Question about Computers & Internet

2 Answers

Pls advise if the following processes running in my Task Manager are viruses or genuine system processes - ccSvcHst.exe; lsass.exe; explorer.exe, winlogon.exe; svchost.exe; wuauclt.exe; jqs.exe; jusched.exe. How to differentiate between viruses and genuine processes with similar names.

Posted by on

2 Answers

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

    Vice President:

    An expert whose answer got voted for 100 times.

  • Master
  • 374 Answers

The executable files in task manager are system processes. They will be different depending on your PC configuration and the services that are active. Processes listed in Task Manager, Services that are enabled in services (see administrative tools) and executable files (files with extension names of .exe, .com, .bat etc.) listed in windows explorer cannot be used to determine whether or not they associated with (or have been infected with) a virus.

There are thousands of file names, many valid files are not Microsoft system files - they are installed on your hard drive by equipment manufacturers and software applications programs.You will seldom (if ever) be able to identify a virus by its name - most of the authors of virus infected files will add the hidden attribute to any files they put on your PC so they will not show up in directory listings.

It's the job or Anti-Virus and Anti-Malware programs to examine all these files looking for "signatures" of known virus patterns and bring them to your attention. A good free Anti-Virus program can be downloaded at http://www.avira.com (or you can use Microsoft Security Essentials which is free for users of Windows XP and above). A good free Anti-Malware program can be found at http://www.techspot.com/downloads scroll down to the seach box and search for Malwarebytes. Then just below the Google ads, click on Malwarebytes Anti-Malware 1.50.1 Download-TechSpot.

If you have any additional questions contact me by clicking on the "Add a comment" link located under your problem description on FixYa. Also, if you believe that this information was helpful to you, please rate my solution using FixYa's "Solution Helpful" rating scale.
Best regards,
Yavacotech

Posted on Mar 21, 2011

  • Level 2:

    An expert who has achieved level 2 by getting 100 points

    MVP:

    An expert that got 5 achievements.

    Vice President:

    An expert whose answer got voted for 100 times.

    Sergeant:

    An expert that has over 500 points.

  • Expert
  • 187 Answers

CcSvcHst.exe - works to display the GUI (Graphical User Interface) of Norton products, which usually include the Norton Security Suites.
lsass.exe - Disable and remove lsass.exe Immediately. This process is most likely a virus or trojan.

Other processes are required for essential applications to work properly.

You can visit this liutilities.com and search for the process your not familiar with.


Please rate this if you find this helpful.

Thanks,

Posted on Mar 21, 2011

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

I have lost ALL of my taskbars!! How do I get them back?


A program called explorer.exe controls the display of your taskbar and desktop icons. If for some reason it goes missing (you may have killed it using Task Manager, for example, or something more sinister like a virus has deleted it from your processes), then try this first:
  1. Open Task Manager (press Ctrl+Alt+Del, then click Task Manager).
  2. On the Applications tab, click New Task at the bottom right of the window.
  3. Type explorer.exe, then click OK.
If nothing sinister caused it to disappear, it should all come back as it was and you can stop panicking, breathe a sigh of relief, and continue working.
If that doesn't work, then try this:
  1. Open Task Manager (press Ctrl+Alt+Del, then click Task Manager).
  2. Go to the Processes tab.
  3. Click on the Image Name column header to sort the list alphabetically.
  4. Find all explorer.exe processes - select each, then click End Process for each one.
  5. On the Applications tab, click New Task at the bottom right of the window.
  6. Type explorer.exe, then click OK.
Are you using snagit, try to uninstall it and then check if you still get the errors. If you donot use snagit then there would be another error.

If you cant access control panel use the "Windows Key+R" on the keyboard which opens the run dialog and type in 'sysdm.cpl' which opens the control panel.
You could also try to restore you windows using System Restore and select a date of the backup when the computer was working well.

Make sure you do a complete virus scan with a good antivirus with updated virus definitions as it could be a virus too.

Jan 21, 2011 | Computers & Internet

2 Answers

My desktop keeps disappearing


Hi!

Remove unnecessary programs installed on your computer. This will help you save space and then more room for special processes for system performance.

Next, I advise you to run a full computer scan. This will help eliminate viruses or spywares on your PC and I think which is also the culprit to your Desktop suddenly dissapearing. Viruses are nasty and they will do everything to bug your computer down.

Sep 10, 2009 | Computers & Internet

1 Answer

Funny UST scandal!!!


How to remove the virus:
first download taskiller in here or here and install it to your computer because you can’t use task manager to terminate the virus(the virus automatically close task manager).

run taskiller and left click it on the system tray(the one with a skull icon)
click processes
to close the virus, select process and click yes to the question

(process to close)

  1. killer.exe
  2. lsass.exe
  3. smss.exe
note: close only file that have the same icon of Funny UST Scandal.avi.exe
CMD STEPS
  1. now, click “start” then “run”
  2. type “cmd” without quotes
  3. type “cd\” without quotes
  4. type “attrib -h -s smss.exe” without quotes
  5. type “attrib -h -s autorun.inf” without quotes
  6. type “start c:” without quotes (a new window will open)
  7. select smss.exe, autorun.inf, Funny UST Scandal.avi.exe and delete it
If theres any drive or a partition type “d:” in command prompt without quotes “d” is the drive letter then repeat the CMD STEPS number 4-7 above…….
  • now type this on the command prompt “cd windows” without quotes.
  • type “attrib -h -s smss.exe” (without quotes)
  • type “start c:\windows” (without quotes)
  • delete the file smss.exe
  • now, goto c:\documents and settings\all users\startmenu\programs\startup
  • delete lsass.exe
click “start” then “run”
type “regedit” without quotes then delete the registry entries above….

