|
Forum |
|
|||||||
| Software Q&A Having trouble with software? Find solutions here |
 |
|
|
LinkBack | Thread Tools | Display Modes |
15-02-2007, 04:43 PM
|
#1 (permalink) |
|
MVP Awardee 07
Join Date: Aug 2006
Posts: 67
|
Unknown processes
my system has 256 mb of ram....running win xp.In the task manager i find about 45 processes running consuming too much of cpu time...My system has become very sluggish.... Multiple instances of svchost...I guess thats normal.. But other process4s like ehmsas.exe,alg.exe????? what do these processes do?? can someone tell me the list of unwanted processes that can be terminated.? Also smss.exe is within a folder called "Tok Cirrhatus"...Is it a sysytem folder?? I fear its a virus merged with my sys process... Give me a way out of this mess...
__________________
Probability of me getting a ps3=0 Probability of me getting crazy about ps3=1 |
|
| Advertisements. Register and be a member of the community to get rid of them. | |
|
Advertisement
|
|
|
15-02-2007, 04:54 PM
|
#2 (permalink) |
|
Torrent Lover :)
Join Date: Nov 2006
Location: Chandigarh
Posts: 178
|
Re: Unknown processes
Hello !
It may be a spyware or a virus activity which usually slows down the performance of a PC. Well, multiple istances of svchost are normal , generally 5 (1-local service, 2-network service, 2-system). ehmsas.exe is a process belonging to the Microsoft Windows Media Center and is described as the Windows Media Center State Aggregator Service. This program is important for the stable and secure running of your computer and should not be terminated. alg.exe is also an important process belonging to Microsoft Windows Operating Systems. Still you should check them for any infections. 4 must haves for your pc ! 1) Lavasoft adaware SE Professional 2) Registry Mechanic 3) Spyware Blaster 4) Avast antivirus Never faced a problem having installed all of these. 
Last edited by akshaykapoor_3; 15-02-2007 at 05:02 PM. |
|
|
|
15-02-2007, 04:59 PM
|
#3 (permalink) |
|
Still Shining!
Join Date: Nov 2006
Location: Up 'n' above
Posts: 1,162
|
Re: Unknown processes
There will be 5 instances of svchost.exe running at any time. They are essential ones.
Post a hijack this log of your system.
__________________
Simplicity is the ultimate Sophistication HP dv6 6121tx: Core i7 2630 QM | 4GB | AMD 6770M 2GB GDDR5 | 640 GB Nokia N86 8MP |
|
|
|
15-02-2007, 05:09 PM
|
#4 (permalink) |
|
Livin' in the ghetto
Join Date: May 2006
Location: Hmm .... Home
Posts: 309
|
Re: Unknown processes
Lets take them one by one :
ehmsas.exe : The process Media Center Media Status Aggregator Service or Media Center Status Module belongs to the software Microsoft® Windows® Operating System or Media Center Status Module Alg.exe : Application Layer Gateway Service alg.exe is a process belonging to Microsoft Windows Operating System. It is a core process for Microsoft Windows Internet Connection sharing and Internet connection firewall. About "Tok Cirrhatus" ur computer might be infected with WORM_RONTOKBR.AC worm Check the following link for removal instructions : http://www.trendmicro.com/vinfo/viru...BR.AC&VSect=Sn Most importantly get a good Anti-Virus, update it and scan your computer for Virus Infections. Second get some good Anti-Spyware " Lavasoft adaware SE Professional " should be a good choice and scan your computer for Malware. Third get hijackthis run the scan and post the report here ....
__________________
~.~ Never argue with idiots, they just drag you down to their level then beat you with experience. ~.~ |
|
|
|
15-02-2007, 05:21 PM
|
#5 (permalink) |
|
Distinguished Member
Join Date: Mar 2005
Location: Pune
Posts: 3,783
|
Re: Unknown processes
^ good answer.
but scan in safe mode. u might wanna scan with 'avg anti-spy' instead. also run ccleaner. if problem persists, post ur hjt logfile.
