Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Task Manager Revisited.

  • Please log in to reply
4 replies to this topic

#1 Constantine


  • Members
  • 275 posts
  • Location:Byron Bay, Australia
  • Local time:01:57 PM

Posted 18 November 2005 - 08:47 PM

Dear Whiz Kids,

So many processes running in my task manager. I have posted on this topic before and have subsequently spent considerable time on a couple of sites recommended to me by people here, trying to track down the various processes running on my computer. I have had limited success due to my limited intellect probably.

I have here a url where a screen shot of the task manager can be found. Could some of you cast your knowing eye over it and see if perhaps there is anything glaringly wrong running. Any other suggestions or comments would also be appreciated.


Many thanks

I thought I was wrong once, but I was mistaken.

BC AdBot (Login to Remove)


#2 tg1911


    Lord Spam Magnet

  • Members
  • 19,274 posts
  • Gender:Male
  • Location:SW Louisiana
  • Local time:09:57 PM

Posted 18 November 2005 - 10:44 PM

Your image is kind of small, and hard for me to read (old eyes :thumbsup:), but from what I can make out all looks OK, except for wscntfy.exe, if I'm reading it correctly.
If I got the spelling correctly, this is added by the Troj/Banker-FZ password-stealing Trojan for certain online Brazilian banks.

More info at this link:

Run these online virus scanners:

Also this online Trojan scanner:

Are you using these basic security programs?
(They're all free.)

aČ free - a complementary product to antivirus software which is specialized in protection against harmful software. Antivirus software often features an inadequate protection against Trojans, Dialers and Spyware. aČ fills this gap.
ewido security suite - offers protection against urgently growing threats like Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers.
Ad-Aware - A good program similar to SpyBot S & D.
Spybot S&D - Detects and removes spyware, of different types, from your computer.
Spywareblaster - A good program that prevents spyware from being installed on your computer in the first place. This program is always running in the background, protecting your computer. It prevents the installation of bad active X controls found in web pages.
SpywareGuard - A nice compliment to SpywareBlaster. This allows you the option to prevent downloads that contain bad active X controls.

If not, you need to. These programs, updated and used regularly, will do a lot to keep your computer clean of spyware, trojans, keyloggers, browser hijackers, etc...

Download them, update them, and then run them.

When installing ewido security suite, under Additional Options uncheck:
Install background guard
Install scan via context menu

Please read this tutorial on Spybot S&D before using it. Spybot can do SERIOUS damage, if not used properly.

Other useful Tutorials:
Using Ad-Aware SE
Using SpywareBlaster
Using SpywareGuard
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 Skate_Punk_21


    Crapware Killing Canuck!

  • Members
  • 185 posts
  • Local time:11:57 PM

Posted 19 November 2005 - 12:51 AM

Your image is kind of small, and hard for me to read (old eyes smile.gif), but from what I can make out all looks OK, except for wscntfy.exe, if I'm reading it correctly.
If I got the spelling correctly, this is added by the Troj/Banker-FZ password-stealing Trojan for certain online Brazilian banks.

Though TG1911 is correct, as a word of caution, make sure you run those scans before attempting any sort of removal of that file. It can also be a legit file

wscntfy.exe is a part of the Microsoft Windows Security system and outputs the current security status of your computer. This program is important for the stable and secure running of your computer and should not be terminated.

To determine the validity of that file i suggest that you Visit VirusTotal and submit the file for testing. You can do this by clicking "Browse," navigating to the correct file, Clicking "Open," then "Submit."

the file will be scanned and you will be apprised of the outcome.

Stay safe all :thumbsup:

Edited by Skate_Punk_21, 19 November 2005 - 12:54 AM.

If I've helped you in any way, please consider a donation to help me continue the fight: Posted Image
Posted Image

#4 ddeerrff



  • Malware Response Team
  • 2,735 posts
  • Gender:Male
  • Location:Upper Midwest, US
  • Local time:10:57 PM

Posted 19 November 2005 - 01:27 AM

Also note that 26 processes is NOT an excess number. My home machine is currently running 27, and my work machine - with all the corporate bleep on it normally runs around 40 or so.

#5 micaman


  • Members
  • 127 posts
  • Location:U.S.A.
  • Local time:10:57 PM

Posted 19 November 2005 - 01:59 AM

Things look well. 26 processes is excellent.

My current XP machine has 62, as I have a lot of software installed (I test a few dozen programs each month). I think you should follow "tq1911" and "skater_punk_21" and your machine will continue to run strong.

The "wscntfy.exe" tells me that you have a XP "SP2" machine running the security center by Microsoft. That is good news. Keep that machine updated as you have been. The second tuesday of each month is "patch tuesday" for Microsoft's products. And be sure you check the Microsoft Office site for those updates, as they do not show up anywhere else!

If we could get more users to update to the SP2, the internet would not have most of the troubles it does!


Edited by micaman, 19 November 2005 - 02:01 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users