Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is This A Virus-and How To Get Rid Of It


  • Please log in to reply
6 replies to this topic

#1 zevelation

zevelation

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:20 PM

Posted 25 August 2008 - 10:22 AM

sgcxcxxaspf080819.exe
found this on a sys yesterday.
webroot,avg,spybot, and various others could not control-or kill


no info on this new threat when searched

any help? suggestions?

BC AdBot (Login to Remove)

 


#2 stupidhomer

stupidhomer

  • Banned
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:20 AM

Posted 25 August 2008 - 10:41 AM

if you think this may be a virus, look for file assassin by MalwareBytes, use it on that file, just hope the file isn't something you need.

#3 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:12:20 AM

Posted 25 August 2008 - 12:10 PM

I'm going to move this to a forum where I think you'll do better
AntiVirus, Firewall and Privacy Products and Protection Methods

http://www.bleepingcomputer.com/forums/f/25/antivirus-firewall-and-privacy-products-and-protection-methods/

If this is a machine that you are sitting down and working on this specific machine, I can move you to Am I Infected?
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#4 Simargl

Simargl

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 PM

Posted 25 August 2008 - 12:23 PM

Zip it or Rar it and then upload on http://www.virustotal.com/

#5 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:20 PM

Posted 25 August 2008 - 12:50 PM

Doesn't look good: http://spywarefiles.prevx.com/RRDBHI044981...080819.EXE.html

Safety Rating: Uncertain
First seen: Aug 20 2008 (GMT)

Antivirus Detection: No third party antivirus detection observed

Anti-Spyware Detection: No third party anti-spyware detection observed

The following behaviors have been observed for this object:
Installs programs.
Deletes programs.
Runs other programs.
Hijacks running processes.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#6 zevelation

zevelation
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:20 PM

Posted 26 August 2008 - 08:50 AM

yeah. when i did research on this .exe-i only found 2 articles..literally.

not only does it disable services.
it also
=blocks usb ports (so no jumpdrives to use with tech tools)
=blocks optical drive from running (could not load any tools from a cd....or even try to ghost machine for a dirty install
and keep fingers crossed i could recover data using 'FORENSIC DATA RECOV)

=also blocks hd from being detected as a slave drive.
=does not allow network access to possiblY backup data.
=disables safe mode
so pretty much this thing is driving me crazy.

i already warned the owner of this machine ...that.... this is a good example
of always making sure to back up data. (because obviously NOW....no data -as of the moment-
can be backed up

i have a couple of other tricks left ...but i feel this is quickly becoming a lost cause. (I HATE FAILURE!)
ANY ONE ELSE WHO HAS COME ACROSS THIS...OR HAS ANY IDEAS...

IM OPEN TO ALL!

THANKS

#7 Simargl

Simargl

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 PM

Posted 26 August 2008 - 04:33 PM

Try with Hiren's BootCD




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users