 |
Windows 7: ntoskrnl.exe showing up in task manager,malware?
|
08 Dec 2012
|
#1 | |
Microsoft Windows 7 Ultimate 64-bit Service Pack 1 Thessaloniki |
ntoskrnl.exe showing up in task manager,malware?
I noticed a couple of days ago,a process "SYSTEM PID 4 ntoskrnl.exe",located in windows,C,system32.A bit of searching indicates that this particular process,should never show up in TM.As a precaution,could you help me out?Malware or not,should it be there in plain sight,or not?
| My System Specs |
| Computer type PC/Desktop
System Manufacturer/Model Number Homebuilt,Quadcore processor on Asus MB
OS Microsoft Windows 7 Ultimate 64-bit Service Pack 1
CPU Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Motherboard ASUS P5B-Deluxe Wi-Fi Edition
Memory 4x1024 GB DDR2 Corsair PC2-6400 800 Mhz
Graphics Card Gigabyte GTX 650 1024MB GDDR5
Sound Card Realtek ALC883 @ Intel 82801HB ICH8 - High Def
Monitor(s) Displays Asus VW195 [19" LCD]
Screen Resolution 1440x860 pixels
Keyboard MS Generic
Mouse MS Optical 6000
PSU Hantol 585W Dual fan
Case Chieftec Dragon modded side window
Cooling Thermaltake Contac 21
Hard Drives Hitachi HD ATA Device 80 GB
WDC WD IDE Device 80 GB
Maxtor ATA Device 80 GB
WDC WD ATA Device 80GB
Hitachi ATA Device 160GB
Internet Speed never enough
Antivirus ESET Smart Security 5.0.93.0
|
08 Dec 2012
|
#2 | |
Windows 7 Home Premium 32 bit In a house with a cat trying to kill me |
Quote: ntoskrnl.exe is a critical process in the boot-up cycle of your computer although should never appear in WinTasks whilst under normal circumstances
Note: ntoskrnl.exe can be altered by the w32.bolzano and variants. If this process appears in WinTasks, please update your virus definitions immediately. Quote: Note that ntkrnlpa.exe is not malware, provided that it is found in %SystemRoot%\System32. The following malware is known to disguise itself as ntoskrnl.exe: - W32/Rbot-FB (%SystemRoot%\System32)
- This is a backdoor Trojan that can spread over network shares. It allows a remote attacker to take full control over an infected system.
- You should never see ntoskrnl.exe running in the Task Manager. The presence of an instance of it in the task manager is a strong indicator of a malware infection.
Might be a good idea to run a full scan with Malwarebytes or Windows Defender Offline | | My System Specs | | System Manufacturer/Model Number Dell Hell oh Well
OS Windows 7 Home Premium 32 bit
CPU Intel Core 2 Duo 2.93GHz
Memory Not much with my ADHD
Graphics Card ATI Radeon HD 4350
Monitor(s) Displays I have one...It's bright. A 19 inch CRT actually.
Keyboard It's 10 years old and amazingly still works
Mouse Same deal with the mouse, 10 yrs old, if it ain't broke...
Case Don't get on my case...man :D
Cooling I have an Air Conditioner & Diet Pepsi
Hard Drives 250 GB Main Drive, 2 - 1 TB Externals, various FD's.
