Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is This A Virus/trojan?


  • Please log in to reply
5 replies to this topic

#1 stevealmighty

stevealmighty

    Bleepin' WormBreath


  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:10:11 PM

Posted 23 February 2006 - 01:04 AM

Ok, my comp started lagging tonight. I ran the usual stuff and didn't come up with anything out of the ordinary. It's still lagging. So, I started up windows task manager and checked out the running process's (not that I know what I'm looking at, I just wanted to see what was running and if it was sucking up all my cpu power). I saw the following..... WUAUCLT.EXE that was going on and off for 2% of the cpu %. So I looked it up on bleeping computer and it said it was bad! So, I exited the looked at the task manager again and it was gone! I updated my antivirus (which was already up to date, updated today automatically) and the RTV scan didn't pick anything up. I'm running symantec aka nortons corporate gold edition). So, I don't know if I'm infected or what. Any advice on what to do from here?

Thanks in advance!
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image

BC AdBot (Login to Remove)

 


#2 stidyup

stidyup

  • Members
  • 641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:11 PM

Posted 23 February 2006 - 03:26 AM

If you think you are infected submit a hijackthis log to the HJT Forum.

How to submit a hijackthis log

Download Hijackthis

Try running the following from safe mode (Getting to safe-mode) Sysclean you'll also need the virus template file from here lpt***.zip remember to extract the contents of the zip file into the same folder as Sysclean.com

or

DrWeb CureIT

or

KASFX which is powered by the Kaspersky AV engine, you will need internet access to update it. If you haven't got net access in safe mode, update it before you use it.

If your good with the command line also try Sophos Command Line scanner this command will scan all of your hdd's SAV32CLI.EXE -F -di -remove -dn -mbr -all -zip -p=avscanlog.txt and give you a log file to review afterwards.

Also try installing and running A2 Free and Ewido again run from safe mode.

I'd also run Spybot(Spybot Tutorial) and Adaware

If your using Win2K/XP run adaware/spybot from "safe mode with command prompt" If your using Win9x just run it from safe mode the command line options aren't needed..

At the C:\ prompt type the following:-

cd\
C:\progra~1\spybot~1\spybotsd.exe /autocheck /autofix
cd\
C:\progra~1\lavasoft\ad-awa~1\ad-aware.exe

#3 stevealmighty

stevealmighty

    Bleepin' WormBreath

  • Topic Starter

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:10:11 PM

Posted 23 February 2006 - 08:51 AM

Ouch....looks like some great information there. I'll try that when I get home tonight ( I posted that last night around 1 am). I'll post back with my results.

Thanks! :thumbsup:
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image

#4 stevealmighty

stevealmighty

    Bleepin' WormBreath

  • Topic Starter

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:10:11 PM

Posted 23 February 2006 - 07:34 PM

Sorry for the back to back posting, but I didn't want everyone to think that I was ignoring you!

It's gone now, whatever it was. That Ewido program works pretty good, as it said that it caught a bunch of stuff even after I did the adaware scan (along with spybot s&d, CWS shredder, and hijack this!).

I'd like to thank everyone who posted their insight.....it was all helpful :thumbsup: :flowers: :inlove:

I'm still going to submit a hijack this log as a "follow up" for lack of a better term though! Better to be safe than sorry!

Hats off to all of you for helping me out (and everyone else) on a daily basis! Big thanks and much appreciated :trumpet: :huh:
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image

#5 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 23 February 2008 - 07:17 AM

If you think you are infected submit a hijackthis log to the HJT Forum.

How to submit a hijackthis log

Download Hijackthis

if I may; as the HJT team is a bit swamped , I beleive they would prefer folks follow the steps on this guide first with the specific scans in that guide

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

I understand that by so doing the infections, if any can be 'identified' BY the team over here to determine if a log IS needed or not, and thus help to reduce the work load ON the HJT team :thumbsup:

#6 stevealmighty

stevealmighty

    Bleepin' WormBreath

  • Topic Starter

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:10:11 PM

Posted 23 February 2008 - 10:51 AM

if I may; as the HJT team is a bit swamped , I beleive they would prefer folks follow the steps on this guide first with the specific scans in that guide

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

I understand that by so doing the infections, if any can be 'identified' BY the team over here to determine if a log IS needed or not, and thus help to reduce the work load ON the HJT team :thumbsup:


You are right! Thanks ruby1!The staff here does prefer that members post first in the Am I Infected? What do I do? section first, then, if need be, follow the steps in the "Preperation guide" before posting a HJT log. In the Am I Infected section, there's some good pinned topics that might help too!

Oh, and on a side note, this topic is 2 years old! It's from February 23rd....2006! :trumpet: :flowers: :inlove:
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users