Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anyone Ever Heard Of This One?


  • Please log in to reply
3 replies to this topic

#1 Kiriai

Kiriai

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 31 July 2007 - 02:37 PM

I recently had to re-install windows and didn't install all the security updates for XP SP2 immediately and on some site somewhere I picked up some massive infection... I think it was related to not having plugged all the vulnerability holes with the updates, as I did not visit any site I don't normally and I'd never picked up infection like this before... actually I've NEVER been infected as bad as I was. I picked up the core.sys/cache.core.dsk thing and between that and something else I had tons of pop-ups and computer slow-down problems. I've taken care of almost all of it and I no longer have pop-ups but I don't want to unknowingly leave some downloader or key-logger behind to mess me up later.

I've got one file that's something I don't recognize and I can't locate on any other computer I have access to.

bxhfvrmA.exe

Under Properties->Version->Internal Name/Original File Name: Both say "visfx" and "visfx.exe"

The current file name produces nothing on a google search and visfx.exe produces a single relevant result that only lists the file as "uncertain" after a "first seen" listing of Dec 2006.


Anyone know anything about this? The file is described as "System Monitor" which kinda raises a red flag for me...

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:10:05 AM

Posted 31 July 2007 - 03:02 PM

The current file name produces nothing on a google search


I found a lot, even something here

I wonder if it's filtering your web searches?

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
Chewy

No. Try not. Do... or do not. There is no try.

#3 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:07:05 AM

Posted 31 July 2007 - 06:54 PM

Welcome to Bleeping Computer Kiriai. :thumbsup:

This is information from the uninstall list here at BC:

Windows Visfix Components.

To try and avoid posting a Hijack log, download and install SUPERAntiSpyware. If you can, run the scan in Safe Mode and allow it to quarantine whatever it finds.

If these files are still present after running SAS, then post a Log in the Hijack and Analysis Forum by following the directions in the link provided by DaChew.
Please do not post the log in this forum.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#4 nemslistings

nemslistings

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 03 August 2007 - 05:23 PM

I've been working on a friend's computer for the past few days and this thing appeared on it under a spybot scan and spybot cannot get rid of it. AVG antivirus did not detect it and neither did Spyware Terminator. There is one main problem that keeps happening on that machine. When internet explorer 7 is opened, popups come up under a window titled "targeted" on nearly every page that is loaded. Then sometimes there are large bursts of spyware windows. Eventually, a windows data protection screen comes up and kills windows explorer. Is that what this core thing does or is that something else?

Edited by nemslistings, 03 August 2007 - 05:32 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users