TechSpot

Nslookup.exe [I can not remove it]

By Adam A
Jan 7, 2008
  1. I got this program nslookup.exe I believe posting a video through myspace. I have tried to remove it by simply moving it to the recycle bin, and it's not letting me. I copied and pasted my HJT log below. Are there any simple ways to take care of this?-Thanks

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:00:29 PM, on 1/6/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Security Task Manager\taskman.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 2091 bytes
     
  2. LuckyM

    LuckyM Banned Posts: 66

    hello,
    i did a little search and it seems like this exe file is legitimate one. why do you want to remove it? the descriptions i found say it's not a security threat. you can read one here: nslookup.exe and one here: nslookup.exe.
     
  3. jobeard

    jobeard TS Ambassador Posts: 9,316   +618

    nslookup.exe should be located at \windows\system32\nslookup.exe and
    it is a standard networking tool -- KEEP IT.

    from a command prompt;
    nslookup {ip-address or domain-name}

    $ nslookup google.com << the generic domain.name
    Server: dns-cac-lb-01.orange.rr.com
    Address: 66.75.164.90

    Non-authoritative answer:
    Name: google.com
    Addresses: 72.14.207.99, 64.233.187.99, 64.233.167.99
    (a list of three servers that can be accessed as google.com)

    $ nslookup 72.14.207.99
    Server: dns-cac-lb-01.orange.rr.com
    Address: 66.75.164.90

    Name: eh-in-f99.google.com << the specific server name at that address
    Address: 72.14.207.99


    this tool answers the question, "Is my DNS working?"
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...