Jump to content

TaskMgr --- presumed f/p?


Recommended Posts

Malwarebytes' Anti-Malware 1.20

Database version: 931

Windows 5.1.2600 Service Pack 3

11:34:13 AM 7/8/2008

mbam-log-7-8-2008 (11-34-07).txt

Scan type: Quick Scan

Objects scanned: 44781

Time elapsed: 7 minute(s), 31 second(s)

Registry Values Infected: 1

Files Infected: 1

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows TaskManager (Backdoor.Bot) -> No action taken.

Files Infected:

C:\WINDOWS\system32\taskmgr.exe (Backdoor.Bot) -> No action taken.


Note: As best as I can tell, these were picked up during the HEURISTIC scan




Microsoft Corporation

File Version 5.1.2600.5512 (xpsp.080413-2105)

Link to post
Share on other sites

You have task manager set to run automatically using a known bot run name .

I can make it miss MS files in the next version but I would be interested to know why you have task manager set to run at boot ?

Processes have been using an unusually high amount of CPU (on this one particular system -- which, so far as I can tell, is virus/malware/rootkit free), and so at some point, I decided to auto-launch task manager to keep an eye on things. It's been a while... so i'm not sure how I did it... perhaps via WinPatrol, adding taskmgr to its startup tab??? Is there another way I should arrange for it to auto-start? or should I just remove the auto-start?

Link to post
Share on other sites

You just had me worried for a minute :)

I was about to remove it from sdfix after seeing your post but thankfully it doesnt remove that run value under HKCU, it does get filenames by checksums or strings then removes the run keys for them but not the other way round like you mean

Keep up the great work guys, your doing an amazing job

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.