__________________
> www.TheWindowsClub.com < = www.WinVistaClub.com = Microsoft® MVP |
|
|
|
16-02-2007, 12:44 AM
|
#7 (permalink) |
|
In The Zone
Join Date: Aug 2006
Location: Delhi
Posts: 229
|
Re: Unknown processes
Logfile of HijackThis v1.99.1
Scan saved at 12:49:06 AM, on 2/16/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\InterVideo\WinDVR\WinRemote.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\NetMeter\NetMeter.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Documents and Settings\Apoorv Khatreja\Desktop\hijackthis\HijackThis.exe O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O4 - HKLM\..\Run: [WinRemote] "C:\Program Files\InterVideo\WinDVR\WinRemote.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvistatestdrive.com...veXClient1.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3E776995-30CE-441F-A723-326C9F08AB0F}: NameServer = 4.2.2.1,4.2.2.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{AD2387BB-9520-470C-BE06-A11405B549AC}: NameServer = 59.179.243.70 202.159.217.198 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe Umm ok, I understand most of this log..I don't spot any kinda malware. You guys see anything? I'm not sure about this one - C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
__________________
http://apoorvkhatreja.blogspot.com |
|
|
|
16-02-2007, 04:18 PM
|
#8 (permalink) |
|
MVP Awardee 07
Join Date: Aug 2006
Posts: 67
|
Re: Unknown processes
I found this Software at this link
http://download.bitdefender.com/reso...rontokA-en.exe Is it advisable to run this or is it yet another virus pretending to be an anti virus ??? will it help
__________________
Probability of me getting a ps3=0 Probability of me getting crazy about ps3=1 |
|
|
|
16-02-2007, 04:22 PM
|
#9 (permalink) | |
|
Wise Old Owl
Join Date: Sep 2006
Location: Cyber Hell
Posts: 1,602
|
Re: Unknown processes
Quote:
there cant be softwares for less than 300kb so it should be a virus
__________________
Behind every good computer... is a jumble of wires 'n stuff |
|
|
|
|
16-02-2007, 07:38 PM
|
#11 (permalink) | |
|
Human Spambot
Join Date: Apr 2006
Location: Pune, India
Posts: 2,501
|
Re: Unknown processes
Quote:
__________________
Kiran Kumar R |
|
|
|
|
16-02-2007, 08:13 PM
|
#12 (permalink) |
|
Distinguished Member
Join Date: Mar 2005
Location: Pune
Posts: 3,783
|
Re: Unknown processes
a good site to remember; tells the exact nature and purpose of any and every single process known...
http://www.processlibrary.com/
__________________
> www.TheWindowsClub.com < = www.WinVistaClub.com = Microsoft® MVP |
|
|
|
17-02-2007, 11:51 AM
|
#13 (permalink) |
|
Livin' in the ghetto
Join Date: May 2006
Location: Hmm .... Home
Posts: 309
|
Re: Unknown processes
If you don't have any updated Virus Scanner you may try using the McAfee Command Line Scanner. Follow the these instructions to scan your computer for Virus Infections, no need to install the Anti-Virus just download the latest Virus Definition File and scanner and scan your computer
 Here we go : Download the File named Sdat----.exe from the following location : ftp://ftp.nai.com/pub/antivirus/superdat/intel/ Create a new folder SCAN on on the root of ur C:\ drive and copy the file to this new folder. Boot your machine into Safe Mode. (http://www.pchell.com/support/safemode.shtml) Now open command prompt and go to C:\ Cd Scan Extract using the command sdat####.exe /e (replace #### with version number) Do DIR and make sure u now have a file Scan.exe there, if the file is there now run the following command. SCAN.EXE /adl /sub /clean /del adl scans all local drives /sub will scan all subdirectories /clean will clean any infected files /del will delete any files that can't be cleaned If you need the command parameters listing type scan /? Omitted or add any commands that you want. This will clean all infections detected on the machine, I've presonally found this scan very effective and the fact that u initiate it from command Safe Mode allows it to clean thoroughly.
