on a roll

Discussion in 'malware problems & news' started by zappa, Jun 29, 2004.

Thread Status:
Not open for further replies.
  1. zappa

    zappa Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    176
    Location:
    Los Angeles, Ca.
    I am on a roll with various infections:

    Nod32 gave me this info:
    1) VBS/Psyme.W.Gen.trojan (file was datBOAO.temp)
    2) Win32/Small.I.trojan (file was msmc.exe)
    3) Win32/Collector A unknown infection type (virtool) (file was active security.ocx)

    Tonight I happenend to see a few infected files that Nod32 and I deleted yesterday, all in Windows/system folder
    1) p-1255c.exe
    2) etcpln.exe
    3) launcher.exe
    Nod32 identified all these as.. unknown but probably NewHeur-PE virus.
    Nod32 did not detect them when I restarted today but did when I used on demand scan.

    I was surfing when i got this infection from a web page and the infection tried to create new start ups including a new WinMedia Player and etcpln.exe. I use Mike Lin's "StartUp Monitor" which instzntly notified me of new startups which I denied.

    I ran RegRun and deleted, for the second time, etcpln.exe from start up.

    Nod32 couldn't delete "launcher.exe" so I renamed it then deleted it.

    I looked around for descriptions of these files at Eset and another A.V. site but could not find the exact names as I have them.

    I have tried to run TDS-3 three separate times but it freezes and or locks up with "not responding" and I have to go to "control-alt-delete" and end it from there. Unusual as TDS3 has never responded like this before.

    My OS is Win98SE.

    I have not investigated my registry. Any ideas or sugggestions on what NewHeur-PE virus is and how it reappeared after restaring today?

    thank you.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,084
    Location:
    Texas


    NewHeur-PE is the name NOD gives an unknown virus discovered using heuristics.

    Launcher.exe is an adware problem.
    INFO

    Looks like you have a lot of "stuff" on your computer.

    You could post a hijack log to start. READ

    You do have to register to post a log.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.