Weird Processes - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 06-30-2004, 01:08 PM   #1 (permalink)
Junior Techie
 
Join Date: Apr 2004
Posts: 98
Default Weird Processes

OK, So I know a bit about what to look for and see a lot of extra B.S. processes running in my task manager. I run ad-aware, spybot, and still don't get them all gone. The kicker is that when I kill the process it starts itself (I'm assuming) back up but with a different name. The names always have a mix of lower and upper case letters and a number or two thrown in, but it seems to be random.

The thing that bothers me more thn anything is that something is shutting down my Norton Corporate about 30 seconds or so into every scan I start. The whole Norton thing really ticked me off so I did some filesystem and registry fishing and found some more stuff that didn't need to be there, deleted it and the problem still remained.

I ran hi-jack this and got rid of some of the entries, but that didn't have any effect on the processes I was trying to get rid of, although it did speed up my system some on reboots. It seems like something is injecting itself into my startup since there is a bit of a black screen (longer than I remember before) between the win2k3 screen with the grey scrolling bar (service initialization I think) and when it's working on bringing up all the network connections and applying the security policies.

Any help would be greatly appreciated......And don't be afraid to explain things technically, I do computers, I just can't figure out how I can't find the root of this......doh
__________________

__________________
If I\'m curt with you, it\'s because time is a factor. I think fast. I talk fast. And, I need you guys to act fast if you wanna get out of this. So, pretty please with sugar on top, clean the fu**ing car- Winston Wolf, Pulp Fiction
wansingct is offline  
Old 07-01-2004, 11:36 PM   #2 (permalink)
Newb Techie
 
Join Date: Feb 2004
Posts: 29
Default

Can you boot your system to DOS and then run norton from there??

Does safe mode still load this process??
__________________

hambo_12 is offline  
Old 07-02-2004, 08:09 AM   #3 (permalink)
Junior Techie
 
Join Date: Apr 2004
Posts: 98
Default

Update--- I think I got it all working ok. On the tip of one of my coworkers I think it was the Peper Trojan with some other associated "stuff". The way I solved it: went to the system32 folder, sorted everything by 'type' (so all the programs would be grouped togeter), unhid everything, and deleted all the programs with weird names that tried to hide themselves. Problem solved.

One great discovery though, in an e-mail my friend sent me about the Peper Trojan (he was calling it the sandboxer worm, seemed to be about the same thing in most of the research I did) I came across a program which found ALOT of stuff that adaware and spybot didn't. it's free and seems to work great.

www.ewido.com- it's the only tool they offer it seemed. Couldn't find any spyware it installed for itself or anything like that, but I could be wrong. Did a great job finding some of the leftovers from adaware and spybot.
__________________
If I\'m curt with you, it\'s because time is a factor. I think fast. I talk fast. And, I need you guys to act fast if you wanna get out of this. So, pretty please with sugar on top, clean the fu**ing car- Winston Wolf, Pulp Fiction
wansingct is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 07:40 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.