Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

vtd_16.exe

Started by DarkSaturn , Feb 04 2005 09:06 PM

  • Please log in to reply

#1
DarkSaturn
Posted 04 February 2005 - 09:06 PM

DarkSaturn

    New Member

  • Member
  • Pip
  • 1 posts
Trend micro seems to suggest its part of Haxdoor.BA.

It launches itself at start-up, zone alarm alerted me to it trying to act as a server.

vtd_16.exe is located in C:\Windows\System32

Its somehow managing to hide itself, the file can only be seen in safe mode. I tried deleting it there, the first time it let me but the file showed up again next reboot, the next time I tried to delete it in safe mode it wouldn't do so claiming another user was using the file. I was going to try and drop another file under that name in the C:\Windows\System32 to stop it from gaining ground again on the next restart only to find that any files renamed to vtd_16.exe dissapeared (was just renaming an empty .txt file, in a different directory completely) even with show all files on, trying again it wouldn't let me create another file in the directory with that name claiming it already exists.

Are there any free spyware/virus programs out there that will get rid of this?
I'm running Spyware Doctor and AVG. Neither of which will do it. Or does anybody know all the parts I will need to get rid of to stop it respawning, there must be something allowing to to be hidden.

Cheers,

Saturn
  • 0

Advertisements

#2
Koretek
Posted 04 February 2005 - 09:36 PM

Koretek

    Member

  • Member
  • PipPipPip
  • 340 posts
Hiya Saturn,
For anyone to help you we will need to see a HijackThis log, there is the latest version in our downloads section, the link is in my signature, once you have downloaded the HijackThis also follow the 4 steps outlined in my signature and then post your HijackThis log for us to examine and help you! Also in step #3 try the TDS Anti-Trojan, you only need one of those tools in step #3.

Edited by Koretek, 04 February 2005 - 09:38 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP