Virus. - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 07-22-2005, 10:46 PM   #1 (permalink)
True Techie
 
Join Date: Mar 2003
Posts: 200
Default Virus.

Ok, so as i'm sitting here at work where I am a technician, I am completely being owned by this particular virus on this client's machine.

I have turned off system restore, I have deleted all temporary folders/files and have used a multitude of anti virus and anti spyware programs such as AdAware, AdAware Away, Spybot S&D, AVG Free, HiJackThis etc.

I have scanned through registry thoroughly and cannot locate the source of this darned Virus.

It is generating a new name (*.exe) and can be viewed running in Task Manager. As soon as its process has been ended, another randomly named .exe appears.

The trickiest part of this for me is that it doesn't display any visible symptoms, so I cannot begin to google it for a solution.

The programs I have used do not pick this up at all. Machine is running XP Home.

Does anyone have any ideas?

EDIT:: Forgot to mention there is no Startup object for this particular process. Nothing in msconfig. The process seems to be starting from c:\windows\system32 and is displayed as c:\windows\system32\RandomName.exe r

Sincerely,
Angry Tech
__________________

imation is offline  
Old 07-22-2005, 11:07 PM   #2 (permalink)
Monster Techie
 
Join Date: May 2004
Location: /usr/root/mn/us
Posts: 1,118
Default

Have you tried right clicking the process and selecting end process tree? That should end the process you selected and all associated processes.
__________________

__________________

Its a frigging Laptop, not a Labtop!!!!
bla!! is offline  
Old 07-22-2005, 11:36 PM   #3 (permalink)
True Techie
 
Join Date: Mar 2003
Posts: 200
Default

Yes. It just comes right back with another random name.

I've done a bit of research, it could be Nail.exe virus, but after applying all known fixes, it's still there.

I've never experianced a virus so clever before. Heh.

Keep the ideas coming!
imation is offline  
Old 07-23-2005, 03:54 AM   #4 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default

Okay keep a look at the time and date. Since all files are created with a time and date stamp you can find the second file that way. Just delete any files that are created at the same time you deleet the other one. It sounds like a malware problem a buddy had. He just re-infected himself but noted the time. Fe found all the files that were created and was able to delete them once he found al 3 there were created.
__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 10:21 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.