Kalyan
Journeyman
Hi all..
Recently, my pc has been behaving strange. When windows starts, some 5-6 IE windows are opening displaying random ads. I installed Spybot, scanned. it detected some malwares but they were all cleared. I have Nod32 in my pc, updated. I also think there is some screen recorder installed. yesterday, when I was accessing mail through Yahoo messenger, the browser showed a message that it cannot login with 'screen readers'. ???
When I alt+tab, in addition to the programs I run, there is an icon with a white screen with the blue window border. When I highlight it, there is no description showing below. How can I know what it is? even if I close all windows and keep only notepad, it is showing up.
I opened the task manager and checked for the programs running. When googled, all the process names were showing to be risk free.
Is my pc infected? Nod32/ spybot dont show any threats. How can I know if my pc is infected with some spyware? please help..
I am posting my currently running processes with services below:
Image Name PID Services
========================= ========
System Idle Process 0 N/A
System 4 N/A
smss.exe 360 N/A
csrss.exe 408 N/A
winlogon.exe 432 N/A
services.exe 480 Eventlog, PlugPlay
lsass.exe 492 NtLmSsp, PolicyAgent, ProtectedStorage,
SamSs
svchost.exe 652 DcomLaunch
svchost.exe 736 RpcSs
svchost.exe 792 AeLookupSvc, AudioSrv, BITS, Browser,
CryptSvc, dmserver, EventSystem, helpsvc,
lanmanserver, lanmanworkstation, Netman,
Nla, RasMan, Schedule, seclogon, SENS,
SharedAccess, ShellHWDetection, Themes,
TrkWks, winmgmt, wuauserv, WZCSVC
svchost.exe 836 Dhcp, Dnscache
svchost.exe 880 LmHosts, W32Time
spoolsv.exe 1008 Spooler
msdtc.exe 1032 MSDTC
mDNSResponder.exe 1192 Bonjour Service
svchost.exe 1244 ERSvc
svchost.exe 1276 Messager
sqlservr.exe 1380 MSSQLSERVER
mysqld-nt.exe 1392 MySql
nod32krn.exe 1444 NOD32krn
nvsvc32.exe 1484 NVSvc
svchost.exe 1556 RemoteRegistry
SSService.exe 1692 SSService
svchost.exe 848 TermService
alg.exe 1452 ALG
svchost.exe 1952 TapiSrv
wmiprvse.exe 2644 N/A
explorer.exe 3388 N/A
RTHDCPL.EXE 3532 N/A
nod32kui.exe 3576 N/A
rundll32.exe 3596 N/A
ctfmon.exe 3620 N/A
TeaTimer.exe 3624 N/A
sqlmangr.exe 3704 N/A
Ymsgr_tray.exe 4016 N/A
ssexp.exe 980 N/A
Opera.exe 2856 N/A
Dreamweaver.exe 3036 N/A
FNPLicensingService.exe 3808 FLEXnet Licensing Service
editplus.exe 2744 N/A
eclipse.exe 1324 N/A
javaw.exe 3180 N/A
iexplore.exe 2776 N/A
cmd.exe 2896 N/A
tasklist.exe 3432 N/A
wmiprvse.exe 3936 N/A
============================================
Do you find something fishy in this list? or is there any way to find that process?
Suggest some way to know what is happening?
Recently, my pc has been behaving strange. When windows starts, some 5-6 IE windows are opening displaying random ads. I installed Spybot, scanned. it detected some malwares but they were all cleared. I have Nod32 in my pc, updated. I also think there is some screen recorder installed. yesterday, when I was accessing mail through Yahoo messenger, the browser showed a message that it cannot login with 'screen readers'. ???
When I alt+tab, in addition to the programs I run, there is an icon with a white screen with the blue window border. When I highlight it, there is no description showing below. How can I know what it is? even if I close all windows and keep only notepad, it is showing up.
I opened the task manager and checked for the programs running. When googled, all the process names were showing to be risk free.
Is my pc infected? Nod32/ spybot dont show any threats. How can I know if my pc is infected with some spyware? please help..
I am posting my currently running processes with services below:
Image Name PID Services
========================= ========
System Idle Process 0 N/A
System 4 N/A
smss.exe 360 N/A
csrss.exe 408 N/A
winlogon.exe 432 N/A
services.exe 480 Eventlog, PlugPlay
lsass.exe 492 NtLmSsp, PolicyAgent, ProtectedStorage,
SamSs
svchost.exe 652 DcomLaunch
svchost.exe 736 RpcSs
svchost.exe 792 AeLookupSvc, AudioSrv, BITS, Browser,
CryptSvc, dmserver, EventSystem, helpsvc,
lanmanserver, lanmanworkstation, Netman,
Nla, RasMan, Schedule, seclogon, SENS,
SharedAccess, ShellHWDetection, Themes,
TrkWks, winmgmt, wuauserv, WZCSVC
svchost.exe 836 Dhcp, Dnscache
svchost.exe 880 LmHosts, W32Time
spoolsv.exe 1008 Spooler
msdtc.exe 1032 MSDTC
mDNSResponder.exe 1192 Bonjour Service
svchost.exe 1244 ERSvc
svchost.exe 1276 Messager
sqlservr.exe 1380 MSSQLSERVER
mysqld-nt.exe 1392 MySql
nod32krn.exe 1444 NOD32krn
nvsvc32.exe 1484 NVSvc
svchost.exe 1556 RemoteRegistry
SSService.exe 1692 SSService
svchost.exe 848 TermService
alg.exe 1452 ALG
svchost.exe 1952 TapiSrv
wmiprvse.exe 2644 N/A
explorer.exe 3388 N/A
RTHDCPL.EXE 3532 N/A
nod32kui.exe 3576 N/A
rundll32.exe 3596 N/A
ctfmon.exe 3620 N/A
TeaTimer.exe 3624 N/A
sqlmangr.exe 3704 N/A
Ymsgr_tray.exe 4016 N/A
ssexp.exe 980 N/A
Opera.exe 2856 N/A
Dreamweaver.exe 3036 N/A
FNPLicensingService.exe 3808 FLEXnet Licensing Service
editplus.exe 2744 N/A
eclipse.exe 1324 N/A
javaw.exe 3180 N/A
iexplore.exe 2776 N/A
cmd.exe 2896 N/A
tasklist.exe 3432 N/A
wmiprvse.exe 3936 N/A
============================================
Do you find something fishy in this list? or is there any way to find that process?
Suggest some way to know what is happening?
is only 999/- @ rediffshopping......u can get cheaper in ur local PC shop.
