How to find a rogue application?

P

Photocat73

Weaksauce
Joined
Jun 21, 2006
Messages
96
I have some suspicious behavior on my home system, but have thrown all the antivirus, adware, spyware, reg scrub, online scans, port & combination scanners, and network monitoring apps that I know of at my system, to no avail...The random power down of the PC is especially bothersome! All of my antivirus, scan programs, and firewall are updated and report no problems. And yes, I only have one of each installed at a time to ensure compatibility :)
Can anyone suggest a utility that would protect itself but still listen for hidden problems? I'm running out of ideas and my networking instructor at school suggested I ask you guys/gals. The only catch is it has to be freeware or pretty cheap, as I am still a broke student. Thanks!!!

Programs used:
AVG
Avast Pro
Nessus
Ad-aware SE
Spybot S&D
Spyware Blaster
Hijack This
Advanced Port Scanner
Wot Web Scanner
Trend Micro Housecall
RegScrubXP
C-Cleaner
SANDRA
Cacti
ZoneAlarm Firewall
 
How about you tell us the symptoms? We can't help if we don't know what is happening to your systen.
 
A couple summers ago, I wrote a post that explains how to track down random reboots. I'm sure you'll find it useful; please let me know if you have any questions after reading it.
 
Thanx for the link to your post. I did find it extremely informative and will troubleshoot accordingly...Hopefully it's not the power supply flaking out on me! :)
 
Good luck. Let me know if you need any help. I don't work at Microsoft anymore, so I don't have access to some of the resources I did previously -- but if you end up with a dump file, I should still be able to have a look and give you a diagnosis.
 
As an aside, I know from experience that many rogue apps will hide themselves or cripple well-known anti-malware software. For instance, do a scan with hijack this, then rename the .exe to something retarded, like billybob.exe and run it again. You might be surprised at what shows up.

Alternatively you could download the systinternals suite of software and see what is accessing your HDD and registry.
 
I will try renaming the scan .exe as well. I did try to go to systinternals.com but was unable to find a link for downloading a suite of tools. All I was able to find references for was Scanregw.EXE I also searched Microsoft's TechNet as they supposedly added it to their site, but returned no relevant results. Where can I find this download? Thanks!
 
Did this just happen recently? Microsoft released a buggy patch and then patched it again... We had a few computers at work randomly shutdown over and over again. Or lockup the network on the computer. Very weird stuff. Ran a virus scan and Windows Update. They work OK now. Good luck.

By the way, here is a sweet Rogue removal script. It cleaned up a few of my clients computers well.
http://www.internetinspiration.co.uk/roguefix.htm
 
After much searching, scrubbing, & patching the system is back up and running. As a separate or related issue, upon testing I found the power supply was functional but flakey so I replaced that as well. Runs like a champ now, so THANKS to all you guys/gals that imparted your higher knowledge upon me. :D
 
You must log in or register to reply here.
Back
Top