ntkrnl secure site launches with web browser or on start-up

Talk about "WhatEVER !"..
Post Reply
Message
Author
collector_edi
Freshman Member
Posts: 77
Joined: Fri Dec 30, 2005 6:36 pm

ntkrnl secure site launches with web browser or on start-up

#1 Post by collector_edi » Wed Jan 10, 2007 10:08 pm

Has anyone experienced this? Is this a worm?
T60P 2623DDU
2 gb RAM
100 gb 7200 RPM DD
Top
christopher_wolf
Special Member
Posts: 5741
Joined: Sat Oct 08, 2005 1:24 pm
Location: UC Berkeley, California
Contact:
Contact christopher_wolf

#2 Post by christopher_wolf » Wed Jan 10, 2007 10:56 pm

What secure site on startup again?
IBM ThinkPad T43 Model 2668-72U 14.1" SXGA+ 1GB |IBM 701c

~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"
Top
collector_edi
Freshman Member
Posts: 77
Joined: Fri Dec 30, 2005 6:36 pm

#3 Post by collector_edi » Thu Jan 11, 2007 11:36 am

christopher_wolf wrote:What secure site on startup again?
I see "ntkrnl secure site" application appear and disappear. Not sure how this got there.
T60P 2623DDU
2 gb RAM
100 gb 7200 RPM DD
Top
egibbs
Senior Member
Senior Member
Posts: 896
Joined: Tue Apr 27, 2004 6:05 am
Location: New Jersey

#4 Post by egibbs » Thu Jan 11, 2007 2:20 pm

Based on a quick Google Search for NT Security Suite it is possibly a worm - do you run Skype? There is a Skype worm propogating since late december that is packed using the NT Security Suite.

I assume there are other legit things that use the NT Security Suite, but a trip to Trend Micro's online scanner might be in order.

Ed Gibbs
Top
christopher_wolf
Special Member
Posts: 5741
Joined: Sat Oct 08, 2005 1:24 pm
Location: UC Berkeley, California
Contact:
Contact christopher_wolf

#5 Post by christopher_wolf » Thu Jan 11, 2007 5:18 pm

Or Prevx as well, if you want.

There really should be anything trying to do that on startup, in any case.
IBM ThinkPad T43 Model 2668-72U 14.1" SXGA+ 1GB |IBM 701c

~o/
I met someone who looks a lot like you.
She does the things you do.
But she is an IBM.
/~o ---ELO from "Yours Truly 2059"
Top
collector_edi
Freshman Member
Posts: 77
Joined: Fri Dec 30, 2005 6:36 pm

#6 Post by collector_edi » Thu Jan 11, 2007 6:37 pm

I use a voice mail player from VocalData VML Player but nothing related to Skype.
egibbs wrote:Based on a quick Google Search for NT Security Suite it is possibly a worm - do you run Skype? There is a Skype worm propogating since late december that is packed using the NT Security Suite.

I assume there are other legit things that use the NT Security Suite, but a trip to Trend Micro's online scanner might be in order.

Ed Gibbs
T60P 2623DDU
2 gb RAM
100 gb 7200 RPM DD
Top
collector_edi
Freshman Member
Posts: 77
Joined: Fri Dec 30, 2005 6:36 pm

#7 Post by collector_edi » Thu Jan 11, 2007 6:45 pm

I will give PREVX a shot.
christopher_wolf wrote:Or Prevx as well, if you want.

There really should be anything trying to do that on startup, in any case.
T60P 2623DDU
2 gb RAM
100 gb 7200 RPM DD
Top
collector_edi
Freshman Member
Posts: 77
Joined: Fri Dec 30, 2005 6:36 pm

#8 Post by collector_edi » Thu Jan 11, 2007 7:47 pm

PREVx worked! It detected Axs.exe running. So far so good.
T60P 2623DDU
2 gb RAM
100 gb 7200 RPM DD
Top
Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Off-Topic Stuff”

Who is online

Users browsing this forum: No registered users and 1 guest