It's Norton who saved me again......In A Different Way Though !!!

Ya.......The title says it all.......Norton saved me again.

 

Every time I start my PC , I have a habit of checking which processes are running and to see if there is any

 suspicious process.

 

From last 2-3 days I have been hunting a process named "msimfo.exe" ........yes it is msimfo.exe.

as some unexpected crashes,slowdowns,error messages were happening. 

 

I immediately came to know that there is something weired going on in my system.:smileysurprised:

 i killed that process.......but it came back after restart(obvious)...and I still couldn't find the source of this....its file. 

 

Then after looking into logs of NIS , I found the info. I needed to really hunt it down.(Source file was in RECYCLER folder)

..Hence I couldn't locate it. 

 

Still amazed how NIS missed it .......I scanned the RECYCLER folder with MBAM.....and it came up with "Worm.Autorun.B"

 inside the file msimfo.exe...............I found it. :smileyvery-happy:

 

It required me a reboot for removal......but after removal...there was no such process running....nor was the file present (Hunting successful):smileyhappy:

 

So even though NIS missed it ......its log catched it......and hence I could remove it.

 

I can't imagine how much underground/hidden damage could that virus have done if NIS log was not there

 

Norton saved me again...in a different way !!

Thank you very much Norton....in a different way !!! 

 

 

NIS 2010 (17.0.0.136) , Xp Sp3. 

Message Edited by Shridhar on 10-09-2009 03:21 PM