Jump to content

Recommended Posts

I was looking through my services on MSconfig and I came a across a few services that were unfamiliar. Mainly Cyberlink Richvideo service (CRVS) whose manufacturer is unknown, RoxmediaDBVHS by sonic solutions, and Remote Packet capture protocol v.0 (experimental) by CACE technolgies, inc. . The one that I am mainly worried about is the last one. I did some research and found that it was common with programs like WinPcap, and wireshark. The problem is, I haven't installed those, but after searching for each the only thing that came up was WinPcap, I uninstalled it and unchecked the services mentioned above. Like I said I'm worried that my system may be infected, any input would be appreciated.

Link to post
Share on other sites

Trojans will often drop the CACE packet capture software, sniff data, and upload the sniffed data to a dump site. It is not related to a a keylogger albeit a keylogger could be dropped in conjunction with packet capture software to obtain your private data.

This sub-forum is for not meant for dealing with malware and the sub-forum specifically states "Please do not post any questions regarding malware in this forum.".

Instead post in Malware Removal - HijackThis Logs after you read I'm infected - What do I do now?

Link to post
Share on other sites

Does it matter that I deleted it? Should I reinstall it?

That depends. Some programs require it in order to function without it they won't work. Things like Snort, Nmap and Rubotted use it.

Like David said you should probably get your pc checked out by following the directions he posted. :) Then after you are told you are clean you can post here and find out if you need it or not. :)

Link to post
Share on other sites

as david mentioned ...

the best bet is to follow his links and do as instructed there to the best of your abilities .

as i see it , the major issue is the possibility of an infection ... the "deleting" (as opposed to un-installing) would be a secondary issue .

the HJT personnel will be able to determine what is really going on .

good luck .

Link to post
Share on other sites

Does it matter that I deleted it? Should I reinstall it?

Did you deliberately install a program like Wireshark (descendant of Ethereal) ?

If you did, it is needed if you want to sniff your own packets.

The fact that you are not cognizant of it and its use leads me to believe it was installed without your knowledge and thus my previous advice.

Link to post
Share on other sites

Did you deliberately install a program like Wireshark (descendant of Ethereal) ?

If you did, it is needed if you want to sniff your own packets.

The fact that you are not cognizant of it and its use leads me to believe it was installed without your knowledge and thus my previous advice.

I don't have any of those installed, which is what has me worried.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.