Re: IRC Packets being generated. Dont know where from...
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 04/29/05
- Next message: Lawrence Abrams: "Re: IRC Packets being generated. Dont know where from..."
- Previous message: Lawrence Abrams: "Re: A fatal error has occurred in IE"
- In reply to: Scott Townsend: "Re: IRC Packets being generated. Dont know where from..."
- Next in thread: David H. Lipman: "Re: IRC Packets being generated. Dont know where from..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Apr 2005 13:16:16 -0400
From: "Scott Townsend" <scott-i@.-N0-SPAMplease.enm.com>
| The only think that would seem to run the App that I cant tell would be a
| SVCHOST.EXE, there are 2 of them running. Though I know they can be
| legitimate processes. All the other processes in the Process list are
| legitimate. So unless its masquerading as something I don't see it.
|
| Its killing me... I'm about ready to Format the dang thing!
|
| I'll try the msconfig files and see what it can show me.
|
| Thanks!
| Scott<-
Scott: (Scooter ?)
You are going to have to do some work...
Download the following tools from Sysinternals -- http://www.sysinternals.com/
Process Explorer v9.03
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
TCPView v2.4
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
TDImon v1.01
http://www.sysinternals.com/ntw2k/freeware/tdimon.shtml
Use the above tools to track the source of IRC packets, either a DLL or EXE. Once the file
is identified...
Please submit the suspect file (DLL , EXE, etc..) to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against 18 different AV vendor's scanners.
Another way to submit is to send the suspect file to the following email address
scan<at>virustotal.com
{ replace <at> with @ } with only the word SCAN as the subject.
Please post back the EXACT results.
-- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm
- Next message: Lawrence Abrams: "Re: IRC Packets being generated. Dont know where from..."
- Previous message: Lawrence Abrams: "Re: A fatal error has occurred in IE"
- In reply to: Scott Townsend: "Re: IRC Packets being generated. Dont know where from..."
- Next in thread: David H. Lipman: "Re: IRC Packets being generated. Dont know where from..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
