Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

crazy Task Manager probs

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 1 posts
This is a problem I have not been able to fix using any spyware or adware programs. I have run Ad-Aware SE and Spybot, as well as McAfee Virus scan. No luck. The problem I am having is that a program keeps appearing in my task manager (XP). It usually only uses about 160k of memory and 00 in CPU, but I don't like it there. When I "End Process", a new file takes its place, with what appears to be a random name. I can find the file(s) in Windows\System32\, but deleting them there produces the same results...replaced with another file. They are all .exe's and as I said the name appears random. For example, currently, I have a file named actios.exe in Task Manager. If I end process, it changes to epikucq.exe, then I end again and I get dihlqg.exe.....etc, etc.

Anyway, here is my Hijack log...

Logfile of HijackThis v1.99.1
Scan saved at 6:14:48 AM, on 4/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\Program Files\Ahead\InCD\InCDsrv.exe
G:\Program Files\M-Audio MobilePre\Install\MPInst.exe
G:\Program Files\MSN Messenger\MsnMsgr.Exe
G:\Program Files\ATI Multimedia\main\ATIDtct.EXE
G:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
G:\Program Files\ATI Multimedia\main\ATISched.EXE
G:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Multimedia keyboard utility\1.3\KBDAP32A.EXE
G:\Program Files\MSN\MSNCoreFiles\msn.exe
g:\program files\mcafee.com\vso\mcmnhdlr.exe
g:\program files\mcafee.com\shared\mghtml.exe
D:\My Downloads\modules.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - G:\Program Files\iMesh\iMesh5\iMeshBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - G:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - G:\WINDOWS\system32\nsj59.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - g:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [VSOCheckTask] "g:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "g:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] g:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] G:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sfaniii] g:\windows\system32\actios.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] G:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] G:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ATI Scheduler] G:\Program Files\ATI Multimedia\main\ATISched.EXE
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - G:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - G:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: License Management Service ESD - Unknown owner - G:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - g:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - G:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - g:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: MobilePre Installer (MobilePreInstallerService) - Nemesis - G:\Program Files\M-Audio MobilePre\Install\MPInst.exe
O23 - Service: Pml Driver HPZ12 - HP - G:\WINDOWS\system32\HPZipm12.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - G:\WINDOWS\svcproc.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - G:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

At one point, it also appeared that there was an additional connection under "Networking" in Task Manager, but I do not seem to have that problem right now. I do have a wireless router in house, and it may be that a neighbor has found access, but I can't be sure.

Thanks for any help...Brian (aka Slosh)
  • 0



  • Guest
Hi Slosh

If you are still in need of help post a new HJT.log

Kc :tazz:
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP