Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I just followed all the steps explained at http://www.greyknight17.com/spyware.htm and now i need help. I'm still afraid to be infected or to get infected again.
I'm doing this Spyware/Virus check cause i find my internet connection to be anormal ... i have way too many data uploading at all times. And also because i always fail to log in to my account at Hotmail.com, i get a blank page after confirming my handle and password. Yet i can access any other website (secure or not) !!!
My ZoneAlarm always warns me about "sysdrv.exe", "16winupdate32.exe" and the "Generic Host Process for Win32 Services", but if i stops those programs i have no acces to the web at all. What to do !?
I posted my most recent HTJ log file here ... http://greyknight17.com/bb/index.php?topic=63.0 ... if it can help
Thanx
Jean-Frédéric Poitras
jeanfredericpoitras@sympatico.ca
These files are bad and must be dealt with now:
16winupdate32.exe is beagle variant
int114844.exe is spyware
SYSDRV.EXE Worm Then it connects to virus author site and downloads additional components to the local machine to e-mail automatically. The additional files will be stored in the name of SYSDRV.exe and SYSTMP.DLL in Windows directory - very bad
Go to www.housecall.antivirus.com and run their on-line AV scan
Download, install and run: AD AWARE, SPYBOT and TROJAN HUNTER from
http://www.trojanhunter.com/
These programs are responsible for all your upload activity. I'd suggest you address these immediately, or at least disconnect from the NET until you can.
0 
Can you send these"sysdrv.exe,16winupdate32.exe"with compressed file to me?i will check them
Send suspecied file to me with compressed file.my email:virus@shanguo.com
0
"Collecting" viruses is hopefully just another name for studying them, as that's how it's done.
Get an older Windows box, with a Pentium 1 processor and some RAM and load up and there are some analytical programs that even assist in researching.
0
Well there are some people who collect viruses for...hell I dunno, sport, as one would collect stamps or coins...
There are others who collect them to use them against others...
0
EC, you said:
"some analytical programs that even assist in researching."Do you have the names or links for any of those programs? I'd like to find something like that.
Thanks.
0
http://ethereal.com/ nice free packet sniffer to analyse network traffic
http://sysinternals.com/ do a registry monitor, file monitor (log process name, command(open, create, read, write, queryvalue,close), file path or registry key, n other values n things. tcpview for viewing all open / connected / unconnected programs / ports / addresses, and a great process explorer (all free) process explorer can view all handles open by a process, and all dll's loaded by a process (some malware hides behind explorer.exe or/and iexplorer.exe)
http://hexworkshop.com/ for viewing binary files .. (
upx.com for unpacking ones packed with upx :d
http://datarescue.com/ for ida, interactive disassembler, to analyze program code
i've heard something about a vm for windows, emulating windows inside windows for safety when playing with evil programs .. havent looked for it yet
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
