Jump to content

Laboo's Log


Recommended Posts

  • Administrator

Things that caught my attention (unless they were typoes) were the svhost.exe (not svchost.exe) near the bottom and hosysdrv.exe (hpsysdrv.exe?). Then of course there was the AOL bloat.

Link to post
Share on other sites
  • Replies 58
  • Created
  • Last Reply

Top Posters In This Topic

Things that caught my attention (unless they were typoes) were the svhost.exe (not svchost.exe) near the bottom and hosysdrv.exe (hpsysdrv.exe?).  Then of course there was the AOL bloat.

<{POST_SNAPBACK}>

sorry, they were both typoes.....

Link to post
Share on other sites

Things that caught my attention (unless they were typoes) were the svhost.exe (not svchost.exe) near the bottom and hosysdrv.exe (hpsysdrv.exe?).  Then of course there was the AOL bloat.

<{POST_SNAPBACK}>

sorry, they were both typoes.....

<{POST_SNAPBACK}>

any ideas yet???? My system is running better but the Ewido will not scan the memory of my system. I am also in the process of changing my internet provider, I'm getting rid of AOL. Once I get everything transfered to my new acount that is..... :eyeroll:

Link to post
Share on other sites
  • 2 weeks later...

Just wanted to clarify for those that were confused:

csrss.exe isn't supposed to show up in HJT. It was probably a trojan with a UNICODE name that made it look like the real spelling. The trick is that the malware authors are using cyrillic letters (like Russian) that look exactly like their English counterparts, but in code, don't count the same as English letters. They usually end up at the bottom of directory lists because they are characters that have a higher value than Z.

You might find more of them if you do the following:

Start > Run > cmd.exe

cd \
cd %systemroot%\system32
dir /a

At the bottom of the list, if you see anything with question marks in the filename, let us know what they are. Do not try to delete them.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...