![:bluerip:](http://www.x64bit.net/site/board/public/style_emoticons/default/dry.png)
![:dribble:](http://www.x64bit.net/site/board/public/style_emoticons/default/dry.png)
I dunno how the hell it happened but I am!
![Posted Image](http://img.photobucket.com/albums/v60/scaramonga/viri.png)
firefox.exe always running 24/7 even after reboot! We can see the 'real' version as I have Firefox open and its using correct memory resources.
If I delete the file from Task Manager it returns instantly. This is effecting NET applications like online gaming/MSN/Skype etc where they have slowed to a crawl.
NOD refuses to recognise it as does Spysweeper, Spywareblaster and Adaware. Tried a couple of online virus checkers and they don't recognise either!!
Done a search on Google and this may be the 'Poison Ivy' virus??
![:cheers:](http://www.x64bit.net/site/board/public/style_emoticons/default/worry.gif)
![:cheers:](http://www.x64bit.net/site/board/public/style_emoticons/default/worry.gif)
Reinstall is looming guyz!!
![:dribble:](http://www.x64bit.net/site/board/public/style_emoticons/default/mellow.png)
![:drunk:](http://www.x64bit.net/site/board/public/style_emoticons/default/mad.gif)
Quote
While there are other similar Remote-Admin apps used by trojan-makers, Poison Ivy quickly became popular for a number of reasons - it was new, it could be deployed without arousing much suspicion, it injected itself into the Default Browser process, and it had an attractive range of monitoring & set-up features. One such feature was the apparently unique 'Persistence' option - if enabled, the server file located on the infected system will restart itself even when the process is manually killed by the user - which means more 'up time' for the hacker - no waiting for the infected user to reboot their system or manually restart an affected application. Another handy feature is the 'Melt' function - which deletes the original infected file upon first run, so that a user cannot inspect it or uploaded to an anti-virus company's database.
This may explain why most of the popular spyware & antivirus utilities - and even the usual rootkit detectors - fail to detect anything malicious on affected systems.
Edited by scaramonga, 31 December 2006 - 08:27 AM.