| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 70198 | 2006-06-25 09:55:00 | Task Manager Malfunction | Blue Druid (4480) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 465988 | 2006-06-25 09:55:00 | Recently and quite against my wishes, my task manager has reduced itself to remove the list of running functions or the loading leaving only the option of closing open applications with no means of even closing the screen other than the icon in the task bar. It now looks like this: www.imagef1.net.nz In addition, I have just noticed a couple of unplanned attempts to dial up. There has been no detections in AVG or reports from Kerio and an AdAware scan has shown no spyware detected. I have been unable to update Spybot S&D (Bad checksum - whatever that means). I don't know whether these issues are connected but they have occurred close enough together to make me suspicious. I can post a Hijack this log if anyone thinks this might help. |
Blue Druid (4480) | ||
| 465989 | 2006-06-25 10:00:00 | Cant help with most of your post, but do remember that with Spybot's bad checksum problem, I just uploaded that latest files from a different \mirror source. Start Spybot, click update, then when you get the update window, don't download from the first place, use the arrow beside it, and go down to one of the mirror sites. There is something written about it on the Spybot home page. Good luck. | supergran (108) | ||
| 465990 | 2006-06-25 10:03:00 | In addition, I have just noticed a couple of unplanned attempts to dial up. This is usually a sign of a dialler you've picked up from somewhere. Unless always dial my default connection is ticked / selected in IE's options I have been unable to update Spybot S&D (Bad checksum - whatever that means). Change the server you're getting the updates from. I can post a Hijack this log if anyone thinks this might help. Yup, post a HJT log. Remember to unzip the file before u run it. |
Speedy Gonzales (78) | ||
| 465991 | 2006-06-25 10:10:00 | Hi Speedy I'm not sure what you mean by 'unzip the file before running it' but this is is a C & P from the notepad file it generated. Logfile of HijackThis v1.99.1 Scan saved at 8:02:40 p.m., on 25/06/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe C:\WINNT\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINNT\Explorer.EXE C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINNT\system32\UMonit2k.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Chameleon Clock\ChamClock.exe C:\Program Files\Iconoid\iconoid.exe C:\Program Files\AllChars\AllChars.exe C:\Program Files\Rainlendar\Rainlendar.exe C:\Program Files\Wonderful\wonderfl.exe C:\WINNT\explorer.exe C:\Program Files\Grisoft\AVG Free\avgemc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.nzcity.co.nz/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microslop Internet Explorer O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Internet Anonym - {00000000-0002-0002-0000-000000000000} - c:\program files\steganos internet anonym pro 6\siaiep.dll O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINNT\system32\UMonit2k.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe O4 - HKCU\..\Run: [Iconoid] "C:\Program Files\Iconoid\iconoid.exe" -wait 0 O4 - Startup: AllChars.lnk = C:\Program Files\AllChars\AllChars.exe O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe O4 - Startup: The Wonderful Icon.lnk = C:\Program Files\Wonderful\wonderfl.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: &WordWeb... - res://C:\WINNT\wweb32.dll/lookup.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\Msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\Msjava.dll O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall 1.0\trash.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall 1.0\trash.exe (file missing) (HKCU) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperWorkstation\DKService.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe |
Blue Druid (4480) | ||
| 465992 | 2006-06-25 10:27:00 | The log looks fine to me. Altho you can tick these entries and tick fix checked. O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall 1.0\trash.exe (file missing) (HKCU) 9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\Program Files\Agnitum\Outpost Firewall 1.0\trash.exe (file missing) (HKCU) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe Tick these entries too. O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present |
Speedy Gonzales (78) | ||
| 465993 | 2006-06-25 10:27:00 | A double left click anywhere round the outside of the window that is bothering you will restore your display to the more familiar one. | zqwerty (97) | ||
| 465994 | 2006-06-25 10:45:00 | Many thanks folks. Task manager restored to it's former glory. Who'd a thunk it would be so simple? And Spybot updated fine from the mirror site so more thanks there! Speedy, I'm not sure what those entries are unless they relate to a shortcut to control panel on the desktop and the password restrictions. I seldom use IE but for some reason I couldn't get Firefox to start and I suspect that IE was dialing in for updates since it was the first time I'd opened it for yonks. Now all I need to do is figure out why firefox wouldn't open but IE would? |
Blue Druid (4480) | ||
| 465995 | 2006-06-25 10:49:00 | LOL I am just curious what this one means, ie microslop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microslop Internet Explorer |
supergran (108) | ||
| 465996 | 2006-06-25 10:54:00 | In one of my more viciously minded brain fits, I renamed the wretched thing and never renamed it back again! Maybe Microsoft will permanently delete me from approved updaters because I dared to mock the only OS I know how to use! I am sure that they will have read my pooter and will even now be planning their revenge :-) | Blue Druid (4480) | ||
| 465997 | 2006-06-25 11:04:00 | "giggle" :) | supergran (108) | ||
| 1 | |||||