Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unsecapp.exe


  • Please log in to reply
4 replies to this topic

#1 WuWei

WuWei

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 13 October 2015 - 09:06 AM

So, I've been doing research into the various processes that are running on this computer, and I had a question about the unsecapp.exe process. Not sure if this is the right place for this topic, but it is a Win 7 computer. According to www.answersthatwork.com it says:

 

Sink to receive asynchronous callbacks for WMI client application running in different processes. WMI, Windows Management Instrumentation, enables software developers to write scripts and programs for the management or querying of devices, user accounts, Windows services, running programs, networking, and many other internal technical aspects of Windows - in other words the sort of work TUT does (for example : TUT, The Ultimate Troubleshooter, uses WMI to retrieve all the information that it shows on the System Info tab).

This particular task, UNSECAPP.EXE, is started by Windows Vista when a program needs to use WMI programming - it provides programs with a conduit (sink) to receive from Windows the results of their WMI queries and commands.

 

Sounds like pretty powerful stuff! My question is, if it can do so much how can I tell why it's running on this particular computer?

 

As an aside, I'm trying to figure out a puzzle with this computer. It will undo anything that's done after an hour -- as in, if I try to install an antivirus, it will erase it. I've enabled the administrator account and it's a very clean computer virus wise. Just was doing homework on processes and came across this neat one.



BC AdBot (Login to Remove)

 


#2 dicke

dicke

    Paraclete


  • Members
  • 2,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:07:43 PM

Posted 13 October 2015 - 08:10 PM

[personal opinion]

Any system that deletes security software is infected and needs trained assistance to get it clean. The infection need not be a virus.

If you agree, post back and I'll ask a moderator to move you into the correct forum so you get the help you need.

 

Dick


Stay well and surf safe [stay protected]

Dick E


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:43 PM

Posted 14 October 2015 - 10:26 AM

Open the Task Manager and right click on UNSECAPP.EXE, then select open file location.

 

It should have file path similar to C:\Windows\System32\wbem\unsecapp.exe

 

If it is found the C:\Windows\System32 the unsecapp.exe file is a Windows core system file.  It is a sink (callback validator) used with WMI (Windows Management Instrumentation) to receive asynchronous callbacks for WMI client application running in different processes.

 

If it is found in that location, I would suggest leaving it alone.  If it is not, then you need to have this topic moved to the Am I Infected forum where specialized diagnostic tools can be used to find and remove viruses and malware.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 kmr60744

kmr60744

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:13 AM

Posted 28 February 2018 - 01:55 PM

There not fixed of these type files. It is wmi files in windows but sometime it can be a virus, I am suggesting you to read this post about callbacks for wmi client application you can understand everything easily.



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:43 PM

Posted 28 February 2018 - 02:02 PM

This topic has been idle for the last two years.  The OP hasn't posted back at Bleeping Computer since Oct. 13, 2015.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users