Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Boot.exe, virus?


  • Please log in to reply
4 replies to this topic

#1 doktorfaustus77

doktorfaustus77

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 28 June 2005 - 03:56 PM

:thumbsup: I came to this forum looking for help. I hope this is the right section to post my problem. Forgive my simple usage of computer terms. I am forced to substitute the real terms with my simple ones.

My wife is a medical transcriptionist. While working she runs Wavpedal, word and has presto wrapper open. Lately, while working she noticed that the computer seems to become very overburdened, like all of the memory is being sucked up by a process. In particular when she opens the presto wrapper file, the computer usage jumps up to 100%. We couldn't figure why this uses so much. Upon closer examination I saw that another program seemed to be running alongside it and was using 50-60% This is called BOOT.EXE. I searched the internet and am fairly sure this is a type of virus or trojan. It only runs when this type of file is opened.

I have run Spybot, Adaware and Microsoft anti-spyware and they do not detect it. I also have Norton Anti-virus which does not detect BOOT.EXE. I only can see it running in the processes in the task manager. How can I be rid of this? How can I be sure it is a trojan?

Thank you to anyone who reads this. My wife depends on this computer for work so its very important. Please go easy on me I am not very adept at computer speak.

BC AdBot (Login to Remove)

 


m

#2 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:12:04 PM

Posted 28 June 2005 - 06:01 PM

Hello doktorfaustus77 and welcome to BC.

According to our Startup Database (see the top of this page) Boot.exe may be a trojan. Try running a trojan specific anti-virus program. I like a-squared. You can get the full version on trial or the free version.

Failing that, your next best option is to post a HiJack This Log for our team to look at. See How to submit a Hijackthis Log for instructions.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#3 doktorfaustus77

doktorfaustus77
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 28 June 2005 - 09:08 PM

Thanks for the reply Leurgy. I ran a squared which unfortunately did not rid me of Boot.exe. It did however remove other spyware that other programs did not pick up, thanks. What I find strange is that it only appears as a process in the task manager when presto wrapper files are open. I will post the log (when I figure out how to) on the other forum. Thanks again. BTW anyone else who feels they can add anything please do. :thumbsup:

#4 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:12:04 PM

Posted 28 June 2005 - 10:09 PM

From Castlecops:

StartupList Deep Dive
!! THIS IS A STARTUP PROGRAM AND NOT A TASK MANAGER PROCESS ITEM !!
Field Value
Name boot
Command boot.exe
Status X
Description Added by the Troj/Puppet-A Trojan!

"X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
http://castlecops.com/s9494-boot_exe.html

#5 doktorfaustus77

doktorfaustus77
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 28 June 2005 - 10:39 PM

Thanks enthusiast. All of this is very frustrating for a guy like me. I don't really know a ton about computers so editing the registry and all of that makes me very apprehensive. I wonder why the programs I used could not detect it.

Right now it's only noticible symptom is the extremely high cpu usage and the noise that comes with it. SOunds like when the computer is idle and you move the mouse, except it never shuts off till you end that program. When I end the process and the cpu swings way back to normal.

If I were being hijacked how would I know? I forgot to add that I think I have had this for at least two months I only recently decided to investigate. So far nothing heinous has happened, I hope it stays that way :thumbsup:

Thanks again everyone, you have been helpful to me!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users