periodic blank process - potential malware?

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I notice a "blank" process appear on the taskbar in XP Pro roughly every half
an hour. It appears and then goes away in 1-2 seconds before I am able to
mouse over to it and click on it to see what it is.

Does anyone have any suggestions on how to find out what this is? For
example, is there some way to log process starts in a file, which I can
examine to see what happened when these blank processes appear? Or is there
some equivalent of the unix crontab feature where I can find processes that
are scheduled to run every X minutes/hours?

Thanks

Bill Rosenblatt
billr@giantstepsmts.com
3 answers Last reply
More about periodic blank process potential malware
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Bill: Go to http://www.mlin.net/StartupCPL.shtml and download the
    standalone .exe version of "Startup Control Panel"
    Run it and look in all tabs and delete any process other than the antivirus
    and office taskbar processes.. these are easily identifiable by the icons..
    any other unidentified process found in any of the tabs, should be
    considered suspicious and deleted... This little application is very
    practical to disable/delete spyware from msconfig and the windows registry
    that would otherwise have to be deleted by hand in the event antispyware
    programs should fail to detect/delete them.

    Also download "Startup Monitor" from
    http://www.mlin.net/StartupMonitor.shtml to keep a check on startup
    programs/processes.

    Also install these free antispywares to keep your computer free from
    parasites.
    Adaware SE Personal
    Spybot Search & Destroy
    SpywareBlaster
    CWShredder
    http://www.majorgeeks.com/downloads31.html


    -----------------------------------------------
    "Bill Roseanblatt" <BillRoseanblatt@discussions.microsoft.com> escribió en
    el mensaje news:26B3E6FF-0DB4-4A78-A545-BF0D9634183F@microsoft.com...
    > I notice a "blank" process appear on the taskbar in XP Pro roughly every
    half
    > an hour. It appears and then goes away in 1-2 seconds before I am able to
    > mouse over to it and click on it to see what it is.
    >
    > Does anyone have any suggestions on how to find out what this is? For
    > example, is there some way to log process starts in a file, which I can
    > examine to see what happened when these blank processes appear? Or is
    there
    > some equivalent of the unix crontab feature where I can find processes
    that
    > are scheduled to run every X minutes/hours?
    >
    > Thanks
    >
    > Bill Rosenblatt
    > billr@giantstepsmts.com
    >
    >
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    I have looked at all startup processes and found nothing susipcious. I have
    run Norton Anti-Virus with the latest definitions, which found nothing. I
    also ran SpyBot, ASquared, and PC Bug Doctor - none found anything. Yet I am
    now more convinced that this is a virus that comes up every half an hour or
    so and uses my machine to send spam. It probably attached itself to some
    existing process; I'm not sure.

    I would really like to find out what the name of the process is and track
    down possible cures. Any way to do this?


    "Juan" wrote:

    > Bill: Go to http://www.mlin.net/StartupCPL.shtml and download the
    > standalone .exe version of "Startup Control Panel"
    > Run it and look in all tabs and delete any process other than the antivirus
    > and office taskbar processes.. these are easily identifiable by the icons..
    > any other unidentified process found in any of the tabs, should be
    > considered suspicious and deleted... This little application is very
    > practical to disable/delete spyware from msconfig and the windows registry
    > that would otherwise have to be deleted by hand in the event antispyware
    > programs should fail to detect/delete them.
    >
    > Also download "Startup Monitor" from
    > http://www.mlin.net/StartupMonitor.shtml to keep a check on startup
    > programs/processes.
    >
    > Also install these free antispywares to keep your computer free from
    > parasites.
    > Adaware SE Personal
    > Spybot Search & Destroy
    > SpywareBlaster
    > CWShredder
    > http://www.majorgeeks.com/downloads31.html
    >
    >
    > -----------------------------------------------
    > "Bill Roseanblatt" <BillRoseanblatt@discussions.microsoft.com> escribió en
    > el mensaje news:26B3E6FF-0DB4-4A78-A545-BF0D9634183F@microsoft.com...
    > > I notice a "blank" process appear on the taskbar in XP Pro roughly every
    > half
    > > an hour. It appears and then goes away in 1-2 seconds before I am able to
    > > mouse over to it and click on it to see what it is.
    > >
    > > Does anyone have any suggestions on how to find out what this is? For
    > > example, is there some way to log process starts in a file, which I can
    > > examine to see what happened when these blank processes appear? Or is
    > there
    > > some equivalent of the unix crontab feature where I can find processes
    > that
    > > are scheduled to run every X minutes/hours?
    > >
    > > Thanks
    > >
    > > Bill Rosenblatt
    > > billr@giantstepsmts.com
    > >
    > >
    >
    >
    >
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Go to the Control Panel\Internet Options\General tab\and click on Delete
    Cookies and also on Delete Temporary Internet Files.
    There are a number of online antivirus scanners that are recommended over
    any installed antivirus as they have the most latest definitions. Open your
    internet browser and paste this link on the search bar
    http://www.google.com/search?biw=995&hl=en&q=online+virus+scan&btnG=B%C3%BAs
    queda+en+Google&meta= . Or type http://www.google.com and do a search on;
    'Online antivirus scaners' or 'online virus scan' and scan your
    computer on ALL the found online scaners if you have to.
    Also open the Taskmanager (right click on the taskbar\Taskmanager) and see
    if there's any unusual process which could probably be taking up a high CPU
    percantaje, if you notice anything suspicious jot down the name and do a
    google search to find information about it.

