Outpost blocked loadsvc.exe at system startup today, what is it? Is it a worm or virus? I recently installed preempt, does it have anything to do with that?


please help!

James.

Looks like malware according to this,

http://castlecops.com/o23list-858.html


snowbound

DAMN! i am protected by nod32, ewido, pg, spyware guard, adaware, spybot, microsoft antispyware and preempt as well as other hardening tools and i have bitdefender as an ondemand scanner, HOW DID THIS HAPPEN! can anyone please give me advice on how to get rid of it please?

thanks,

J.

Read through this link. http://www.bleepingcomputer.com/startups/loadsvc.exe-11155.html

You may want to post a log per this (http://www.wilderssecurity.com/showthread.php?t=42148) announcement to find out what is on your computer.

Usually, not always, we download malware to our computers unknowingly. It may be hidden in a program.

I read that link but it doesnt really tell me how to deal with it. I found the process in task manager and stopped it and then Preempt stopped working. Does this therefore mean that it is legitimate or that it has attached itself onto Preempt somehow?

thanks again,

J.

oh yeah and here is the hijack this log:

Sorry for the confusion. Wilders no longer does hijack logs. I added the link in my post above to forums that do analyze logs.

This link (http://www.bleepingcomputer.com/forums/How_to_remove_a_Trojan_Virus_Worms_or_other_Malware-tut101.html) offers suggestions on how to get rid of trojans.
If you are not comfortable doing anything related to cleaning your computer, don't do it. Post a log and get instructions.

Hi I downloaded PreEmpt as well to give it a try,
and I had a similar reaction from OutPostPro after
reboot, doing search on my computer I found this
C:\Program Files\PivX\PreEmpt\loadsvc.exe check
to see if yours is the same.

Regards,

Wake

yes thats the same one! So its legit right? Is there anyway of getting outpost to leave it alone?

J.

Yes, that belongs to PreEmpt.. PreEmpt checks every 6 hours, and auto-updates it's protection settings when PivX finds new vulnerabilities. So yes, you want to allow it access. :)

I'm happy to see someone else using hardening tools.. you've got a good setup! (similar to mine) ;D ;D

well actually, its thanks to your web page that i have good hardening tools; you recommended some great software, software that id never even heard of! Lastly, do you know how i can get outpost to leave preempt alone?

thanks,


J.

Haha, good deal! ;D Glad people are getting something out of the pages. I'm just getting ready to update now.

Unfortunately I don't have any real experience with Outpost, so mabye someone that uses it can jump in. However you should be able to go into the rules and allow it access.. once you have a rule to allow it in place, I would think it would leave it alone.

Hi James,

I agree with you after reading some threads
by Notok, and his links I to have been trying
his recommended system hardening tools and so
far no problems, thanks Notok for the links !!

Far as PreEmpt and OPPro, it is my opinion that
the Pivx program updates daily and OpPro notices
the changes, so you receive these warnings, it is
normal, and I find its one of the few programs I
have on this computer that OpPro continues to throw
up warnings about, and you could certainly post over
at the Outpost forum see if any of the pro's have any
advice about this, only work around I could see is to
disable component control monitoring which I didnt do.


Regards,

Wake

ok ill do that! Thanks for the help everyone!

J.

ahhh! ok, so its getting annoying now. Everytime i start up i get the message from outpost that loadsvc.exe is trying to alter physical memory (or somehting to that effect anyway). Surely there is some way to get outpost to leave it alone; disabling component control seems a bit drastic.

Any advice would be greatly appreciated.

J.

Hi James,

Go to options, application, PreEmpt, click
component control, and disable was the
only work around I found to all of the
Outpost complaints about PreEmpt.

Seemed a little drastic to me to and so
I uninstalled it after that and am now
trialing Online Armor.

Good Luck to you,

Wake

James, I gave u incorrect advice, sry, the solution i found
for OutPostPro is to go options, application, find LOADSVC.EXE,
click process memory control, add, C:\ProgramFiles\Pivx\PreEmpt\
LOADSVC.EXE. than click ok, apply, ok and reboot.

Outpost will quiet down after that about PreEmpt.

Regards,

Wake

excellant! thats just what i was looking for! Thanks for the help.

J.

Your welcome James, glad it worked.

Wake