I have a virus on my windows 2000 home PC, but none of the anti-virus, spyware etc… can’t find it.
When I search on the web about it, it looks like it’s an old and identify virus but what I have running on my PC is different.
I used to be 1 service running: Net Functions Monitoring - Netmon.exe, I deleted it but after a reboot it came back with a random exec file sss.exe, then fff.exe then hhh.exe etc… I tried removing all entry of it in the registry, it stills come back, I can only block it by disabling the services and also blocking access with my firewall.
Since this morning a have a new service running: Enables Javascript Support - javascript.exe
I tried all the removal fix tool for these identified viruses, but none can’t detect it.
I ran the FXMiMail from Symantec and it’s not finding it, From the description on those sites it’s as if the Virus I have is slightly different than that old 2003 Worm.
Like I said I disabled the service of NetMon.exe and Javascript.exe, so they are not currently running. It’s the only way, If I delete them they comeback under another name.
Also before someone mentions it, I was running Avast before, but since it was unable to find my virus, I installed NAV thinking maybe it’s better, but it’s not. I will go back to Avast
Logfile of HijackThis v1.99.1
Scan saved at 11:01:11 AM, on 10/08/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
I’m using NAV today because Avast wasn’t able to find it. I’m trying to get rid of this virus/worm, so I tried NAV. NAV couldn’t solve my problem either.
I’m an Avast user, I will go back to Avast and remove symantec antivirus and his resource hungry processes very soon.
I believe that you would benefit from reading this topic, a browsing, receiving email, etc. as a restricted user would limit the potential damage (no creating/placing/editing files in the system folders, etc.) in the first place.
btw here’s the new service it just created and started, here it is from hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 9:47:19 PM, on 10/08/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)