Possibly something new?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by aptechme, Sep 27, 2004.

  1. aptechme

    aptechme Private E-2

    Hello folks,

    Your site is wonderful and your advice has made my workday easier many, many times. I have something my co-worker found just today and he couldn't get rid of it. He didn't realize what the name represented, but I thought I would drop the name here regardless. Just in case.

    He had a problem with a file called euladisk.exe
    It acted like spyware in that it would restart everytime it's process was halted.
    I realize eula stands for End User License Agreement, but I've also never seen euladisk as one word. Google and Yahoo searches didn't produce any results.

    Anyway, have any of you seen/heard of this yet?

    ApTechMe
     
    aptechme, Sep 27, 2004
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Not me!
     
    Major Attitude, Sep 27, 2004
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Are you sure it wasn't ezula?
     
    chaslang, Sep 28, 2004
    #3
  4. aptechme

    aptechme Private E-2

    I checked with my co-worker and he said that he had looked closely, himself thinking it might have been ezula... but nope, it was euladisk.exe

    If we find out anything, I'll be certain to post. Even it turns out to be some pogram the user install and it has some strange eula file. :eek:

    Thanks for the response, folks!

    ApTechMe
     
    aptechme, Sep 28, 2004
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Sep 29, 2004
    #5
  6. aptechme

    aptechme Private E-2

    I've been following those technique for student-use lab comps since the day I noticed it had been stickied. :)

    This, i believe, is going to turn out to be some software(game or something) the staff member installed and doesn't want to tell us. It's the only instance seen from over 2500 comps, so unless it pops up again, I'll assume it isn't spyware, but a glitch.

    Thanks!

    APTechMe
     
    aptechme, Sep 30, 2004
    #6
  7. aptechme

    aptechme Private E-2

    Found another file that simply won't go away and is a strange sounding name...

    dvdhard.exe

    Acting exactly like the euladisk.exe below.
    Delete all occurrences, including registry entries, and run through the steps per this forum... only to find the registry entry etc.. back in place after reboot.

    We haven't been able to find the code that is causing these files to be so persistant. As I said before, I'll post whenever there is a change or something new found.

    We will also get a hijackthis copy as soon as we can and post it for you guys to check out.

    Thanks!

    ApTechMe
     
    aptechme, Oct 18, 2004
    #7
  8. Kodo

    Kodo SNATCHSQUATCH

    I wonder if it's some sort of copy protection software.
     
    Kodo, Oct 18, 2004
    #8
  9. aptechme

    aptechme Private E-2

    I wondered about that possibility. It could be some software the users installed and then unistalled improperly.

    These are two separate machines but I'll look into what the users may have in common and try to find some software they both use/install.

    ApTechMe
     
    aptechme, Oct 18, 2004
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds