12-October 07 From: S.C,USA Member No.: 162,602 |
QUOTE(Jacee) Is this item: O4 - HKLM\..\RunServices: [Microsoft Updates] svdhost.exe showing up in your HJT log? Not my log but thanks for the concern. I have XP. This is one I was looking at trying to get use to vista's processes. If it is, you have an SDBot Trojan http://www.sophos.com/security/analyses/w32sdbotni.html This needs to be taken care of immediately |
|
|
|
![]() ![]() |
| Lo-Fi Version | Time is now: 9th January 2009 - 03:17 AM |