Process antinfo.exe

  • Thread starter Thread starter TNS
  • Start date Start date
T

TNS

Does anyone know what the process "antinfo.exe" is? It will NOT go
away after regedit in safe mode, and reappears after process is
terminated.

Any help would be greatly appreciated.

TIA!!!

---TNS
 
TNS said:
Does anyone know what the process "antinfo.exe" is? It will NOT go
away after regedit in safe mode, and reappears after process is
terminated.

Any help would be greatly appreciated.

TIA!!!

---TNS
Click to expand...
Malware processes use random names.Have you used google to search
for"antinfo.exe"? You need to scan your system to ID the malware and
remove it.

Beginning of standard canned reply.

Update Windows. Use a firewall.
Use an Anti-Virus of your choice and keep it updated.
In Windows Explorer, set Folder Options to “show all files”.
Clean out all temp, cache, ect. files.
Download BeClean here:
http://boozet.xepher.net/beclean/

Download Sysclean from here:
http://www.trendmicro.com/ftp/products/tsc/sysclean.com
Read this(It tells you how to use it!):
http://www.trendmicro.com/ftp/products/tsc/readme.txt
Reboot into safe mode and run Sysclean, write down results, then reboot
normally.
If offending file is in “restore” read this:
http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam

Download AdAware from here:
http://www.majorgeeks.com/download506.html
Read the help files,download the winsock fix and then Update and run
AdAware.
If you lose your Internet connection after running AdAware run the fix.
Winsock Fix here:
http://www.tacktech.com/display.cfm?ttid=257

Download Spybot Search+Destroy here:
http://www.safer-networking.org/en/download/index.html
Read this:
http://www.safer-networking.org/en/tutorial/index.html
Update and run Spybot (enable all protection).

Download Spyware Blaster here: (enable all protection)
http://www.javacoolsoftware.com/spywareblaster.html

Run a couple of online scanners (pick a different one than your main AV):

BitDefender:
http://www.bitdefender.com/scan/licence.php

Norton:
http://security.symantec.com/sscv6/...d=sym&plfid=23&pkj=XHPGJRSOMVZGYYTZXPE&bhcp=1

Panda:
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

eTrust:
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

House Call:
http://housecall.trendmicro.com/housecall/start_corp.asp

If the previous do not solve your problems:
Download Bazooka here:
http://www.kephyr.com/spywarescanner/

Download SwatIt here:
http://swatit.org/

Download KL-Detector here
http://dewasoft.com/privacy/kldetector.htm

Download CWShredder here
http://www.intermute.com/spysubtract/cwshredder_download.html

Download HijackThis here:
http://www.majorgeeks.com/download3155.html
Install, run and save the log that is created. Don’t let it fix anything
yet!
You can find forums to post the log to have it analyzed here:
http://tomcoyote.org/hjt/

Download Stinger here:
http://vil.nai.com/vil/stinger/

Download eScan here:
http://www.mwti.net/antivirus/free_utilities.asp
Rename the downloaded file escan.zip and extract (with a zip program) to
C:\Downloads, which you will have to create. Run the updater
(kavupd.exe) and then run eScan (mwavscan.exe).

End of standard canned reply.
-max

--
Keeping Windows Clean: http://www.geocities.com/maxpro4u/madmax.html
Virus Cleaning+Fixes: http://www.geocities.com/maxpro4u/TechPros
Change nomail.afraid.org to neo.rr.com so you can reply by e-mail
(nomail.afraid.org has been set up specifically for
use in Usenet. Feel free to use it yourself.)
 
Thanks for the reply...it turned out to be 14 instances of one trojan
and several more besides....quicker to format, which is what we woulnd
up doing.....very nasty one, which would NOT leave inspite of registry
editing, Nortons, Trojan Remover, and Symanec's removal tool....
None of the anti-spyware progs helped at all.... We use most of the
tools you describe and thank you very much for your response!!!1

Much appreciated, amigo!!!

---TNS
 
Back
Top