Processes dinging the network and networked computer

By clc6583
Aug 12, 2008
Topic Status:
Not open for further replies.
  1. I am on a Dell laptop and my computer is accessing the network and the other computer on the network almost all of the time. I was gone yesterday while my husband worked at home and he said that the only time the network wasn't going full speed and one of the drives on his raid-array (sp?) wasn't being "pinged" (his word) was when my laptop was shut off.

    I have done screen shots of msconfig windows and my processes in my task manager. Can anyone see anything that should NOT be there? I've run Avast and Ad-Aware and deleted 217 things from AdAware (I'm a blog reader :/ apparently that's a bad thing). Avast found one thing while AdAware was running. Are there any programs that you can get that tell you if you have bad processes running?

    Here are the links to my screen caps. Any serious help would be appreciated.

    Well it won't let me post links :( I will have to chat a bit first I guess... bbiab
  2. clc6583

    clc6583 Newcomer, in training Topic Starter

    this is my 2nd post
  3. clc6583

    clc6583 Newcomer, in training Topic Starter

    this is my 4th post - but I'm only doing this because I need to put links in this to receive help - I am not spamming - please don't delete this - AND I have no advice to help anyone else. :D
  4. clc6583

    clc6583 Newcomer, in training Topic Starter

  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I am not going to go through all the Services and all the running processes. I will leave sites where you can get information on both. I will tell you though that 55 processes in the Task Manager are too many! On a busy day, I show 38.

    These processes are from three sources:
    1. The operating system
    2. Services either set to Automatic that started on boot or set to Manual and started when needed.
    3. The programs/apps on the Startup tab.

    Additionally, if there is malware on the system, it is also likely 'calling home'.

    To identify process in the Task Manager and on Startup:
    STARTUP APPLICATION DATABASE LIST
    http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
    http://www.sysinfo.org/startuplist.php

    To help customize Services:
    http://www.ss64.com/ntsyntax/services.html
    http://www.blackviper.com/WinXP/servicecfg.htm

    NOTE: when changing the Startup mode of a Service, the Depedency tab must be checked and the Depent Services put either to Manual or Automatic.

    Once you identify what is running, you can take everything off of the Startup except the firewall, antivirus, touchpad if laptop and network process is on network. You should disable ALL automatic updates except the antivirus program and possibly the Windows Updates. All others will be pinging their site looking for updates every day. This is not encouraged.
  6. clc6583

    clc6583 Newcomer, in training Topic Starter

    wow Thank you for the information! I'm going to actually print out my screens and sit down and go through the process of looking them all up on the task list program website and the other site. I also found another site, linking from one you gave me that has a very thorough worm/trojan detector/remover.

    I wish you could copy/paste your task list so I could do an alph list in excel and make it a lot easier.

    Yesterday, I ran Ad-Aware again, Spybot S/D and HiJackThis and quarantined/destroyed a lot of things, and I am STILL beating the heck out of the network. I wish I could figure this out before my internet priviledges at home get taken away (they won't) but it's scary after reading this other guys post about being hijacked .... I hope our "secured" network is truly secured.

    Thank you for the information.
  7. jobeard

    jobeard TS Ambassador Posts: 13,351   +301

    if one of your systems is attempting ping to another of your systems, then there's nothing to worry about.
    there are several places that use ping to verify the presence of systems.
  8. clc6583

    clc6583 Newcomer, in training Topic Starter

    Well, it's not really a ping, he means accessing a drive, not in the actual ping sense of the word.

    Ok I set my Avast to run a complete total thorough test today, of archives and everything and so far I've gotten 3 warnings of Trojan/Worms. Interesting, yesterday I got no hits and I wasn't online at all yesterday.

    I am afraid a reformat is probably in order.
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I don't see any indication for a reformat. To short the processes in alpha order, click twice on the frame above the image name in the Task Manager. This will sort in ascending order, that is A-Z.

    Identify the processes that are running. Let the antivirus remove infections it finds. Run at least 2 spyware/adware programs, remove what they find. Pare down the running processes on both the Startup menu and the Services, and you are good to go. No need to reformat.

    Run a two-way firewall for added protection.
  10. jobeard

    jobeard TS Ambassador Posts: 13,351   +301

    Formatting is premature at this point!

    If several tasks are running, the system could be expanding pagefile.sys
    which consumes excessive i/o for a long duration.
    right click My Computer->properties
    click the Advanced Tab
    click Performance Settings
    click Advanced Tab
    at the bottom of the window is the Virtual Memory Settings
    Is it ONE number or TWO and what is/are the values?
  11. clc6583

    clc6583 Newcomer, in training Topic Starter

    It says my paging file size is 1344 MB and that is all it says.
     
  12. jobeard

    jobeard TS Ambassador Posts: 13,351   +301

    ok, then the pagefile is NOT being expanded :)

    btw: it should be ~ 2x your installed ram -- I guess you have 512mb so the 1344 is a good number.
  13. clc6583

    clc6583 Newcomer, in training Topic Starter

    The full complete Avast is finally done and I have 4 quarantined items
    vmain.class
    ~.exe and a0039890.exe

    I will keep them in quarantine. I'm never quite sure once to do with these things once they're locked up - delete them?

    I also found a link to this website re: the vmain.class -
    http://icrontic.com/forum/showthread.php?t=68110

    I think I will follow these instructions here also and see what happens with a 3rd party scan.
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    You will be able to delete the quarantined items, but you may not be able to d it until you turn off System Restore, then turn it back on to remove the infected restore points:

    Control Panel> System> System Restore> check 'turn off System Restore'> Apply> OK
    Then turn it back on. The old restore point will have been removed.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.