Question : MSsoft A-ware Clean - Ad-Ware/Spyware!!??

MSsoft A-ware Clean - Ad-Ware/Spyware!!??
Just recently many of my Win2003 domain XP SP2 clients started having problems access LAN/Internet Websites and network-related applications also were intermittently disconnecting!

The only evidence was an EventID 4226 Warning regarding TCP max connection limit reached.

From that I identified the cause to be approx. 10 persistent half-open (SYN-SENT) TCP connections from 'nsvsef.exe' to non-existent LAN IP destinations and sometimes Internet IP's.

NSVSEF.EXE Path:
C:\Program files\Symantec Antivirus\

I was able to locate and delete the following registry entries which were associated to the above filename:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

HKCU\Software\ASProtect
HKU\.default\Software\ASProtect

Also, I rename the EXE at logon to BAK with a script.

NOTE: I am seeing these items get recreated automatically and I am not able to identify how as of yet.

HAS ANYONE SEEN THIS?
IS THIS IN FACT A MALICIOUS TROJAN?

(AS OF 7/8/07: IT IS NOT DOCUMENTED ON THE INTERNET)

Answer : MSsoft A-ware Clean - Ad-Ware/Spyware!!??

PAQed with points refunded (500)

Computer101
EE Admin

Random Solutions

how can we duplicate a MS SQL Database on the SAME server and give it a new name?

Overflow Problem In Access VBA

WORKBOOK_OPEN Event not firing

automating ssh using expect

Can't connect to Exchange over VPN connection

XP keeps turning off wireless zero configuration

Outlook Rules not working

How do I open a DOS Window in Home XP

Passing Crystal Reports Parameter to subreport filter

how many rules can you create in outlook 2007