A couple of computer questions

After closing all windows, logging off, and re-starting the computer, I looked at my task manager to see what was running. Here’s what I found:

Explorer
Navapw32
Gwhotkey
Gbmenu
Sdstat
Qttask
Wkcalrem
Mediadet
Hpotdd01
Ctnotify
Rundll
Hpwuschd
Kmaestro
Nzfporp
Ayatray
Gbpoll
Ahqtb
Hpztsb08

Some of these look as if they belong. For example, “Gb” files are probably Gateway Go-Back, “Kmaestro” I think is for the keyboard, and “Hp” files are probably for the printer. But is there anything running that shouldn’t be running? Why are so many things running?

I ran Ad-aware 6.0, and it listed C:\Windows\System\Kern32.(something). I use the Find function in the Start menu to look for kern* from time to time, since it’s a file used by the Badtrans virus. Find does not find any files with kern* in them. Also, I keep my Norton Anti-virus up to date and it has not detected any viruses. My ISP deletes any viruses before e-mail messages are sent to my computer. So why is it showing up in Ad-aware?

Speaking of Ad-aware, it’s running very slowly. What’s up with that?

Finally, how do I display “hidden files” in Win98?

I’d run HouseCall to check for viruses, then use this procedure to get rid of spyware. You can post the HijackThis log here for people to review. Also make sure you get Ad-aware SE 1.05. 6.0 isn’t the current version anymore.

In Windows Explorer go to View|Folder Options, click the View tab and select Show hidden files and folders.

This site gives a comprehensive list of things that can appear in the Task Manager and whether or not you need them.

I’d use Spybot Search and Destroy to look at the “System Startup” settings. Uncheck everything on the list, reboot and see what shows up then.

My best friend in situations like this is Google. Enter the name of process in Google, hit Search and you will find exactly what the file is and why it’s on your computer. And more often than not, if it’s a Bad File, you also get instructions on how to remove it.

Most of what you list are drivers for things like your keyboard and soundcard, and they’re running because Windows might need access to them at a nanosecond’s notice.

I use both Ad-Aware and Spybot on my computers. There’s a lot of overlap, but there are also files that one of the programs may know about that the other doesn’t. However, the file may be listed in the Windows Registry, even if it doesn’t still exist on your hard drive, and AdAware sees the reference to it there.

E-mail is not the only way to get viruses or adware, either. If you download files from untrustworthy sources (like Kazaa, or JoeBlowsSoftwareShack.com), those files can also come with viruses. Adware and spyware just dump themselves on your computer while you’re web surfing, usually without any warning.

Also, with Windows XP, adding wildcards (like *) to a file name when searching seems to make it LESS likely that it will find the file. However, you have the entire path for the file, you should be able to find it on the C drive, in the Windows folder, in the System folder.

Open any Windows window (like My Computer or My Documents), open the Tools menu, and click on Folder Options. Click the View tab at the top, and look for the line that says “Show hidden files and folders.” Make sure the radio button is turned on for that option.

HouseCall reports no viruses found. :slight_smile:

Advanced Startup Manager is great for eliminating this junk.

      • Also another setting to check is the one concerning “displaying extensions of known file types”. Some spyware/virus file types use alternate icons (such as for an image or text file) when it is really an exe or ini file.
  • Another trick that I have seen used in malicious files is that they name them with a fake name, and then a whole bunch of spaces and then an alternate name. Like this:


"updates.doc                                                    virus.exe" 


-in the hopes that you will click on it blindly: the file is really an exe, but if the screen display type your OS is set to isn’t wide enough to allow viewing the whole long filename, all you will see is the first part that says “updates.doc”. Particularly if you view your folder contents as icons.
~