Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91987 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Computer Issues! (Permission Virus?)


  • This topic is locked This topic is locked
36 replies to this topic

#31 bhender

bhender

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 04 October 2009 - 12:00 PM

General: Type of file: File Decription: grtg Location: C:\WINDOWS\system32 Size: 17.8 KB (18,300 bytes) Size on disk: 20.0 KB (20,480 bytes) Created: Wednesday, September 30, 2009, 4:14:59 PM Security: Group or user names: Adnministartors Owner Power Users SYSTEM Users Permissions for Administrators Full Control, Modify, Read & Execute, Read, Write (all have "Allow" buttons checked) Special Permissions (Allow and Deny boxes not checked and grayed out)

    Advertisements

Register to Remove


#32 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 04 October 2009 - 12:24 PM

Odd that systemlook couldn't find it....

it says it's a file rather than a folder, so lets try this


  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :file
    C:\WINDOWS\system32\grtg
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#33 bhender

bhender

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 04 October 2009 - 12:33 PM

SystemLook v1.0 by jpshortstuff (29.08.09) Log created at 14:29 on 04/10/2009 by Owner (Administrator - Elevation successful) ========== file ========== C:\WINDOWS\system32\grtg - File found and opened. MD5: F4D9DC1A5651136B2FBE378D325DF446 Created at 20:14 on 30/09/2009 Modified at 18:00 on 04/10/2009 Size: 18300 bytes Attributes: --a--- No version information available. -=End Of File=-

#34 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 04 October 2009 - 12:44 PM

Hmmm

not much info on it.

Lets get it analyzed

Please do the following:

  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:


    C:\WINDOWS\system32\grtg

  • Click on the Upload button
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#35 bhender

bhender

    Authentic Member

  • Authentic Member
  • PipPip
  • 22 posts

Posted 04 October 2009 - 12:52 PM

VirSCAN.org Scanned Report :
Scanned time : 2009/10/04 14:38:32 (EDT)
Scanner results: All Scanners reported not find malware!
File Name : grtg
File Size : 18300 byte
File Type : HTML document text
MD5 : f4d9dc1a5651136b2fbe378d325df446
SHA1 : c2f775df844f29bde5f02e4861b7c90b149aa6f6
Online report : http://virscan.org/r...3058bac24e.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20091004083115 2009-10-04 4.08 -
AhnLab V3 2009.10.04.00 2009.10.04 2009-10-04 1.29 -
AntiVir 8.2.1.33 7.1.6.68 2009-10-02 0.49 -
Antiy 2.0.18 20091003.2955253 2009-10-03 0.02 -
Arcavir 2009 200910020826 2009-10-02 0.02 -
Authentium 5.1.1 200910041409 2009-10-04 1.16 -
AVAST! 4.7.4 091004-0 2009-10-04 0.00 -
AVG 8.5.288 270.14.3/2413 2009-10-04 0.33 -
BitDefender 7.81008.4313556 7.28076 2009-10-05 3.70 -
CA (VET) 9.0.0.143 31.6.6773 2009-10-03 8.75 -
ClamAV 0.95.2 9865 2009-10-03 0.01 -
Comodo 3.11 2513 2009-10-04 0.73 -
CP Secure 1.3.0.5 2009.09.30 2009-09-30 0.01 -
Dr.Web 4.44.0.9170 2009.10.04 2009-10-04 5.46 -
F-Prot 4.4.4.56 20091004 2009-10-04 1.15 -
F-Secure 7.02.73807 2009.10.03.02 2009-10-03 8.30 -
Fortinet 2.81-3.120 10.905 2009-10-04 0.17 -
GData 19.8215/19.499 20091004 2009-10-04 5.17 -
ViRobot 20091002 2009.10.02 2009-10-02 0.41 -
Ikarus T3.1.01.72 2009.10.04.73934 2009-10-04 4.10 -
JiangMin 11.0.800 2009.10.04 2009-10-04 3.62 -
Kaspersky 5.5.10 2009.10.04 2009-10-04 0.03 -
KingSoft 2009.2.5.15 2009.10.4.19 2009-10-04 0.52 -
McAfee 5.3.00 5761 2009-10-04 3.27 -
Microsoft 1.5101 2009.10.04 2009-10-04 5.46 -
Norman 6.01.09 6.01.00 2009-09-16 1.83 -
Panda 9.05.01 2009.10.04 2009-10-04 1.70 -
Trend Micro 8.700-1004 6.504.03 2009-10-04 0.03 -
Quick Heal 10.00 2009.10.03 2009-10-03 1.18 -
Rising 20.0 21.49.22.00 2009-09-30 0.30 -
Sophos 2.90.1 4.45 2009-10-05 3.52 -
Sunbelt 5429 5429 2009-10-04 1.49 -
Symantec 1.3.0.24 20091004.002 2009-10-04 0.15 -
nProtect 20090930.01 5696930 2009-09-30 7.01 -
The Hacker 6.5.0.2 v00028 2009-10-03 0.70 -
VBA32 3.12.10.11 20091003.1357 2009-10-03 1.83 -
VirusBuster 4.5.11.10 10.112.58/1940842 2009-10-04 2.36 -

#36 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 04 October 2009 - 01:22 PM

well, it's not infected, so I would leave it alone.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#37 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 10 October 2009 - 08:40 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users