Help! Strange service discovered - Kmfsvsr

  • Thread starter Thread starter mikec
  • Start date Start date
M

mikec

Hi Everyone,

Hey, I was just wondering, I discovered something a little
disconcerting... I just ran services.msc to see what's running on my
system and I noticed something really strange. There seems to be a
service listed called "Kmfsvsr." There's no description and it's listed
as disabled. There is also nothing listed in the "Path to executable."

What's even stranger (at least to me) is that when I click the "Log On"
tab, "This account:" is selected along with a password filled in.
However, the is nothing under "This account:" and the Hardware Profile
(Profile 1) is disabled.

To make things worse, I Googled Kmfsvsr with zero results. I have to
conclude that it must be a virus or trojan or something, however, my
virus scanner finds nothing. I even ran Rootkit Revealer and it didn't
flag anything related.

Any comments or ideas?

Mike
 
|>Hi Everyone,
|>
|>Hey, I was just wondering, I discovered something a little
|>disconcerting... I just ran services.msc to see what's running on my
|>system and I noticed something really strange. There seems to be a
|>service listed called "Kmfsvsr." There's no description and it's listed
|>as disabled. There is also nothing listed in the "Path to executable."
|>
|>What's even stranger (at least to me) is that when I click the "Log On"
|>tab, "This account:" is selected along with a password filled in.
|>However, the is nothing under "This account:" and the Hardware Profile
|>(Profile 1) is disabled.
|>
|>To make things worse, I Googled Kmfsvsr with zero results. I have to
|>conclude that it must be a virus or trojan or something, however, my
|>virus scanner finds nothing. I even ran Rootkit Revealer and it didn't
|>flag anything related.
|>
|>Any comments or ideas?

someone recently had this happen:
"Good evening, under services there is one called: {5apdior which has
no description and is under manual start. "

They just disable'd it and no harm was done, or at least posted.
 
Open up your registry [Start > run > regedit]

Navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

See if there is a "kmfsvsr" subkey listed there, in which case explore its
entries to see what it contains.
 
mikec said:
Hi Everyone,

Hey, I was just wondering, I discovered something a little
disconcerting... I just ran services.msc to see what's running on my
system and I noticed something really strange. There seems to be a
service listed called "Kmfsvsr." There's no description and it's
listed as disabled. There is also nothing listed in the "Path to
executable."

What's even stranger (at least to me) is that when I click the "Log
On" tab, "This account:" is selected along with a password filled in.
However, the is nothing under "This account:" and the Hardware Profile
(Profile 1) is disabled.

To make things worse, I Googled Kmfsvsr with zero results. I have to
conclude that it must be a virus or trojan or something, however, my
virus scanner finds nothing. I even ran Rootkit Revealer and it didn't
flag anything related.
Click to expand...

Had you ever run Rootkit Revealer before you found kmfsvsr?

--
Rhonda Lea Kirk

Insisting on perfect safety is for people
without the balls to live in the real world.
Mary Shafer Iliff
 
mikec said:
Hi Everyone,

Hey, I was just wondering, I discovered something a little
disconcerting... I just ran services.msc to see what's running on my
system and I noticed something really strange. There seems to be a
service listed called "Kmfsvsr." There's no description and it's
listed as disabled. There is also nothing listed in the "Path to
executable."

What's even stranger (at least to me) is that when I click the "Log
On" tab, "This account:" is selected along with a password filled in.
However, the is nothing under "This account:" and the Hardware Profile
(Profile 1) is disabled.

To make things worse, I Googled Kmfsvsr with zero results. I have to
conclude that it must be a virus or trojan or something, however, my
virus scanner finds nothing. I even ran Rootkit Revealer and it didn't
flag anything related.

Any comments or ideas?

Mike
Click to expand...

Have you installed Kazaa?
 
Hi Rhonda,
Had you ever run Rootkit Revealer before you found kmfsvsr?
Click to expand...

I have previously but I had also reinstalled Windows on the system so I
can't recall if I did it before or after the reinstall.

Mike
 
Hi Mike,
Have you installed Kazaa?
Click to expand...

No, I have never download, installed or used any P2P or any similar
apps. In fact, I'm not even using Internet Explorer or Outlook (using
Mozilla). I do, however, use Skype.

Mike
 
mikec said:
Hi Rhonda,


I have previously but I had also reinstalled Windows on the system so
I can't recall if I did it before or after the reinstall.
Click to expand...

Well, you may want to take a look at this:

http://www.sysinternals.com/Forum/forum_posts.asp?TID=1650&PN=1

I've had to remove the relics manually every time I run it.

If you really think you have a rootkit, go here:

www.gmer.net

rl
--
Rhonda Lea Kirk

Insisting on perfect safety is for people
without the balls to live in the real world.
Mary Shafer Iliff
 
Back
Top