RUNNING PROCESSES

Secure Home | Search | About

Lost Password?

Anti-Virus Software

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

RUNNING PROCESSES

daveT

11-04-2005

Re: RUNNING PROCESSES

David H. Lipman

11-04-2005

Re: RUNNING PROCESSES

Art

11-04-2005

Re: RUNNING PROCESSES

Duane Arnold

11-05-2005

Posted by daveT on November 4, 2005, 4:31 pm

If you were Registered and logged in, you could reply and use other advanced thread options

Noticed that there are 42 running processes on my computer and thought to
see if any of them can be stopped. Checked a few websites and it appears
that the following can/should be removed (they all show up when I hit
CONT-ALT-DEL:

WNLOGON.EXE
SMSS.EXE
SVCHOST.EXE
ALG.EXE
CSRSS.EXE
services.exe (maybe)
LSASS.EXE
realsched.exe

Does anyone have any ideas about what I should do, if anything. I did start
shutting down SVCHOST.EXE in TASK MANAGER then a dialogue box appeared
telling me that my computer was going to shut down with a minute or so due
to a "DCOM service..." problem.

I have always uses AVG any virus, Zonealarm and Adaware. So I don't quite
see how I might have got a virus or worm. I'm not so confidant with
computers so I don't know if I can clean up unwanted rubbish from the
starting up process, is there any free download that might assist.

Posted by David H. Lipman on November 4, 2005, 4:40 pm

If you were Registered and logged in, you could reply and use other advanced thread options

| Noticed that there are 42 running processes on my computer and thought to
| see if any of them can be stopped. Checked a few websites and it appears
| that the following can/should be removed (they all show up when I hit
| CONT-ALT-DEL:
|
| WNLOGON.EXE
| SMSS.EXE
| SVCHOST.EXE
| ALG.EXE
| CSRSS.EXE
| services.exe (maybe)
| LSASS.EXE
| realsched.exe
|
| Does anyone have any ideas about what I should do, if anything. I did start
| shutting down SVCHOST.EXE in TASK MANAGER then a dialogue box appeared
| telling me that my computer was going to shut down with a minute or so due
| to a "DCOM service..." problem.
|
| I have always uses AVG any virus, Zonealarm and Adaware. So I don't quite
| see how I might have got a virus or worm. I'm not so confidant with
| computers so I don't know if I can clean up unwanted rubbish from the
| starting up process, is there any free download that might assist.
|

All of those are legitimate programs *if* they are executed from legitimate
locations.

Realsched.exe is a RealPlayer Player stub and is wasting RAM.

You can remove Realsched.exe from being loaded by executing MSCONFIG.EXE and
going to the
startUp tab and the looking for the line that loads realsched.exe and disable it.

A better program to use is Process Explorer by Sysinternals --
http://www.sysinternals.com/Utilities/ProcessExplorer.html

With it you can determine both what is running and where it is being executed
form. For
example...

If you have c:\windows\system32\lsass.exe as a running process that is OK.

If you have c:\windows\lsass.exe as a running process then that is is a sign of
a malware
infection

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Posted by Art on November 4, 2005, 4:56 pm

If you were Registered and logged in, you could reply and use other advanced thread options

wrote:

>Noticed that there are 42 running processes on my computer and thought to

>see if any of them can be stopped. Checked a few websites and it appears

>that the following can/should be removed (they all show up when I hit

>CONT-ALT-DEL:

>WNLOGON.EXE

>SMSS.EXE

>SVCHOST.EXE

>ALG.EXE

>CSRSS.EXE

>services.exe (maybe)

>LSASS.EXE

>realsched.exe

These all are or might well be normal legit processes.

>Does anyone have any ideas about what I should do, if anything.

Learn which processes are normal when your PC is clean and keep a
record of them. Remember though that malicious code sometimes uses
legit file names. But at least it's a good idea to be able to
recognise unusual file names.

>I did start

>shutting down SVCHOST.EXE in TASK MANAGER then a dialogue box appeared

>telling me that my computer was going to shut down with a minute or so due

>to a "DCOM service..." problem.

>I have always uses AVG any virus, Zonealarm and Adaware. So I don't quite

>see how I might have got a virus or worm. I'm not so confidant with

>computers so I don't know if I can clean up unwanted rubbish from the

>starting up process, is there any free download that might assist.

Do a scan with the free KASFX scanner available from my web site. It's
based on the Kaspersky scan engine, and it's far superior to AVG. I
also suggest using Spybot.

Art

http://home.epix.net/~artnpeg

Posted by Duane Arnold on November 5, 2005, 2:36 am

If you were Registered and logged in, you could reply and use other advanced thread options

> Noticed that there are 42 running processes on my computer and thought

> to see if any of them can be stopped. Checked a few websites and it

> appears that the following can/should be removed (they all show up

> when I hit CONT-ALT-DEL:

Apparently, you didn't understand.

> WNLOGON.EXE

> SMSS.EXE

> SVCHOST.EXE

> ALG.EXE

> CSRSS.EXE

> services.exe (maybe)

> LSASS.EXE

> realsched.exe

> Does anyone have any ideas about what I should do, if anything. I did

> start shutting down SVCHOST.EXE in TASK MANAGER then a dialogue box

> appeared telling me that my computer was going to shut down with a

> minute or so due to a "DCOM service..." problem.

Some things you shutdown on a NT based O/S that has a direct connection
and some you don't and some holes you close.

There is a link for Win 2K too.

http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm

> I have always uses AVG any virus, Zonealarm and Adaware. So I don't

> quite see how I might have got a virus or worm. I'm not so confidant

> with computers so I don't know if I can clean up unwanted rubbish from

> the starting up process, is there any free download that might assist.

Well, you better learn and do it for yourself if need be. There are links
on the how to(s) use Google.

Use the proper tools and look for yourself and don't depend upon the
crutches above to tell you everything is OKAY DOKEY.

Long version

http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and
_Rootkit_Tools_in_a_Windows_Environment.html

Short version

http://tinyurl.com/klw1

Duane :)

Similar Threads	Posted
Task Manager: Listing of "suspect" processes??	October 5, 2008, 4:51 pm
Killing all Norton System Works processes (and restarting later)	December 15, 2005, 10:20 pm
ZoneAlarm Pro says there is no AV running	March 6, 2006, 10:35 am
AOL AVS - what version am I running?	January 31, 2007, 11:08 am
.exe files are not running.	October 6, 2007, 12:01 pm
What is name of running process for AVG, please?	June 1, 2008, 10:05 pm
ZAAV - Isafe not running	October 10, 2005, 7:04 pm
How much "protection" needs to be running all the time?	January 28, 2006, 2:09 am
AVG Free - stopped running	November 2, 2006, 2:46 am
Stop running this script	February 19, 2007, 3:06 pm

The site map in XML format XML site map