Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Closed] [Resolved] Wuauclt.exe

Started by dolce1 , May 13 2008 01:31 AM

  • This topic is locked This topic is locked
3 replies to this topic

#1 dolce1

dolce1

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 13 May 2008 - 01:31 AM

Hello , I use KAV 7 and I got a notification from KAV 7 yesterday it is about wuauclt.exe , the proactive defense was fully activated when all of a sudden its alerted me about a suspicious change in wuauclt.exe !! whats happened ? is this some kind of infection ?
How did wuauclt.exe changed ? isn't the application a windows updater ?
Please help me
Here is a log of the events
Proactive Defense : running
---------------------------
Events monitored: 138
Blocked: 4
Start time: 5/12/2008 10:19:21 PM
Duration: 00:31:29


Detected
--------
Status Object
------ ------


Events
------
Time Name Event
---- ---- -----
5/12/2008 10:20:05 PM C:\WINDOWS\System32\wuauclt.exe This application's executable file has been changed.
5/12/2008 10:20:05 PM C:\WINDOWS\System32\wuauclt.exe Action blocked.
5/12/2008 10:20:25 PM C:\WINDOWS\System32\wuauclt.exe This application's executable file has been changed.
5/12/2008 10:20:25 PM C:\WINDOWS\System32\wuauclt.exe Action blocked.
5/12/2008 10:20:28 PM C:\WINDOWS\System32\wuauclt.exe This application's executable file has been changed.
5/12/2008 10:20:28 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:31 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\ntdll.dll into process.
5/12/2008 10:20:31 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:31 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\KERNEL32.DLL into process.
5/12/2008 10:20:31 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:31 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSVCRT.DLL into process.
5/12/2008 10:20:31 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\OLE32.DLL into process.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\GDI32.DLL into process.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USER32.DLL into process.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\ADVAPI32.DLL into process.
5/12/2008 10:20:32 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\RPCRT4.DLL into process.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\OLEAUT32.DLL into process.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHLWAPI.DLL into process.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHIMENG.DLL into process.
5/12/2008 10:20:33 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:34 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:20:34 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:34 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINMM.DLL into process.
5/12/2008 10:20:34 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:35 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSACM32.DLL into process.
5/12/2008 10:20:35 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:35 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\VERSION.DLL into process.
5/12/2008 10:20:35 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:35 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHELL32.DLL into process.
5/12/2008 10:20:35 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:36 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USERENV.DLL into process.
5/12/2008 10:20:36 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:36 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\UXTHEME.DLL into process.
5/12/2008 10:20:36 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\LPK.DLL into process.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USP10.DLL into process.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CABINET.DLL into process.
5/12/2008 10:20:37 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CRYPT32.DLL into process.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSASN1.DLL into process.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINTRUST.DLL into process.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\IMAGEHLP.DLL into process.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\RPCSS.DLL into process.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CLBCATQ.DLL into process.
5/12/2008 10:20:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:39 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\COMRES.DLL into process.
5/12/2008 10:20:39 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:41 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINLOGON.EXE into process.
5/12/2008 10:20:41 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:42 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\XPSP2RES.DLL into process.
5/12/2008 10:20:42 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:50 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUPS2.DLL into process.
5/12/2008 10:20:50 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:50 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\ntdll.dll into process.
5/12/2008 10:20:50 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:51 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\KERNEL32.DLL into process.
5/12/2008 10:20:51 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSVCRT.DLL into process.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\OLE32.DLL into process.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\GDI32.DLL into process.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USER32.DLL into process.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\ADVAPI32.DLL into process.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\RPCRT4.DLL into process.
5/12/2008 10:20:52 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\OLEAUT32.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHLWAPI.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHIMENG.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINMM.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSACM32.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\VERSION.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHELL32.DLL into process.
5/12/2008 10:20:53 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USERENV.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\UXTHEME.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\LPK.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USP10.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CABINET.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CRYPT32.DLL into process.
5/12/2008 10:20:55 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSASN1.DLL into process.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINTRUST.DLL into process.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\IMAGEHLP.DLL into process.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CLBCATQ.DLL into process.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\COMRES.DLL into process.
5/12/2008 10:20:56 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\XPSP2RES.DLL into process.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUPS2.DLL into process.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHIMENG.DLL into process.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:20:57 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:58 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINMM.DLL into process.
5/12/2008 10:20:58 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:58 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSACM32.DLL into process.
5/12/2008 10:20:58 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\UXTHEME.DLL into process.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\LPK.DLL into process.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USP10.DLL into process.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:20:59 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:00 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:21:00 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUAUENG.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUAUENG.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WS2_32.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WS2HELP.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\ESENT.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WTSAPI32.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINSTA.DLL into process.
