-
November 5th, 2004, 04:37 AM
#11
Theres nothing seems to be wrong with the proccesses, everything is fine..... did u checked the registry. Try checking that surely if its a trojan then there must be an entry in it.
Regarding the ICMP attack check out this link.
http://www.sans.org/resources/idfaq/icmp_misuse.php
One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!
-
November 5th, 2004, 05:28 AM
#12
maybe he is secretly running something like PC anywhere or dameware on your pc without ur knowledge....
-
November 5th, 2004, 07:03 AM
#13
Google search for "Security Task Manager" this program will tell you all that is running on your computer, that is also hidden and will tell you every thing you wish about each and every process running and it will allow you to kill the process and remove it for good. (good luck)
Are you running a firewall and AV?
S25vd2xlZGdlIGlzIHBvd2VyIQ
-
November 5th, 2004, 08:04 AM
#14
Junior Member
Sorry that was a wrong file
this is the corrent one:
Process PID CPU Description Company Name
System Idle Process 0 66
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 540 Windows NT Session Manager Microsoft Corporation
csrss.exe 604 4 Client Server Runtime Process Microsoft Corporation
winlogon.exe 628 Windows NT Logon Application Microsoft Corporation
services.exe 672 3 Services and Controller app Microsoft Corporation
svchost.exe 852 Generic Host Process for Win32 Services Microsoft Corporation
LVComS.exe 1140 LVCom Server Logitech Inc.
svchost.exe 952 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1120 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1164 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1324 Spooler SubSystem App Microsoft Corporation
alg.exe 1708 Application Layer Gateway Service Microsoft Corporation
svchost.exe 1792 Generic Host Process for Win32 Services Microsoft Corporation
iPodService.exe 2044 iPodService Module Apple Computer, Inc.
lsass.exe 684 LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1624 Windows Explorer Microsoft Corporation
iTunesHelper.exe 256 iTunesHelper Module Apple Computer, Inc.
MsgPlus.exe 296 Messenger Plus! Patchou
jusched.exe 304
LogiTray.exe 328 ImageStudio Tray Application Logitech Inc.
LowLight.exe 524 Automatic Low Light Module Logitech Inc.
rundll32.exe 396 Run a DLL as an App Microsoft Corporation
ViewMgr.exe 404 ViewMgr Viewpoint Corporation
rundll32.exe 416 Run a DLL as an App Microsoft Corporation
hpztsb07.exe 488 HP
MWSOEMON.EXE 528 My Web Search Email Plugin MyWebSearch.com
backWeb-8876480.exe 600 Logitech Desktop Messenger Logitech
msmsgs.exe 756 Messenger Microsoft Corporation
msnmsgr.exe 904 MSN Messenger Microsoft Corporation
procexp.exe 388 26 Sysinternals Process Explorer Sysinternals
iexplore.exe 1344 Internet Explorer Microsoft Corporation
iexplore.exe 1384 Internet Explorer Microsoft Corporation
Process: Procexp Pid: -2
Type Name
-
November 5th, 2004, 08:20 AM
#15
MWSOEMON.EXE 528 My Web Search Email Plugin MyWebSearch.com
Well still no trojan or something like that but this is an adware n u should remove it. So u better follow the steps described in the Soda_Popinsky reply. And as i am saying again n again check the regsitry values n paste them here.
One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!
-
November 5th, 2004, 05:57 PM
#16
Junior Member
if ur comp is in network means that ur service provider provides servieces through HUB or SWITCH.....in that case u hav to check whether ur comp is a member of any domain controller (DC) or group of any ..................if this happened then ur comp can be hijacked through DC......and anything can be done through DC.............
one more thing u hav to check whether there is open port in ur comp exists or not............it could also be the reasion............
-
November 5th, 2004, 10:31 PM
#17
Ok.. Certainly worth following the advice given and checking what has been recommended..BUT..
to add to the clamour.. TCPVIEW.. this gives you ports to process information.. it would be interesting to see a log from that..
When the windows closes or the startmenu opens.. is there mouse activity? i mean mouse movement not from your input..
if not.. Try a new Keyboard.. I chased a virus in a machine for best part of a day only to find a electricly stuck key and two intermittantly stuck keys .. this resulted in some movement trigering screen activity, some functions unavailable, certain functions didn't work.. the keys involved, ALT, Windows, up arrow..
It is a thought
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|