Any Suggestions?

JohnWPB

Active Member
I am running XP Media center edition, and am having a major problem. If I open Internet Explorer, a new process starts called "task.exe". This will peg the processor to 100% within a couple minutes of IE being opened. I am using Firefox as my default browser, but as you know HS has issues with Firefox.

I can end the "task.exe" and IE will remain open and all is then well. I have Googled till I am blue in the face and cant seem to find resolve for this issue.

Machine:
Processor: P4 3.2Ghz
Memory: 1 Gig
OS: XP Media Center with all Svc packs and updates installed to date

What I have tried so far:
Adaware
AVG Anti Virus
Spybot Search and Destroy
Hijack This
Norton Anti Virus
Regclean

Has anyone seen this or can offer any advice on this one??? HELP!
 
first google hit:

http://www.liutilities.com/products/wintas...sslibrary/task/

task - task.exe - Process Information

Process File: task or task.exe
Process Name: W32/Randon-Z worm

Description:
task.exe is a process added by the W32/Randon-Z worm. It connects using IRC to collect commands from an online server. This program is a registered security risk and should be removed immediately. If found on your system make sure that you have downloaded the latest update for your antivirus application.
 
Sorry for the delay in the reply, was out of town for a couple days for the 4th.

I should have been a bit clearer, sorry. I also Google'd "task.exe" and found quite a bit of stuff, none of any help however.

I looked through the registry, did full searches on all my the hard drives, ran "Tau Monitor" that was supposed to find and remote the "task.exe" problem, all will no effect.

There are diffferent variants of the this file, and I tried all of the variant names in both registry and hard drive searches. I cant find it on my system anywhere! However, if I fire up IE, it starts up as a process. Even when the process is running, none of the AV scanners, Ad Scanners, Malware, Task Scanners or anything for that matter report a problem! I am going in circles here....

Anyone else have a problem anything like this, and have any suggestions?

BTW, I just ran (about 20 minutes ago) all of the latest patches, security updates and anything else that the MS Updater offered, with no evail....
 
It sounds like it's being loaded as a BHO. Hijack This should show all BHO's loaded but it may be hidden as another name. Have you used msconfig to see what all is being started up? Did you run all of the "tools" in safe mode? IF not you may never be able to get rid of it. Did you try to roll back to an earlier date? Did you try restoring your Acronis True Image?
 
Hey Rupp, thanks for the tips... I did try Hijack this, and didn't see anything out of the ordinary, if something looked remotely suspicious, I googled it... couldnt seem to find it in there.

I also ran MSconfig and shut all the stuff down as a test, as well as check the startup programs in the registry. The True Image I have is way back to a pretty stripped down XP, that is certainly a last resort. Oh, and yes, I did do all this stuff in safe mode, so that it could be deleted if it was found. I really am at a loss on this one. This is my first case of spyware/mallware/adware/worm ect in the past year or more that I could not figgure out. I am, as many of the users on here, fairly well seasoned in finding and removing this type of stuff.
 
<frustrated IT guy>
I am running into similar problems myself at work. I consider the computers a 'total loss', and the infected computers will be rebuilt as I never could remove 100% of this junk. You could try a System Restore assuming you didn't turn it off, which might get you a more recent build than the Acronis image. Otherwise, I suggest you do a rebuild and yell at whoever got it on there ;)
</frustrated IT guy>
 
Hey Frustrated....

Format--> GOOOOOD
Malware--> BAD

I give my customers the choice... want me to spend 2 hours eliminating all I can find, and cross your fingers, or 45 minutes doing a format, and a guarantee of no crud.
 
around work, we have a little song, to the tune of "Camptown Ladies"

fdisk, format, re-install, do-da, do-da
 
The system rollback hasn't failed me once. I do a daily rollback on my kids PCs and have no more junk ware problems.
 
I agree, Rollback is a great thing! However, I just counted, I have 37 programs on my quick launch bar. Not to mention start menu programs not used as frequently) It takes quite a bit of time to get all of these programs installed, preferences set ect.

Sure I installed these programs, and then did a backup, but thats just the start. If I were to go back to that point, I would lose SOOOOoo many things! Bookmarks, saved docs, preferences for all the programs, macro's, virus definations, adaware definitions, mp3's, plugins, photo's and the list goes on and on. All then to be outdated back to the time that I did the backup!

Sure, I can back much of this up, restore(rollback) and add all that in again, but this is a HUGE time consuming process to say the least. I work out of my house, running my own company. ANY down time for me, is a very bad thing.

I am the only one using this machine, and it is not infiltrated or loaded with all sorts of rogue spyware, adaware ect. This is just one simple "task.exe" that I can't figgure out where it came from, and how to get rid of it!

I have the paid version of Adaware that has the monitor running in the tray, I run Spybot every few days, I have 2(TWO) anti virus programs running at all times (AVG and Nornton), I run HiJack this routinely, constantly check the registry "Run on startup" and MSConfig..... I no longer use IE EXCEPT for viewing HS's pages(NEVER to surf the web) , as it does not work with other browsers (Or I would NEVER use it again).

Not to sound like I am un-apreceiateative here, but if I owned a pre-built machine, a Dell for instance, (My roomate has one unfortunately!) I could easily call Dell and explain the problem, and they would tell me to format and start over. Actually it would be more like [RANT] "yu are needing to be using the restore disk and all will then indeed be ok" [/RANT] That is the end all sollution, when tech support can't answer the problem or offer a sollution.
 
That is the end all sollution, when tech support can't answer the problem or offer a sollution.

It is an end all solution, but I have to take issue with the last part....It is not because the problem cannot be answered, it is simply better to do a format. With properly saved data, this should take no longer than a few hours to get your pc back and running with the programs you had installed. It is a matter of efficiency.
If it is indeed the huge job that you say... do it, and then make an image!
 
The latest generation of spyware is so persistent, it's almost impossible to remove it. So even if you only have 'one' issue, it's an issue which can cause serious computer stability problems, steals resources, so you still want to do that format.

As I mentioned earlier, I just ran into this at work, and I just took the computers out of circulation, got the managers to send out a stern warning to the employees, and I will rebuild them. A lot of work? Yes! But I counted the # of hours I spend on supporting these infected systems (clean up etc), and it took much less time to rebuild these machines by hand (no images), and manually reinstall all these applications.
 
John,
Using XP's System Restore shouldn't cause you to loose much at all if you haven't adjusted the settings. My system creates a system checkpoint everyday. So it should be as easy as going back a day or 2 prior to your problems.
 
Back
Top