Welcome Guest ( Log In | Click here to Register a free account now! )
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.| Important Announcement: In recognition of reaching a milestone of 1,000,000 posts on the site, we are hosting the BC 1 Million Post contest. More information about this contest can be found at the following link: Bleeping Computer 1,000,000 Post Contest - BleepingComputer Management |
![]() ![]() |
Feb 20 2006, 01:35 PM
Post
#1
|
|
|
New Member ![]() Group: Members Posts: 4 Joined: 20-February 06 Member No.: 56,036 |
Would appreciate any help in fixing. |
|
|
|
Feb 20 2006, 02:24 PM
Post
#2
|
|
![]() SPAM Magnet ![]() ![]() ![]() ![]() ![]() ![]() Group: Global Moderator Posts: 13,800 Joined: 6-May 04 From: SW Louisiana Member No.: 363 |
See if this helps:
http://support.microsoft.com/?kbid=170086 -------------------- I love being married.
It's so great to find that one special person you want to annoy, for the rest of your life. |
|
|
|
Feb 20 2006, 02:31 PM
Post
#3
|
|
![]() Forum Addict ![]() ![]() ![]() ![]() ![]() ![]() Group: Moderator Posts: 10,585 Joined: 28-October 05 From: London Member No.: 38,920 |
Welcome to BC Cajun
If tg1911's instructions do not work, Click Here to open a Kelly's Korner vbs script . Download a small .vbs file to your desktop. Once it's downloaded, run it according to the directions at the top of the Kelly's Korner page. Let me know what happens David -------------------- |
|
|
|
Feb 20 2006, 08:34 PM
Post
#4
|
|
![]() Voted most likely ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 3,674 Joined: 19-September 04 From: Collingwood, Ontario, Canada Member No.: 2,883 |
I think this page is the one that David is referring to.
-------------------- **** We use our powers for good, not evil **** When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo |
|
|
|
Feb 20 2006, 09:20 PM
Post
#5
|
|
![]() Bleepin' cat's meow ![]() ![]() ![]() ![]() ![]() ![]() Group: BC Advisor Posts: 8,524 Joined: 11-January 05 From: Baton Rouge, La. Member No.: 9,323 |
Welcome to BC Cajun.
-------------------- "2007 & 2008 Windows Shell/User Award" |
|
|
|
Feb 21 2006, 04:16 AM
Post
#6
|
|
![]() Forum Addict ![]() ![]() ![]() ![]() ![]() ![]() Group: Moderator Posts: 10,585 Joined: 28-October 05 From: London Member No.: 38,920 |
Ooops..thanks Leurgy
David -------------------- |
|
|
|
Feb 21 2006, 08:13 AM
Post
#7
|
|
|
New Member ![]() Group: Members Posts: 4 Joined: 20-February 06 Member No.: 56,036 |
Thank you, everyone, for the welcome and the suggestions. I am thrilled that Davids' vbs file did indeed fix my problem.
tg1911, thank you for your link. (Love your coat-of-arms). I have to admit that reading about editing the registry not only scares the $#!@ out of me, it makes my brain get fuzzy. Sometimes I know just enough to get myself in trouble. Any ideas on where I may have picked up PrcViewer? Could it be the Dell Support stuff? Is it malicious or legit? Anyway, thanks for the solution! |
|
|
|
Feb 21 2006, 12:43 PM
Post
#8
|
|
![]() Forum Addict ![]() ![]() ![]() ![]() ![]() ![]() Group: Moderator Posts: 10,585 Joined: 28-October 05 From: London Member No.: 38,920 |
Great, glad it worked for you
'PrcView is a process viewer utility that displays detailed information about processes running under Windows. For each process it displays memory, threads and module usage. For each DLL it shows full path and version information. PrcView comes with a command line version that allows you to write scripts to check if a process is running, kill it, etc. ' I'm sure it's legit. Does this help? David -------------------- |
|
|
|
Feb 21 2006, 01:02 PM
Post
#9
|
|
|
New Member ![]() Group: Members Posts: 4 Joined: 20-February 06 Member No.: 56,036 |
Thanks David. I just don't know how I picked it up and mcafee couldn't delete it. when I quarantined it and then deleted it, it created my System 32 window problem. if it was legitimately bundled with Dell Support or something else, I would have left it alone to begin with.
|
|
|
|
Feb 21 2006, 01:19 PM
Post
#10
|
|
![]() Forum Addict ![]() ![]() ![]() ![]() ![]() ![]() Group: Moderator Posts: 10,585 Joined: 28-October 05 From: London Member No.: 38,920 |
Might you be thinking of prcview.exe? That's completely different to the prcview program....
David -------------------- |
|
|
|
Feb 22 2006, 09:50 AM
Post
#11
|
|
|
New Member ![]() Group: Members Posts: 4 Joined: 20-February 06 Member No.: 56,036 |
David,
McAfee identifies it as a PUP ... PrcViewer. It showed up in Documents and Settings yesterday and I quarantined it. Today it is showing up as C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP51\A0008038.exe and C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP51\A0008039.exe I just wish I knew if is legitimately bundled with something. I have uninstalled the Dell Support software thinking it might have been with them. I rebooted, ran virus scan and the above showed up. Don't know if I should quarantine, try to delete or leave alone. Note: I just noticed The two files in quarantine that PrcViewer is associated with are smitrem.exe and process.exe. I had downloaded smitRem exe. as a fix for removing winhound. It is still on my desktop. I'm dizzy. |
|
|
|
Feb 22 2006, 10:40 AM
Post
#12
|
|
![]() Bleepin' cat's meow ![]() ![]() ![]() ![]() ![]() ![]() Group: BC Advisor Posts: 8,524 Joined: 11-January 05 From: Baton Rouge, La. Member No.: 9,323 |
Here is information or the to .exe files you were wondering about.
Process.exe smitrem.exe -------------------- "2007 & 2008 Windows Shell/User Award" |
|
|
|
Feb 22 2006, 12:15 PM
Post
#13
|
|
![]() Voted most likely ![]() ![]() ![]() ![]() ![]() ![]() Group: Members Posts: 3,674 Joined: 19-September 04 From: Collingwood, Ontario, Canada Member No.: 2,883 |
ackan is on the right track there however the process.exe that is bundled in smitrem is not a malicious file but rather part of the smitrem removal tool. It also gives false positives with Kapersky AV and A-Squared Trojan Remover, and perhaps other anti malware programs but those are the only two I'm aware of. There is also a pv.exe included in smitrem.
QUOTE C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP51\A0008038.exe This is part of your XP System Restore. You can remove both those entries by turning off and re-enabling System Restore. This will delete those restore points and create a new (hopefully) clean one. See Windows XP System Restore Guide -------------------- **** We use our powers for good, not evil **** When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo |
|
|
|
![]() ![]() |
| Lo-Fi Version | Time is now: 20th November 2008 - 01:24 PM |