G
Guest
I have a strange problem in my notebook with XPsp2: when I work at home and I
connect to ADSL, the process NTDVM.exe starts and "inglobes" 100% of CPU.
By means of Norton GoBack, I have found, that after the connection, a ping
to google occurs (so involving cmd.exe). In particular, these are the related
commands:
/C ping -n 1 -w 1000 66.102.9.99 | find/C"(100%"
ping -n 1 -w 1000 66.102.9.99
find/C"(100%"
After these, the following occurs:
c:\windows\temp\QkstCBFsc.jpg (created/eliminated)
c:\windows\fdtnfnhrgit.exe
c:\windows\tasks\ipfqvkq|crfynpnoo.dat (substitued/modified)
c:\windows\system32\ntdvm.exe -f -i1
...and CPU goes to 100%!
I have run F-secure and Panda anti-virus, as well as Spyboot Search&Destroy,
but I have not found virus. In addition, Hijackthis does not highlightes
particular problem (at least, this is my impression..). Any suggestion to
solve the problem?
Where could be located the ping command? I have seen that some virus
(W32.Mimail.p@mm) ping to google to propagate itself, but I have not found
the virus file on my computer.. Thank you for your help
connect to ADSL, the process NTDVM.exe starts and "inglobes" 100% of CPU.
By means of Norton GoBack, I have found, that after the connection, a ping
to google occurs (so involving cmd.exe). In particular, these are the related
commands:
/C ping -n 1 -w 1000 66.102.9.99 | find/C"(100%"
ping -n 1 -w 1000 66.102.9.99
find/C"(100%"
After these, the following occurs:
c:\windows\temp\QkstCBFsc.jpg (created/eliminated)
c:\windows\fdtnfnhrgit.exe
c:\windows\tasks\ipfqvkq|crfynpnoo.dat (substitued/modified)
c:\windows\system32\ntdvm.exe -f -i1
...and CPU goes to 100%!
I have run F-secure and Panda anti-virus, as well as Spyboot Search&Destroy,
but I have not found virus. In addition, Hijackthis does not highlightes
particular problem (at least, this is my impression..). Any suggestion to
solve the problem?
Where could be located the ping command? I have seen that some virus
(W32.Mimail.p@mm) ping to google to propagate itself, but I have not found
the virus file on my computer.. Thank you for your help