Does Task Monitor show all tasks running in WinXP?

G

Gary Helfert

It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
 
S

Smoker

Gary Helfert said:
It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
Click to expand...
Go to Trend Micro and get a free online scan
http://housecall.trendmicro.com/
It's possible the virus will block you from going to any known anti-virus
sites. If that's the case, go to google and search for a free online virus
scan. There are some minor one(s) that aren't well known you might be able
to get to.
 
M

Morgan Pugh

It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
Click to expand...

It is possible to hide a process from the process list and I have seen
several virus' do this. There are 3rd party tools that, AFAIK, nothing
can hide from. Sadly i can't remember any names. Try googling for it.
Hope you get it sorted.
--
Morgan Pugh

Email (ROT13): (e-mail address removed)
Web: http://mpugh.co.uk

PGP Key at http://mpugh.co.uk/pgp.asc
 
F

Frank le Spikkin

It is possible to hide a process from the process list and I
have seen several virus' do this. There are 3rd party tools
that, AFAIK, nothing can hide from. Sadly i can't remember any
names. Try googling for it. Hope you get it sorted.
Click to expand...

try Process Explorer, freeware from here: www.sysinternals.com
 
N

null

It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
Click to expand...

Try the Ecan av Toolkit Utility via my web site.


Art
http://www.epix.net/~artnpeg
 
T

Theo

try Process Explorer, freeware from here: www.sysinternals.com
Click to expand...

Good program to have around. And be sure to see if the process that
spawned one you dont recognize is also suspicious. Some run at startup,
run something else, then quit... making it harder for you find the source
of the problem.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Does \MsMpEng.exe(1360):\memory_07d80000 mean malware? 7
CPU running at 100% 6
Regedit and Task Manager problems 8
XP Task manager, Regedit, Command prompt 9
MSCONFIG,REGEDIT,NAV2002 disappear in a few seconds after loading??? 2
bad virus 106
Running scheduled tasks 3
Strange startup task 4

Top