I have a 2002 XP box from Dell that is being flagged by my ISP for distributing malware. (Actually, I've since disconnected it from the network.)
1. When I'm logged on to the computer, I don't see anything happening using the task manager.
2. When I come back after an extended period of non-use the computer is using more memory --- about 50-100 Mb (I think). (It doesn't act like a leak --- just a one time increase in memory usage.)
3. When I come back after an extended period of non-use, the screen is sometimes locked. The computer displays the screen that says that only <computer-name>\Darrell or an administrator can unlock this computer. That is significant because fast user switching is enabled and I have not done anything to disable it. Normally, the login screen with all of the user accounts should be displayed. That means that some other process is changing the login process.
4. I scanned the computer using Malwarebytes, found the TrojanDropper virus and removed it, but that did not alter the symptoms.
5. As stated in the intro, my ISP complains about malware coming from my domain when the computer in question is connected to the network.
I have backed up all of my files and am tempted to rebuild the computer. However, if there is less painful way to fix the problem, I'd like to try that first. Also, I don't know if any of the backed up files are infected.
Any and all help is appreciated.
EDIT: Moved from XP to Am I Infected forum ~ Hamluis.
Edited by hamluis, 28 June 2010 - 10:28 AM.