Windows Task Manager Problems? - Page 6 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 01-11-2005, 02:13 PM   #51 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

After you do all this, run your spyware and adaware programs. Run these programs at least 6 times each because when you delete them the first time, and run them again, they will usually find more. Reboot after the second time, and run them again. Lets us know.
__________________

__________________
Osiris is offline  
Old 01-11-2005, 02:58 PM   #52 (permalink)
Chillin Techie
 
Join Date: Nov 2004
Location: USA
Posts: 11,861
Default

upload this picture to a your picture web site so we can actually see what it is saying. I don't know anything about hijack this. But I know what most of those processes mean

http://www.techist.com/showthread.ph...910#post274910
__________________

__________________
The Ultimate Hard Drive Utility PowerMax 4.23. (It now has the ability to clean a Boot Sector virus on the quick erase option.)
The best browser Netscape 8
Have you accidently delete something? Look here (trial. the better one) and here(free)
EricB is offline  
Old 01-11-2005, 03:12 PM   #53 (permalink)
Chillin Techie
 
Join Date: Nov 2004
Location: USA
Posts: 11,861
Default



Post this picture of your msconfig startup items too, so we can tell you what to uncheck. you don't see my uncheck programs, because I use something else to uncheck them
EricB is offline  
Old 01-11-2005, 04:31 PM   #54 (permalink)
Junior Techie
 
Join Date: Jan 2005
Posts: 71
Default

before picture of system config




after




and her are the processes that are running now



hope this helps
ImNewAtThis is offline  
Old 01-11-2005, 04:39 PM   #55 (permalink)
Junior Techie
 
Join Date: Jan 2005
Posts: 71
Default

new hijack file done today


Logfile of HijackThis v1.99.0
Scan saved at 4:37:24 PM, on 1/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.ex e
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avant Browser\avant.exe
C:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.ca/
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab28578.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {34A44FCF-50E3-63A5-A8DA-7835752B9571} - http://captaincode.com/ccbar/ccbar.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab28578.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab30149.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab30149.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab28578.cab
O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CA ISafe - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
ImNewAtThis is offline  
Old 01-11-2005, 04:52 PM   #56 (permalink)
Chillin Techie
 
Join Date: Nov 2004
Location: USA
Posts: 11,861
Default

in Msconfig

uncheck everything but TEA timer, zone alarm (zlclient) and atiptaxx

right click start, choose explore all user, click into programs then head to the startup Folder, delete everything in there but zone alarm, and spybot (tea timer) and your ati tool(if they are in there)
EricB is offline  
Old 01-11-2005, 05:04 PM   #57 (permalink)
Junior Techie
 
Join Date: Jan 2005
Posts: 71
Default

every time i run spybot it find this
ImNewAtThis is offline  
Old 01-11-2005, 05:35 PM   #58 (permalink)
Chillin Techie
 
Join Date: Nov 2004
Location: USA
Posts: 11,861
Default

Resize your picture to at the most 800 X 600, less is better

That basically telling you not to USE IE. Use spyware blaster to fix your problems with your internet settings
EricB is offline  
Old 01-11-2005, 05:40 PM   #59 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Now doesn't that look a lot better? It's always best to do the most common thing first with this problem. Disabling all start up items. This will get rid of most your problems, as which it did. You went from 50 or 60 something, to 31. That a big jump. As of right now, I've got 26 processes, so your doing pretty good. No need to re-install your OS, and I'm glad you didn't, unless of course you are receiving a lot of errors, are you? Don't worry about the DSO exploit. That's a Microsoft thing. It's on there the moment you re-install your OS, there's a fix for that. DSO EXPLOIT FIX

This is from Microsoft:

DSO exploit is a very old exploit that has been patched by a microsoft
hotfix along time ago.If you are current with windows update you have no need
to worry about it.This report will be fixed in a later update of Spybot
S&D.You can add the DSO exploit to the ignore list in Spybot.
Or if you would like to double check weather this exploit still exists on
your system the link below will take you to a download of a DSO checker and
blocker.


Did you run Ad-Aware SE yet? Delete all your temporary files, cookies, go to your c:windows\prefetch and delete it. Don't worry about deleting the folder. It will come back. Make sure you have no programs installed that you don't need. Look for websearch or something similiar, webhancer, xxxtoolbar, etc. Let us know? Ain't this alot easier than re-installing?
__________________
Osiris is offline  
Old 01-11-2005, 05:59 PM   #60 (permalink)
Chillin Techie
 
Join Date: Nov 2004
Location: USA
Posts: 11,861
Default

Quote:
Originally posted by Warez Monster
Now doesn't that look a lot better? It's always best to do the most common thing first with this problem. Disabling all start up items. This will get rid of most your problems, as which it did. You went from 50 or 60 something, to 31. That a big jump. As of right now, I've got 26 processes, so your doing pretty good. No need to re-install your OS, and I'm glad you didn't, unless of course you are receiving a lot of errors, are you? Don't worry about the DSO exploit. That's a Microsoft thing. It's on there the moment you re-install your OS, there's a fix for that. DSO EXPLOIT FIX

This is from Microsoft:

DSO exploit is a very old exploit that has been patched by a microsoft
hotfix along time ago.If you are current with windows update you have no need
to worry about it.This report will be fixed in a later update of Spybot
S&D.You can add the DSO exploit to the ignore list in Spybot.
Or if you would like to double check weather this exploit still exists on
your system the link below will take you to a download of a DSO checker and
blocker.


Did you run Ad-Aware SE yet? Delete all your temporary files, cookies, go to your c:windows\prefetch and delete it. Don't worry about deleting the folder. It will come back. Make sure you have no programs installed that you don't need. Look for websearch or something similiar, webhancer, xxxtoolbar, etc. Let us know? Ain't this alot easier than re-installing?
From the looks of things. spyware and hyjacked items aren't his problem. Most of his stuff is regular items. he just had too many things running in the background.

you can type service.msc in the run box to disable more prorams like messenger in the start up process, but be careful here. some stuff have to run
__________________

EricB is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 12:58 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.