__________________
~.~ Never argue with idiots, they just drag you down to their level then beat you with experience. ~.~ |
|
|
|
17-02-2007, 01:41 PM
|
#14 (permalink) |
|
Broken In
Join Date: Jan 2007
Posts: 195
|
Re: Unknown processes
try an online scanner to get info about those files. You might try Panda's
http://www.pandasoftware.com/actives..._principal.htm |
|
|
|
05-04-2007, 06:34 PM
|
#15 (permalink) |
|
MVP Awardee 07
Join Date: Aug 2006
Posts: 67
|
Re: Unknown processes
Logfile of HijackThis v1.99.1
Scan saved at 7:27:37 PM, on 4/4/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Intel\Wireless\Bin\EvtEng.exe E:\Program Files\Intel\Wireless\Bin\S24EvMon.exe E:\WINDOWS\System32\WLTRYSVC.EXE E:\WINDOWS\System32\bcmwltry.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\eHome\ehRecvr.exe E:\WINDOWS\eHome\ehSched.exe E:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\F-Secure\Common\FSMA32.EXE E:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE E:\WINDOWS\system32\igfxpers.exe E:\WINDOWS\system32\hkcmd.exe E:\Program Files\Network Associates\Common Framework\FrameworkService.exe E:\WINDOWS\ehome\ehtray.exe E:\Program Files\F-Secure\Common\FSM32.EXE E:\Program Files\F-Secure\Common\FSMB32.EXE E:\WINDOWS\system32\DrvMon.exe E:\Program Files\F-Secure\Common\FCH32.EXE E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE E:\WINDOWS\system32\PMSveH.exe E:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\PMHandler.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\F-Secure\Anti-Virus\fsqh.exe E:\Program Files\F-Secure\Common\FAMEH32.EXE E:\WINDOWS\eHome\ehmsas.exe E:\Program Files\F-Secure\FSAUA\program\fsaua.exe E:\Program Files\F-Secure\Anti-Virus\fssm32.exe E:\Program Files\F-Secure\FWES\Program\fsdfwd.exe E:\WINDOWS\system32\dllhost.exe E:\Program Files\F-Secure\FSAUA\program\fsus.exe E:\WINDOWS\system32\wuauclt.exe E:\Program Files\F-Secure\Anti-Virus\fsav32.exe E:\Program Files\F-Secure\FSGUI\fsguidll.exe E:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe E:\Documents and Settings\LENOVO\Desktop\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net O1 - Hosts: 127.4.7.4 mcafee.com O1 - Hosts: 127.4.7.4 www.mcafee.com O1 - Hosts: 127.4.7.4 mcafeesecurity.com O1 - Hosts: 127.4.7.4 www.mcafeesecurity.com O1 - Hosts: 127.4.7.4 mcafeeb2b.com O1 - Hosts: 127.4.7.4 www.mcafeeb2b.com O1 - Hosts: 127.4.7.4 nai.com O1 - Hosts: 127.4.7.4 www.nai.com O1 - Hosts: 127.4.7.4 vil.nai.com O1 - Hosts: 127.4.7.4 grisoft.com O1 - Hosts: 127.4.7.4 www.grisoft.com O1 - Hosts: 127.4.7.4 kaspersky-labs.com O1 - Hosts: 127.4.7.4 www.kaspersky-labs.com O1 - Hosts: 127.4.7.4 kaspersky.com O1 - Hosts: 127.4.7.4 www.kaspersky.com O1 - Hosts: 127.4.7.4 downloads1.kaspersky-labs.com O1 - Hosts: 127.4.7.4 downloads2.kaspersky-labs.com O1 - Hosts: 127.4.7.4 downloads3.kaspersky-labs.com O1 - Hosts: 127.4.7.4 downloads4.kaspersky-labs.com O1 - Hosts: 127.4.7.4 download.mcafee.com O1 - Hosts: 127.4.7.4 grisoft.cz O1 - Hosts: 127.4.7.4 www.grisoft.cz O1 - Hosts: 127.4.7.4 norton.com O1 - Hosts: 127.4.7.4 www.norton.com O1 - Hosts: 127.4.7.4 symantec.com O1 - Hosts: 127.4.7.4 www.symantec.com O1 - Hosts: 127.4.7.4 liveupdate.symantecliveupdate.com O1 - Hosts: 127.4.7.4 liveupdate.symantec.com O1 - Hosts: 127.4.7.4 update.symantec.com O1 - Hosts: 127.4.7.4 securityresponse.symantec.com O1 - Hosts: 127.4.7.4 sarc.com O1 - Hosts: 127.4.7.4 www.sarc.com O1 - Hosts: 127.4.7.4 norman.com O1 - Hosts: 127.4.7.4 www.norman.com O1 - Hosts: 127.4.7.4 trendmicro.com O1 - Hosts: 127.4.7.4 www.trendmicro.com O1 - Hosts: 127.4.7.4 trendmicro.co.jp O1 - Hosts: 127.4.7.4 www.trendmicro.co.jp O1 - Hosts: 127.4.7.4 trendmicro-europe.com O1 - Hosts: 127.4.7.4 www.trendmicro-europe.com O1 - Hosts: 127.4.7.4 ae.trendmicro-europe.com O1 - Hosts: 127.4.7.4 