1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Not Quite Sure Where To Post this Question?

Discussion in 'Windows XP' started by Sooky 47, Jan 19, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Sooky 47

    Sooky 47 Gone and dearly missed Thread Starter

    Joined:
    Nov 6, 2001
    Messages:
    7,281
    Can someone explain to me what these items are?
    They are under Processes in Task Manager?

    <img src="http://forums.techguy.org/attachment.php?s=&postid=689157">


    Thanks in advance
     

    Attached Files:

  2. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Hi Sooky 47

    These are the programs which are running on your computer

    Does that answer your question ?

    steam
     
  3. Sooky 47

    Sooky 47 Gone and dearly missed Thread Starter

    Joined:
    Nov 6, 2001
    Messages:
    7,281
    Do any of these items look suspicious? Like they are evil and are not suppose to be there? LOL

    Do these items look like they are OK?

    Thanks
     
  4. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    None of them look "evil" to me, but I don't know exactly what everyone does

    A better way to check out your running processes would be to post your startup list

    Please post your startup list by doing the following :-

    Please go here and download startuplist 1.51 :-

    http://www.lurkhere.com/~nicefiles/startuplist151.zip

    Download to any folder or your desktop
    Unzip the zipfile
    Double click the exe file
    go to Edit - select all - copy - and paste the results in a new post here


    steam
     
  5. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    No problems there - that's as clean a startup as I have ever seen

    steam
     
  6. Gill

    Gill

    Joined:
    Dec 4, 2001
    Messages:
    395
    Hiya Steamwiz;

    Can I be cheeky, and ask you to look at my start-up list, and tell me if there are any items I should remove.

    Gill

    :)

    StartupList report, 1/19/03, 10:46:07 PM
    StartupList version: 1.51
    Started from : C:\UNZIPPED\STARTUPLIST151[1]\STARTUPLIST.EXE
    Detected: Windows 98 SE (Win9x 4.10.2222A)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCPFW.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\KHOOKER.EXE
    C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCGUIDE.EXE
    C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCIOMON.EXE
    C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCCLIENT.EXE
    C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\POP3TRAP.EXE
    C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
    C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
    C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\WEBTRAP.EXE
    C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
    C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
    C:\UNZIPPED\STARTUPLIST151[1]\STARTUPLIST.EXE

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Common Startup:
    [C:\WINDOWS\All Users\Start Menu\Programs\StartUp]
    ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
    SystemTray = SysTray.Exe
    SiS Tray =
    SiS KHooker = C:\WINDOWS\SYSTEM\khooker.exe
    pccguide.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
    PCCIOMON.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
    PCCClient.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
    Pop3trap.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    PCCIOMON.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
    PCCPFW = C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    msnmsgr = "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background

    --------------------------------------------------

    C:\WINDOWS\WININIT.INI listing:
    (Created 19/1/2003, 18:53:16)

    [rename]
    nul=C:\WINDOWS\TEMP\~ef7194.tmp

    --------------------------------------------------

    C:\WINDOWS\WININIT.BAK listing:
    (Created 18/1/2003, 17:17:52)

    [rename]
    NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\_SETUP32.LIB
    NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\CTL3D32.DLL
    NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\CTL3D32S.DLL
    NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\CORECOMP.INI
    NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\2F4086.DLL
    NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\UNINST.EXE
    NUL=C:\WINDOWS\TEMP\_INS0432._MP
    NUL=C:\WINDOWS\TEMP\_INZ0432._MP
    NUL=C:\WINDOWS\TEMP\_WUTL95.DLL

    --------------------------------------------------

    C:\AUTOEXEC.BAT listing:

    keyb uk,,C:\WINDOWS\COMMAND\keyboard.sys
    SET VIS=C:\VRT4-00\PROGRAMS
    PATH=%PATH%;C:\VRT4-00\PROGRAMS

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\WINDOWS\DOWNLOADED PROGRAM FILES\YCOMP5_0_2_7.DLL - {02478D38-C3F9-4efb-9B51-7695ECA05670}
    (no name) - C:\PROGRAM FILES\KONTIKI\BIN\BH212112.DLL - {029CA12C-89C1-46a7-A3C7-82F2F98635CB}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Tune-up Application Start.job
    Maintenance-Defragment programs.job
    Maintenance-ScanDisk.job
    Maintenance-Disk cleanup.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
    CODEBASE = http://active.macromedia.com/flash2/cabs/swflash.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37612.2487037037

    [sys Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\PCPITSTOP.DLL
    CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

    [Shockwave ActiveX Control]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    [Yahoo! Companion]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YCOMP5_0_2_7.DLL
    CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_7.cab

    [InstallShield International Setup Player]
    InProcServer32 = c:\WINDOWS\DOWNLO~1\ISETUP.DLL
    CODEBASE = http://www.installengine.com/engine/isetup.cab

    --------------------------------------------------
    End of report, 6,052 bytes
    Report generated in 0.795 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  7. Sooky 47

    Sooky 47 Gone and dearly missed Thread Starter

    Joined:
    Nov 6, 2001
    Messages:
    7,281
    steamwiz ,

    Thanks for the help and info.
    Much appreciated.
     
  8. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Hi Sooky 47

    you're welcome

    Gill

    You're startup looks pretty clean, but you do have a BHO (download manager) KONTIKI which contains spy ware - I would run spybot

    Please Download and install SpyBot,

    http://www.lurkhere.com/~nicefiles/spybot14.exe

    click the online tab to search for and download the updates, then shut down and relaunch SpyBot.

    Go to the Settings tab > File Sets, and uncheck 'System Internals' and 'Tracks' .
    These aren't needed for our present purpose, and you can always experiment with them later on.

    Finally, after closing down Internet Explorer, click 'Check for problems', and have SpyBot remove all it finds 'Fix selected problems'

    you may have to run spybot more than once to clear everything

    Remove everything pre-ticked in Red

    steam
     
  9. Gill

    Gill

    Joined:
    Dec 4, 2001
    Messages:
    395
    Thankyou Steamwiz;

    I had a feeling that KONTIKI, was some sort of spyware, but my AD-aware program did not detect it, but spybot picked it up straight away.

    Thanks again Steamwiz, for your time.

    Gill :)
     
  10. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    You're welcome Gill

    Adaware has not been updated for over 4 months, that's why we use spybot at the moment - a new version of Adaware is due out in February, we'll have to wait and see if it's as good or even better than spybot.

    steam
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/114172

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice