Had a user who called in complain about very long load times and sluggish response from her PC. So i remote into the users PC and poke around
its riddle with spyware, adware, malware etc.
remove that stuff and have a look at her hkey_local machine and hope on over to run.
What I saw freaked me out.
hundreds of entries was in the run folder. I did am export to on the registry, file size was 647K for just the run folder!
turned out there was over 6k entries of random names all pointing to a file in the program files directory
c:\program files\suppsux\srvtorv.exe
and two processes that run and can not be end tasked as each one seems to support each other.
srvtorv and vrotvrs
turns out this is another mass emailing virus with no cure for it yet. This should b fun, I had the user disconnect from the network to be safe.
its riddle with spyware, adware, malware etc.
remove that stuff and have a look at her hkey_local machine and hope on over to run.
What I saw freaked me out.
hundreds of entries was in the run folder. I did am export to on the registry, file size was 647K for just the run folder!
turned out there was over 6k entries of random names all pointing to a file in the program files directory
c:\program files\suppsux\srvtorv.exe
and two processes that run and can not be end tasked as each one seems to support each other.
srvtorv and vrotvrs
turns out this is another mass emailing virus with no cure for it yet. This should b fun, I had the user disconnect from the network to be safe.
Facebook
Twitter