Tech Support banner

Status
Not open for further replies.
1 - 16 of 16 Posts

·
Registered
Joined
·
852 Posts
Discussion Starter #1
Guess who is having problems with their computer?

Task manager says I have a process running called Winkhd.exe. Every 6 seconds it bumps my CPU to 100% for 1.5 seconds, then back to 7 or 8% for the remaining 6 seconds. It happened within the last 2 days or so and is slowing things down. Strange thing is when I type Winkhd.exe in a search engine- Any search engine it returns a blank page.

What is winkhd before I seek and destroy it?
 

·
Registered
Joined
·
852 Posts
Discussion Starter #2
OMG, I think I might be infected

You should see my event log. 30+ file protection errors saying "File replacement was attempted on the protected system file c:\ bla bla bla"

I'll do a flush tomorrow, it just seems strange after almost 8 years of heavy internet usage that I get a virus after dissing firewalls a couple days ago. I mean I have got hit at work a couple times but never at home.
 

·
Registered
Joined
·
1,691 Posts
Not good.

Virus, and you knocked my firewall post to, oh well Im not gonna say toldya so or anything :)

But it does sound like kluz that thing is everywhere on the internet right now, you should be able to get a virus update and then get rid of it though. good luck.
 

·
hey
Joined
·
10,189 Posts
Kluz will disable the virus protection. If you visit mcafees site they will tell you how to get around it. Be careful though. Some varients will be tricky to get rid of.
 

·
Registered
Joined
·
852 Posts
Discussion Starter #6
OK, you told me so! It's pretty cool, it won't let me delete the registry keys referring to it, it will let me delete the exe file but re-creates it with a variant name (winkju.exe, winktb.exe, winkzqg.exe, etc....). It won't let me update virus definitions, it won't even let me run the virus software for 30 seconds, I like it! Someone is twisted and demented and a genius. Looks like I'm re-doing a computer tonight but will be looking for some tips on how to keep it from happening again. Question- what would have kept this from happening, a firewall or full time virus protection?


I seriously have NEVER had a virus at home and have been internetting for over 8 years, hope this better explains my lack of interest in proper protection.
 

·
Registered
Joined
·
1,691 Posts
Your right I have seen this virus in opperation and it is a work of freaking art. Someone has truly gone "postal" in the computer sense.

To answer your question it, it is a matter of how the virus was introduced. It is normally a mailed virus but does use unproteced microsoft shares that are open to the internet and unclosable without a firewall. If you are running Win2000/Xp then there is a port named RPC and it is not closable without a firewall and this bleeping virus will look for this port on a computer. So people connected via alway on connections are most likley to get hit this way. So both, a firewall to protect ports and AV to protect your email.

Please excuse the spelling there is no F7 spell check available on this board yet (Admin. : HINT. HINT) :)
 

·
hey
Joined
·
10,189 Posts
Also run IE 5.5 with service pack 2 or higher.

The virus is a master peice. One of the vairents will carry a payload of up to 3 or 4 viruses from what I've heard. We are now getting about two computers daily with this sucker.
 

·
Registered
Joined
·
852 Posts
Discussion Starter #9
Rid of virus. Running IE6 BTW. I checked the McAffy(sp?) fix and it seemed a little cumbersome. Norton had a neat little file (144K! fits on a floppy) called "FixKlez.com" that you run in safe mode and it wipes it clean with no bs. Here is what I used, it was automatic, quick and worked. Now to work on the protection- a new priority in my life. Thanks all-:D
 

·
Registered
Joined
·
1,274 Posts
all these viruses got me scared (yes I know...bad grammar :p ) I think I'm going to have to run a full scan tonight...I'll let ya know If I find anything good....LOL
 

·
Registered
Joined
·
1,274 Posts
Hey guess what...even further proof that Norty AV 2002 is crap! Norty tried to tell me that HDKP is a backdoor trojan...LOL you can go DL HDKP (Hard Drive Killer Pro) from http://I'm-not-telling.ha (it isn't of any use and is pointless for newbies) But anyway... I looked through the batch that it runs, and nope no troja, but I actually forgot that I still had the darned thing.... hidden in my text files folder.
 

·
Registered
Joined
·
100 Posts
Have you guys heard my favorite Virus joke?
"I wonder who makes more money at Norton. The guys who write the anti-virus software or the dudes writting the Viruses?"
and yes i wrote it.
 

·
Registered
Joined
·
1,274 Posts
Hey deuce, that's not a bad conspiracy....
Norty writes the virus, pays off the the people they are going to release it to ( big corps), or maybe even not... maybe they pay off the investigators so they don't get screwed by the media. Most of the viruses released recently, have been fairly benign
(to my knowledge), as to not cause any real damage..... hmmmmmmm this could actually be true...LOL... To the Laboratory!!... I've got some investigating to do....:D
 

·
Registered
Joined
·
1,481 Posts
the only virus Macafee can find .....is it self.....


NAV is like being hit by a rock insted of the 20 pound Mcafee bolder....both suck but atlest NAV gets the job done...sometimes....

I like...when it works PC-CIllin by Trend

IMO
 
1 - 16 of 16 Posts
Status
Not open for further replies.
Top