Not Quite Sure Where To Post this Question?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Sooky 47

Thread Starter
Gone and dearly missed
Joined
Nov 6, 2001
Messages
7,281
Can someone explain to me what these items are?
They are under Processes in Task Manager?

<img src="http://forums.techguy.org/attachment.php?s=&postid=689157">


Thanks in advance
 

Attachments

Joined
Oct 4, 2002
Messages
2,773
Hi Sooky 47

These are the programs which are running on your computer

Does that answer your question ?

steam
 

Sooky 47

Thread Starter
Gone and dearly missed
Joined
Nov 6, 2001
Messages
7,281
Do any of these items look suspicious? Like they are evil and are not suppose to be there? LOL

Do these items look like they are OK?

Thanks
 
Joined
Oct 4, 2002
Messages
2,773
None of them look "evil" to me, but I don't know exactly what everyone does

A better way to check out your running processes would be to post your startup list

Please post your startup list by doing the following :-

Please go here and download startuplist 1.51 :-

http://www.lurkhere.com/~nicefiles/startuplist151.zip

Download to any folder or your desktop
Unzip the zipfile
Double click the exe file
go to Edit - select all - copy - and paste the results in a new post here


steam
 
Joined
Dec 4, 2001
Messages
395
Hiya Steamwiz;

Can I be cheeky, and ask you to look at my start-up list, and tell me if there are any items I should remove.

Gill

:)

StartupList report, 1/19/03, 10:46:07 PM
StartupList version: 1.51
Started from : C:\UNZIPPED\STARTUPLIST151[1]\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCPFW.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\KHOOKER.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCGUIDE.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCIOMON.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCCLIENT.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\POP3TRAP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\WEBTRAP.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\UNZIPPED\STARTUPLIST151[1]\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\WINDOWS\All Users\Start Menu\Programs\StartUp]
ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
SystemTray = SysTray.Exe
SiS Tray =
SiS KHooker = C:\WINDOWS\SYSTEM\khooker.exe
pccguide.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
PCCIOMON.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
PCCClient.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
Pop3trap.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

PCCIOMON.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
PCCPFW = C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

msnmsgr = "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background

--------------------------------------------------

C:\WINDOWS\WININIT.INI listing:
(Created 19/1/2003, 18:53:16)

[rename]
nul=C:\WINDOWS\TEMP\~ef7194.tmp

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 18/1/2003, 17:17:52)

[rename]
NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\_SETUP32.LIB
NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\CTL3D32.DLL
NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\CTL3D32S.DLL
NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\CORECOMP.INI
NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\2F4086.DLL
NUL=C:\WINDOWS\TEMP\_ISTMP0.DIR\UNINST.EXE
NUL=C:\WINDOWS\TEMP\_INS0432._MP
NUL=C:\WINDOWS\TEMP\_INZ0432._MP
NUL=C:\WINDOWS\TEMP\_WUTL95.DLL

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

keyb uk,,C:\WINDOWS\COMMAND\keyboard.sys
SET VIS=C:\VRT4-00\PROGRAMS
PATH=%PATH%;C:\VRT4-00\PROGRAMS

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\WINDOWS\DOWNLOADED PROGRAM FILES\YCOMP5_0_2_7.DLL - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\PROGRAM FILES\KONTIKI\BIN\BH212112.DLL - {029CA12C-89C1-46a7-A3C7-82F2F98635CB}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://active.macromedia.com/flash2/cabs/swflash.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37612.2487037037

[sys Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\PCPITSTOP.DLL
CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[Yahoo! Companion]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YCOMP5_0_2_7.DLL
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_7.cab

[InstallShield International Setup Player]
InProcServer32 = c:\WINDOWS\DOWNLO~1\ISETUP.DLL
CODEBASE = http://www.installengine.com/engine/isetup.cab

--------------------------------------------------
End of report, 6,052 bytes
Report generated in 0.795 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
 

Sooky 47

Thread Starter
Gone and dearly missed
Joined
Nov 6, 2001
Messages
7,281
steamwiz ,

Thanks for the help and info.
Much appreciated.
 
Joined
Oct 4, 2002
Messages
2,773
Hi Sooky 47

you're welcome

Gill

You're startup looks pretty clean, but you do have a BHO (download manager) KONTIKI which contains spy ware - I would run spybot

Please Download and install SpyBot,

http://www.lurkhere.com/~nicefiles/spybot14.exe

click the online tab to search for and download the updates, then shut down and relaunch SpyBot.

Go to the Settings tab > File Sets, and uncheck 'System Internals' and 'Tracks' .
These aren't needed for our present purpose, and you can always experiment with them later on.

Finally, after closing down Internet Explorer, click 'Check for problems', and have SpyBot remove all it finds 'Fix selected problems'

you may have to run spybot more than once to clear everything

Remove everything pre-ticked in Red

steam
 
Joined
Dec 4, 2001
Messages
395
Thankyou Steamwiz;

I had a feeling that KONTIKI, was some sort of spyware, but my AD-aware program did not detect it, but spybot picked it up straight away.

Thanks again Steamwiz, for your time.

Gill :)
 
Joined
Oct 4, 2002
Messages
2,773
You're welcome Gill

Adaware has not been updated for over 4 months, that's why we use spybot at the moment - a new version of Adaware is due out in February, we'll have to wait and see if it's as good or even better than spybot.

steam
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top