Hi, I realized that in last couple of days I haven't been able to run my task mgr. I tried the msconfig today and it failed. So I started investigating. I copied the orignal files to another location and was able to run them with different file names. Can someone please help me to identify which virus/worm is causing this? I use Firefox on XpPro and have taken all precautions. My Norton Anti-virus is out for lunch I guess - won't do live updates :( I'm curious to know what it is and how I got it! I ran the fixKlez.com in safe mode and it wasn't found. Attaching the log from HT (I had to change its name too :-). Any help/pointer is appreciated. I use MSN Messenger and Yahoo Messenger which I recently installed... I'm wondering if they are the source. I usually don't download much software (no kaazaa, etc. either). thanks. PS: sorry, not attaching HT logs since it says so in the guidelines. Please let me know if it is needed.

johngrass, The info at the link may be of some help. Why does Task Manager, MSCONFIG, or REGEDIT disappear while opening? Tufenuf

Thanks for the link. I had already looked at the link. I don't see NETSTATT.exe in the running processes list. And I don't notice any slow down, pop-ups, etc. - the only symptom currrently is that I can't run these utils. Another software besides messenger that I installed are multiDesk and mp3Encoder. thanks.

I went through the tech details of all the other viruses mentioned in the link. I don't see any of the entries in the location where the link says it should be for that specific virus :( thanks. PS: should I send my HT logs? It's not long at all.

johngrass, They don't like HijackThis logs posted on these forums. I'd recommend that you go to the link below and run the Free HouseCall on-line virus scan and let it fix anything it turns up. HouseCall Tufenuf

The Housecall/Trend Micro identified a file called hpmnt32.exe or something like that as a virus. I was suspicious of this file as it says "HP driver services" and I don't have any HP component! I already disabled the system restore on my system. Now the plan is to : - boot it in safe mode, - remove the corresponding registry entries - permanently delete the infected file anything else? I would also like to discuss how to make the system more secure in future. I had some related questions/suggestions that I want to run through someone. Is this a good forum for that? thanks :)

sorry, forgot to mention the name of the virus/work -- RBOT-GEN. thanx.