Spyware or virus?

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

I have been having some trouble with two programs running. I delete them and
use hijackthis and make sure they are gone from startup. I then go into the
registry and delete them, after which I reboot and delete the executables in
c:\winnt and c:\winnt\system32 they mysteriously reappear the next day I am
running norton antivirus corporate edition. The name of the 2 files are
noadsense.exe, and rnaapp2.exe a search of google shows up nothing. Can
anyone shed some light on these?
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

I also might add that Microsoft antispyware program and the norton antivirus
both fail to pick it up.
"Eugene Taylor" <ewtaylor2001@fake.com> wrote in message
news:%23xGAQ%23ZgFHA.1284@TK2MSFTNGP14.phx.gbl...
> I have been having some trouble with two programs running. I delete them
and
> use hijackthis and make sure they are gone from startup. I then go into
the
> registry and delete them, after which I reboot and delete the executables
in
> c:\winnt and c:\winnt\system32 they mysteriously reappear the next day I
am
> running norton antivirus corporate edition. The name of the 2 files are
> noadsense.exe, and rnaapp2.exe a search of google shows up nothing. Can
> anyone shed some light on these?
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

There is a lot of this stuff going around in that the malware/parasite is
generating random names/processes and keeps spawning itself again. First
make sure that your programs that you use are absolutely up to date with the
latest definitions and try a second opinion such as Trend Micro Sysclean. It
may also help to boot into safe mode to try and make repairs and scan the
computer. I would also run the current version of cwshredder and AdAware SE
on your computer. You may also want to post in a newsgroup dedicated to
viruses and/or spyware. --- Steve

http://www.trendmicro.com/download/dcs.asp --- Sysclean
http://www.trendmicro.com/download/pattern.asp --- Sysclean pattern file in
..zip format
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button
--- AdAware SE
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml
-- CWShredder


"Eugene Taylor" <ewtaylor2001@fake.com> wrote in message
news:%23xGAQ%23ZgFHA.1284@TK2MSFTNGP14.phx.gbl...
>I have been having some trouble with two programs running. I delete them
>and
> use hijackthis and make sure they are gone from startup. I then go into
> the
> registry and delete them, after which I reboot and delete the executables
> in
> c:\winnt and c:\winnt\system32 they mysteriously reappear the next day I
> am
> running norton antivirus corporate edition. The name of the 2 files are
> noadsense.exe, and rnaapp2.exe a search of google shows up nothing. Can
> anyone shed some light on these?
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Thanks Steve,
I will give you and update after trying these. Also I can post the hijack
this log if need be.
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:OEFs37agFHA.1612@TK2MSFTNGP12.phx.gbl...
> There is a lot of this stuff going around in that the malware/parasite is
> generating random names/processes and keeps spawning itself again. First
> make sure that your programs that you use are absolutely up to date with
the
> latest definitions and try a second opinion such as Trend Micro Sysclean.
It
> may also help to boot into safe mode to try and make repairs and scan the
> computer. I would also run the current version of cwshredder and AdAware
SE
> on your computer. You may also want to post in a newsgroup dedicated to
> viruses and/or spyware. --- Steve
>
> http://www.trendmicro.com/download/dcs.asp --- Sysclean
> http://www.trendmicro.com/download/pattern.asp --- Sysclean pattern file
in
> .zip format
>
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button
> --- AdAware SE
>
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml
> -- CWShredder
>
>
> "Eugene Taylor" <ewtaylor2001@fake.com> wrote in message
> news:%23xGAQ%23ZgFHA.1284@TK2MSFTNGP14.phx.gbl...
> >I have been having some trouble with two programs running. I delete them
> >and
> > use hijackthis and make sure they are gone from startup. I then go into
> > the
> > registry and delete them, after which I reboot and delete the
executables
> > in
> > c:\winnt and c:\winnt\system32 they mysteriously reappear the next day I
> > am
> > running norton antivirus corporate edition. The name of the 2 files are
> > noadsense.exe, and rnaapp2.exe a search of google shows up nothing. Can
> > anyone shed some light on these?
> >
> >
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Sounds good. As far as Hijack This logs you probably would be better off
also posting in a forum or newsgroup specific for such. If you Google for
"hijack this logs" or such you should find plenty. I would be happy to take
a look but others can spot problems right away as they are used to looking
at them often. You also may want to check for malicious BHO's with
something like BHODemon. -- Steve

http://www.definitivesolutions.com/bhodemon.htm --- link to BHODemon.
http://mvps.org/winhelp2002/unwanted.htm --- tips on parasites.

"Eugene Taylor" <ewtaylor2001@fake.com> wrote in message
news:%23N9l$RigFHA.3692@TK2MSFTNGP09.phx.gbl...
> Thanks Steve,
> I will give you and update after trying these. Also I can post the hijack
> this log if need be.
> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
> news:OEFs37agFHA.1612@TK2MSFTNGP12.phx.gbl...
>> There is a lot of this stuff going around in that the malware/parasite is
>> generating random names/processes and keeps spawning itself again. First
>> make sure that your programs that you use are absolutely up to date with
> the
>> latest definitions and try a second opinion such as Trend Micro Sysclean.
> It
>> may also help to boot into safe mode to try and make repairs and scan the
>> computer. I would also run the current version of cwshredder and AdAware
> SE
>> on your computer. You may also want to post in a newsgroup dedicated to
>> viruses and/or spyware. --- Steve
>>
>> http://www.trendmicro.com/download/dcs.asp --- Sysclean
>> http://www.trendmicro.com/download/pattern.asp --- Sysclean pattern file
> in
>> .zip format
>>
> http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button
>> --- AdAware SE
>>
> http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml
>> -- CWShredder
>>
>>
>> "Eugene Taylor" <ewtaylor2001@fake.com> wrote in message
>> news:%23xGAQ%23ZgFHA.1284@TK2MSFTNGP14.phx.gbl...
>> >I have been having some trouble with two programs running. I delete them
>> >and
>> > use hijackthis and make sure they are gone from startup. I then go into
>> > the
>> > registry and delete them, after which I reboot and delete the
> executables
>> > in
>> > c:\winnt and c:\winnt\system32 they mysteriously reappear the next day
>> > I
>> > am
>> > running norton antivirus corporate edition. The name of the 2 files are
>> > noadsense.exe, and rnaapp2.exe a search of google shows up nothing. Can
>> > anyone shed some light on these?
>> >
>> >
>>
>>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom