|
|
#1
24th Mar 2009, 12:14
|
|||
|
|||
|
Windows 5.1.2600 Service Pack 2.
I was using IndieVolume (A program that controls the volume of individual executables) and I came across two processes called "evqcpq0tc.exe" located in C:\Documents and Settings\~Name~\Local Settings\Temp. It did not terminate unless I chose "End Process Tree" in Windows Task Manager i.e. each time I ended one the other would instantly start up a second one again. Malwarebytes detected and removed it: Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\windows resurections (Backdoor.Bot) -> Quarantined and deleted successfully. Files Infected: C:\Documents and Settings\~Name~\Local Settings\Temp\evqcpq0tc.exe (Backdoor.Bot) -> Quarantined and deleted successfully. Everything is fine now, I don't need any help or anything I'm just posting this out of curiosity because a google search didn't come up with any results and I thought it was either a new virus or it was just a randomly generated name. As far as I know it didn't do anything and I only came across it by chance. I use McAfee SecurityCenter which catches most bugs but on the odd occasion that it misses one, Malwarebytes catches it. Does anyone know what it is or come across it before? 
|
|
#2
24th Mar 2009, 16:06
|
|||
|
|||
|
Malwarebytes uses some advanced heurisitic detection so that may be why it found the threats and McAfee didn't.
__________________
 |
|
#3
24th Mar 2009, 17:32
|
||||||||||||
|
||||||||||||
|
if ani virus and other software cant delete it a trick i do is boot in safe mode and manually delete it
__________________
__________________
My System: P*L*A*Z*M*A
|
