taskmon.exe - Dangerous
%system%\taskmon.exe
Manual removal instructions:
Antivirus Report of %system%\taskmon.exe:
%system%\taskmon.exe
W32.Novarg.A@mm is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip.
When a computer is infected, the worm will set up a backdoor into the system by opening TCP ports 3127 through 3198, which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources.
In addition, the backdoor can download and execute arbitrary files.
The worm will perform a Denial of Service (DoS) starting on February 1, 2004. It also has a trigger date to stop spreading on February 12, 2004. These two events will only occur if the worm is run between or after those dates. While the worm will stop spreading on February 12, 2004, the backdoor component will continue to function after this date.
Searches for the email addresses in the files with same extensions.
Attempts to send email messages using its own SMTP engine.
The worm looks up the mail server that the recipient uses before sending the email. If it is unsuccessful, it will use the local mail server instead.
Removal:
Open RegRun Start Control, go to the Shell DLL's tab.
Remove the "shimgapi.dll" item.
Use RegRun Terminate feature to kill taskmon.exe.
Warning!
Please, do not touch "taskmon.exe" located in the Windows folder.
The Taskmon is legitimate application for Windows 98/Me.
The worm is located in the Windows\System or in Windows\System32 folder.
%system%\taskmon.exe | Malware |
%system%\taskmon.exe | Dangerous |
%system%\taskmon.exe | High Risk |
When a computer is infected, the worm will set up a backdoor into the system by opening TCP ports 3127 through 3198, which can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources.
In addition, the backdoor can download and execute arbitrary files.
The worm will perform a Denial of Service (DoS) starting on February 1, 2004. It also has a trigger date to stop spreading on February 12, 2004. These two events will only occur if the worm is run between or after those dates. While the worm will stop spreading on February 12, 2004, the backdoor component will continue to function after this date.
Searches for the email addresses in the files with same extensions.
Attempts to send email messages using its own SMTP engine.
The worm looks up the mail server that the recipient uses before sending the email. If it is unsuccessful, it will use the local mail server instead.
Removal:
Open RegRun Start Control, go to the Shell DLL's tab.
Remove the "shimgapi.dll" item.
Use RegRun Terminate feature to kill taskmon.exe.
Warning!
Please, do not touch "taskmon.exe" located in the Windows folder.
The Taskmon is legitimate application for Windows 98/Me.
The worm is located in the Windows\System or in Windows\System32 folder.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.