This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.
If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.
Name:
[not used]
Filename:
svchost.exe
Command:
Unknown at this time.
Description:
A WORM/backdoor, W32/Kipis-J, opens notepad.exe and copies itself to the Windows folder as regedit.com and installs to it's newly created folder. A variety of anti-virus and security related processes may be terminated and backdoor opened on port TCP/9413.
File Location:
Windows\System\1032\
Startup Type:
If you are running Windows 95/98/ME, this startup entry is being started via the Shell= line in the Windows\system.ini file.
If you are running Windows NT/XP/Vista/2000/2003, this startup entry is being started via the Shell= line in the registry key:
It is assumed that users are familiar with the operating system they
are using and comfortable with making the suggested changes. BleepingComputer.com will not
be held responsible if changes you make cause a system failure.
This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them
listed via this method. Pressing CTRL+ALT+DEL identifies programs that
are currently running - not necessarily at startup.
Therefore, before ending a task/process via CTRL+ALT+DEL just because
it has an "X" recommendation, please check whether it's in MSCONFIG or
the registry first. An example would be "svchost.exe" - which doesn't
appear in either under normal conditions but does via CTRL+ALT+DEL. If
in doubt, don't do anything.
Disclaimer