random processes winXXXXX.exe spawning and listening

Discussion in 'Malware Help (A Specialist Will Reply)' started by davrut, Dec 22, 2008.

  1. davrut

    davrut Private E-2

    Hello,
    I have WindowsXP SP3 (should be up to date).
    For many months, my system is plagued with some malware.
    Every 5 minutes or so, two or three files are created in my windows profile temp folder with random names beginning with win followed by 4 to 6 random alpha characters followed by .exe they all run as processes and all make some TCP/IP connection (seen with TCPview)
    It is a very annoying piece of malware. I wrote a short java program to search the temp directory for the files when they are created and terminate the processes in realtime as they are spawned.

    I have gone through the cleaning procedure described in the readme first.
    It has not gotten rid of this. Thank you in advance if anyone has any info
    about a similar situation and some possible solutions.

    davrut
     
    davrut, Dec 22, 2008
    #1
  2. Corporal Punishment

    Corporal Punishment Head of Software Shenanigans Staff Member

    That doesn't sound healthy.

    If you did the cleaning - it would help to see the logs.

    Also,
    Please begin by clicking Start > Control Panel > System > Hardware > Device Manager > View > Show Hidden Devices.
    • Scroll down to “Non-plug and Play Drivers” and click the plus icon to open those drivers.
    • Then search forTDSSserv.sys
    • Let me know if you find this or not.
    • If you do find it, right click on it, and select Disable. Do not try to uninstall it.
    • Also if TDSSserv.sys is found and you disable it, then reboot.
     
    Corporal Punishment, Dec 24, 2008
    #2
  3. davrut

    davrut Private E-2

    davrut, Dec 26, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Since you say you have done the Read and RUn First instructions, you should be attaching the requested logs:
    SAS
    MBAM
    Combo
    C:\MGLogs.zip

    HOW TO: Attach Items To Your Post
     
    TimW, Dec 26, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds