winpwl.exe using 90%cpu

Discussion in 'malware problems & news' started by bubs, Jul 18, 2002.

Thread Status:
Not open for further replies.
  1. bubs

    bubs Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    106
    Location:
    Suffolk, England
    Hi.

    Just come across a cry for help on a non-security board I belong to - sbdy who has recently installed win2k has this process leaching cpu resources.

    Sounds like a Trojan to me - anybody heard of a nasty which calls itself stg like this once it's taken up residence?

    She's been advised to find it and delete it, install a firewall etc etc etc, but maybe one of you guys can advise if it does anything more serious than set the registry to auto-start and then phone home / act as a zombie / or whatever it does do.
     
  2. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    Hi bubs! I'm no expert, but I just saw an Anti-Trojan Test Report which showed TDS-3 batting cleanup. I'd suggest she get the freeware version of TDS-3 and run it. Here's the link to DCS:

    http://tds.diamondcs.com.au/

    Hope this helps her. :)

    I tested the link and it works. She can get the download from there.
     
  3. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi bubs,

    It's the standard name from a well known password stealer.

    Running a good and updated AT/AV is recommended for sure; changing all passwords after cleaning the system is a wise thing to do as well.

    regards.

    paul
     
  4. bubs

    bubs Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    106
    Location:
    Suffolk, England
    Thanks guys - i suspect she'll be in the market for TH rather than TDS ('tho I agree with you P_S - there's nothing better than TDS :D).
     
  5. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    To the best of my knowledge, there's no freeware version - just a free trial period, which isn't the same thing at all.
     
Loading...
Thread Status:
Not open for further replies.