Outline · [ Standard ] · Linear+ Security Warning...

Hiya all,

A little heads up here as i've spent the last 2hours cleansing my system of a little fucker that was slowing the system to a crawl and also killing my web browsing - amongst other things...

it appears to be something that is currently slipping under the protection of norton, spybot s&d, spysweeper, adaware and spyware blaster - all of which are running on my comp.

The file in question is called SYSTEMNT.exe - no its not a system process and has nothing to do with windows. it resides in the c:/windows/system32 directory and is a hidden, read-only system file. you'll be needing to make hidden-system files visable to see the actual file but if you do a ctrl-alt-del key press it'll be sat in your "running processes" menu.

you need to drop into safe mode with command prompt to get rid of it as it'll take advantage of your admin/power user status to reinstall itself on reboot otherwise.

in safemode-command prompt type the following:

reboot and log in as normal then do a regedit search for systemnt.exe and delete all the keys you find (i had 3) - it claims to be part of the windows update thing in the registry but this is bollocks...

:angry:

Awai.

This post has been edited by Awai: Jun 25 2004, 09:55 AM

Maybe something to do with this: http://news.com.com/Corporate+Web+servers+...ml?tag=nefd.top

or maybe this: http://bink.nu/DesktopModules/ArticleDetai...?ArticleID=2073

Some crap going on on the net right now. :(