Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem With Unknown Intruder!


  • This topic is locked This topic is locked
2 replies to this topic

#1 Capuchin

Capuchin

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 09 March 2007 - 11:42 AM

I opened a setup.exe, and it obviously was a piece of malware, because it visably did nothing.

When I boot up my PC, it will click (the click sound when you browse folders in explorer) and what seem to be IE windows open for a split second then dissapear. This causes the current window I am using to lose focus. This is mildly annoying.

After about 5 minutes of this, it will freeze whatever window I have focused, and try to copy a load of files to somewhere, it looks like after every file it hits the cancel button, then selects NO on the "are you sure you want to cancel" window, then copies the next file and repeats. Then after about 20 seconds it asks for a disk to be enetered for a certain file. Of course I hit cancel at this point, and it stops. The window I am using is now frozen and must be closed through task manager.

After this file transfer behavior, it seems to not do much more. But I left my PC on overnight, and when I woke up there was a guy talking about some product, and a very high pitch (like it's sped up) audio playing too. I couldnt see anything untoward in my task manager.

I have tried running hijakthis, ad-aware, and mcafee virus scan. The only thing that was picked up was a trojan by mcafee, but removing this didnt solve the problem, when I virus scan the trojan is back. I've done this both in normal boot and safe mode.

Does anyone have any idea what this malicious code is? Searches on google for the symptoms come up with nothing.

I don't see anything untoward in the hijakthis log, but I will update this post with a link to a thread i'll create in the hijakthis log forum.

BC AdBot (Login to Remove)

 


#2 Capuchin

Capuchin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:43 PM

Posted 09 March 2007 - 11:45 AM

Log is here: http://www.bleepingcomputer.com/forums/t/84141/hijakthis-log-description-of-problem-in-llinked-thread/

#3 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:02:43 PM

Posted 09 March 2007 - 01:21 PM

Capuchin,

I see you have an open HJT log posted in the HijackThis Logs and Analysis forum.
You shouldn't make any changes to your system, while your HJT log is posted, as that could change the results of the posted log, making it difficult to properly clean your system.
At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

I'm closing this topic until you are cleared by the HJT Team.
If, after your log has been cleaned, you still need help, please PM a Moderator and we will re-open this topic.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users