(Msg. 1) Posted: Sat Aug 02, 2008 1:38 pm
Post subject: List of Programs running in task bar and how they were started. Add to elertz Archived from groups: microsoft>public>windowsxp>security_admin (more info?)
Is there a way of getting the names of the executables running in Task
Bar and how they were started?
I have come across a particularly persistent virus program calling
itself Windows Antivirus 2007/8 and Vista Antivirus 2008, which users of
this forum have probably come across before.
In one instance I have been able to disable it by using the msconfig
program to disable every strange looking program, and leave the rest to
a genuine AV checker.
Knowing which programs are running and which registry settings launched
them or what other programs launched them will be very useful.
(Msg. 2) Posted: Sat Aug 02, 2008 1:38 pm
Post subject: Re: List of Programs running in task bar and how they were started. Add to elertz [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Frank Church wrote:
> Is there a way of getting the names of the executables running in Task
> Bar and how they were started?
>
> I have come across a particularly persistent virus program calling
> itself Windows Antivirus 2007/8 and Vista Antivirus 2008, which users of
> this forum have probably come across before.
>
> In one instance I have been able to disable it by using the msconfig
> program to disable every strange looking program, and leave the rest to
> a genuine AV checker.
>
> Knowing which programs are running and which registry settings launched
> them or what other programs launched them will be very useful.
It is always useful to know what is running on your computer but, except in
rare cases, that won't get rid of Antivirus 2007/08. To see what
programs/processes are running, use Task Manager. If you don't recognize
something, Google it. You can also use Process Monitor (free) to see what
called a particular process. This is useful when you have a lot of
svchost.exe processes (as is usual).
To remove Antivirus 2007/08, here is my usual response:
*****
Your system is infected with a rogue antivirus program. It is called "rogue"
because it pretends to be A Good Guy but is really Evil. Do not pay them!
These may work for you and all may be well. However, in many cases the
computer will also be infected with Zlob and/or Vundo trojans and protected
by a rootkit. These machines are extremely difficult to clean.
If your machine is one of these cases, either get guided help at one of the
specialty forums below OR back up your data and do a clean install of
Windows. It is your choice. If you are unsure how to back up your data or
how to do a clean install, you can take your machine to a local computer
professional. I don't recommend using BigComputerStore/GeekSquad types of
places.
(Msg. 3) Posted: Sat Aug 02, 2008 2:38 pm
Post subject: Re: List of Programs running in task bar and how they were started. Add to elertz [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Malke wrote:
> Frank Church wrote:
>
>> Is there a way of getting the names of the executables running in Task
>> Bar and how they were started?
>>
>> I have come across a particularly persistent virus program calling
>> itself Windows Antivirus 2007/8 and Vista Antivirus 2008, which users of
>> this forum have probably come across before.
>>
>> In one instance I have been able to disable it by using the msconfig
>> program to disable every strange looking program, and leave the rest to
>> a genuine AV checker.
>>
>> Knowing which programs are running and which registry settings launched
>> them or what other programs launched them will be very useful.
>
> It is always useful to know what is running on your computer but, except in
> rare cases, that won't get rid of Antivirus 2007/08. To see what
> programs/processes are running, use Task Manager. If you don't recognize
> something, Google it. You can also use Process Monitor (free) to see what
> called a particular process. This is useful when you have a lot of
> svchost.exe processes (as is usual).
>
> http://www.microsoft.com/technet/sysinternals/default.mspx - Sysinternals
> (now at MS)
>
> To remove Antivirus 2007/08, here is my usual response:
>
> *****
> Your system is infected with a rogue antivirus program. It is called "rogue"
> because it pretends to be A Good Guy but is really Evil. Do not pay them!
>
> Here are removal steps:
>
> http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009 > http://www.bleepingcomputer.com/forums/topic154529.html (earlier versions)
>
> These may work for you and all may be well. However, in many cases the
> computer will also be infected with Zlob and/or Vundo trojans and protected
> by a rootkit. These machines are extremely difficult to clean.
>
> If your machine is one of these cases, either get guided help at one of the
> specialty forums below OR back up your data and do a clean install of
> Windows. It is your choice. If you are unsure how to back up your data or
> how to do a clean install, you can take your machine to a local computer
> professional. I don't recommend using BigComputerStore/GeekSquad types of
> places.
>
> PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS.
>
> http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
> the stickies *first*.
> http://www.atribune.org/forums/index.php?showforum=9 > http://aumha.net/viewforum.php?f=30 > http://www.bleepingcomputer.com/forums/forum22.html > http://www.dslreports.com/forum/cleanup > http://www.cybertechhelp.com/forums/forumdisplay.php?f=25Look > http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html > http://gladiator-antivirus.com/forum/index.php?showforum=170 > http://spywarewarrior.com/viewforum.php?f=5 > http://forums.techguy.org/54-security/ > http://forums.tomcoyote.org/ > *****
>
> Malke
The problem with Task Manager is it doesn't show the path to the running
executable, so a trojan masquerading as a standard windows program
cannot be easily spotted.
I think I should have said Tray Icon programs rather than task bar. The
title is probably misleading
(Msg. 4) Posted: Sat Aug 02, 2008 2:38 pm
Post subject: Re: List of Programs running in task bar and how they were started. Add to elertz [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Frank Church wrote:
> The problem with Task Manager is it doesn't show the path to the running
> executable, so a trojan masquerading as a standard windows program
> cannot be easily spotted.
>
> I think I should have said Tray Icon programs rather than task bar. The
> title is probably misleading
I understood what you meant. Look at the various Sysinternals' tools at the
link I already gave you.
(Msg. 5) Posted: Mon Aug 04, 2008 7:55 am
Post subject: Re: List of Programs running in task bar and how they were started. Add to elertz [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
If you are using Windows Vista , then use Vista Manager . It shows all
the process inclucing Microsoft services or non Microsoft services .
If you think one of the service seems to be malware or virus , then
you can easily google it by single clicking the button . By the way ,
it is the useful software for all of Windows Vista users .
(Msg. 6) Posted: Mon Aug 04, 2008 8:11 am
Post subject: Re: List of Programs running in task bar and how they were started. Add to elertz [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Phillip wrote:
> If you are using Windows Vista , then use Vista Manager . It shows all
> the process inclucing Microsoft services or non Microsoft services .
> If you think one of the service seems to be malware or virus , then
> you can easily google it by single clicking the button . By the way ,
> it is the useful software for all of Windows Vista users .
Since he posted in a Windows XP newsgroup, I'm going to assume that's the
operating system he's running.
All times are: Eastern Time (US & Canada) (change)
Page 1 of 1
You can post new topics in this forum You can reply to topics in this forum You can edit your posts in this forum You can delete your posts in this forum You can vote in polls in this forum
Home
Forums
Home
FAQ
Search
Profile
Private Messages
Log in/Register/Password
Windows XP