• Hi Guest - Come check out all of the new CP Merch Shop! Now you can support CigarPass buy purchasing hats, apparel, and more...
    Click here to visit! here...

A little computer help request

LilBastage

LilBastage

Meat is murder! Tasty, tasty murder.
Joined
Oct 25, 2005
Messages
5,462
Location
Somewhere, out there.
I know this isn't a computer forum, but so many here seem to be knowledgeable I thought I would ask.

I am running WinXP with all the updates up until 2 nights ago. Using Firefox and Thunderbird. I have an application that keeps popping up while I am connected to the internet that I cannot identify. It pops up about every 10 minutes or so and shuts down about as quickly as it starts up. It doesn't show up in my ZoneAlarm logs and my virus scan and AdAware and SpyBot scans are clean. There aren't any strange processes running that I can see and it pops up and closes so quickly that I can't see what it is.

I've gone through selective startup and all that and I've disabled all of my automatic updating stuff one item at a time.

Is there a way I can log the applications that start up or try to start up?

Any other ideas?
 
Do a windows restore going back two nights ago, maybe a little longer to be safe. You will not lose anything, only new downloads since that time.

Brian

Edit to add - start up in safe mode to find the restore function!
 
http://www.merijn.org/files/hijackthis.zip
Download this.

Run (do a system scanand save log file) it and post the log for me.


ALso under other stuff click on config
Under config there is a misc tools button click on that. run the process manager. than also run generate startup list and post that for me.


This will look at every process and starup entry that is in your registry.

Hopefully this will tell us something.
 
LilBastage said:
Is there a way I can log the applications that start up or try to start up?

Any other ideas?
Click to expand...
Right Click "My Computer" > choose Manage > goto System Tools > Event Viewer > and highlight Application. On the right you will see a log of all the applications and what they have been doing. You can double-click one of the entrys to get more detail; you can also just scroll up or down from the more detail window. Go to the time when this popup thing was happening and see if you can find the entry in the log file. Since you don't know what the application is, you will have to associate it to a time. Then you can do a google search for what that process is to see if it is something you want to be running on your computer or not.

GL,
- C
 
Let's keep that to email please. Don't need that long ass report posted here. JMO.


alexgtp said:
Run the process anager. than also run generate startup list and post that for me.
This will look at every process and starup entry that is in your registry.

Hopefully this will tell us something.
Click to expand...
 
1) Go to control panel/add remove programs and se what applications are loaded on the PC

if you see something unfamiliar - google/internet search it to find out what it is.

Uninstall the program if it is bad. - If it is adaware or a virus - you may have to do more)

Whatever site you found the information about the program on may have removal procedures.



Still having issues...

2) Go to Start\Run and type MSCONFIG (hit enter)

Then go to the tab on the right (the last tab) and look at whats kicking off in 'startup'.

Google the names of the EXE files you don't know...to find out what they are.

Once you know what's kicking off - you may find a BAAAAD program running.

If you do find one - whatever site you found the EXE info on should have info on removing it from the system.



BEFORE SYSTEM RESTORE:

System restore does not have to be done in 'safe mode' - what should be done in safe mode

is the running of all of the Adware and Hijack This and virus scan software.

Use system restore as a last resort as the virus or adaware may already reside in the restore folder.



my 2c



PM me if you want to know more. I'll be glad to walk you through some things.



Gary
 
This procedure might sound primitive, but for the most part, 99% of trojans/worms/hijackers I've seen usually install themselves to either the root of C:\ or Windows\System32 and sometimes in the Documents and Setting folder. I've recently abandoned using Spyware/Malware "detection" tools and utilize a manual process for most instances of finding and removing them.

My first step is to check for new entries in the "Run" Key in the registry for suspect programs (simplified by clicking the "Startup" tab after running "msconfig" from the "Run..." command box)

I also check for suspect running processes using Task Manager and kill any suspect processes.

Finally I'll do a search for new files in the root of C:\, Windows\System32, and Documents and Settings\username. Sometimes, you can also find some of the lesser intrusive spyware/malware instances in the Program Files directory or checking the Add/Remove section in the Control Panel.

Once you've determined the suspect filename or application, you can usually find cleaner tools and/or removal procedures with a little googling.

Good Luck!
 
Thanks for all of the suggestions. I'll get to work on this a little more later today and get back with some results. I'll e-mail anything that is really long so as not to take up board space with it.

More to come...
 
You must log in or register to reply here.
Top