|
08 Dec 2012
|
#3 | |
Microsoft Windows 7 Ultimate 64-bit Service Pack 1 Thessaloniki |
It is due to this kind of articles,that worried me about this process.Did a full scan with M,while in safe mode,no results found.Should i keep on with the defender?I must say,the process showed itself in safe mode too,does that comfort me or is it the other way around? | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Homebuilt,Quadcore processor on Asus MB
OS Microsoft Windows 7 Ultimate 64-bit Service Pack 1
CPU Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Motherboard ASUS P5B-Deluxe Wi-Fi Edition
Memory 4x1024 GB DDR2 Corsair PC2-6400 800 Mhz
Graphics Card Gigabyte GTX 650 1024MB GDDR5
Sound Card Realtek ALC883 @ Intel 82801HB ICH8 - High Def
Monitor(s) Displays Asus VW195 [19" LCD]
Screen Resolution 1440x860 pixels
Keyboard MS Generic
Mouse MS Optical 6000
PSU Hantol 585W Dual fan
Case Chieftec Dragon modded side window
Cooling Thermaltake Contac 21
Hard Drives Hitachi HD ATA Device 80 GB
WDC WD IDE Device 80 GB
Maxtor ATA Device 80 GB
WDC WD ATA Device 80GB
Hitachi ATA Device 160GB
Internet Speed never enough
Antivirus ESET Smart Security 5.0.93.0
|
08 Dec 2012
|
#4 | |
Windows 7 Ultimate 32bit SP1 |
| | My System Specs | | System Manufacturer/Model Number Bruce ... somewhere in his 40's
OS Windows 7 Ultimate 32bit SP1
CPU Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard INTEL/D975XBX2
Memory 4 GB
Graphics Card ATI Radeon HD 2600 Pro
Monitor(s) Displays Samsung SyncMaster 914v
Screen Resolution 1280 x 1024
Keyboard Standard PS/2 Keyboard
Mouse Microsoft PS/2 Mouse
PSU Rocketfish 700 W
Case G.Skill Gigabyte Chassis
Hard Drives 2/500GB each ... ST3500630AS ATA Device.
One is not connected
Internet Speed DSL
Antivirus Avira Internet Security
Browser IE 9
Other Info ATI HDMI Audio
|
08 Dec 2012
|
#5 | |
Microsoft Windows 7 Ultimate 64-bit Service Pack 1 Thessaloniki |
Interesting approach,had already the process under surveillance via process explorer.The point is,i do not have any CPU spikes,nor a specified version or command line of this process.PE shows that it handles interrupts and smss.exe,two legitimate processes,i think its clean,unless advised otherwise. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Homebuilt,Quadcore processor on Asus MB
OS Microsoft Windows 7 Ultimate 64-bit Service Pack 1
CPU Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Motherboard ASUS P5B-Deluxe Wi-Fi Edition
Memory 4x1024 GB DDR2 Corsair PC2-6400 800 Mhz
Graphics Card Gigabyte GTX 650 1024MB GDDR5
Sound Card Realtek ALC883 @ Intel 82801HB ICH8 - High Def
Monitor(s) Displays Asus VW195 [19" LCD]
Screen Resolution 1440x860 pixels
Keyboard MS Generic
Mouse MS Optical 6000
PSU Hantol 585W Dual fan
Case Chieftec Dragon modded side window
Cooling Thermaltake Contac 21
Hard Drives Hitachi HD ATA Device 80 GB
WDC WD IDE Device 80 GB
Maxtor ATA Device 80 GB
WDC WD ATA Device 80GB
Hitachi ATA Device 160GB
Internet Speed never enough
Antivirus ESET Smart Security 5.0.93.0
|
09 Dec 2012
|
#6 | |
Microsoft Windows 7 Ultimate 64-bit Service Pack 1 Thessaloniki |
Windows defender scan came up with no results,i am giving it a rest,if MBAM and WDO,couldnt find any culprits,all should be fine.Thanks everybody for the support,marking as solved. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Homebuilt,Quadcore processor on Asus MB
OS Microsoft Windows 7 Ultimate 64-bit Service Pack 1
CPU Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Motherboard ASUS P5B-Deluxe Wi-Fi Edition
Memory 4x1024 GB DDR2 Corsair PC2-6400 800 Mhz
Graphics Card Gigabyte GTX 650 1024MB GDDR5
Sound Card Realtek ALC883 @ Intel 82801HB ICH8 - High Def
Monitor(s) Displays Asus VW195 [19" LCD]
Screen Resolution 1440x860 pixels
Keyboard MS Generic
Mouse MS Optical 6000
PSU Hantol 585W Dual fan
Case Chieftec Dragon modded side window
Cooling Thermaltake Contac 21
Hard Drives Hitachi HD ATA Device 80 GB
WDC WD IDE Device 80 GB
Maxtor ATA Device 80 GB
WDC WD ATA Device 80GB
Hitachi ATA Device 160GB
Internet Speed never enough
Antivirus ESET Smart Security 5.0.93.0
ntoskrnl.exe showing up in task manager,malware? problems? All times are GMT -5. The time now is 07:42 AM. |  |
