Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Invisible Virus


  • Please log in to reply
3 replies to this topic

#1 semmel

semmel

  • Deactivated
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 11 November 2005 - 06:41 PM

I don't have a lot of details on this one yet. I took the PC from a client because I couldn't fix it on-site.

I am getting tons of popup windows, and I had to disable all of Norton because it was constantly crashing the PC and making it ridiculously slow.

HJT does not show anything anymore that I can't identify as something harmless, so my guess is that this virus is not started any normal way that HJT can detect. Process Explorer didn't show anything unusual either.

I will start work on it in a few minutes and try to find some online scanner that can identify what it is. I know it creates popups, so I know it's there, but I can't find the file that's responsible because it doesn't seem to show in HJT.

I will post a HJT log as soon as I can. Until then: What other places are there where these stinkers can hide and be started by Windows?

BC AdBot (Login to Remove)

 


m

#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:39 AM

Posted 12 November 2005 - 12:51 AM

Download silent runners...do a google search and see if that can find anything.

Or use winpfind from http://www.bleepingcomputer.com/files/winpfind.php and use it in safe mode

#3 semmel

semmel
  • Topic Starter

  • Deactivated
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 12 November 2005 - 01:56 AM

Thanks for the reply.

I already heard about WinPFind and just started it.

Silent Runners looks very promising for any future problem I might get - thanks so much for that!

I'll see if I can figure out the rest from here.

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,389 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:39 AM

Posted 12 November 2005 - 11:53 PM

Post the logs from any of those programs, including hjt, if you wish and I will see if I spot anything that you may have missed. 2 eyes are better than 1




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users