Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
7 Posts
Discussion Starter · #1 ·
I received two w32 magistr viri yesterday morning. They were caught and "neutralized" by Norton anti-virus sw. I did not delete the emails as I thought they were safe ( and they may have been so). Later in the day I went out and left the computer running but NOT on the net. When I tried to get back on the net IE 5.5 did not complete the load of my ISP home(AT&T). I checked with norton sys doctor and noted that cpu utilization was at 100 percent. I was able to kill off IE 5 and do mail and get ebay up but still could not get to AT&T home site.
I went after the system with Norton anti virus and finally got a note that my boot record had been changed so I took their recommended route and replaced it.
Still no sign of a virus.worm etc.. Am I still infected? Could one of the viri cause cpu usage to max out?
Any thoughts??

Dave
 

·
Registered
Joined
·
46,025 Posts
Magistr has a habit of putting things in the startup list that scan clean (because they are legitimate windows files, usually renamed) but do not belong there.

The best way for us to get a look at what magistr may have done is to download the startuplog.zip file from the Reticulated Toys site below.

Unzip and run startuplog.com. It will place a copy of startuplog.txt file on the desktop. Copy and paste the full contents of that (not stubbpaths.txt) in your next reply. An unzipped version is available if necessary from the Only IE link at the bottom of the page.

http://home.earthlink.net/~rmbox/Reticulated/Toys.html

As a workaround in the mean time, do a ctrl alt del and look for applications in the background that you do not recognize and end task them.

rnaapp wil be the windows dialup adapter, explorer and systray are standard. Leave any open browser windows you are currently on
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top