Possible rootkit/trojan?

I set up PG for read permissions (for taskman) and disabled app control in outpost because it says taskman altered memory for explorer and Outpost denies access to network. but still - there's something funny going on. I have to use taskmanager to shut it down because when I click ok on the popup another pops up - endlessly. I think perhaps something to do with this blank spot - very suspicious

 

Hi lynchknot,

With the security apps you have running, I would suspect a bug in Security TaskManager. Does TaskInfo (or Process Explorer if you have it) show the same number of running processes and do they have the same blank line? If you can sort that display by PID, I would check your raw PG logs and and try to compare PIDs since your last boot.

Nick

 

TaskInfo does not show that blank (unnamed) app. That blank is exactly where Security task manager is getting hung up. Everytime it approaches that blank I receive a pop up.

I have reinstalled STM several times.

 

Does TaskInfo show the same number of running processes as STM?

Nick

 

I can't tell STM stops and pops. I just downloaded Process explorer and it shows the same amount of processes as windows task manager with no blanks.Where do you find a count in TaskInfo?

 

It shows in the System tab.

Nick

 

Thanks - all the same there too

 

Unless you see something unknown/strange in your PG logs, I would assume it's a STM bug.

Nick

 

You mean PG alerts? Too bad there's no STM board or help for trial users. I'm not going to buy this if it doesn't work.

 

No, click View Logfiles in the Alerts tab and the folder with your logfiles will open. Double-click the most recent logfile and it should open in Notepad.

Nick

 

OK I see. I doubt I know enough to recognize anything suspicious there.

 

Next time you boot and after your system settles down, open the current PG log, and copy/paste/post the log entries for the current session. I'll take a look at it.

Nick

 

Could it be a software conflict? It looks like you have a lot of different programs running, sooner or later there is bound to be conflicts between many different security programs all running together. I would try shutting down your apps one at a time to see if it's a software conflict.....just an idea.

 

Hi Pat_Burke,

Could very well be the case. Too many overlapping functions can cause problems.

Nick

 

Well, I shut down what I thought could be preventing access for STM: process guard, Outpost's application control, and prevx - but still receive the error.

 

upon reboot this morning I see this. SSM is, of course, System safety monitor which I have disabled due to problems at reboot. I'm wondering why, after BlackIce took a baseline that it does not recognize this dll.

 

Problem solved with Security Task Manager. I deleted a folder (STM) from "all users" application data - works now.
Looks like I will have to purchase sTm because this is "killing" me!

Screenshot: