Hidden process

  • Thread starter Thread starter Keith
  • Start date Start date
K

Keith

Hi All

I believed there are some ad-ware hidden processes running on my PC with I was not able to remove it with some adware programs.
I've found the .exe somewhere on my system drive but it won't allow me to delete it and therefore I believe it is actively running.
Any suggestion on what tools can allow me to view those hidden processes as Task Manager won't do the job.

Thanks
 
Well ...I think you can't just suppose because it can be legit process and if
you are not an expert you'd better do another thing first.

Scan with these reputable software and online scanners:
Be sure you have updated the softwares:


@ Ad-Aware SE Personal
http://www.lavasoftusa.com/software/adaware


@ Microsoft Antispyware (only for people with genuie-legal Windows )
http://www.microsoft.com/athome/security/spyware/software/default.mspx


http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm
Panda Software free Active Scan,where you can check your
PC for ALL TYPES of security threats and clean viruses and worms


At the end do not first delete the EXE but submit it to Virus Total and then
post the report here:
http://www.virustotal.com/flash/index_en.html

Send a suspicious file for analyze to VirusTotal
They will scan it for malware with almost all antivirus softwares with the
latest definitions
and then will send you the report.The service is FREE .
If something is suspicious they will send the file to all antivirus
companies so that
they will establish signatures for disinfecting the malware.



Panda_man
 
Hi, Panda_man
You can try to delete the .exe in save mode, but you'd better backup first.
Victor
 
Well... let me put it this way, I am quite sure it's a illegal process instead of a legal windows process
I remember there is a task manager like application which can let you view all processes including hidden process not visible by
Task Manager. does anyone know the tool name ?

Thanks
 
Could you please read carefully my first post !!!
< Special look on the last sentece before my nickname>

Thank you !


Panda_man
 
And in your first post you also mention that :
I believed there are some ad-ware hidden processes running on my PC with I was not able to remove it with some adware programs.
Click to expand...


Panda_man >> What exactly have you done?What did you scan with?
What did you found???

If nothing was found I think you need to relax.Otherwise ,install free
30-day trial of Panda TruPrevent personal 2006

What is TruPrevent

http://www.pandasoftware.com/virus_info/truprevent.htm
http://www.pandasecurity.com/ICSAReport/Panda_Public_Evaluation.PDF



Panda_man
 
Keith said:
Well... let me put it this way, I am quite sure it's a illegal
process instead of a legal windows process I remember there is a task
manager like application which can let you view all processes
including hidden process not visible by Task Manager. does anyone
know the tool name ?
Click to expand...

view
http://www.sysinternals.com/Utilities/ProcessExplorer.html

kill ones you don't like
http://www.sysinternals.com/Utilities/PsKill.html

Just out of interest, why are you so sure its an "illegal" process when you
don't appear to know very much about the file in question?


--
 
Keith

Try the 15 day full trial of Ewido Suite, or do their online scan.. the
online scan warns that beta stuff can screw up a system, but I have found
that it works quite well..

The Ewido Suite is well worth the money if you decide to purchase it..

http://www.ewido.net/en/
 
Just because you can not delete it does not mean that it is a running
process as you may not have delete permissions to the file. There are more
advanced tools such as Process Explorer form SysInternals to view running
processes or in the case of a root kit you should view the processes
remotely from another computer on the network which msinfo32 can do by
selecting view remote computer assuming you are an administrator on the
remote computer. If it indeed is running as a process booting intop Safe
Mode may allow deletion though for most users you are better off using
malware or spyware detection and removal tool to do the job and also using
them in Safe Mode being sure they are current with the latest definition
files. -- Steve
 
Back
Top