Results 1 to 3 of 3

Thread: Spybot Background Update Service SDFSSvc.exe causes Antivirus Action

  1. #1
    Junior Member
    Join Date
    Oct 2014
    Posts
    2

    Default Spybot Background Update Service SDFSSvc.exe causes Antivirus Action

    Hello,
    today out of the blue my Antivirus (Avast) had to block several attempts from the SDFSSvc.exe Spybot Background Update process to access (apparently) malicious webpages. I'm a bit confused about how this is possible? Could it be a virus/trojan on my computer that masks itself as a different process?
    However, after I removed spybot the attempts and warnings stopped?
    Here are the related logs from avast:
    15.10.2014 21:36:52 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:52 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:52 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:53 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:53 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:54 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:55 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:55 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:55 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:56 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:57 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:57 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:58 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:58 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:59 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:36:59 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:37:00 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:37:01 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:37:01 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:37:02 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:00 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:00 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:02 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:03 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:04 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:05 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:06 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:09 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:35 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:36 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:39 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:40 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]
    15.10.2014 21:48:43 Network Shield: blocked access to malicious site http://joxidpzd.pornowater.com/snbwg...p?002219D64A44 ([193.105.134.197]:80) [ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe ( 9500 ) ]

    I would be grateful if anyone could tell me what is going on there?
    Last edited by simionov; 2014-10-15 at 23:12.

  2. #2
    Junior Member
    Join Date
    Oct 2014
    Posts
    2

    Default

    Small Mistake: I actually mean the Spybot Scanner Service which is SDFSSvc.exe not the Update Service

  3. #3
    Spybot Advisor Team Zenobia's Avatar
    Join Date
    Oct 2005
    Posts
    5,483

    Default

    Hi,there.

    There was a similar post about SDFSSvc.exe here:
    http://forums.spybot.info/showthread...exe-Gone-Rogue
    And possibilities of what might be happening listed here:
    http://forums.spybot.info/showthread...l=1#post447427

    I'm not sure of the solution,so I'll link you to the Spybot support forms:
    http://www.safer-networking.org/support/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •