PDA

View Full Version : An annoying message although Task Manager works!


TRfan23
10-10-08, 19:45
(Request Thread Deletion)

spikejones
10-10-08, 20:15
taskmgr.exe should be located at:

C:\Windows\System32

as per your issue of not being able to access it, Im not positive, but it may have something to do with a registry issue. Better wait for Esconder to come along and suggest something.

aktrekker
11-10-08, 07:05
And I got an annoying imageshack full screen popunder.

Anyway, I used to get this from explorer or My Computer occasionally if I had a CD in the drive when I booted, then removed it. Sometimes I was even able to remove the CD while a program was looking at the drive, and it would give that error.
By any chance, is E your optical drive? If so, something may be trying to access it at startup, and Task Manager detects that problem. Or maybe it is something Task Manager is running that is trying to access the drive. Some 3rd party stuff?

TRfan23
11-10-08, 10:20
Ah I just relogged onto my laptop, and the message doesn't pop up anymore. Thank God for that! Some random problem?

EscondeR
11-10-08, 20:10
^ If that pops out again, make a screenshot of TM processes list or an ARDiag.exe (http://www.tombraiderhub.com/download/ardiag.exe) report and post it here :)

TRfan23
11-10-08, 20:16
Ok sure! I do remember some odd processes on TM (not ones I've ever seen before), can't remember what they said, but I wish I noted them down :(

EscondeR
11-10-08, 20:22
You can post the ARDiag.exe report right now and we'll see if something unruly is there :)

TRfan23
11-10-08, 20:44
---------------------------------------------------------------
AutoRuns Diagnostics for TRF v 0.5 Developed by Alex
---------------------------------------------------------------



Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
"Norton Internet Security"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Norton Internet Security
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe"
Enabled: [V]


Program:
"Allows to use visual styles without Microsoft signature."
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
UxTuneUp
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]


Program:
"IP in IP Tunnel Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
IpInIp
Program path & name:
File not found: system32\DRIVERS\ipinip.sys"
Enabled: [V]


Program:
"IPX Traffic Filter Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFlt
Program path & name:
File not found: system32\DRIVERS\nwlnkflt.sys"
Enabled: [V]


Program:
"IPX Traffic Forwarder Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFwd
Program path & name:
File not found: system32\DRIVERS\nwlnkfwd.sys"
Enabled: [V]


Program:
"Px Engine Device Driver for Windows 2000/XP"
Publisher:
"(Not verified) Sonic Solutions"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PxHelp20
Program path & name:
"c:\windows\system32\drivers\pxhelp20.sys"
Enabled: [V]


Program:
"Print Monitor (Win2k/WinXP)"
Publisher:
N/A
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs
Entry name:
Lexmark Print-2-Fax Port
Program path & name:
c:\windows\system32\lxf3pmon.dll"
Enabled: [V]


Program:
"Skype for COM API"
Publisher:
"(Verified) Skype Technologies SA"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
skype4com
Program path & name:
"c:\program files\common files\skype\skype4com.dll"
Enabled: [V]


Program:
"QuickSet"
Publisher:
"(Verified) Dell Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
QuickSet
Program path & name:
"c:\program files\dell\quickset\quickset.exe"
Enabled: [V]


Program:
"TuneUp OneClick Starter"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
Task Scheduler
Entry name:
1-Click Maintenance.job
Program path & name:
"c:\program files\tuneup utilities 2008\oneclickstarter.exe"
Enabled: [V]


Program:
"Adobe PDF Helper for Internet Explorer"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Adobe PDF Link Helper
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
Enabled: [V]


Program:
"coIEPlugIn"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Symantec NCO BHO
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\coieplg.dll"
Enabled: [V]


Program:
"IPS Browser Helper DLL"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Symantec Intrusion Prevention
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\ipsbho.dll"
Enabled: [V]


Program:
"Java(TM) Platform SE binary"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
SSVHelper Class
Program path & name:
"c:\program files\java\jre1.6.0_07\bin\ssv.dll"
Enabled: [V]


Program:
"TuneUp Theme Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Theme Extension
Program path & name:
"c:\windows\system32\uxtuneup.dll"
Enabled: [V]


