Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
I've been having problems for months. The latest symptom I noticed starting yesterday is that when I run Security Task Manager I now see the following processes (name & file) :
Ok it turned out to be pretty simple. Reinstalling STM didn't do a thing, but reinstalling HJT has cleared it up.
Funny thing - HJT doesn't install visibly. IOW I uninstalled from the control panel as usual, but afaik HJT just comes as a .exe which is on a network drive. So I ran it after uninstalling, right from the network share. Then ran STM which now looks fine, then looked at the add/rem pgms screen and HJT is there so apparently it installs itself, at least putting in registry entries when run for the 'first' time.
As far as other problems go, I recently removed a rootkit - located with TDS-3, forget which it was. Now I seem to not have problems of my connection being hijacked etc.., all scans (STM, TDS-3, AdAware, Spybot S&D, HJT) are running clean... but my system gets unstable after several hours.
What happens is that a variety of actions which all seem to do a similar thing will eventually stop working; at that point I might get away with ending the app, but eventually I'll lose my taskbar, or the modem icon disappears, or I just lose all control of my machine, so I reboot.
The actions that will do this are
- going to a link on Firefox from a click on Eudora email
- trying to save a web page from Firefox
- attempting a 'save as' from Textpad and then trying to navigate to another location on my computer in the resulting dialog box
Each of these times I note that Win Explorer seems to continue working properly, and STM doesn't show any unusual processes running. Before removing that rootkit at this point I would see malware processes running e.g. veritas.exe, tftp1234.exe (any four digits), and others.
I had been running Rootkit Revealer 1.2 with clean results before TDS found one a few days ago. But I don't recall which. I did have consistent problems with Agobot related agents so if there's an Agobot related rootkit betcha that's what I had.
Just installed and ran RKR 1.4 with clean results.
