Virus.

Status
Not open for further replies.

imation

In Runtime
Messages
200
Ok, so as i'm sitting here at work where I am a technician, I am completely being owned by this particular virus on this client's machine.

I have turned off system restore, I have deleted all temporary folders/files and have used a multitude of anti virus and anti spyware programs such as AdAware, AdAware Away, Spybot S&D, AVG Free, HiJackThis etc.

I have scanned through registry thoroughly and cannot locate the source of this darned Virus.

It is generating a new name (*.exe) and can be viewed running in Task Manager. As soon as its process has been ended, another randomly named .exe appears.

The trickiest part of this for me is that it doesn't display any visible symptoms, so I cannot begin to google it for a solution.

The programs I have used do not pick this up at all. Machine is running XP Home.

Does anyone have any ideas?

EDIT:: Forgot to mention there is no Startup object for this particular process. Nothing in msconfig. The process seems to be starting from c:\windows\system32 and is displayed as c:\windows\system32\RandomName.exe r

Sincerely,
Angry Tech
 
Have you tried right clicking the process and selecting end process tree? That should end the process you selected and all associated processes.
 
Yes. It just comes right back with another random name.

I've done a bit of research, it could be Nail.exe virus, but after applying all known fixes, it's still there.

I've never experianced a virus so clever before. Heh.

Keep the ideas coming!
 
Okay keep a look at the time and date. Since all files are created with a time and date stamp you can find the second file that way. Just delete any files that are created at the same time you deleet the other one. It sounds like a malware problem a buddy had. He just re-infected himself but noted the time. Fe found all the files that were created and was able to delete them once he found al 3 there were created.
 
Status
Not open for further replies.
Back
Top Bottom