Click here to get back home

How to find virus/worm/trojan on network client
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.security.virus    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
How to find virus/worm/trojan on network client antistatic 09-21-2005
Posted by antistatic on September 21, 2005, 8:29 pm
Please log in for more thread options
| Hi David, After reading your answer to this post i went to Task Manger
| and found five (5) svchost.exe services running - 3 Network Services ,
| and 2 System. Now after seeing your answer and checking
| Process Library and finding out this svchost.exe could be used by a
| Trojan, How can i find out the path's of these services in Task Manger
| like in your example? Thanks Ron (Defender)
|

It is common to have multiple SVCHOST.EXE processes running. Each load
specifcommunication
capabilities of the OS.

Like I said, it is not the name of the file that is important, it is the Fully
Qualified
Name and Path to that file.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Posted by David H. Lipman on September 22, 2005, 8:00 am
Please log in for more thread options
| Hi David, After reading your answer to this post i went to Task Manger
| and found five (5) svchost.exe services running - 3 Network Services ,
| and 2 System. Now after seeing your answer and checking
| Process Library and finding out this svchost.exe could be used by a
| Trojan, How can i find out the path's of these services in Task Manger
| like in your example? Thanks Ron (Defender)
|

It is common to have multiple SVCHOST.EXE processes running. Each load
specifcommunication
capabilities of the OS.

Like I said, it is not the name of the file that is important, it is the Fully
Qualified
Name and Path to that file.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Similar ThreadsPosted
NAV CE 10.0 Unmanaged Client Problem June 5, 2006, 11:16 am
Multiple epmap TCP connections established with one XP client June 10, 2005, 6:45 am
Symantec Client Security and Symantec Anti Virus Elevation of Privilege June 13, 2006, 5:25 pm
Can You Find Out Who I am? October 31, 2005, 4:27 pm
Cannot find IRN.exe March 22, 2007, 9:22 am
pc infected but cannot find the virus February 5, 2006, 11:35 am
What does "cannot find script file "H:\Bha.dll.vbs"" mean? March 31, 2007, 2:25 pm
hijacking broswer maybe-can not find server June 6, 2005, 5:26 pm
cannot find anything about this virus and how to delete it (SPR/YFlood.A.3) March 11, 2008, 4:58 pm
How to find detected "hijacker" source March 20, 2008, 12:15 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap