Results 1 to 15 of 15
  1. #1
    Bronze Lounger
    Join Date
    Feb 2001
    Location
    Escondido, California, USA
    Posts
    1,458
    Thanks
    0
    Thanked 1 Time in 1 Post

    Pesky Programs (XP Home SR1)

    I've recently been helping a widow lady from my church with her computer. It seems she had unknowingly permitted someone (probably a teenager) access to her computer, and this has resulted in perhaps the most polluted system I've ever seen. I've spent over four hours removing links to adult sites, cleaning out spyware, getting the latest NAV downloads installed, scanning with NAV, removing virus's and worms, scannining with AdAware and removing spyware. However, upon running MSCONFIG I find several more suspicious programs running on startup. For example:

    ACBtnMgr_X73.exe
    ACMonitor_X73.exe
    diagent.exe
    isass.exe
    csrss.exe
    smss.exe
    devidr32.exe

    I'm not sure what the above are although some web sites list some of them as associated with virus's. If so, then NAV hasn't detected them much less removed them.

    Any suggestions as to how to check out and/or remove them?

    I was successful in getting her ISP connection going, but now it pops up and wants to dial immediately after booting. I need to turn that feature off If I can find where the setup is.

    At least now I've set her up with a password to her account (which is the system admin account) so that no one can use it without her knowing about it.

  2. #2
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Pesky Programs (XP Home SR1)

    I'm not going to try to look up any of the names you mentioned, Chuck, but rather let you continue to let you do the detective work you've obviously already been doing. Here's a couple of links to sites that have been helpful in the past at identifying programs and determining whether they're needed or not.

    http://www.sysinfo.org/startuplist.p...=&count=&type=
    http://www.answersthatwork.com/Taskl...s/tasklist.htm

  3. #3
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts

    Re: Pesky Programs (XP Home SR1)

    Here ya go Chuck .................... here's a list of what I found and where

    These two are likely related to a Lexmark Printer
    C:PROGRA~1LEXMAR~1[r]ACMonitor_X73.exe[/r]
    C:PROGRA~1LEXMAR~1[r]AcBtnMgr_X73.exe[/r]

    From here
    Process File: isass or isass.exe
    Process Name: isass
    Description: Virus added to the system as a result of variant of the OPTIX PRO TROJAN that opens TCP port 3410 and allows a hacker to control an infected computer.
    Company: N/A
    System Process: No
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
    Common Errors: N/A

    And here
    Process File: csrss or csrss.exe
    Process Name: Client/Server Runtime Server Subsystem
    Description: Windows client server run-time subsystem handles Windows and graphics functions for all subsystems.
    Company: Microsoft Corp
    System Process: Yes
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
    Common Errors: N/A

    and here
    Process File: smss or smss.exe
    Process Name: Session Manager Subsystem
    Description: Application that is used to start, manage, and delete user sessions or client sessions under Terminal Server.
    Company: Microsoft Corp.
    System Process: Yes
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
    Common Errors: N/A

    And you're on your own on the last one. <img src=/S/igiveup.gif border=0 alt=igiveup width=31 height=23>
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  4. #4
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Pesky Programs (XP Home SR1)

    Chuck,

    The easiest way is to just disable them one at a time or so from msconfig, see what ( if anything ) isn't working correctly. No apparent problem with them disabled? Then search for them and rename them for a while to make sure you don't really need them, then delete them. My guess is, you won't need them.

    Bob
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  5. #5
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Pesky Programs (XP Home SR1)

    Many of the items you listed are neither spyware, viruses or Trojans. Rather, they are part of the normal anatomy and physiology of Microsoft Windows XP. For example:

    Issas or Issas.exe in and of itself is a normal default process and not a virus. It is often mislabeled this on googled threads because it can be part of a common error message that gets thrown to newsgroups.

    IPSEC and Issas are also discussed extensively in the <A target="_blank" HREF="http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechnol/winxppro/reskit/prork_overview.asp">Microsoft

  6. #6
    Bronze Lounger
    Join Date
    Feb 2001
    Location
    Escondido, California, USA
    Posts
    1,458
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Pesky Programs (XP Home SR1)

    Thanks to all the above Loungers. As best as I can tell none of the items I listed are bad guys. The first two I listed are, in fact, Lexmark printer programs, and it seems the rest are legitimate although I find none of them running on my XP Home computer, so I assume they are not critical. I may do as suggested: remove them one at a time and see if nothing happens.

  7. #7
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Pesky Programs (XP Home SR1)

    I know you know this well, but am reminding you--a favor you can do for this friend is to set her up with Spybot and Adaware to run regularly--say once a week or so, and to have her defrag once in a while.

    SMBP

  8. #8
    5 Star Lounger PaulB's Avatar
    Join Date
    May 2002
    Location
    Ottawa, Ontario
    Posts
    765
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Pesky Programs (XP Home SR1)

    Chuck,

    <hr>I've set her up with a password to her account (which is the system admin account) so that no one can use it without her knowing about it<hr>

    You may want to consider setting her up with an ordinary user account for day-to-day use and minimize the possibility of inadvertent errors.

    Cheers,
    Regards,
    PaulB

  9. #9
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Pesky Programs (XP Home SR1)

    Here is a extract from MS, be careful and read the NOTE. The NOTE will apply to Nortons, Windows Update, most firewalls and etc.

    Limited account
    The limited account is intended for someone who should be prohibited from changing most computer settings and deleting important files. A user with a limited account:
    Generally cannot install software or hardware, but can access programs that have already been installed on the computer.
    Can change his or her account picture and can also create, change, or delete his or her password.
    Cannot change his or her account name or account type. A user with a computer administrator account must make these kinds of changes.
    Can manage his or her network passwords, create a reset password disk, and set up his or her account to use a .NET Passport.

    Note
    Some programs might not work properly for users with limited accounts. If so, change the user's account type to computer administrator, either temporarily or permanently.

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  10. #10
    Bronze Lounger
    Join Date
    Feb 2001
    Location
    Escondido, California, USA
    Posts
    1,458
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Pesky Programs (XP Home SR1)

    Thanks for the reminder. I've already loaded and run AdAware. SpyBot is next. I use both on my personal machines.

  11. #11
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Pesky Programs (XP Home SR1)

    One Spybot payoff that will be particularly helpful to her is to show her to click Tools in the left pane because the list of processes is more specific and defnitive than on the Windows Task Manager, and here are some tutorials on Spybot you can pass along. Spybot's "Help" is also very good.

    Post 349032 Spybot S&D Help Tutorials

    SMBP

  12. #12
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Pesky Programs (XP Home SR1)

    Dave

    I believe you have Norton Internet Security 2004?

    I am getting on orange Email "warning" on the status screen for the AntiVirus component, and I suspect that this is because I have another XP account whose security/access is defined as "limited". Outlook Express hasn't even been set up in this XP account! I haven't managed to confirm this because of the rebooting involved, so I wonder if you're come across the problem?

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  13. #13
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Pesky Programs (XP Home SR1)

    I have Norton's 2004 suite but I have NOT installed Norton Internet Security 2004. I use <img src=/S/free.gif border=0 alt=free width=30 height=15> version of ZoneAlarm. I have NAV set to check out going email, and yes I to get a orange email warning. This has NOTHING to do with a limiyed account, just the setting from checking the out going email.

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  14. #14
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Pesky Programs (XP Home SR1)

    Perhaps I didn't express myself clearly (being at work, you see)! What I mean is that when I inspect the Settings screen (going back one screen from your screenshot, I think!) the Email line is in orange, indicating an error. Everything seems to work OK,. though, and I haven't got very far with the fairly rubbishy search engine for the Symantec knowledgebase. I will have to be more precise and do a screen shot at home!

    Thanks!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  15. #15
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Pesky Programs (XP Home SR1)

    I to had that once, but a reboot cleared things up.

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •