Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

00a - chrisglew

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

00a - chrisglew

Unread postby chrisglew » November 15th, 2009, 9:30 am

Was slightly unsure how to proceed with this - I did some internet/forum searching to find the answers to these questions. Some however I couldn't find anything of use on, so I said I was unsure of them. I presume this was correct. :)

Running processes:
C:\Windows\system32\taskhost.exe
Hosts DLL processes instead of those that run via exes.

C:\Windows\System32\rundll32.exe
Runs dlls as applications (basically). Not to be deleted.

C:\Windows\system32\taskeng.exe
Task scheduler engine – triggers events based on criteria (log on, startup, etc)

C:\Windows\system32\Dwm.exe
Desktop Window Manager. Controls display and the (beloved) Aero effects in Vista and Win 7.

C:\Windows\Explorer.EXE
The Windows GUI for exploring files and folders.

C:\Program Files\XeroBank\App\bin\xbvpn-gui.exe
The GUI for my VPN.

C:\Program Files\Secunia\PSI\psi.exe
Secunia is a program that scans your computer for vulnerabilities and out of date/unpatched software.

C:\Program Files\XeroBank\App\bin\openvpn.exe
Again, related to my VPN.

C:\Windows\system32\conhost.exe
Fixes the issues Vista had with console windows and drag and drop.

C:\Windows\System32\igfxtray.exe
Related to the Intel Graphics drivers.

C:\Windows\system32\igfxsrvc.exe
Another intel graphics program

C:\Windows\System32\hkcmd.exe
Config and diagnostics for Intel components

C:\Windows\System32\igfxpers.exe
Provides additional options for Nvidia graphics cards

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
Part of the LogMeIn utility

C:\Program Files\LogMeIn\x86\LMIGuardian.exe
Gathers information on LogMeIn should it crash or suffer performance issues

C:\Program Files\Immunet Protect\1.0.18\iptray.exe
Immunet Protect (cloud based anti-virus)


C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
Adobe Acrobat speed launcher

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
Shortcut to Adobe Acrobat configuration options in the system tray

C:\Program Files\ESET\ESET Smart Security\egui.exe
ESET Smart Security

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Config options for the synaptics touchpad

C:\Program Files\iTunes\iTunesHelper.exe
Monitors itunes and looks for connected ipods (not that I would ever buy an ipod!)

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
To do with Nokia PC suite, don’t know exactly what it does.

C:\Users\Chris\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe
Windows Live Mesh service

C:\Program Files\Windows Sidebar\sidebar.exe
Windows sidebar gadgets

C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Windows Live Messenger

C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
Nokia Ovi suite (the result of a new phone on Friday)

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Nokia PC Suite

C:\Users\Chris\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe
Another Live Mesh related application

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Belongs to Synaptics Pointing Device Driver

C:\IDrive\IDriveETray.exe
IDrive Tray application

C:\IDrive\IDriveEBackground.exe
IDrive backup applicatin

C:\Windows\system32\SearchProtocolHost.exe
I presume this is related to Windows searches/indexing – could someone confirm?

C:\Windows\system32\SearchFilterHost.exe
Same with the above

C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
Another PC Suite related application

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
The application that provided this log.
chrisglew
Active Member
 
Posts: 3
Joined: August 24th, 2009, 9:47 am
Advertisement
Register to Remove

Re: 00a - chrisglew

Unread postby chryssi2001 » November 17th, 2009, 8:12 am

Hello chrisglew,

Welcome to your first p/l. :)

Room 01 has a lot of topics, which you should read.
But read here where you can find information for this p/l and some future ones.

Please repost this p/l after you did the search from the proper sites.

I want the name of each process and what it does, as explained in 00a p/l example.

If any process doesn't excist in the links from the topic i gave you, google to find more information. Google will be your best friend from now and on. ;)

Is this a vista pc?

Is ESET your Antivirus?
User avatar
chryssi2001
MRU Teacher Emeritus
 
Posts: 14395
Joined: September 24th, 2006, 2:11 am
Location: far away

Re: 00a - chrisglew

Unread postby chryssi2001 » November 19th, 2009, 1:51 pm

Hello chrisglew,

Is everything ok?

Just to remind you our rules.

See Inactivity part. This p/l will close for Inactivity in 72 hours from my previous post, if no reply from you untill then.
User avatar
chryssi2001
MRU Teacher Emeritus
 
Posts: 14395
Joined: September 24th, 2006, 2:11 am
Location: far away

Re: 00a - chrisglew

Unread postby chrisglew » November 19th, 2009, 4:54 pm

Yup, it's fine - I'm just re-doing the task (want to make sure I do it correctly this time!). :)
chrisglew
Active Member
 
Posts: 3
Joined: August 24th, 2009, 9:47 am

Re: 00a - chrisglew

Unread postby chryssi2001 » November 20th, 2009, 5:39 am

Ok, thanks for answering. :)
User avatar
chryssi2001
MRU Teacher Emeritus
 
Posts: 14395
Joined: September 24th, 2006, 2:11 am
Location: far away
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 21 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware