servicepack2.exe - trojan?
From: Carol Chisholm (carol.lists_at_smalldomain.ch)
Date: 08/27/04
- Next message: Curtis: "Is Ad-aware , SPYBOT S&D 1.3 and Avast enough?"
- Previous message: Larry E. Dodd: "SP2(windows script blocking)"
- Next in thread: David H. Lipman: "Re: servicepack2.exe - trojan?"
- Reply: David H. Lipman: "Re: servicepack2.exe - trojan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 Aug 2004 20:46:07 +0200
I've a laptop with a mysterious servicepack2.exe service which I
cannot get rid of.
It's not signed by anyone, and sits in the system32 directory.
It re-installs on every reboot, when the computer is connected to the
internet.
It may be associated with an unwanted autostarting Internet Explorer
trying to install a Hot-SeXXX toolbar.
I've tried Ad-aware, updated McAfee, run stinger, turned off System
Restore, deleted everything from the run, run once and services keys
in the registry. I've deleted the executable after terminating the
service and still it comes back.
The machine is running XP SP2, and this has survived the SP2 install.
It seems to be able to disables Windows firewall, or install itself as
an exception in Windows Firewall. Zone Alarm seems to get bypassed
somehow.
Any ideas?
- Next message: Curtis: "Is Ad-aware , SPYBOT S&D 1.3 and Avast enough?"
- Previous message: Larry E. Dodd: "SP2(windows script blocking)"
- Next in thread: David H. Lipman: "Re: servicepack2.exe - trojan?"
- Reply: David H. Lipman: "Re: servicepack2.exe - trojan?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
