General discussion
-
CreatorTopic
-
June 26, 2006 at 2:26 am #2194286
how do I know if these files are fake or real?
Lockedby persevering · about 15 years, 11 months ago
To name only a few:
csrss.exe
smss.exe
ati2evxx.exe
acrotray.exe
cidaemon.exeI’ve read some are to be capitalized, some have fake makeovers with the same “name”. Does anyone know how I tell if what I have is authentic?
Thanks.
Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
June 26, 2006 at 3:38 am #3164121
You can get a good idea from its properties
by deadly ernest · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
Use the search function to locate the file, place the curso on it, click the right hand mouse button, and select the ‘Properties’ option – this will open a window. then review the properties of each tab and compare them to similar files from the same organisations. Also check the file location as that will help as well.
As an example on my 64 bit system smss.exe is in the location C:\Windows\System32 – it properties show that it is version 5.2.3790.1830 by Microsoft
The company name and version are the most obvious give away – most of the faked stuff don’t have the Microsoft info in the ‘Version’ tab. Most, not all, companies put thier info in the properties, but MS do it for all theirs.
-
June 26, 2006 at 5:03 am #3164083
cidaemon
by bfilmfan · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
Cidaemon.exe is an indexing service which catalogues files on your computer to enable for faster file searches. Program courtesy of Microsoft.
-
June 26, 2006 at 6:17 am #3163981
www.processlibrary.com
by jamesrl · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
That website, which by the way is trying to sell you a tool, has a good library of process names and their function.
Whats handy about it, is that it tells you whether you can live without it, useful if you are trying to trim out some of the junk.
James
-
June 27, 2006 at 10:58 am #3112059
Thanks!
by synthetic · about 15 years, 11 months ago
In reply to www.processlibrary.com
Great site, I looked up 49 running process on my system to see how through the site is, and each of them dinged a response.
-
-
June 26, 2006 at 10:26 am #3112662
Another web site I use
by old guy · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
is http://www.answersthatwork.com/ . It has a good list of Task List programs with a good explanation.
-
June 27, 2006 at 11:00 am #3112058
Double thanks!
by synthetic · about 15 years, 11 months ago
In reply to Another web site I use
Another great site!
-
-
June 26, 2006 at 8:48 pm #3112409
The atie2evxx.exe file?
by sleepin’dawg · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
I suspect it could be associated with an ATI graphics card. Are these files that have been flagged by an antivirus scan or are they just mysterious files you are curious about? What antivirus program do you use? Do you have a firewall? You could try Googling them.
For a good antivirus program go to downloads.com and download AVG antivirus and run the full scan. Make sure you download the latest updates before you run the scan. This is a free program although they do offer AVG pro for about $30. Do not rely on Symatech’s Norton or McAfee for protection, they are next to or almost useless.
AVG updates are available on almost a daily basis and download quickly.
[b]Dawg[/b] ]:)
-
June 27, 2006 at 11:57 am #3112028
It is definately from the ATI drivers set
by jamesrl · about 15 years, 11 months ago
In reply to The atie2evxx.exe file?
I use an ATI card. I’ve actually tried alternative drivers that work better.
The challenge of course is there have been trojans/viruses with legitimate names. I once had a process that the processlibrary identified as a Norton Anti-Virus file. Given that I knew that I never installed Norton, I knew it was problematic. I deleted the related registry keys and the files.
I use AVG at home.
James
-
-
June 29, 2006 at 4:18 am #3113393
hmmmmm….fake or real?
by eneimi · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
ati2evxx is definitely a part of the ati graphics driver set. If however u got a nvidia card for eg, then there’s an issue!
csrss, smss, lsass, winlogon etc, are some windows sytem files, but are known to be targets of some ravenous worms like ‘rontkbrom.gen’. when modified, they appear normal in the windows task manager; but programs like procexp, tuneup, winxp manager, or any process explorer will give them away. the original versions of these files are located in the windows ‘system 32’ folder, but the modified forms can be located in any other folder, eg the windows ‘system’ folder, the ‘application data’ folder (a normally hidden folder) or any other location. Also watchout for the amount of cpu and memory usage; in the extreme of circumstances these files wont use more than 1-1.5mb of ram and little or no cpu. they are not necessarily capitalized or in small case, that will depend on your system configuration. if u disable acrotray.exe from running in the background, ur pdf documents will load a tad bit slower. -
June 29, 2006 at 2:13 pm #3113164
Files…..fake or real???
by rosebud6642@customerselects.com · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
Had the same problem and discovered a great web
site that’ll answer your concerns. Go to “Answers
That Work.com” (without the quotes). Allow site
page to load, scroll down a little till you see
4 green rectangular-shaped buttons. Click on the
“Task Lists” button and another page will load
with an alpha-numeric list of buttons. Use the
first letter of each file that you have a question
about and click the corresponding “letter” button.
Scroll down the list till you find the matching-
named file and read all about it.
This is a four-five step process, but very informative. I highly recommend that you ‘bookmark’ (save) the web page to your “Favorites” folder for future reference. Has
helped me out numerous times. Good Luck!Bud
Quincy, MA. -
June 29, 2006 at 3:41 pm #3113141
I use this mob to check any processes
by maxihelp · about 15 years, 11 months ago
In reply to how do I know if these files are fake or real?
http://www.processlibrary.com/directory/files/wuauclt/index.php
I hope this helps,
Max Inglis
Cairns,
Australia -
July 11, 2006 at 5:38 pm #3209897
Thank you to all of you!!!
by persevering · about 15 years, 10 months ago
In reply to how do I know if these files are fake or real?
Thank you to all of you who replied and gave me such helpful information! I’ve been having all sorts of problems computer-wise and even couldn’t get on this website for quite a while. Thank you for your kindness in giving me ideas of what to do. I really appreciate your thoughtfulness!
-
July 18, 2006 at 11:56 pm #3279008
here you go…
by fahimsolkar · about 15 years, 10 months ago
In reply to how do I know if these files are fake or real?
hey Suzanne..
dont worry most of them are processes which are required by windows..they are constantly running under processes..under the task manager..you can also verify the above mention by searching them in google which will give you the exact information with regards to each of the mention processes.. here a link which could help with the same..
http://www.liutilities.com/news/articles/article9/
ati2evxx.exe is your graphics card i.e. ATI.. application.. acrotray.exe is part of your Adobe Acrobat..I was a bit sketchy.. about..ciadaemon.exe so did a bit of R&D.. & got the following link which shall give you the information regards the same…
http://www.auditmypc.com/process/cidaemon.asp
if you have any other queries pls lemme know.. .
thanks … bye…
Fahim…
-
-
AuthorReplies