1. Hey Guest Did you know you can win an Honor 10 phone worth ₹33,000 and an additional ₹70,000 in paytm vouchers, just by replying to some threads and taking part in the discussions happening in the Honor Hub?

    What are you waiting for? Start commenting and start winning! Remember to read the instructions posted here.

    Dismiss Notice

Details of Task Manager required???

Discussion in 'QnA (read only)' started by go4saket, Apr 8, 2006.

Thread Status:
Not open for further replies.
  1. go4saket

    go4saket 9437077259

    Joined:
    Sep 21, 2005
    Messages:
    1,264
    Likes Received:
    7
    Trophy Points:
    0
    Location:
    Sambalpur, Orissa
    Hello friends!

    I am posting the image of the task manager that shows all the running processes in my computer. Can anyone please tell me the details of the running tasks, i.e. which software does a particular process represent, which are the tasks that can be safely turned off and what is "svchost.exe" as this entry is shown multiple times and hogs most of the resources.

    For your convinence I am writing down the list of softwares that are running when I took this snapshot. Basicall no software was running except the ones that are on the taskbar. They are Kaspersky Antivirus, ZoneAlarm Firewall, Lawasoft Ad-Aware, Stardock ObjectDock Plus, Stardock WindowBlinds and Soundmax ControlPanel.

    Thank you.

    [​IMG]
     
  2. sakumar79

    sakumar79 Active Member

    Joined:
    Nov 28, 2004
    Messages:
    2,441
    Likes Received:
    9
    Trophy Points:
    38
    Location:
    Madurai
    svchost is the main Windows executable used to run services... Services are run as svchost.exe <Call to service dll> or something like that... You can use a free software called Daphne to give more info on each svchost call including parameters...

    SMax4, SMax4PNP and SMAgent are related to your SoundMax Audio card (usu. part of the motherboard)

    zlclient and vsmon are related to Zone Alarm

    hkcmd is related to Intel Graphics/Multimedia

    Ad-watch is related to Adaware

    StarWindService is related to Alcohol 120% (which is a Virtual CD drive emulator)

    ObjectDock and sdmcp are for ObjectDock program

    wbload is related to Windows Blind

    spoolsv is related to printer spooling, winlogon is related to windows login/switch user, services.exe is related to running services, smss is for handling sessions, alg is related to application layer gateway service, lsass is related to security policies, csrss is related to client-server runtime, mdm is related to machine debugging, wdfmgr is related to Windows Media Player - these are usually essential processes and not problematic...

    Note: smss.exe and csrss.exe are also processes which are registered as a number of trojans and mass mailing worms, and the PWSteal.Wowcraft.B Password stealer. These Trojans allow attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately.
    Also, winlogon.exe is also a process which is registered as Trojan.W32.Netsky and the Backdoor.w32.Prorat Trojans
    Also, mdm.exe is also a process which is registered as the Win32.Lydra.a information stealing Trojan


    avp is Added by the "Herman Agent" remote access TROJAN! The file is located in the system32 folder. This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry. It is to be removed asap...

    Hope this helps...
    Arun
     
  3. OP
    OP
    go4saket

    go4saket 9437077259

    Joined:
    Sep 21, 2005
    Messages:
    1,264
    Likes Received:
    7
    Trophy Points:
    0
    Location:
    Sambalpur, Orissa
    Thankyou so much sakumar79! Your post has really helped.

    By the way, you said "avp" is a torjan. I have an antivirus and a spyware, both installed. Then why the hell does thse software doesn't detect this.

    Anyways, how can I remove this manually. Do I need to go to the system32 folder and delete that file or will I have to do some registry editing also.
     
  4. sakumar79

    sakumar79 Active Member

    Joined:
    Nov 28, 2004
    Messages:
    2,441
    Likes Received:
    9
    Trophy Points:
    38
    Location:
    Madurai
    Hmm, on further review, it is mentioned that avp can also be a process created by another program called TlcR, but there is no info about this...

    Also, it is possible that trojans may not be detected by antivirus/antispyware software... Perhaps you can try ewido and see if it detects anything... Unfortunately, googling doesnt bring any solutions

    Arun
     
  5. Nemesis

    Nemesis New Member

    Joined:
    Jan 26, 2004
    Messages:
    1,634
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    New York
    If you are concerned about spyware/trojans/etc then run HijackThis and post the log that it generates.
     
  6. OP
    OP
    go4saket

    go4saket 9437077259

    Joined:
    Sep 21, 2005
    Messages:
    1,264
    Likes Received:
    7
    Trophy Points:
    0
    Location:
    Sambalpur, Orissa
    Log File Of HijackThis
     
  7. Kniwor

    Kniwor Learner

    Joined:
    Sep 14, 2005
    Messages:
    1,949
    Likes Received:
    6
    Trophy Points:
    0
    Location:
    Chicago
    avp.exe is ut kaspersky antivirus
     
Thread Status:
Not open for further replies.

Share This Page