hosted by liquidweb


Go Back   Web Hosting Talk : Other Forums : Web Hosting Lounge : Virus Luke Filewalker
Reply

Forum Jump

Virus Luke Filewalker

Reply Post New Thread In Web Hosting Lounge Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 03-31-2012, 06:44 AM
AsianHost AsianHost is offline
WHT Addict
 
Join Date: Nov 2011
Posts: 109

Virus Luke Filewalker


My PC got infested with virus Luke Filewalker

its doing all sort of odd things even sending wrong messages to people on gtalk, yahoo etc...

does anyone know a quick remedy to this?

It even chnages the name of my Anti Virus program AVG to Luke file walker when the scan is going on

and Internet goes off and On all due to the virus

__________________
|★★★||★★★|ahead of you
|★★★||★★★|
|★★★||★★★|


Last edited by AsianHost; 03-31-2012 at 06:49 AM.
Reply With Quote


Sponsored Links
  #2  
Old 03-31-2012, 07:00 AM
techjr techjr is offline
Web Hosting Master
 
Join Date: Mar 2010
Posts: 4,487
Luke filewalker is actually the Avira virus scanner.


Download malwarebyes, install it and boot into safemode if you can. Do a full scan and find out if it detects anything. Probably good to make backups and backup your registry before hand though.
Reboot and repeat depending on the results. Don't download anything illegal either

Without knowing much else and just going off what you posted, it sounds like a pretty weak virus and shouldn't be too hard to remove.


Also, maintain proper backups. It's better to reformat or revert to old backups when you get infected. You never know what type of security features and such are disabled or open for easier infection in the future.


Last edited by techjr; 03-31-2012 at 07:03 AM.
Reply With Quote
  #3  
Old 03-31-2012, 07:25 AM
AsianHost AsianHost is offline
WHT Addict
 
Join Date: Nov 2011
Posts: 109
Thank You for the guidance.

Looks easy now !

__________________
|★★★||★★★|ahead of you
|★★★||★★★|
|★★★||★★★|

Reply With Quote
Sponsored Links
  #4  
Old 03-31-2012, 09:01 AM
The Dude The Dude is offline
An Awesome Dude
 
Join Date: Oct 2002
Posts: 12,985
Im sorry ya have to go thru this buddy!!

I hope ya can get it fixed straight away





__________________

Tinyurl is the answer for posting long urls!!!

Reply With Quote
  #5  
Old 03-31-2012, 10:03 AM
mg- mg- is offline
VP Of Twinkies
 
Join Date: Jan 2004
Location: Vancouver, BC
Posts: 1,095
The worst was AntiVirus 2009 or 2010 on windows xp.. that was the most annoying thing to remove on peoples computers.

I use a combo of malaware (paid) and microsoft security essentials.. they seem to do a good job together.. then again I don't download random torrents or exes or goto crack sites.. which are the 2 main sources for a quick virus.. windows malicious software removal is good to run once in awhile, it's the 1 app that if you rename it and boot in safe mode it gets rid of the more nasty viruses (ie kernel shutdowns, program execution blocking, no taskman or windows explorer) - most tend to just block filenames and what not from running.. so a simple rename allows you to open up a/v proggies when you can't... but it doesn't get rid of the annoying google forward viruses.

If you insist on doing things that aren't totally moral you may caution yourself to notice filesizes, ext types and comments.. Malaware is good at blocking accidental click to malicious sites

You can also inspect your computer using Hijackthis and look at the log... some of the really nasty viruses require you to delve deeper which I don't recommend doing unless you're familiar with those programs as they can really mess up your computer even more

__________________
I'M A WEB DEVELOPER
I specialize in neck beards


Last edited by mg-; 03-31-2012 at 10:10 AM.
Reply With Quote
  #6  
Old 03-31-2012, 06:43 PM
AsianHost AsianHost is offline
WHT Addict
 
Join Date: Nov 2011
Posts: 109
was a worm from an old software installation W32/Sality.AT
removed with avira


Starting the file scan:

Begin scan in 'C:\WINDOWS\system32\asr_68485.exe'
C:\WINDOWS\system32\asr_68485.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!