    Also go the Run key for the Local Machine and the Current Unser and see if
    theres any suspicious process running there.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    You could also take a look on the HKEY_USERS hive in the registry editor..
    you'd have to take a look in all the Run following the same path as in the
    HKLM or HKCU. The number of Run keys to look into would be according to the
    number of user accounts on your machine.

    If the problem is recent or you have restore points that go back to when you
    first noticed the blank process you could restore the system to a previous
    date and posibly get thing back to normal.

    Download HijackThis to see if that program can help it detects all processes
    normal and not, so be carefull and make sure you know what you delete.
    http://www.majorgeeks.com/downloads31.html

    Go to this page and see if anything coincides with your's.
    http://www.geekstogo.com/forum/ReferredMysterious_window_appears_in_task_bar
    -t31035.html

    I hope any of this helps.

    ------------------------------------------------------------------
    "Bill Roseanblatt" <BillRoseanblatt@discussions.microsoft.com> escribió en
    el mensaje news:932F69CF-232A-4A69-B7C2-557564E9F702@microsoft.com...
    > I have looked at all startup processes and found nothing susipcious. I
    have
    > run Norton Anti-Virus with the latest definitions, which found nothing. I
    > also ran SpyBot, ASquared, and PC Bug Doctor - none found anything. Yet I
    am
    > now more convinced that this is a virus that comes up every half an hour
    or
    > so and uses my machine to send spam. It probably attached itself to some
    > existing process; I'm not sure.
    >
    > I would really like to find out what the name of the process is and track
    > down possible cures. Any way to do this?
    >
    >
    >
    > "Juan" wrote:
    >
    > > Bill: Go to http://www.mlin.net/StartupCPL.shtml and download the
    > > standalone .exe version of "Startup Control Panel"
    > > Run it and look in all tabs and delete any process other than the
    antivirus
    > > and office taskbar processes.. these are easily identifiable by the
    icons..
    > > any other unidentified process found in any of the tabs, should be
    > > considered suspicious and deleted... This little application is very
    > > practical to disable/delete spyware from msconfig and the windows
    registry
    > > that would otherwise have to be deleted by hand in the event antispyware
    > > programs should fail to detect/delete them.
    > >
    > > Also download "Startup Monitor" from
    > > http://www.mlin.net/StartupMonitor.shtml to keep a check on startup
    > > programs/processes.
    > >
    > > Also install these free antispywares to keep your computer free from
    > > parasites.
    > > Adaware SE Personal
    > > Spybot Search & Destroy
    > > SpywareBlaster
    > > CWShredder
    > > http://www.majorgeeks.com/downloads31.html
    > >
    > >
    > > -----------------------------------------------
    > > "Bill Roseanblatt" <BillRoseanblatt@discussions.microsoft.com> escribió
    en
    > > el mensaje news:26B3E6FF-0DB4-4A78-A545-BF0D9634183F@microsoft.com...
    > > > I notice a "blank" process appear on the taskbar in XP Pro roughly
    every
    > > half
    > > > an hour. It appears and then goes away in 1-2 seconds before I am
    able to
    > > > mouse over to it and click on it to see what it is.
    > > >
    > > > Does anyone have any suggestions on how to find out what this is? For
    > > > example, is there some way to log process starts in a file, which I
    can
    > > > examine to see what happened when these blank processes appear? Or is
    > > there
    > > > some equivalent of the unix crontab feature where I can find processes
    > > that
    > > > are scheduled to run every X minutes/hours?
    > > >
    > > > Thanks
    > > >
    > > > Bill Rosenblatt
    > > > billr@giantstepsmts.com
    > > >
    > > >
    > >
    > >
    > >
Ask a new question

Read More

Windows XP