Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Lu Callback Proxy.exe Is Attempting To Launch.... Is This A Bad Thing?

  • Please log in to reply
2 replies to this topic

#1 EngelskJente


  • Members
  • 46 posts
  • Local time:04:31 AM

Posted 03 June 2006 - 04:39 AM


I hope this isn't already in the forum, I searched for callback proxy but was not allowed to search for Lu as it was only 2 characters long.

Yesterday and today I have had a pop up from Norton Firewall saying that LU callback proxy.exe is attempting to launch and I could only permit once or block once (recommended) rather than having the other options of always block etc...

What surprised me is that OK, yesterday it tried to open while I was browsing some website or another (Sorry, I really can't be more specific as to where as I have no idea now...) but today it open just while I was reading my email (no, not spam or a fwd, just a regular run of the mill email from a very trusted regular source) In fact I had stoped what I was doing and was opening up my documents when the firewall alerted me. Oh in addition, I clicked block once but it asked me again at least half a dozen more times until it decided to leave me alone (as though expecting me to think "Fine, I'll let you do your thing this time")

Now call me paranoid, but that seemed somewhat dodgy to me!!!

Has anyone else heard of this or have any idea what it is?

I did Google it, but was unable to find what I was looking for. Thanks.

--EngelskJente :-)

UPDATE: a few minutes after posting this I was alerted that an attempt to attack the PC by Senna Spy Trojan Horse was blocked. Just to add to my paranoia.......! Does anyone think they're related or is it just me? Thanks.


Edited by EngelskJente, 03 June 2006 - 04:51 AM.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 52,077 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:31 PM

Posted 03 June 2006 - 07:08 AM

LUCOM.exe is part of Norton Antivirus live update.
LU.exe is a MsConnect browser hijacker and dialler as described here.

What OS (Win XP/2000, etc) are you using? Have you performed any anti-spyware scans? What type of anti-virus are you using and when was the last time you ran a scan?

If not, start here:

If your running Win XP/2000, download and scan with Ewido Anti-Malware v3.5
Ewido Install and Scan Instructions

Download and scan with Ad-Aware SE Personal. Setup & Configure as shown here.

Download and scan with Sysclean Package.
1. Create a new folder on drive "C:\" ("C:\New Folder") and rename it Sysclean.
2. Place the sysclean.com inside that folder.
3. Then download the latest Virus Pattern Files (lptXXX.zip).
4. Extract the lptXXX.zip pattern file into the same folder you created for sysclean.com.
5. Close all open applications and DISABLE your current anti-virus software. Some anti-virus programs such as Avast will alert you to a virus attack when running sysclean so it's best to disable them first.
6. Open the Sysclean folder and double-click on sysclean.com to run.
7. It will take some time to complete. Be patient and let it clean whatever it finds.
8. Exit when done and re-enable your anti-virus program.

Then perform these online Virus scans:
[Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.]
Trend Micro Housecall Scan
Panda ActiveScan [ActiveScan Panda does not remove adware/spyware but will autoclean for viruses & worms.]
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Elendil


  • Members
  • 660 posts
  • Gender:Male
  • Location:The US
  • Local time:12:31 AM

Posted 03 June 2006 - 08:24 AM

I don't mean to bash Norton or anything, but Norton is not a good program to be your only anti-malware software. Follow quietman7's steps; however, I'd also like to add that you might want to have Spybot S&D.
Read the tutorial of how to use Spybot here: http://www.bleepingcomputer.com/tutorials/using-spybot-to-remove-spyware/
Stanford '14
B.S. Candidate | Computer Science

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users