It appears that my machine has been invaded by a virus. I received an email from someone I know and trust, downloaded the file and opened it. Now, my computer has slowed to a crawl.
Here are the particulars:
The two programs that are sucking up 99% of the CPU are 1) winlogon.exe. I assume I need this program to log on, so I haven’t deleted it yet.
The other program executing in the background is called Winkyuz.exe. This program and winlogon.exe fluctuate between each other and bring my system to its knees.
I have done a search on my harddrive for Winkyuz.exe, and it doesn’t show up. The computer won’t let me delete it either. I also did a google search on winkyuz.exe and found nothing.
If you do a Google search on Winlogon.exe there are a number of results relating to high CPU usage; one of them might be of use (I haven’t bothered mentioning the details because it looks like there’s a fair bit of variety there).
I’d also recommend a visit wo www.antivirus.com for a run of their free Housecall online virus scanner, then a trip to www.grisoft.com to download AVG free antivirus.
The klez worm is known to run itself with a file name like wink***.exe. If that’s what you have, it’s busy mailing out copies of itself. Semantec.com has a removal tool you can download.
Max another thing that could be helpful in determining exactly which virus you are infected with (err… your computer ) would be the text of the email…
“Hi! How are you? I send you this file in order for your advice”
“A fun flash. You are the first play it. I hope you enjoy.”
“document.header{whatever…”
But really you should just get the free one month trial of norton or mcafee and you may find more than one… Then get the cheaper but always free AVG
Thanks for the antivirus/housecall link. It seems to have cleaned the virus off of my harddrive. I don’t see the winkyuz executable running any more on my task list. However, ust for the hell of it, I re-ran housecall after I rebooted. It seems that it is finding even more infected files. I’m confused. Why would it miss these files on the first run?
Urban Ranger - You are correct. I should have known that my mother has no idea how to zip a file. She is about as computer savvy as a goldfish. And yet, I opened up the zip file AND selected a file that had an innocent name. So I guess I just need to look in the mirror to see the jackass that caused this problem.
The only thing I’ve noticed (so far) that’s wrong with my system is that my winzip program has been deleted. Other than that, things are getting back to normal.
I am finally going to get that zip drive that I’ve been thinking about. I’d be in big trouble if I lost the info on my harddrive.
If housecall keeps finding new instances of the virus, then it sounds (to me) like one of two things(There might be other possibilities, but these seem the most likely to me):
-You are still exposed to the source of infection (I.e. receiving more infected emails or inserting an infected removable media again).
-Housecall isn’t finding the original virus on your system, only copies that it makes of itself.
I would do what dirty1 suggests; download a really reputable installable virus scanner (Sophos, McAffee, Norton), which should eliminate every virus on your system, then either buy that when the trial ends or downgrade to something like AVG which is free.
Sailor I don’t know if you realize how careful you must be. Besides never opening an infected email attachment and not downloading an infected file do you realize that just previewing an email could launch a virus or just visiting a certain web page or not usign a firewall when conncted to the net? If you frequently update windows it lessens the risk but it is still there as new exploits are found.
) would be the text of the email…