2 replies to this topic

[m.oreilly]

after a week of enjoying my latest vista reinstall, i decided to see what was up in msconfig and the local machine reg. to my surprise, an unknown startup entry was present: Winsock2 driver (unknown), and an unusual process running in task manager: "ecyy.exe". after a google, it looks as though i picked up a worm/trojan thingy none of the malware detectors (AV included) found anything out of place, yet all the info i could find pointed to it being something bad. i had to kill the process in task manager (otherwise, any attempt to remove it faild) before proceeding, then a simple trip to system32, the reg, and an uncheck in startup. oh, and clear prefetch, and any restore points (including your pagefile, if active). i wonder where it came from ...a torrent (lots of warnings lately, in the individual torrents user comments section of a very "popular" tracker )? so far so good

here is a sample of what i found regarding this supposed malware:
http://www.f-prot.co...ons/spybot.html

(i did get a "blank" email after installing my mail client, but before installing the AV... )

[m.oreilly]

scaramonga, on Jun 26 2007, 03:11 PM, said:

Good old secure Vista

i have all the "protection" stuff turned off (but the thing is, i was able to remove it manualy, and quite easily, i might add (there is the possiblity that it dosen't affect vista ). maybe it's more of an "xp" infection... "XPtitis"?