Program:
"TuneUp Shredder Shell Extension"
Publisher:
"(Verified) TuneUp Software GmbH"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
TuneUp Shredder Shell Extension
Program path & name:
"c:\program files\tuneup utilities 2008\sdshelex-win32.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinRAR shell extension
Program path & name:
c:\program files\winrar\rarext.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Haali Column Provider
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Haali Matroska Shell Property Page
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Haali Matroska Thumbnail Extractor
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
Haali Column Provider
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
"PDF Shell Extension"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
PDF Shell Extension
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
Enabled: [V]


Program:
"coIEPlugIn"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
Norton Toolbar
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\coieplg.dll"
Enabled: [V]

EscondeR
12-10-08, 11:55
1. The most unruly thing here is Norton crap :mis:

2. Kill those:
Program:
"IP in IP Tunnel Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
IpInIp
Program path & name:
File not found: system32\DRIVERS\ipinip.sys"
Enabled: [V]


Program:
"IPX Traffic Filter Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFlt
Program path & name:
File not found: system32\DRIVERS\nwlnkflt.sys"
Enabled: [V]


Program:
"IPX Traffic Forwarder Driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NwlnkFwd
Program path & name:
File not found: system32\DRIVERS\nwlnkfwd.sys"
Enabled: [V]

and can stop TuneUP processes aswell - they're of low use actually ;)

So far nothing criminal... xcept that thing on letter "N" :p

TRfan23
22-10-08, 18:01
I'm back and realized from another thread how to delete those entries. Autorun program :)

I dono how to stop the tuneup processes though? In fact which ones are the TuneUp processes, I'm not so good with technical stuff :( Unless your on about them in Task Manager?

The only thing that gets on my nerves is that, my laptop gets very slow sometimes :( Pretty random ;)

How do you know which processes to delete?

spikejones
22-10-08, 22:29
you would uninstall Norton (the N word)
and you would kill (delete) the entries in the list provided by EscondeR.

EscondeR
23-10-08, 05:23
Uninstalling Norton will solve the "being slow" problem :)
Install AVG or Kaspersky and a decent firewall, e.g. Zone Alarm.

TRfan23
23-10-08, 17:51
you would uninstall Norton (the N word)
and you would kill (delete) the entries in the list provided by Alex.

I did kill those entries and I mean't how does Alex know which ones were to be deleted? Is it ones who's file locations have been lost? ...and my dad'll go haywire if I get rid of Norton. Persuasion doesn't work either :(

spikejones
23-10-08, 22:14
EscondeR is a great tech support guru and sees these reports all the time (and developed the ardiag application (check the text))

some common things that he (and I sometimes) will suggest to delete/disable:
1. dead links (File no longer exists)
2. crap like bonjour, google toolbar, yahoo toolbar, IM applications (this will not delete the program, only keep it from running automatically)
3. entries that are only letters and numbers... this is a dead giveaway of a virus/spyware/trojan application/file as the filenames are randomly generated by the installation of the malware. Nine times out of ten these files will be located in C:/Windows/system or C:/Windows/system32. Furthermore, any NON-MICROSOFT file which is located in either of those directories throws up a red flag as to the possibility of being a virus. If no publisher signature is present, this further compounds the alert and a suggestion to delete is written up.

as per not being able to get rid of norton, that is a shame and you will have to suffer from extreme slow down from that system hog. maybe when it is time to update the subscription (which must be done on a yearly basis to keep the virus definitions updated) you can suggest a better free application. Or if he insists that a free application could not possibly be better, you can suggest Kaspersky which is both better and consumes less resources.

TRfan23
24-10-08, 13:02
Alex is a great tech support guru and sees these reports all the time (and developed the ardiag application (check the text))

some common things that he (and I sometimes) will suggest to delete/disable:
1. dead links (File no longer exists)
2. crap like bonjour, google toolbar, yahoo toolbar, IM applications (this will not delete the program, only keep it from running automatically)
3. entries that are only letters and numbers... this is a dead giveaway of a virus/spyware/trojan application/file as the filenames are randomly generated by the installation of the malware. Nine times out of ten these files will be located in C:/Windows/system or C:/Windows/system32. Furthermore, any NON-MICROSOFT file which is located in either of those directories throws up a red flag as to the possibility of being a virus. If no publisher signature is present, this further compounds the alert and a suggestion to delete is written up.

as per not being able to get rid of norton, that is a shame and you will have to suffer from extreme slow down from that system hog. maybe when it is time to update the subscription (which must be done on a yearly basis to keep the virus definitions updated) you can suggest a better free application. Or if he insists that a free application could not possibly be better, you can suggest Kaspersky which is both better and consumes less resources.

