Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Intro - PhilS32767


  • Please log in to reply
2 replies to this topic

#1 Phil Schwarz

Phil Schwarz

  • Members
  • 484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:47 PM

Posted 24 December 2010 - 07:37 PM

Hi all --

My name is Phil Schwarz. I'm a software developer by profession, and (therefore by default :-)) the system and network administrator of our home network of a handful of desktops, laptops (and more recently an iPad and a Wii). The desktops and all but 2 of the laptops run WinXP SP3. (The outliers are an ancient 2003-vintage Dell Latitude C610 still running Win2k SP4, there mostly for me to run VNC on it and VPN into my Linux box at work, and my college-age daughter's laptop, which came with Vista installed, alas.)

Over the years we've had a few malware attacks, and until today, I've always been able to get the information I needed to identify and resolve the attacks simply by searching through what's already posted here on Bleeping Computer. But today I've run into something that still has me stumped, so I've made my first post to "Security/Am I infected? What do I do?" (http://www.bleepingcomputer.com/forums/topic369238.html) -- Malwarebytes removed *most*, but not all, of a Trojan.Agent infection my son stumbled into a couple of days ago. There's still something on the system causing the svchost.exe instance for the netsvcs group to spawn a rundll32.exe that attempts to load a malicious dll dropped by the attack that Malwarebytes has removed -- and what's odd is that the rundll32.exe does not exit when the dll is not found.

Glad to be here to introduce myself, and glad that Bleeping Computer is here!

-- Phil

BC AdBot (Login to Remove)

 


#2 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:11:47 AM

Posted 25 December 2010 - 01:09 PM

Welcome to BC!
As malware becomes more and more complex and sophisticated, so does the means to remove it. I am sure our Members can help you.
Season's compliments,
John
Whereof one cannot speak, thereof one should be silent.

#3 Phil Schwarz

Phil Schwarz
  • Topic Starter

  • Members
  • 484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:47 PM

Posted 25 December 2010 - 03:32 PM

Likewise -- happy holidays!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users