“VIRUS REMOVE”
Or just simply download this UST VIRUS REMOVER (not tested)

Mar 20, 2009 | Microsoft Windows XP Professional With...

1 Answer

Windows Freezing


Boot the system in safe mode
1.) restart the system
2.) pump the F8 Key until a screen comes up with different options
3.) select safe mode,

Try right clicking there and see what happens,, I,m guessing here this is a result of damages done by a previoulsy removed virus (GUESSING) it is possible that the same one could have been shard by all 3,,

I'd advise you'd uninstall norton and use the new avg free
www.free.grisoft.com
Let me know what hgappens and we can tgake this a bit further

Jul 14, 2008 | Microsoft Windows XP Home Edition

2 Answers

Task manager disabled by the administrator


Hi,

To regain access to your Task Manager and Folder Options, the quickest remedy for the moment would be to download and run RRT.exe. It is "Remove Restriction Tool" and available here.

For Anti-Virus, you can try AntiVir by Avira available here. Additionally, you may want to download and install Lavasoft's Ad-Aware here. Upon download, install and update. Thereafter run a full scan. Pls follow on screen instructions.

Hope this be of initial help/idea. Pls post back how things turned up or should you need additional information.

Good luck and kind regards.

Thank you for using FixYa.

Apr 27, 2008 | Microsoft Windows XP Professional

7 Answers

Task manager


Hi,

If you are certain that you are logged on as administrator or has administrator privileges, then a virus is preventing your opening of the Task Manager. Additionally, the same virus is likewise preventing access to the Folder Option and the MSCONFIG function.

Of course the correct solution would be to run a full deep virus scan and delete detected ones. You can also try running RRT.exe to force access to the above functions.

Hope this be of initial help/idea. Pls post back how things turned up or should you need additional information.

Good luck and kind regards.

Thank you for using FixYa.

Mar 29, 2008 | Microsoft Windows XP Professional

6 Answers

Funny UST scandal virus


first download taskiller in http://www.rsdsoft.com/task_killer/index.php4
and install it to
your computer because you cant use taskmanager to terminate the virus(the
virus automatically close taskmanager).

-run taskiller and left click it on the system tray(the one with a skull icon)

-click processes

-to close the virus, select process and click yes to the question

(process to close)
1.killer.exe
2.lsass.exe
3.smss.exe

note: close only file that have the same icon of Funny UST Scandal.avi.exe


CMD STEPS
1-now, click "start" then "run"
2-type "cmd" without quotes
3-type "cd\" without quotes
4-type "attrib -h -s smss.exe" without quotes
5-type "attrib -h -s autorun.inf" without quotes
6-type "start c:" without quotes(a new window will open)
7-select smss.exe,autorun.inf,Funny UST Scandal.avi.exe and delete it

-if theres any drive or a partition type "d:" in command prompt without quotes
"d" is the drive letter then repeat the CMD STEPS number 4-7 above.......

-now type this on the command prompt "cd windows" without quotes(na naman!)
-type "attrib -h -s smss.exe" without quotes(uli)
-type "start c:\windows" without quotes(hay naku!)
-delete the file smss.exe
-now, goto c:\documents and settings\all users\startmenu\programs\startup
-delete lsass.exe

-click "start" then "run"
-type "regedit" without quotes then delete the registry entries above....

Note:
If you have problems opening drives in My Computer open regedit find
"\smss.exe" then erase values like: "c:\smss.exe", "d:\smss.exe" etc..


Hope this helps

Jan 16, 2008 | Computer Associates eTrust PestPatrol...

9 Answers

D:\ application can not run in Win32 mode


To correct and solve this error, follow this steps:

1. Run Task Manager (Ctrl-Alt-Del or right click on Taskbar)
2. Stop wscript.exe process if available by highlighting the process name and clicking End Process.
3. Then terminate explorer.exe process.
4. In Task Manager, click on File -> New Task (Run…).
5. Type “cmd” (without quotes) into the Open text box and click OK.
6. Type the following command one by one followed by hitting Enter key:

del c:\autorun.* /f /s /q /a
del d:\autorun.* /f /s /q /a
del e:\autorun.* /f /s /q /a

c, d, e each represents drive letters on Windows system. If there are more drives or partitions available, continue to command by altering to other drive letter. Note that you must also clean the autorun files from USB flash drive or portable hard disk as the external drive may also be infected.
7. In Task Manager, click on File -> New Task (Run…).
8. Type “regedit” (without quotes) into the Open text box and click OK.
9. Navigate to the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
10. Check if the value name and value data for the key is correct (the value data of userint.exe include the path which may be different than C drive, which is also valid, note also the comma which is also needed):

“Userinit”=”C:\WINDOWS\system32\userinit.exe,”

If the value is incorrent, modify it to the valid value data.

Dec 15, 2007 | Microsoft Windows XP Professional for PC

16 Answers

Funny UST scandal virus


Hello ppl,


Simply install PCTOOLS ANTI-VIRUS to Scan , Remove and then filter your internet for such threats... It's FREE... includes free updates too....



Easy.. XD

Nov 20, 2007 | Microsoft Windows XP Professional With...

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

274 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...