Suspicious .exe files in Task Manager

Did a similar O4 line appear in you HJT log? It does not look like it from the Generic Detection Tool output. I only need the Generic Tool to be run if the O4 line came back.

If there is still an O4 line with this randomly named file, post a new HJT log.

 

I was still waiting to make sure none of these were needed for anything. If you feel comfortable that they are not required for anything, we can work on fixing those O23 lines.

Before fixing the lines with HJT you have to run services.msc again and make sure that the service is stopped and disable.

Then you can attempt to fix the O23 lines using HJT. That may not work either. You may need to do the below:

Please run HijackThis click on the "Open the Misc Tools Section" button on the open page. Then select "Delete an NT service" on the left-hand side. A "Delete a Windows NT Service" window will pop up. Try entering the following into the box and then click OK:
NTBOOTMGR
If that does not work try entering the short name: NTBOOT

Then repeat the above for NTLOAD and NTSVCMGR

Then reboot and let's see if the services are truly gone.

 

No! I'm saying exactly as I wrote. You must make sure the services have been stopped and disabled.

To do this, click Start, Run, and enter the following in the Open box: "services.msc" (without the quotes). Then click OK. Now in the Services window that pops up look for each of the below three services:
- NTBOOTMGR or short name NTBOOT
- NTLOAD
- NTSVCMGR

If you find them, you must stop it by right clicking on it then select stop. Now disable it by right clicking on it and selecting Properties. Then in the General tab see the area that says "Startup type: " click on the pull down arrow and change it to Disabled.

Then continue with the other steps using HJT.

 

Use the same steps as you just did for the other services to remove this one.
- stop & disable
- fix with HJT

 

You're welcome! I'm happy to hear things are looking normal!

Sounds like we are done here!