Does Task Monitor show all tasks running in WinXP?

  • Thread starter Thread starter Gary Helfert
  • Start date Start date
G

Gary Helfert

It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
 
Gary Helfert said:
It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
Click to expand...
Go to Trend Micro and get a free online scan
http://housecall.trendmicro.com/
It's possible the virus will block you from going to any known anti-virus
sites. If that's the case, go to google and search for a free online virus
scan. There are some minor one(s) that aren't well known you might be able
to get to.
 
It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
Click to expand...

It is possible to hide a process from the process list and I have seen
several virus' do this. There are 3rd party tools that, AFAIK, nothing
can hide from. Sadly i can't remember any names. Try googling for it.
Hope you get it sorted.
--
Morgan Pugh

Email (ROT13): (e-mail address removed)
Web: http://mpugh.co.uk

PGP Key at http://mpugh.co.uk/pgp.asc
 
It is possible to hide a process from the process list and I
have seen several virus' do this. There are 3rd party tools
that, AFAIK, nothing can hide from. Sadly i can't remember any
names. Try googling for it. Hope you get it sorted.
Click to expand...

try Process Explorer, freeware from here: www.sysinternals.com
 
It's obvious I've got a virus but all processes in task manager look legit.
Whatever virus I have will not allow me to run regedit.exe however renamed
copy of it runs fine. Nothing looks suspicious in the HK/Local/CurVersion or
HK/Current user/CurrentVersion/run services. Norton Live Update has been
somehow disabled. Any ideas how I might figure out the name of the virus
I've been infected with?
PS: Under Safe mode regedit.exe does work fine, as does msconfig.exe.
Click to expand...

Try the Ecan av Toolkit Utility via my web site.


Art
http://www.epix.net/~artnpeg
 
try Process Explorer, freeware from here: www.sysinternals.com
Click to expand...

Good program to have around. And be sure to see if the process that
spawned one you dont recognize is also suspicious. Some run at startup,
run something else, then quit... making it harder for you find the source
of the problem.
 
Back
Top