|
|
Detect and remove hidden rootkits using
UnHackMe
RegRun Security Suite = 24 system utilities for protecting your computer. Try now! |
 scchost.exe - Dangerous
Also has backdoor capabilities that give a hacker access to infected computer. Also Known as Backdoor.SdBot.gen Copies itself as %System%\Scchost.exe. Adds the registry value: "Services Host"="Scchost.exe" to the registry keys: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices If the filename of the worm is not scchost.exe, the program will kill itself and start scchost.exe as a service. Attempts to spread using the following file shares: Administrator Guest Owner If a connection is made, the worm copies itself to the following folders: Winnt\Profiles\All Users\Start Menu\Programs\Startup Windows\Start Menu\Programs\Startup Documents and Settings\All Users\Start Menu\Programs\Startup Connects to a specific IRC server and joins a specific channel to accept instructions from the hacker: Flooding a specified host Downloading a file from the hacker Executing a file Use RegRun Startup Optimizer to remove it from startup. Removal: scchost.exe is removed by RegRun.
Read more... Removal instructions...
Recommended software: RegRun Security Suite - removal and protection. http://www.regrun.com RegRun Reanimator - free removal tool. greatis.com/reanimator
What is hidden in MSDN? Why software developers prefer Win32.FreeTechSecrets.com? All Unix Manuals in Alphabetical Order C# controls for .NET in 3 simple steps. Constantly updated. Last update: July 21 2008
Interesting information about Vista programs... Need consultation? Would you like to add your opinion?
|
|
