Excess task manager processes

So, I’ve come across this strange problem that’s started occurring on my laptop. I’ve been noticing that there are alot of processes in task manager, all duplicates.

I’ve run scans on my computer, it would appear to be clean of any viruses. And the duplicate processes have very little, if any detrimental effect on performance, or my ability to do things. THey’re tiny on the memory side of things. But, there’s no doubt that they shouldn’t be there;

Any ideas people? Help is much appretiated
.

That is most likely some sort of virus…

(These steps work for XP, not sure if it’s the same on Vista (or is that Win7?))
Run msconfig and check for anything suspicious at startup. You can clean anything you don’t want to start on boot there.
Also look in the start menu, there’s a ‘Startup’ menu in there. Any shortcuts placed there will be executed on startup, so some bad stuff can be hidden there too.

It really does look like someone or something is trying to hack the hell out of you… Got a firewall?

Command line host could mean someone is executing stuff through a terminal, perhaps remotely.
The net thingy one could be spam commands sent out via these terminal windows. Your machine could be used for DDOS attacks on some servers.

This is just what I think, I never actually seen such things, but with what I know, that’s probably what it would look like.

You could check ‘Show processes from all users’ to see if there’s something fishy going on as well. Make sure your account(s ) are protected by a password… though Vista/Win7 should have some basic features to block incoming connections like that… It could be something else too

Thanks man, I’ll try that all now Then be a fag and double post with the results :3
.

Sorry for the double post…So I found all of the processes embedded in my startup files :X

The ‘project1’ process that is still ticked, it because it keeps re-enabling itself D: . How would I remove the stopped services that are part of the virus? or can anyone suggest a decent free antivirus? I was considering Kasperspy. As for current protection, there’s the standard windows firewall, I use spybot as well. When it comes to security, I try to be sensible when I surf. Idiots saying “ololol get antivirus dick” can get off now, thank you.
.

Heh… that’s baaaad…

before deleting them, take note of their path, and go raid the files there, delete everything suspicious. Sometimes there will be other files around them that are related, yet don’t appear in the startup list directly.
Then you can search them in the registry to erase all traces… unchecking them from the msconfig will stop them from starting, but if you want to clean them out of that list, you have to mess in the registry.
Anything related to FEFC3.exe in the registry will be safe to delete.
Make a backup of it before anyway, just in case… there isn’t a recycle bin in the registry

Also… Project1 … that looks like a VB project… it’s definitely a script kiddy virus

If you want to trace where it came from, you can check the creation/modification dates, and check your browser history, for example.

I always use Autoruns and Process Explorer (from microsoft website), but so far I only had problems like this with XP.

Congratulations on finding spyware compatible with windows 7.

Yeah… watch out with the autoruns… Sometimes you’ll see 2 ‘open’ items when you insert a USB flash drive, for example. This means one is a fake and will start a virus exe on the drive. We had a plague in our university a while ago because of a virus like that. It was easier to notice, however, since our computers are in French. So the autorun showed ‘Ouvrir’ and ‘Open’ . The virus then installed itself on the machine and replicated itself on whatever other drive was inserted.

I know that, but Autoruns is a program that gives you total control of what programs can run when you start your computer. Google it, it’s on the microsoft website.

oh lol… your post makes more sense then

I thought Vista (and probably Windows 7) would at least give you warnings when something is added to the startup list… It would be the most obvious security feature to add, and would certainly reduce spyware spreading

You still don’t get it? Microsoft wants spyware to be written, not right away, but when an OS becomes older, like XP, there’s still nothing wrong with it, but the spyware makes it as slow as a dying computer, that’s how they get normal people (who don’t even play PC games) to buy a brand new core i7 with 8GB ddr3 running windows 7 home premium (most of the time, already preloaded with spyware).

Well, I’ve restarted and all of the project1 processes are gone from my startup folder and the startup list. In task manager, I only get the usual batch of processes. The number/letter ones still remain in the startup programs list, but aren’t running atm.

I’ve run registry cleaning in cCleaner and a sweep with spybot. Y’know, just to make sure. Then I’m going to go through the registry, I’ve created a backup in preperation. Wish me luck!
.

OK, another double poster. But theres a reason behind these, don’t kill me. Bumping the problem, we’re onna roll.

Safe to delete all of these? Or just .exes, I do see they all have that same unwanted filepath thought…I have to say, I’ve only had passing encounters with the registry, sorry if I seem a tad green
.

Just delete the one that match the spyware; doing so will (I think) remove them completely from the startup programs list.
I’m surprised cCleaner didn’t clean them up since they link to deleted exes… (You did delete the exe’s, right?)

yeah, I did. cCleaner only found 2 unrelated registry issues
.

Yet again…sorry for the double post. But It’s for a good cause, I see no traces of the virus on my system at all.

I did like Samapico said, and went through systematically searching for each of the number/letter .exe files that were added to my startup folder, and deleting their registry traces. Rebooted, no extra lines in the task manager and none in the startup either. It would appear that all traces are gone.

Thanks very much to Samapico[/SIZE], you were a great help bro! I owe you
.

glad to help

edit: approaching 500 posts, wee