-
Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.
how is it possible...
- Thread starter cammi
- Start date
- Status
- Joined
- Nov 17, 2002
- Messages
- 84
Think you've been hit by the Yaha virus:-
Yaha virus definition
Yaha virus definition
- Joined
- Oct 9, 2001
- Messages
- 9,396
cammi.....you should go here and run trends online virus scan.
http://housecall.trendmicro.com/
NOW! and come back here with the result.
good luck
http://housecall.trendmicro.com/
NOW! and come back here with the result.
good luck
- Joined
- Oct 9, 2001
- Messages
- 9,396
hey guys you're right! the trendmicro scanner thingy has come up with:
about like 10-25 worm_yaha.k's
js_noclose.e
i am going to go onto the symantec website and dl the yaha k remover program. apparently, according to trendmicro, the js_noclose.e is a trojan horse, but is low in damage.
about like 10-25 worm_yaha.k's
js_noclose.e
i am going to go onto the symantec website and dl the yaha k remover program. apparently, according to trendmicro, the js_noclose.e is a trojan horse, but is low in damage.
- Joined
- Oct 9, 2001
- Messages
- 9,396
after you get rid of yaha you might want to go here www.moosoft.com and download "the cleaner" its a trojan specific scanner that will kill any trojans in your system.
post back and let us know alls well.
post back and let us know alls well.
- Joined
- Dec 9, 2000
- Messages
- 45,855
This would be the yaha worm -- (I finally found something that Tony missed, instead of the other way around )
WinServices = C:\WINDOWS\System32\WinServices.exe
The Symantec Tool should remove it. I don't know whether this worm is getting hungrier, but in the ZoneAlarm thread here it may have eaten Add/Remove programs as well.
)WinServices = C:\WINDOWS\System32\WinServices.exe
The Symantec Tool should remove it. I don't know whether this worm is getting hungrier, but in the ZoneAlarm thread here it may have eaten Add/Remove programs as well.
TonyKlein
Malware Specialist
- Joined
- Aug 26, 2001
- Messages
- 10,392
I'm afraid I'll have to disappoint you once again...Originally posted by Rollin' Rog:
This would be the yaha worm -- (I finally found something that Tony missed, instead of the other way around
Dirk Diggler already pointed that out before you did.
Cheers,
- Joined
- Dec 9, 2000
- Messages
- 45,855
I know, I saw it, but thought you didn't
Sorry to jump in here, but I have a question about the startup list. I looked at it and seen the "C:\WINDOWS\System32\WinServices.exe"
I now know that seeing this in the startup means yaha virus. The thing I don't know is how you all recognized it.
I mean do you just study up on all the new viruses and what they add to the startup, or what?
Sorry to be a noobie here!!
dtugg
I now know that seeing this in the startup means yaha virus. The thing I don't know is how you all recognized it.
I mean do you just study up on all the new viruses and what they add to the startup, or what?
Sorry to be a noobie here!!
dtugg
- Joined
- Feb 28, 2001
- Messages
- 11,584
dtugg
As Tony previously mentioned the more you look at Startups and review them the more you become familiar with what should be in there and what looks suspicious. For instance if you where reviewing allot of peoples startups for diagnostics and thought WinServices.exe looked suspicious you could run a search for it to see if others had reported this. Example through Google: Click Here
You also can review what items people list in startups and for that matter your own by going to several sites such as:
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
Also
http://www2.whidbey.net/djdenham/Uncheck.htm
also
http://www.pacs-portal.co.uk/startup_content.htm
Lastly in Tonys and Rogs case if I am not being out of line I would say they spend a great deal of time at TSG and other forums helping people straighten out Virus, Trojan and other startup problems which makes them very qualified to spot suspicious items.
Dave
As Tony previously mentioned the more you look at Startups and review them the more you become familiar with what should be in there and what looks suspicious. For instance if you where reviewing allot of peoples startups for diagnostics and thought WinServices.exe looked suspicious you could run a search for it to see if others had reported this. Example through Google: Click Here
You also can review what items people list in startups and for that matter your own by going to several sites such as:
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
Also
http://www2.whidbey.net/djdenham/Uncheck.htm
also
http://www.pacs-portal.co.uk/startup_content.htm
Lastly in Tonys and Rogs case if I am not being out of line I would say they spend a great deal of time at TSG and other forums helping people straighten out Virus, Trojan and other startup problems which makes them very qualified to spot suspicious items.
Dave
- Status
Users Who Are Viewing This Thread (Users: 0, Guests: 1)
As Seen On
Welcome to Tech Support Guy!
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
Join over 807,865 other people just like you!
