Jump to content


Winsock2...ecyy.exe???!!!


  • Please log in to reply
2 replies to this topic

#1 m.oreilly

m.oreilly

    rog'er wilco

  • Admin
  • PipPipPipPipPipPip
  • 8,771 posts
  • Country:lower uncton

Posted 26 June 2007 - 08:04 PM

after a week of enjoying my latest vista reinstall, i decided to see what was up in msconfig and the local machine reg. to my surprise, an unknown startup entry was present: Winsock2 driver (unknown), and an unusual process running in task manager: "ecyy.exe". after a google, it looks as though i picked up a worm/trojan thingy :roadrunner: none of the malware detectors (AV included) found anything out of place, yet all the info i could find pointed to it being something bad. i had to kill the process in task manager (otherwise, any attempt to remove it faild) before proceeding, then a simple trip to system32, the reg, and an uncheck in startup. oh, and clear prefetch, and any restore points (including your pagefile, if active). i wonder where it came from :g: ...a torrent (lots of warnings lately, in the individual torrents user comments section of a very "popular" tracker :) )? so far so good :lol:

here is a sample of what i found regarding this supposed malware:
http://www.f-prot.co...ons/spybot.html

(i did get a "blank" email after installing my mail client, but before installing the AV... ;) )

#2 Guest_scaramonga_*

Guest_scaramonga_*
  • Guests

Posted 26 June 2007 - 10:11 PM

Good old secure Vista :roadrunner: :lol:

#3 m.oreilly

m.oreilly

    rog'er wilco

  • Admin
  • PipPipPipPipPipPip
  • 8,771 posts
  • Country:lower uncton

Posted 26 June 2007 - 10:56 PM

View Postscaramonga, on Jun 26 2007, 03:11 PM, said:

Good old secure Vista :g: :)
i have all the "protection" stuff turned off (but the thing is, i was able to remove it manualy, and quite easily, i might add (there is the possiblity that it dosen't affect vista :roadrunner: ). maybe it's more of an "xp" infection... :lol: "XPtitis"? ;)




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users