|
web
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
New Virus?I just wanna know whether the following description was derived from the latest virus? [os] win2k pro with sp4, mcafee7.1 with latest virus definition and scan engine. all packages updated [symptom]1. Cannot paste, cannot drag file 2. SVCHOST.exe take more than 90% usage of CPU 3. Error reported of explorer.exe frequently 4.found virus files: ucilonyc.exe;kgjdj27.exe; ozify.exe; pcmsg.dll, 32kb.com; cleanup.com; winserver32.exe; win.exe; winsys.exe; unere.exe; SVCHOST32.EXE 5. Remove all detected files, replace the svchost.exe on &root&\system32 NONEFFECTIVE!!! Wish get prompt help/solution. Best Regards -- Nothing is easy, Everything is possible. It seems you have quite a few viruses/worms & a spyware file on your
computer The worm is SDBOT.AK (Win.exe) http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sdbot.ak.html ucilonyc.exe (SDBOT:AZW): http://www.trendmicro.co.jp/vinfo/virusencyclo/default5.asp?VName=WORM_SDBOT.AZW pcmsg.dll (SPY.PCGhost400): http://securityresponse.symantec.com/avcenter/venc/data/bat.mumu.a.worm.html Tool to clean the above from Symantec Antivirus Resource Centre (SARC): http://securityresponse.symantec.com/avcenter/venc/data/bat.mumu.a.worm.removal.tool.html Direct download link to above tool: http://securityresponse.symantec.com/avcenter/FixMumu.exe http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453074017 winsys.exe (SPYWARE/WORM) http://startup.iamnotageek.com/srch-winsys.exe.html The best Spyware/adware/trojan detector on the market & its FREE: http://www.spybot.info/en/download/index.html YOU DON NOT HAVE TO DONATE OR PAY FOR SPYBOT -------------------------------------------------------------------- I hope the above information has helped
Show quote
Hide quote
From: "Robert" <R_***@hotmail.com> There are anti virus News Groups specifically for this type of discussion.| Hi all, | I just wanna know whether the following description was derived from the | latest virus? | [os] win2k pro with sp4, mcafee7.1 with latest virus definition and scan | engine. all packages updated | [symptom]1. Cannot paste, cannot drag file | 2. SVCHOST.exe take more than 90% usage of CPU | 3. Error reported of explorer.exe frequently | 4.found virus files: ucilonyc.exe;kgjdj27.exe; ozify.exe; | pcmsg.dll, 32kb.com; cleanup.com; winserver32.exe; win.exe; winsys.exe; | unere.exe; SVCHOST32.EXE | 5. Remove all detected files, replace the svchost.exe on | &root&\system32 | | NONEFFECTIVE!!! | Wish get prompt help/solution. | | Best Regards | -- | Nothing is easy, | Everything is possible. microsoft.public.scripting.virus.discussion microsoft.public.security.virus alt.comp.virus alt.comp.anti-virus Dump the contents of the IE Temporary Internet Folder cache (TIF) start --> settings --> control panel --> internet options --> delete files 1) Download the following four items... McAfee Stinger http://vil.nai.com/vil/stinger/ Trend Sysclean Package http://www.trendmicro.com/download/dcs.asp Latest Trend Pattern File. http://www.trendmicro.com/download/pattern.asp Ad-aware SE (free personal version v1.05) http://www.lavasoftusa.com/ Trend Sysclean Method 1 --------------------------------------- Create a directory. On drive "C:\" (e.g., "c:\sysclean") Download SYSCLEAN.COM and place it in that directory. Download the signature files (pattern files) by obtaining the ZIP file. For example; lpt524.zip Extract the contents of the ZIP file and place the contents in the same directory as SYSCLEAN.COM. Trend Sysclean Method 2 --------------------------------------- The utility SYSCLEAN_FE in "Procedure 1" at the following URL http://www.ik-cs.com/got-a-virus.htm automates the download and execution process of the Trend Sysclean Package. 2) Update Ad-aware with the latest definitions. 3) Reboot your PC into Safe Mode and shutdown as many applications as possible 4) Using Trend Sysclean, Stinger and Ad-aware, perform a Full Scan of your platform and clean/delete any infectors/parasites found. (a few cycles may be needed) 5) Restart your PC and perform a "final" Full Scan of your platform using the three utilities; Trend Sysclean, Stinger and Ad-aware * * * Please report your results ! * * * Thanks for all the replies.
Dave, I have done all the work you suggested, unfortunately, the symptom still exist. I run stinger.exe; Ad-aware.exe; sysclean.com in safe mode at the same time. Nothing can be found. I can ensure all the virus definition is updated. I've also removed the svchost.exe, so the usage of CPU is normal, but Copy&Paste is still unavailable. I cannnot use Win+F, Win+E, etc to find an file or open explorer. Show quoteHide quote "David H. Lipman" wrote: > From: "Robert" <R_***@hotmail.com> > > | Hi all, > | I just wanna know whether the following description was derived from the > | latest virus? > | [os] win2k pro with sp4, mcafee7.1 with latest virus definition and scan > | engine. all packages updated > | [symptom]1. Cannot paste, cannot drag file > | 2. SVCHOST.exe take more than 90% usage of CPU > | 3. Error reported of explorer.exe frequently > | 4.found virus files: ucilonyc.exe;kgjdj27.exe; ozify.exe; > | pcmsg.dll, 32kb.com; cleanup.com; winserver32.exe; win.exe; winsys.exe; > | unere.exe; SVCHOST32.EXE > | 5. Remove all detected files, replace the svchost.exe on > | &root&\system32 > | > | NONEFFECTIVE!!! > | Wish get prompt help/solution. > | > | Best Regards > | -- > | Nothing is easy, > | Everything is possible. > > There are anti virus News Groups specifically for this type of discussion. > > microsoft.public.scripting.virus.discussion > microsoft.public.security.virus > alt.comp.virus > alt.comp.anti-virus > > Dump the contents of the IE Temporary Internet Folder cache (TIF) > > start --> settings --> control panel --> internet options --> delete files > > 1) Download the following four items... > > McAfee Stinger > http://vil.nai.com/vil/stinger/ > > Trend Sysclean Package > http://www.trendmicro.com/download/dcs.asp > > Latest Trend Pattern File. > http://www.trendmicro.com/download/pattern.asp > > Ad-aware SE (free personal version v1.05) > http://www.lavasoftusa.com/ > > Trend Sysclean Method 1 > --------------------------------------- > Create a directory. > On drive "C:\" > (e.g., "c:\sysclean") > > Download SYSCLEAN.COM and place it in that directory. > Download the signature files (pattern files) by obtaining the ZIP file. > For example; lpt524.zip > > Extract the contents of the ZIP file and place the contents in the same directory as > SYSCLEAN.COM. > > Trend Sysclean Method 2 > --------------------------------------- > The utility SYSCLEAN_FE in "Procedure 1" at the following URL > http://www.ik-cs.com/got-a-virus.htm automates the download and execution process of the > Trend Sysclean Package. > > > 2) Update Ad-aware with the latest definitions. > 3) Reboot your PC into Safe Mode and shutdown as many applications as possible > 4) Using Trend Sysclean, Stinger and Ad-aware, perform a Full Scan of your > platform and clean/delete any infectors/parasites found. > (a few cycles may be needed) > 5) Restart your PC and perform a "final" Full Scan of your platform using the three > utilities; Trend Sysclean, Stinger and Ad-aware > > * * * Please report your results ! * * * > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > http://www.ik-cs.com/got-a-virus.htm > > > Back up your data files, wipe the system and reinstall. Install
anti-virus and anti-spyware BEFORE reconnecting to the 'net. -- #include <standard.disclaimer> _ Kevin D Quitt USA 91387-4454 96.37% of all statistics are made up Per the FCA, this address may not be added to any commercial mail list 
Other interesting topics
Dr Watson: Explorer Access Violation
Cannot copy and paste sasser/blaster clone? W2K Server - SP4 kill internet connection. compression formats Hosts file questions - format, duplicates, IP addresses Strange keyboard mode RE: schedule error code win 2000 processes Last rites declaration of Ioannes Paulus PP. II (Karol Wojtyla) |
|||||||||||||||||||||||