Ah cool I like these error fixing programs, and good for Alex. More bad news - Well I did something stupid last night. I was kind of messing around with that Auto Run program (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx), where you can delete which programs that autorun. I deleted ones I well, I kind of like fiddling a lot. So I randomly deleted some programs that 'autorun'. The consequences of this are:

1. I cannot open the 'Control Panel'.
2. I cannot view system properties.
3. I'll have to post another report incase you spot anything missing, that shouldn't be.


---------------------------------------------------------------
AutoRuns Diagnostics for TRF v 0.5 Developed by EscondeR
---------------------------------------------------------------



Program:
"Norton Internet Security"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Norton Internet Security
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe"
Enabled: [V]


Program:
"Px Engine Device Driver for Windows 2000/XP"
Publisher:
"(Not verified) Sonic Solutions"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PxHelp20
Program path & name:
"c:\windows\system32\drivers\pxhelp20.sys"
Enabled: [V]


Program:
"Dell Wireless WLAN Card Logon Provider"
Publisher:
"(Not verified) Dell Inc."
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvi der\Order
Entry name:
BCMLogon
Program path & name:
"c:\windows\system32\bcmlogon.dll"
Enabled: [V]


Program:
"Skype for COM API"
Publisher:
"(Verified) Skype Technologies SA"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
skype4com
Program path & name:
"c:\program files\common files\skype\skype4com.dll"
Enabled: [V]


Program:
"QuickSet"
Publisher:
"(Verified) Dell Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
QuickSet
Program path & name:
"c:\program files\dell\quickset\quickset.exe"
Enabled: [V]


Program:
"Adobe PDF Helper for Internet Explorer"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Adobe PDF Link Helper
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
Enabled: [V]


Program:
"coIEPlugIn"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Symantec NCO BHO
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\coieplg.dll"
Enabled: [V]


Program:
"IPS Browser Helper DLL"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Symantec Intrusion Prevention
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\ipsbho.dll"
Enabled: [V]


Program:
"Java(TM) Platform SE binary"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
SSVHelper Class
Program path & name:
"c:\program files\java\jre1.6.0_07\bin\ssv.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinRAR shell extension
Program path & name:
c:\program files\winrar\rarext.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Haali Column Provider
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Haali Matroska Shell Property Page
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Haali Matroska Thumbnail Extractor
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
Haali Column Provider
Program path & name:
c:\program files\combined community codec pack\filters\haali\mmfinfo.dll"
Enabled: [V]


Program:
"PDF Shell Extension"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
PDF Shell Extension
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
Enabled: [V]


Program:
"coIEPlugIn"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
Norton Toolbar
Program path & name:
"c:\program files\norton internet security\engine\16.0.0.125\coieplg.dll"
Enabled: [V]

EscondeR
24-10-08, 16:42
^ First try to retreat to latest System Restore Point before your really stupid action (sorry I was to name that with it's own name). You have removed some vital signed Microsoft entries that are not indicated by ARDiag.exe program due to it's purpose to find malware.
Remember for future, never do/kill things you don't understand the purpose of!

You can check if the following are stopped (in Autoruns) and reenable them (I hope you haven't deleted them completely):


Winmgmt service in Services section
any of .cpl files in Explorer section

spikejones
24-10-08, 22:33
have you tried an earlier restore point than wednesday? You should be able to see a calendar and roll back to any previously working date. Otherwise you may need to do a full reinstall (or a repair install)

TRfan23
25-10-08, 11:18
have you tried an earlier restore point than Wednesday? You should be able to see a calendar and roll back to any previously working date. Otherwise you may need to do a full reinstall (or a repair install)

There's no other date earlier! Besides in the past I've always deleted old restore points ;) :(

Ah! I know one way that might work! Would do scheduling a system error check work? Where it checks the HDD for errors and bad sectors!
I remember one time Tune Up deleted some really important system files, and the disc check recovered them somehow?

EscondeR
25-10-08, 12:55
Ah! I know one way that might work! Would do scheduling a system error check work?

Nope, that won't work. Boot from your Windows XP Installation CD and perform a Repair installation.