End of the scan: Sunday, April 01, 2012 03:48
Used time: 00:10 Minute(s)

The scan has been done completely.

0 Scanned directories
38 Files were scanned
10 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
10 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
28 Files not concerned
0 Archives were scanned
0 Warnings
1 Notes

__________________
|★★★||★★★|ahead of you
|★★★||★★★|
|★★★||★★★|

Reply With Quote
  #7  
Old 03-31-2012, 06:56 PM
techjr techjr is offline
Web Hosting Master
 
Join Date: Mar 2010
Posts: 4,487
Quote:
Originally Posted by mg- View Post
The worst was AntiVirus 2009 or 2010 on windows xp.. that was the most annoying thing to remove on peoples computers.

I use a combo of malaware (paid) and microsoft security essentials.. they seem to do a good job together.. then again I don't download random torrents or exes or goto crack sites.. which are the 2 main sources for a quick virus.. windows malicious software removal is good to run once in awhile, it's the 1 app that if you rename it and boot in safe mode it gets rid of the more nasty viruses (ie kernel shutdowns, program execution blocking, no taskman or windows explorer) - most tend to just block filenames and what not from running.. so a simple rename allows you to open up a/v proggies when you can't... but it doesn't get rid of the annoying google forward viruses.

If you insist on doing things that aren't totally moral you may caution yourself to notice filesizes, ext types and comments.. Malaware is good at blocking accidental click to malicious sites

You can also inspect your computer using Hijackthis and look at the log... some of the really nasty viruses require you to delve deeper which I don't recommend doing unless you're familiar with those programs as they can really mess up your computer even more
You should see what the antivirus 2013 does on windows vista and 7 machines. Disables the security center. Disables the firewall. Hides the c:\windows\install directory and disables the services for it. Disables the show hidden folders option so you can't see where the virus is for manual removal. And it corrupts about 15 services that have to be manually repaired if the client really doesn't want to reformat. Even deletes certain registry keys to make sure you can't get the services back up unless you grab the keys from other systems.

It's a good 12+ hours of work repairing the damage it does. Most virus scanners or anything don't fix the error and non of microsofts tools can properly recover it. Even worse is if you don't have a tool that clears the hosts file for you (This should be checked anyways) the instant you open a browser and do anything you are infected again........ I hate it. What it does isn't too massively bad, it does so much and in such ways that recovering takes much longer than manually backing up data and reformatting. Which bad clients don't want.

Quote:
Originally Posted by AsianHost View Post
was a worm from an old software installation W32/Sality.AT
removed with avira


Starting the file scan:

Begin scan in 'C:\WINDOWS\system32\asr_68485.exe'
C:\WINDOWS\system32\asr_68485.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!
[NOTE] The file was repaired!


End of the scan: Sunday, April 01, 2012 03:48
Used time: 00:10 Minute(s)

The scan has been done completely.

0 Scanned directories
38 Files were scanned
10 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
10 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
28 Files not concerned
0 Archives were scanned
0 Warnings
1 Notes
Nice to see it resolved. Well if your symptoms are gone at least. I never like to say a system is clean if symptoms are gone. You never know what hidden stuff virus systems can't pick up yet are lurking

Reply With Quote
  #8  
Old 04-01-2012, 12:00 AM
AsianHost AsianHost is offline
WHT Addict
 
Join Date: Nov 2011
Posts: 109
still more

there r more virus inside caught another one but not over

__________________
|★★★||★★★|ahead of you
|★★★||★★★|
|★★★||★★★|

Reply With Quote
  #9  
Old 04-01-2012, 09:16 AM
The Dude The Dude is offline
An Awesome Dude
 
Join Date: Oct 2002
Posts: 12,985
Quote:
Originally Posted by mg-
The worst was AntiVirus 2009 or 2010 on windows xp.. that was the most annoying thing to remove on peoples computers.
That got on the XP computer we have upstairs..... It actually was quite easy to remove... I just did a system restore to a week BEFORE IT HAPPEND and it was gone.... (My mum was using it and didnt know what was going on)





__________________

Tinyurl is the answer for posting long urls!!!

