Tech Support Forum - View Single Post

Guido_PA · 05-15-2008, 08:13 PM

Hi Rahina:

The results are below but something caught my attention. Earlier, I told you that the W.exe was back when I ran HijackThis. BTW, this was after a reboot. I ran it again after running Panda and rebooting. It doesn't show. What does show is the O18 item again. This was not there when I commented earlier today.

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-15 21:42:10
PROTECTIONS: 1
MALWARE: 2
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Kaspersky Internet Security 7.0.1.325 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\awa00jle\Desktop\Tools\SDFix.exe[SDFix\apps\Process.exe]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\WINDOWS\PSEXESVC.EXE
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
No C:\Documents and Settings\awa00jle\Desktop\Tools\MsnVirRem.exe
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================

TIA,

Guido

05-15-2008, 08:13 PM	#25 (permalink)
Guido_PA Registered User Join Date: Feb 2008 Posts: 17 OS: xp	Re: Had Memsweep2 and now? Hi Rahina: The results are below but something caught my attention. Earlier, I told you that the W.exe was back when I ran HijackThis. BTW, this was after a reboot. I ran it again after running Panda and rebooting. It doesn't show. What does show is the O18 item again. This was not there when I commented earlier today. ;********************************************************************************************************************************************************************************* ANALYSIS: 2008-05-15 21:42:10 PROTECTIONS: 1 MALWARE: 2 SUSPECTS: 1 ;********************************************************************************************************************************************************************************* PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== Kaspersky Internet Security 7.0.1.325 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe 00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\awa00jle\Desktop\Tools\SDFix.exe[SDFix\apps\Process.exe] 01185375 Application/Psexec.A HackTools No 0 Yes No C:\WINDOWS\PSEXESVC.EXE ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== No C:\Documents and Settings\awa00jle\Desktop\Tools\MsnVirRem.exe ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== TIA, Guido