it.trendmicro-europe.com O1 - Hosts: 127.4.7.4 secunia.com O1 - Hosts: 127.4.7.4 www.secunia.com O1 - Hosts: 127.4.7.4 winantivirus.com O1 - Hosts: 127.4.7.4 www.winantivirus.com O1 - Hosts: 127.4.7.4 pandasoftware.com O1 - Hosts: 127.4.7.4 www.pandasoftware.com O1 - Hosts: 127.4.7.4 esafe.com O1 - Hosts: 127.4.7.4 www.esafe.com O1 - Hosts: 127.4.7.4 f-secure.com O1 - Hosts: 127.4.7.4 www.f-secure.com O1 - Hosts: 127.4.7.4 europe.f-secure.com O1 - Hosts: 127.4.7.4 bhs.com O1 - Hosts: 127.4.7.4 www.bhs.com O1 - Hosts: 127.4.7.4 datafellows.com O1 - Hosts: 127.4.7.4 www.datafellows.com O1 - Hosts: 127.4.7.4 cheyenne.com O1 - Hosts: 127.4.7.4 www.cheyenne.com O1 - Hosts: 127.4.7.4 ontrack.com O1 - Hosts: 127.4.7.4 www.ontrack.com O1 - Hosts: 127.4.7.4 sands.com O1 - Hosts: 127.4.7.4 www.sands.com O1 - Hosts: 127.4.7.4 sophos.com O1 - Hosts: 127.4.7.4 www.sophos.com O1 - Hosts: 127.4.7.4 icubed.com O1 - Hosts: 127.4.7.4 www.icubed.com O1 - Hosts: 127.4.7.4 perantivirus.com O1 - Hosts: 127.4.7.4 www.perantivirus.com O1 - Hosts: 127.4.7.4 virusalert.nl O1 - Hosts: 127.4.7.4 www.virusalert.nl O1 - Hosts: 127.4.7.4 pagina.nl O1 - Hosts: 127.4.7.4 www.pagina.nl O1 - Hosts: 127.4.7.4 antivirus.pagina.nl O1 - Hosts: 127.4.7.4 castlecops.com O1 - Hosts: 127.4.7.4 www.castlecops.com O1 - Hosts: 127.4.7.4 virustotal.com O1 - Hosts: 127.4.7.4 www.virustotal.com O1 - Hosts: 127.4.7.4 vaksin.com O1 - Hosts: 127.4.7.4 www.vaksin.com O1 - Hosts: 127.4.7.4 forum.vaksin.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PMHandler] C:\WINDOWS\SYSTEM32\PMHandler.exe O4 - HKLM\..\Run: [igfxtray] E:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] E:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxhkcmd] E:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [ehTray] E:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [F-Secure Manager] "E:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "E:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [DrvMon.exe] E:\WINDOWS\system32\DrvMon.exe O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe O4 - Startup: Empty.pif O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: e:\program files\f-secure\fsps\program\fslsp.dll O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - E:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: EvtEng - Intel Corporation - E:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - E:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - E:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: GoogleDesktopManager - Google - E:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - E:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: PMSveH - Lenovo - E:\WINDOWS\system32\PMSveH.exe O23 - Service: RegSrvc - Intel Corporation - E:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - E:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - E:\WINDOWS\System32\WLTRYSVC.EXE Is everything all right??? lemme know
__________________
Probability of me getting a ps3=0 Probability of me getting crazy about ps3=1 |
|
|
|
05-04-2007, 11:18 PM
|
#16 (permalink) |
|
Distinguished Member
Join Date: Mar 2005
Location: Pune
Posts: 3,783
|
Re: Unknown processes
boy, i have never seen such a host file hijack !
download a good host file from http://www.mvps.org/winhelp2002/hosts.htm and go to c/windows/system32/drivers/etc/ and replace ur hosts file there with this one. then lock it using winpatrol/spybot/readonly/etc. c these too lock down your hosts file ! How To Lock Your HomePage.
__________________
> www.TheWindowsClub.com < = www.WinVistaClub.com = Microsoft® MVP Last edited by anandk; 05-04-2007 at 11:27 PM. |
|
|
|
| Bookmarks |
| Thread Tools | |
| Display Modes | |
|
|
Copyright © 2007-12 Nine Dot Nine Mediaworx Pvt. Ltd. All Rights Reserved. Designed by 9.9 Media Design
Linear Mode
