PDA

View Full Version : Ghost program in taskbar and task manager



jborchardt
19-07-2005, 09:43 AM
I need help. I am trying to get rid of what I think is an .exe
program that appears on my taskbar and in my task manager for only a
second and then it is gone. This happens about every 10 to 15 minutes
and it has become very annoying because it interrups the programs that
I am working on. I’m worried that this might be some kind of
spyware or malware.

Thanks for the help.

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/Help---Support-Ghost-program-taskbar-task-manager-ftopict396531.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1307331

jborchardt
19-07-2005, 09:44 AM
"jborchardt" wrote:
> I need help. I am trying to get rid of what I think is an
> .exe program that appears on my taskbar and in my task manager
> for only a second and then it is gone. This happens about
> every 10 to 15 minutes and it has become very annoying because
> it interrups the programs that I am working on. I'm worried
> that this might be some kind of spyware or malware.
>
> Thanks for the help.

Here is my HJT log if anyone wants to take a look at it.

Logfile of HijackThis v1.99.1
Scan saved at 1:23:41 PM, on 7/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton AntiVirusnavapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedSecurity
CenterSymWSC.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesMicrosoft AntiSpywaregcasServ.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesHPDigital Imagingbinhpqtra08.exe
C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsJeremy BorchardtDesktopHijackThis.exe

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant
=
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch
=
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton
AntiVirusNavShExt.dll
O4 - HKLM..Run: [PrinTray]
C:WINDOWSSystem32spoolDRIVERSW32X862printray.exe
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec
SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec
SharedccRegVfy.exe"
O4 - HKLM..Run: [Advanced Tools Check]
C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 - HKLM..Run: [hpinstantsupport] "C:Program
FilesHewlett-Packardhpisbinmatcliwrapper.exe" "C:Program
FilesHewlett-Packardhpis" -boot
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [Symantec NetDriver Monitor]
C:PROGRA~1SYMNET~1SNDMon.exe /Consumer
O4 - HKLM..Run: [HP Software Update] C:Program FilesHPHP Software
UpdateHPWuSchd2.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_02binjusched.exe
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe"
/background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program
FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:WINDOWSSystem32shdocvw.dll
O9 - Extra ’Tools’ menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32shdocvw.dll
O9 - Extra button: @C:Program FilesMessengerMsgslang.dll,-61144 -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O9 - Extra ’Tools’ menuitem: @C:Program
FilesMessengerMsgslang.dll,-61144 -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} -
https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.viewpoint.com/cgi-bin/vet_install_popup.pl?
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo
Class) -
https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online
Control) - http://zone.msn.com/bingame/gold/default/gf.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader
Object) - http://anu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj
Class) -
https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?322
O17 -
HKLMSystemCCSServicesTcpip..{B21900C6-A14D-4AB5-B928-750C399E841
8}:
NameServer = 216.231.160.2 209.102.191.47
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec
Corporation - C:Program FilesCommon FilesSymantec
SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) -
Symantec Corporation - C:Program FilesCommon FilesSymantec
SharedccPwdSvc.exe
O23 - Service: LexBce Server (LexBceS) - Unknown owner -
C:WINDOWSsystem32LEXBCES.EXE (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) -
Symantec Corporation - C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec
Corporation - C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP -
C:WINDOWSSystem32HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:Program FilesCommon FilesSymantec
SharedSNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:Program FilesCommon FilesSymantec SharedSecurity
CenterSymWSC.exe

Hosted by: Eyo Technologies Pty Ltd. Sponsored by: Actiontec Pty Ltd