5/12/2008 10:21:01 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:02 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINSPOOL.DRV into process.
5/12/2008 10:21:02 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:02 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\IPHLPAPI.DLL into process.
5/12/2008 10:21:02 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:03 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINHTTP.DLL into process.
5/12/2008 10:21:03 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:03 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CABINET.DLL into process.
5/12/2008 10:21:03 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:04 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSPATCHA.DLL into process.
5/12/2008 10:21:04 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:05 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\RPCSS.DLL into process.
5/12/2008 10:21:05 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINLOGON.EXE into process.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\XPSP2RES.DLL into process.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CLBCATQ.DLL into process.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\COMRES.DLL into process.
5/12/2008 10:21:06 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:08 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUPS2.DLL into process.
5/12/2008 10:21:08 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:08 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUPS2.DLL into process.
5/12/2008 10:21:08 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:26 PM C:\WINDOWS\System32\wuauclt.exe Attempt to run process as a child of C:\WINDOWS\System32\svchost.exe (PID: 1112).
5/12/2008 10:21:26 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:26 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHIMENG.DLL into process.
5/12/2008 10:21:26 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:27 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:21:27 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:29 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:21:29 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:30 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:21:30 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:31 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINMM.DLL into process.
5/12/2008 10:21:31 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:31 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSACM32.DLL into process.
5/12/2008 10:21:31 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:31 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\UXTHEME.DLL into process.
5/12/2008 10:21:31 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:32 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\LPK.DLL into process.
5/12/2008 10:21:32 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:32 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\USP10.DLL into process.
5/12/2008 10:21:32 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:33 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:21:33 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:33 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:21:33 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:34 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUCLTUI.DLL into process.
5/12/2008 10:21:34 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:34 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUCLTUI.DLL into process.
5/12/2008 10:21:34 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:35 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSIMG32.DLL into process.
5/12/2008 10:21:35 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:35 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CABINET.DLL into process.
5/12/2008 10:21:35 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:35 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\RPCSS.DLL into process.
5/12/2008 10:21:35 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:36 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSCTF.DLL into process.
5/12/2008 10:21:36 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:36 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSCTF.DLL into process.
5/12/2008 10:21:36 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:36 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\IMM32.DLL into process.
5/12/2008 10:21:36 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\CLBCATQ.DLL into process.
5/12/2008 10:21:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\COMRES.DLL into process.
5/12/2008 10:21:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:38 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINLOGON.EXE into process.
5/12/2008 10:21:38 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:39 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\XPSP2RES.DLL into process.
5/12/2008 10:21:39 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:39 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUPS2.DLL into process.
5/12/2008 10:21:39 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:39 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\WUPS2.DLL into process.
5/12/2008 10:21:39 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:21:40 PM C:\WINDOWS\System32\wuauclt.exe Attempt to load a new or modified module C:\WINDOWS\System32\wucltui.dll.mui into process.
5/12/2008 10:21:40 PM C:\WINDOWS\System32\wuauclt.exe Action allowed.
5/12/2008 10:48:55 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\SHIMENG.DLL into process.
5/12/2008 10:48:55 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\AppPatch\AcGenral.dll into process.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\WINMM.DLL into process.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSACM32.DLL into process.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\UXTHEME.DLL into process.
5/12/2008 10:48:56 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\LPK.DLL into process.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\USP10.DLL into process.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL into process.
5/12/2008 10:48:57 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:58 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll into process.
5/12/2008 10:48:58 PM C:\WINDOWS\System32\Rundll32.exe Action blocked.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll into process.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Action blocked.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSCTF.DLL into process.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\MSCTF.DLL into process.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Attempt to load a new or modified module C:\WINDOWS\System32\imm32.dll into process.
5/12/2008 10:48:59 PM C:\WINDOWS\System32\Rundll32.exe Action allowed.

I heard that are also cases in which wuauclt.exe can be a virus, as many disguise under this name to fool the user.
!!! Help please how to determind if its a virus or not , and why the KAV did not identify it as a virus , its only alerted me via proactive defense !! Oh God , why is this happening to me read here http://www.bleepingc...used-20424.html
please tell me what should I do , sorry for any inconvenience ,

Edited by dolce1, 13 May 2008 - 01:33 AM.

    Advertisements

Register to Remove

#2 bob4

bob4

    MalwareTeam Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 2,205 posts

Posted 14 May 2008 - 11:49 AM

Did you get your answer from here ?

In other words is this you ?

http://forum.kaspers...showtopic=68958
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

#3 bob4

bob4

    MalwareTeam Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 2,205 posts

Posted 17 May 2008 - 02:42 PM

Still need help ?
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

#4 bob4

bob4

    MalwareTeam Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 2,205 posts

Posted 20 May 2008 - 03:55 PM

Due to inactivity this topic will be closed. If you need help please start a new thread and post a new HJT log
The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·