I'm a newbie with a question. I have a process that when killed, comes back renamed but the exact same size. Avast and AVG with all the newest updates are not detecting this. I captured a copy of the .exe file, renamed it, then edited it. Looks like it uses upx 1.24 to unpack or pack itself. Wish it would be detected by something. Also did adaware as well. This machine had mucho adware, trojan horses, regular viruses. You name it, she had it. Now I'm down to just this one buggar. I've used killbox, no good, the Porgram/process just comes back renamed. Looks like when you kill the process, it deletes the corrosponding file name on the hd. BTW, its running from the c:\windows\system32 directory on a Windows XP SP! machine. (I do not dare get on the net with it until this bug is gone. made that mistake early in the game before) Can anyone help with this or is Avast interested in the file I have (renamed of course)?
Edit: Also ran stinger, and perused the registry with hijackthis and used ms's malicious program removal tool at one point......