Is it normal for the "Monitor.exe" to try to access the internet? Or do I have a bug? According to MS description, this device regulates internal functions and needs no Internet access. I have blocked it completely, after a system reinstall and putting in the firewall FIRST before connecting to anything by phone line. The firewall indicates a good deal of port scanning (eTrust), so I put in PortBlocker to help out.
What brought all this to my attention is that my previous firewall was attacked and turned off/on and adjusted without my knowing (Sygate free) and let a lot of stuff get into the machine. The balloons that pop up from the bottom of the screen indicated 'Monitor.exe' was trying to access the Net and I was getting a flurry of portscans from outside. It got worse, and other software devices became vehicles for unauthorized access as well. After using the system recovery disc for full reinstallation, it behaved well for a short time, then began regular attempts to get out to the Net again. The firewall requires ok for all traffic, except what's allowed by me, so the Monitor.exe is blocked completely. YES, you could live with it this way . . . but what does this? And can this be utilized by attackers?
I have run every detection/removal device recommended to me, and have had AdAware, SpybotS&D, SpywareBlaster, AVG Antivirus, BHODemon, MRUBlaster, and a few more, all MS updates. If there's nothing wrong with HJT log does it mean there's nothing wrong with the system? It's been an uphill battle and any help will be greatly appreciated. Thanks.
Sorry, can't get the log to post.