• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Some worm?Which one?

U

unbiased

Senior member
My Win XP SP1 system has been infected with something which closes the msconfig, regedit, norton antivirus, etc windows within few seconds of opening. 'It' is changing the settings of norton antivirus fro autoprotect enabled to disabled, autoupdate enabled to disabled, etc.
Any body know the culprit?
 
Download and run
spybot, adaware, a2 (squared), hijackthis
Then install spywareblaster and winpatrol, the later being a lifesaver. It alerts you to any hidden system changes without your permission. Has saved my butt, daily.
 
thanks for suggestions.
House call didn't work because I have already NAV installed.
I have already run spybot, to no avail.
sasser, blaster were not found.
Now I am downloading the whole list of wormfixes fro symantec site, and will run them one by one.Time consuming but --.
I have also run NAV under safe mode but nothing was found. This confirms my fear that it is a worm. There are some promising worm fixes on symantec site. Let me try them. I will post my findings.It might help others.
 
sound like one call CD I forgot the rest but it has .exe, look in the processes and see what is taken up most cpu cycles.
 
I checked the running processes. Most suspicious of them.LSASS.EXE an smsc.exe and smss.exe. Out of these smss.exe and lsass.exe refuse to be terminated . The message says that this process cannnot be terminated by task manager.
There is also a multiple instance of svchost.exe. Out of which if I terminate SVCHOST.EXE ( system) then it shows blaster/sasser worm like message, i.e. 'system will be shutdown due to -----' and the coundown starts and system gets shutdown.
But sasser and blaster worm fixes found nothing.
I guess formatting is the only way remaining.
Any suggestions?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top