Subscribe to How-To Geek

Login / Signup

Welcome to the How-To Geek Forums

We encourage you to register on our forums and post any questions you might have. The How-To Geeks monitor this forum and will respond to your question quickly.

How-To Geek Forums » Windows Vista

unkilled processes

(6 posts)
  • Started 2 weeks ago by Mystiques
  • Latest reply from ispalten
  • Topic Viewed 102 times

Mystiques
Posts: 45

Hi! guys there are this process which is running on my system under svchost.exe, everytime i kill the process it keeps on coming back everytime i restart my machine i'll truely appreciate ur assistance

Posted 2 weeks ago #
Top
 
LH
LH
Posts: 7471

What is the name of the process ? Right click on the svchost, and click "Go to Sevice(s).

Posted 2 weeks ago #
Top
 
ispalten
Posts: 392

Go to the START, then RUN, and enter MSCONFIG. Should see it under the STARTUP tab. If not, then it is one of the SERVICES. Start SERVICES and DISABLE it from there.

A program like Process Explorer from SYSINTERNALS could help you kill it as well.

If you still can't determine how to stop it, what is the name? It might be one that re-starts and difficult to kill?

Irv S.

Posted 2 weeks ago #
Top
 
Mystiques
Posts: 45

The process was svchost.exe and the description was Ghostlogger,
It was a startup kind of program which is malicious and is used to monitor me when i startup my machine. I have seen where it is installed it is on my C:\windows\system\svchost.exe under registry hive of HKCU\software\microsoft\windows\currentversion\run

But inspite of being able to stop the process still i need to remove it entirely from my system particulary through the registry or using command line because im afraid to do something which might destroy is svchost application.

Kindly assist.

Posted 2 weeks ago #
Top
 
LH
LH
Posts: 7471

I should use this guide to remove it manually.
http://forums.spybot.info/showthread.php?t=39919

Posted 2 weeks ago #
Top
 
ispalten
Posts: 392

I found another link, , with slightly different info but requires more skill (unregister files) to accomplish the removal.

Irv S.

Edit by mod. That link gave a big hit to my system. And has a big Red Flag from Wot.

Posted 2 weeks ago #
Top
 

RSS feed for this topic

Reply

You must log in to post.

Our Friends
Getting Started


About How-To Geek
What Is That Process?
svchost.exe
jusched.exe
dwm.exe
ctfmon.exe
wmpnetwk.exe
mDNSResponder.exe 		wmpnscfg.exe
rundll32.exe
wfcrun32.exe
Ipoint.exe
Itype.exe 		Wfica32.exe
Mobsync.exe
conhost.exe
Dpupdchk.exe Adobe_Updater.exe

Copyright © 2006-2009 HowToGeek.com. All Rights Reserved.