Hello, I’ll try to make this as short as possible.
Tried to run a script requiring that port 80 is not used. It didn’t work, so checked in TCPView and found System:4 using it. Through ProcessExplorer I found “spjr.sys”, only reference I could find to that file is that it is suspected of being a rootkit. I have no such file on the computer, and can’t kill it through ProcessExplorer.
Tried GMER and RootRepeal pluss a few others, but none of them work on W7 X64 Ultimate. Suggestions on what I do from here ? Malware finds nothing, HijackThis shows nothing out of the ordinary, Avira finds nothing and Comodo shows no traffic and can’t kill the connection.
only thing that i can think of on how to find the rootkit if there is one is to make a bootable antimalware disk. it runs a version of windows in ram and doesnt even load the hard drive so if anything is found it can be removed with ease. here is a tutorial on how to make the disk
Really though I’d like to hear the results of Comodo Cloud Scanner and Hitman Pro. If I’m not wrong these should also be able to detect suspicious activity, although they may not be able to locate the source if it is protected by a rootkit. They’re both quick, so why not.