Reply With Quote
  #10  
Old 04-01-2012, 10:36 AM
AsianHost AsianHost is offline
WHT Addict
 
Join Date: Nov 2011
Posts: 109
have switched the firewall on..

now everything is fine again

__________________
|★★★||★★★|ahead of you
|★★★||★★★|
|★★★||★★★|

Reply With Quote
  #11  
Old 04-01-2012, 06:37 PM
techjr techjr is offline
Web Hosting Master
 
Join Date: Mar 2010
Posts: 4,487
Quote:
Originally Posted by The Dude View Post
That got on the XP computer we have upstairs..... It actually was quite easy to remove... I just did a system restore to a week BEFORE IT HAPPEND and it was gone.... (My mum was using it and didnt know what was going on)




The newer ones and some variations of the older one deletes your system restore and corrupts its functionality.

Quote:
Originally Posted by AsianHost View Post
have switched the firewall on..

now everything is fine again
That makes no sense to be honest. Are you sure everything is fixed?

Reply With Quote
  #12  
Old 04-02-2012, 10:52 AM
AsianHost AsianHost is offline
WHT Addict
 
Join Date: Nov 2011
Posts: 109
yeah once the firewall turned on most of the problems like internet switching off --has stopped

donno
maybe the viru program executes when there is no firewall..

i am sure there must be more viruses inside...but no harm at the moment.
i am trying to avoid formatting the disk since my data will be erased

__________________
|★★★||★★★|ahead of you
|★★★||★★★|
|★★★||★★★|

Reply With Quote
  #13  
Old 04-02-2012, 11:10 AM
OP_Nick OP_Nick is offline
Newbie
 
Join Date: Apr 2012
Location: Canada
Posts: 8
I have something that you might wanna try out, it could take around 10-15 mins to complete :

#1 open your startup menu

#2 write on the search bar : MRT.EXE
MRT.exe stands for Microsft Removal Tool

#3 try a long scan


I hope it's going to fix the problem!

Reply With Quote
  #14  
Old 04-02-2012, 06:59 PM
techjr techjr is offline
Web Hosting Master
 
Join Date: Mar 2010
Posts: 4,487
Quote:
Originally Posted by AsianHost View Post
yeah once the firewall turned on most of the problems like internet switching off --has stopped

donno
maybe the viru program executes when there is no firewall..

i am sure there must be more viruses inside...but no harm at the moment.
i am trying to avoid formatting the disk since my data will be erased
You know vista and 7 have an option (Probably xp too) that lets you reinstall while keeping all of your original data intact. As long as what you click on isn't infected in some way, it can be recovered easily.


You also mentioned people posting on your chat programs. So either you have your passwords remembered or you have been keylogged. You are a dangers to others. Fix it.

Reply With Quote
Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
Luke, I am your father! Acroplex Web Hosting Lounge 22 09-17-2009 11:19 AM
Hello From Luke xtremeserv New Members 4 01-03-2008 07:01 AM

Related posts from TheWhir.com
Title Type Date Posted
Hackers Steal User Login Information from AVAST Anti-Virus Forum Web Hosting News 2014-05-27 13:46:25
Hard-to-Find Malicious DLL Found in Some Microsoft IIS Web Servers Web Hosting News 2013-12-10 12:52:53
Reports Suggest NSA Behind Attack on Belgium's Largest Telecom Web Hosting News 2013-09-16 10:33:22
Eleven Security Spring Survey: Growing Threat Level of Spam, Malware Web Hosting News 2013-03-26 15:36:50
Web Host PeakColo Raises $7.5 Million, Funds will Fuel Growth in New Markets Web Hosting News 2012-09-11 10:58:21


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?