SteveTraverse
Posts: 22 +0
Can't find any information about this process: pwdgcabsvc.exe
It's wasting 19,956 k of my memory and it won't let me close it.
Malwarebytes and Rkill do not find it. It claims to be published by microsoft, but there is no record of it to be found online.
There is on my desktop, so I want to be very careful. Any idea on how to remove it? The program exists in System32 folder, but cannot be closed or deleted.
Malwarebytes live protection gave me a message saying it stopped pwdgcabsvc from opening a malicious site, but did not recognize the process itself to be malicious. It is definitely bad news, and should go.
Claims it was created on the exact same time and date I downloaded Firefox 70 last year. Then says last modified June 6, 2020. The only odd behavior I have noticed is that when closing firefox regularly, it does not remember my tabs when I reopen, and instead opens another site, which I have not seen, an adult site. If I kill process firefox, so that it ends suddenly, the tabs load correctly.
In AnVir taskmng, it says Toshiba corporation, lists the affected memory at 29,000 k instead of 19,000 ish. You can set it to quarantine, but it won't actually do it, nor can you kill the process. This tool lists a number of info about this process which may be useful:
Anvir has a feature where you can scan a file with 30 virus engines on virustotal.com, but I cannot locate pwdgcabsvc when trying to find the file.
It appears in normal task manager when I click open file location, and the file appears normally in my explorer.
It's wasting 19,956 k of my memory and it won't let me close it.
Malwarebytes and Rkill do not find it. It claims to be published by microsoft, but there is no record of it to be found online.
There is on my desktop, so I want to be very careful. Any idea on how to remove it? The program exists in System32 folder, but cannot be closed or deleted.
Malwarebytes live protection gave me a message saying it stopped pwdgcabsvc from opening a malicious site, but did not recognize the process itself to be malicious. It is definitely bad news, and should go.
Claims it was created on the exact same time and date I downloaded Firefox 70 last year. Then says last modified June 6, 2020. The only odd behavior I have noticed is that when closing firefox regularly, it does not remember my tabs when I reopen, and instead opens another site, which I have not seen, an adult site. If I kill process firefox, so that it ends suddenly, the tabs load correctly.
In AnVir taskmng, it says Toshiba corporation, lists the affected memory at 29,000 k instead of 19,000 ish. You can set it to quarantine, but it won't actually do it, nor can you kill the process. This tool lists a number of info about this process which may be useful:
Anvir has a feature where you can scan a file with 30 virus engines on virustotal.com, but I cannot locate pwdgcabsvc when trying to find the file.
It appears in normal task manager when I click open file location, and the file appears normally in my explorer.
Attachments
Last edited:
