±Recent Visitors

Recent Visitors to Com-Central!

±User Info-big


Welcome Anonymous

Nickname
Password

Membership:
Latest: HighestAce
New Today: 0
New Yesterday: 0
Overall: 6648

People Online:
Members: 0
Visitors: 384
Total: 384
Who Is Where:
 Visitors:
01: Community Forums
02: Home
03: Community Forums
04: Home
05: Home
06: Home
07: Photo Gallery
08: Home
09: Community Forums
10: Member Screenshots
11: Downloads
12: Statistics
13: Member Screenshots
14: Home
15: Community Forums
16: Community Forums
17: Community Forums
18: Community Forums
19: Member Screenshots
20: Member Screenshots
21: Photo Gallery
22: Home
23: Community Forums
24: Community Forums
25: Photo Gallery
26: Home
27: Community Forums
28: Community Forums
29: Community Forums
30: Community Forums
31: Home
32: Downloads
33: Member Screenshots
34: Home
35: Community Forums
36: Community Forums
37: Home
38: Community Forums
39: Home
40: Photo Gallery
41: Downloads
42: Home
43: Downloads
44: Member Screenshots
45: Community Forums
46: Photo Gallery
47: Community Forums
48: Community Forums
49: Community Forums
50: Community Forums
51: Home
52: Community Forums
53: Home
54: Home
55: Community Forums
56: Home
57: Community Forums
58: News Archive
59: Home
60: Community Forums
61: Home
62: Downloads
63: Home
64: Photo Gallery
65: Home
66: Community Forums
67: Community Forums
68: Community Forums
69: Downloads
70: Home
71: Photo Gallery
72: Member Screenshots
73: Community Forums
74: Member Screenshots
75: Photo Gallery
76: Downloads
77: Photo Gallery
78: Member Screenshots
79: Photo Gallery
80: Home
81: Photo Gallery
82: Member Screenshots
83: Community Forums
84: Community Forums
85: Home
86: Home
87: Member Screenshots
88: Community Forums
89: Home
90: Photo Gallery
91: Home
92: Photo Gallery
93: Home
94: Home
95: Member Screenshots
96: Home
97: Home
98: Community Forums
99: Community Forums
100: Community Forums
101: Member Screenshots
102: Community Forums
103: Member Screenshots
104: Community Forums
105: Community Forums
106: Community Forums
107: Community Forums
108: Member Screenshots
109: Member Screenshots
110: Member Screenshots
111: Community Forums
112: Home
113: Statistics
114: Community Forums
115: Community Forums
116: Downloads
117: Community Forums
118: Community Forums
119: Member Screenshots
120: Community Forums
121: Home
122: Community Forums
123: Photo Gallery
124: Home
125: Member Screenshots
126: Home
127: Community Forums
128: Photo Gallery
129: Home
130: Community Forums
131: Home
132: Community Forums
133: Home
134: Community Forums
135: Home
136: Community Forums
137: News Archive
138: Photo Gallery
139: Community Forums
140: Community Forums
141: Photo Gallery
142: Home
143: Home
144: Photo Gallery
145: Statistics
146: Community Forums
147: Community Forums
148: Community Forums
149: Community Forums
150: Community Forums
151: Member Screenshots
152: Photo Gallery
153: Home
154: Home
155: Community Forums
156: Home
157: Community Forums
158: Photo Gallery
159: Downloads
160: Home
161: Community Forums
162: Community Forums
163: Community Forums
164: Community Forums
165: Photo Gallery
166: Member Screenshots
167: Photo Gallery
168: News Archive
169: Home
170: Community Forums
171: Community Forums
172: Community Forums
173: Community Forums
174: Home
175: Search
176: Home
177: Downloads
178: Community Forums
179: Home
180: Home
181: Home
182: Home
183: Home
184: Photo Gallery
185: Home
186: News
187: News
188: Community Forums
189: Photo Gallery
190: Photo Gallery
191: Community Forums
192: Member Screenshots
193: Photo Gallery
194: Downloads
195: Community Forums
196: Home
197: Community Forums
198: Community Forums
199: Community Forums
200: Community Forums
201: Community Forums
202: Member Screenshots
203: Community Forums
204: Downloads
205: Community Forums
206: Home
207: Community Forums
208: Downloads
209: Home
210: News
211: News Archive
212: Member Screenshots
213: Community Forums
214: Community Forums
215: Home
216: Community Forums
217: Tell a Friend
218: News Archive
219: Home
220: Community Forums
221: News Archive
222: News Archive
223: Community Forums
224: Member Screenshots
225: Home
226: Home
227: Home
228: Community Forums
229: Community Forums
230: Home
231: Community Forums
232: Downloads
233: Community Forums
234: Photo Gallery
235: Photo Gallery
236: Member Screenshots
237: Home
238: Community Forums
239: Community Forums
240: Downloads
241: Home
242: Downloads
243: Community Forums
244: Home
245: Home
246: Statistics
247: Community Forums
248: Community Forums
249: Community Forums
250: Community Forums
251: Community Forums
252: Member Screenshots
253: Community Forums
254: Member Screenshots
255: Community Forums
256: Community Forums
257: Home
258: Community Forums
259: Home
260: Home
261: Home
262: News
263: Home
264: Home
265: Community Forums
266: Community Forums
267: Home
268: Home
269: Community Forums
270: Downloads
271: Community Forums
272: Community Forums
273: Home
274: News
275: Community Forums
276: Community Forums
277: Member Screenshots
278: Home
279: Home
280: Community Forums
281: Community Forums
282: Home
283: Home
284: Member Screenshots
285: Home
286: Home
287: Home
288: Community Forums
289: Community Forums
290: Member Screenshots
291: Community Forums
292: Community Forums
293: Community Forums
294: Community Forums
295: Home
296: Home
297: Member Screenshots
298: News Archive
299: Home
300: Community Forums
301: News Archive
302: Photo Gallery
303: Home
304: Home
305: Home
306: Supporters
307: Home
308: Home
309: Home
310: Community Forums
311: Community Forums
312: Photo Gallery
313: Home
314: Community Forums
315: Community Forums
316: Member Screenshots
317: Home
318: Downloads
319: Home
320: Member Screenshots
321: Photo Gallery
322: Member Screenshots
323: Photo Gallery
324: Community Forums
325: Home
326: Home
327: Home
328: Community Forums
329: Home
330: Photo Gallery
331: Your Account
332: Community Forums
333: Community Forums
334: Community Forums
335: Community Forums
336: Downloads
337: Community Forums
338: Community Forums
339: Community Forums
340: Member Screenshots
341: News Archive
342: Home
343: Downloads
344: Home
345: Community Forums
346: Member Screenshots
347: Community Forums
348: Community Forums
349: Community Forums
350: Community Forums
351: Community Forums
352: Member Screenshots
353: Community Forums
354: Community Forums
355: Member Screenshots
356: Home
357: Your Account
358: Member Screenshots
359: Community Forums
360: Home
361: Community Forums
362: Member Screenshots
363: Community Forums
364: Home
365: Community Forums
366: Community Forums
367: Home
368: Photo Gallery
369: Member Screenshots
370: Home
371: Community Forums
372: Photo Gallery
373: Member Screenshots
374: Home
375: Community Forums
376: Member Screenshots
377: Home
378: Photo Gallery
379: Home
380: Community Forums
381: Member Screenshots
382: Photo Gallery
383: Community Forums
384: Community Forums

Staff Online:

No staff members are online!
Neighbor caught a bug.... :: Archived
This is a forum for Software related items such as OS', Virus notices, cool or free programs, etc. Gaming software should go in the gaming folder pertaining to the current info.
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ›  Software

Topic Archived View previous topic :: View next topic  
Author Message
JG300-Ascout
Power User

Offline Offline
Joined: Jan 05, 2005
Posts: 6257
Location: Cyberspace
PostPosted: Tue Aug 10, 2010 8:34 pm
Post subject: Neighbor caught a bug....

Next door neighbor contracted "wuausclt.exe" bug, that affects several system files. Tried to help him out (he's using Firefox and Windows on a laptop. Windows of a version I'm not familiar with). Has no AV, so I tried to do a system restore, but the bug saw right through my little trick and bumps from that page in a fraction of a second. Tries to sell you a wipe for it's own virus.

Next move is to "reset to as system was new", if we can. He doesn't have any special apps on there so only some image files will be lost, if even those. Not critical.

Any other ideas?

_________________
"All facts go to clearly prove that Shades is a thrice-cursed traitor & mentally deranged person steeped in inveterate enmity toward mankind"
Back to top
View user's profile Photo Gallery
Shades
Forum Tree-Rat

Offline Offline
Joined: Mar 07, 2005
Posts: 6478
Location: 3rd Branch up, 'Ye Olde Oak', Green Wood.
PostPosted: Tue Aug 10, 2010 9:01 pm
Post subject: Re: Neighbor caught a bug....

I don't think it's a virus (but it could become one, or more).
It sounds more like adware.
Whatever he does, he MUST NOT click the link to the anti-virus it's trying to sell.
The trouble with that stuff is that it could be relatively harmless in itself, but they tend to also have a secondary package which can install a trojan subsequently to download more serious stuff by clicking their link.

I looked it up in the Symantec database and it's apparently quite adept at chainging registry files.
THIS might help (although it's not quite the same name as yours, with the 's' missing).

I would do the following in sequence:-

1) get good anti-virus, spyware, and firewall ready.

2) Clean disk of everything. Wipe it. There's nothing left on there you want because it's highly likely that thing will have left roots that will just re-install it, or worse, in a few weeks.
Save any important files to DVD for repair later.

3) Start again.

4) Install appropriate security.

5) Load DVD to drive and check for viruses before transferring any old files.

I had one of these a couple of years ago (my fault, I was clicking a sequence of messages without looking and clicked one of these without even seeing it. It was resident in my System Restore memory so, every time I cleaned it out, it would simply re-install itself (and a trojan I can't remember the name of) from there.

One thing, if your friend is still adamant about not bothering with security, just point out how easy it is for someone to take control of his computer, use it as a zombie, and start downlowing (for example) child porn. If someone does, he'd be responsible until and unless he can prove it wasn't him.
He should get security.

_________________
Skwerl's place.

Com-Central's cutest, fluffiest, twitchiest, tail.
CPU > Intel i9-9900k (o/c 4.9GHz); COOLING > BeQuiet! Dark Rock Pro 4;
MOBO > ASUS PRIME Z390-A; RAM > 2x32GB Corsair LPX 2666MHz;
GPU > Gigabyte GEFORCE GTX650Ti PCI-e 3.0 2Gb GDDR5;
AUDIO > Creative X-Fi Xtreme Music (plus - Universal Audio UAD2 Quad Custom accelerator);
HDD > 3x1TB+ M.2. SSDs; LCD > DELL - S2419HGF (1920x1080);
PSU > 650W be quiet Straight Power 11 - 80+ Gold;
CASE > BeQuiet! SILENT BASE 601; OS > Windows 11 Home Advanced (64-bit).
Back to top
View user's profile Visit poster's website ICQ Number
JG300-Ascout
Power User

Offline Offline
Joined: Jan 05, 2005
Posts: 6257
Location: Cyberspace
PostPosted: Tue Aug 10, 2010 11:00 pm
Post subject: Re: Neighbor caught a bug....

Thanks,

I already admonished him about some form of protection and browser settings. It was, in all likelihood, wide open...just used for wife's "facebook". Rolling Eyes

...apart from 7 Y.O. daughter playing a game which also led to an....unsavory link.

I think he needs to wipe it and institute some serious controls.

_________________
"All facts go to clearly prove that Shades is a thrice-cursed traitor & mentally deranged person steeped in inveterate enmity toward mankind"
Back to top
View user's profile Photo Gallery
piney
Power User

Offline Offline
Joined: Jan 24, 2006
Posts: 2330
Location: Republic of Southern New Jersey
PostPosted: Tue Aug 10, 2010 11:47 pm
Post subject: Re: Neighbor caught a bug....

from another forum

"I spent the morning trying to get rid of a virus called AV Security. It tells you that you are infected and the only way out is to buy the AV Security software ($50 for a 3 month license!) This is bogus, they are really after a credit card number. It came right through my AVG free antivirus. I googled it and found it is really running amuck and very hard to delete in that it disables ALL the executables in your Windows files and all your apps like Photoshop, FSDS, FSX, etc. I solved the problem by restoring to yesterday noon (July 3, 2010). "
The Bad news is you may have picked it up days or even weeks ago, one of the newest tricks they are using is a dorman period and or a wait time before the malware payload is released. I had a system infected in March that had been offline for almost 3 weeks and the user triggered the payload part way though the first day back to work after their vacation. In that case the system was off line but powered up while the user was away, when they reutrned the system received a security patch the first thing after they logged in, a complete system scan found nothing (normal procedure for Trend Micro - after any update it runs a full system scan).

The user had still not connected to our Intranet let alone the Internet, however they ran a report and saved it in HTML format, when they double clicked on the html file to open it ie was the program that opened the report, and poof the scareware Infection message, Luckly they were smart enough to pull the plug and call me before they did anything. After some serious investigating I foumd the file that had carried the payload, it had been dormant for almost a month. I was able to clean it with some serious effort and as far as I can tell it was using a cookie counter to trigger the payload, simply stated it went wild when the number of stored cookies reached a specifec amount the payload was released and the next time ie was started the message appears.

I am not trying to scare you or anyone, I just want to point out even if it appears you were infected by a specific site, or had only visited a few in a specific period of time, it is not absolute proof, of the cause you might have picked up the bug weeks ago and something you did or some external signal set it loose."

HTH

"
"

_________________
The only good skwerril is a dead un
Back to top
View user's profile Send e-mail
Shades
Forum Tree-Rat

Offline Offline
Joined: Mar 07, 2005
Posts: 6478
Location: 3rd Branch up, 'Ye Olde Oak', Green Wood.
PostPosted: Wed Aug 11, 2010 7:31 am
Post subject: Re: Neighbor caught a bug....

This is a good description/explanation of what you're dealing with;
www.symantec.com/norto...id=mislead

www.symantec.com/conne...w-me-money

www.symantec.com/conne...ney-part-2

www.symantec.com/conne...ney-part-3

www.symantec.com/conne...rt-tipping

Also, I still can't find anything on the file you list but "wuauclt.exe" seems to be a required file for Windows to update.
This may just be a file where the actual problem has been detected;These things will evolve and re-install themselves in a number of new places each time you find /remove them from another.
That makes it very hard to remove all traces of it, not to mention any damage it's already done to your registry which a simple anti-virus won't fix.

_________________
Skwerl's place.

Com-Central's cutest, fluffiest, twitchiest, tail.
CPU > Intel i9-9900k (o/c 4.9GHz); COOLING > BeQuiet! Dark Rock Pro 4;
MOBO > ASUS PRIME Z390-A; RAM > 2x32GB Corsair LPX 2666MHz;
GPU > Gigabyte GEFORCE GTX650Ti PCI-e 3.0 2Gb GDDR5;
AUDIO > Creative X-Fi Xtreme Music (plus - Universal Audio UAD2 Quad Custom accelerator);
HDD > 3x1TB+ M.2. SSDs; LCD > DELL - S2419HGF (1920x1080);
PSU > 650W be quiet Straight Power 11 - 80+ Gold;
CASE > BeQuiet! SILENT BASE 601; OS > Windows 11 Home Advanced (64-bit).
Back to top
View user's profile Visit poster's website ICQ Number
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ›  Software
Page 1 of 1
All times are GMT - 6 Hours

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.