1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Weird running programs

Discussion in 'Earlier Versions of Windows' started by aewarnick, Jan 18, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. aewarnick

    aewarnick Thread Starter

    Joined:
    Sep 3, 2002
    Messages:
    828
    What programs are these and do I need them? They are all found in the system folder:

    msg32, mdm, msgloop
     
  2. TonyKlein

    TonyKlein Malware Specialist

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    They're required files. Msg32.exe is modem related, I believe, Msgloop.exe is a background program which gets installed with the drivers for older sound cards based on the Crystal chipset, and Mdm.exe is the MS Machine Debug Manager.

    Please don't start questioning all files in your Windows\System directory just because they have funny names... :D

    If you'd like us to help you determine whether anything's running that shouldn't be, please do this:

    Go to http://www.spywareinfo.com/downloads.php#startup , and download 'Startuplist'.

    Unzip, doubleclick it, and it will generate a text file that will list all running processes, all applications that are loaded automatically when you start Windows, and more.

    Go to Edit > select all, copy it and post the contents here.
     
  3. aewarnick

    aewarnick Thread Starter

    Joined:
    Sep 3, 2002
    Messages:
    828
    Thank you very much!! I downloaded many things!!
     
  4. aewarnick

    aewarnick Thread Starter

    Joined:
    Sep 3, 2002
    Messages:
    828
    Here is the list. I am wondering what all the running processes are. Is there any way I can find that out? I have heard that xp spies on you and want to stop the spy processes.

    Code:
    Running processes:
    
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    D:\PROGRA~1\WINPAT~1\WinPatrol.exe
    D:\PROGRA~1\AVG6\avgcc32.exe
    D:\Program Files\ZoneAlarm\zonealarm.exe
    C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
    d:\PROGRA~1\AVG6\avgserv.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Visual Studio .NET\Common7\IDE\devenv.exe
    D:\Editing and misc. software\StartupList.exe
    
    --------------------------------------------------
    
    Checking Windows NT UserInit:
    
    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    
    Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    WinPatrol = d:\PROGRA~1\WINPAT~1\WinPatrol.exe
    AVG_CC = d:\PROGRA~1\AVG6\avgcc32.exe /STARTUP
    NeroCheck = 
    
    --------------------------------------------------
    
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    
    MSMSGS = 
    DisableXPRegister = D:\My Documents\C Sharp projects\DisableXPRegister\bin\Release\DisableXPRegister.exe
    EditReg = D:\My Documents\C Sharp projects\EditReg\bin\Debug\EditReg.exe
    
    --------------------------------------------------
    
    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command
    
    (Default) = "%1" %*
    
    --------------------------------------------------
    
    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command
    
    (Default) = "%1" /S
    
    --------------------------------------------------
    
    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command
    
    (Default) = C:\WINDOWS\System32\mshta.exe "%1" %*
    
    --------------------------------------------------
    
    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    
    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    
    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    
    [{7790769C-0471-11d2-AF11-00C04FA35D02}]
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    
    [{89820200-ECBD-11cf-8B85-00AA005B4340}]
    StubPath = regsvr32.exe /s /n /i:U shell32.dll
    
    [{89820200-ECBD-11cf-8B85-00AA005B4383}]
    StubPath = %SystemRoot%\system32\ie4uinit.exe
    
    --------------------------------------------------
    
    Checking for EXPLORER.EXE instances:
    
    C:\WINDOWS\Explorer.exe: PRESENT!
    
    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    
    --------------------------------------------------
    
    Checking for superhidden extensions:
    
    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/113965

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice