URGENT: Trojan Horse Beware!!!

[liladypokerpro]

Recently I've spoken with many people on another site which have also been hacked as we were.

It turns out, although the minor issues were resolved, the following program file was infected with a Generic Trojan Horse:

WUDFTrace.etl

The Trojan is hidden in the System32 Log File folder WUDF. Check your computers and be sure you are not infected....Simply go to Search and type in the above file name and look in C:/ to check for it. If you DO have it, scan it with your antivirus software OR go online and use the BitDefender Online Scanning tool, OR Kaspersky 7.0 Online Scanning tool and make sure it's not infected, as a friend of mine says this particular file is a common target of generic trojan viruses.


Our computer is FUBAR...EVERYTHING BUT Internet Explorer has crashed. Which means I cannot even play poker, because I cannot access the software at all. So, I won't be able to join you in the Freeroll Challenge, nor will I be able to play in the PTOTW this weekend.

[liladypokerpro]

(((bumped for importance)))

[brandog479]

Thanks for the info. I've never been so happy to see no results in my search

[gamer4life27]

Thanks for the info. Just checked and nothing on my comp. Hope everytying works out ok for you.

Bty, how did you get it again? Was your man looking at naughty pic's again?! LMAO!

[RiverstarsVictim]

Thanks for info, I'm clean thankfully.

Is it not possible to use another browser like firefox to do the online scan with kasperspy?

[vwpunk]

Just checked both of my computers and did not find this file on either, but I know I still have something on my primary computer that AVG, spybot, and adaware can't find. Are their any other good free software protections to look for?

[liladypokerpro]

Quote:

Originally Posted by RiverstarsVictim Thanks for info, I'm clean thankfully. Is it not possible to use another browser like firefox to do the online scan with kasperspy?

Nope even Firefox is disabled. Every single program on my computer is corrupt...and this is THE FIRST time I've EVER encountered something that even disabled DOS!!! I fear there is no hope. My drives are disabled, commands are disabled, the entire system is locked solid. The ONLY thing that works *(barely)* is Internet Explorer.

I posted the question on a computer geek forum and the universal response was pretty much "get a new computer"

I've dealt with and repaired many infected computers in my time, but I've never run across something this malicious and volatile. It's a real bummer, because we really can't afford to replace the computer right now.

Quote:

Originally Posted by vwpunk Just checked both of my computers and did not find this file on either, but I know I still have something on my primary computer that AVG, spybot, and adaware can't find. Are their any other good free software protections to look for?

You can use BitDefender Free Online Scanner....it works great....traces a lot more virus signatures than AVG or the others. Also, Kaspersky 7.0 has a Free Online scanning tool as well. Trend Micro is another good one....there is also a free online tool for that one as well. Sadly I cannot use any of these because any online tool requires Java to run, and mine is....you guessed it....disabled.

Quote:

Originally Posted by gamer4life27 Thanks for the info. Just checked and nothing on my comp. Hope everytying works out ok for you. Bty, how did you get it again? Was your man looking at naughty pic's again?! LMAO!

lol Gamer, even though I am so not in a joking mood, that made me laugh You know I don't have a "man"

Anyway, unless I somehow win a grand on a scratch off lottery ticket, there's no way I can replace our computer, which seems like the only solution. I'm really bummed right now.

Not sure how we got it. Trojans are usually embedded in downloaded files, but we haven't downloaded anything recently. The only other thing I can figure is it was somehow remotely added by whomever hacked us earlier in the week. I'm not sure how that would be possible, but these bastards who created this Trojan thought of everything, so I wouldn't put it past them.

[RiverstarsVictim]

Quote:

Originally Posted by vwpunk Just checked both of my computers and did not find this file on either, but I know I still have something on my primary computer that AVG, spybot, and adaware can't find. Are their any other good free software protections to look for?

Free Online Virus Scanners and Security Tests

[gamer4life27]

If your computer came with a Start up disk, run that again. Run it, and erase ALL your old files. Thats what I did to this comp and it's fine now. And hope you accomplish your goal for my challenge, so you can buy yoursef a new comp for free.

And I'm glad I made you laugh, thats the only thing I could think of that you could have no clue on how the virus got there. But I really do hope everything goes ok for you.

[liladypokerpro]

Thanks hun. I can't run the OS disk (or any disk for that matter) because all the drives are non-responsive...i.e. they don't work at all I guess my computer declared its independence on my independence day by commiting suicide lol

[comrade4]

lil lady did you open the file or try to delete it, is this why it became a problem? Is it harmful to just let the file keep sitting there untouched?

[liladypokerpro]

Quote:

Originally Posted by comrade4 lil lady did you open the file or try to delete it, is this why it became a problem? Is it harmful to just let the file keep sitting there untouched?

No, once I found it and noticed it was suspicious, I went online to look up the file name, and a number of sites came up showing it as a malicious trojan. Sadly I could not use any of their suggestions for DIY repair because all my softwares and my disk drives are locked. Any virus is harmful as long as it exists on your pc. It is not as harmful if you never click on it, granted, but still will slow down the computer and cause other issues such as pop-ups, etc. It all depends on the virus as to what it affects.

[RiverstarsVictim]

Quote:

Originally Posted by liladypokerpro Recently I've spoken with many people on another site which have also been hacked as we were. It turns out, although the minor issues were resolved, we were infected with the following Trojan Horse.......the WORST possible kind........ WUDFTrace.etl The Trojan is hidden in the System32 Log File folder. Check your computers and be sure you are not infected....Simply go to Search and type in the above file name and look in C:/ to check for it. If you DO have it, whatever you do, do NOT try to open or delete it. It won't work, and the more you try, the worse it will get. If you do have it and your Java still works, a buddy of mine suggests using Kaspersky Online Tool to be rid of it. Sadly, since my Java is disabled, this is not an option for me. Since the Virus also disabled Java, as well as the System Restore command and a bazillion other commands (including the Firewall), I can't do anything...which means I will likely have to replace our computer, or wipe it out and reinstall XP from scratch. Online AV tools can't work, because they also use Java to run. And AVG didn't even pick up on the virus......I had to spend 3 hours going through all the System32 files and folders before I finally found the bugger. Our computer is FUBAR...EVERYTHING BUT Internet Explorer has crashed. Which means I cannot even play poker, because I cannot access the software at all. So, I won't be able to join you in the Freeroll Challenge, nor will I be able to play in the PTOTW this weekend.

Sorry but I've had to come back to the beginning of this thread.

Can you supply a link which clearly states this file (WUDFTrace.etl) is a trojan?

The reason I ask is after googling it, the only real reference I can find to it is when it comes up in user's Kasperspy Online Scanner reports. The common entry seems to be:

C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

Nowhere do I see the Techie Geeks condemning this file.

The only other reference would be from 'Erica R' and quite frankly, the responses to her post have no merit whatsoever.

Apologies if you feel I'm doubting you but your original post is quite scary and it would be a pity if fellow posters started deleting (possibly) necessary files on the strength of sounding "suspicious".

[vwpunk]

Quote:

Originally Posted by RiverstarsVictim Free Online Virus Scanners and Security Tests

Thanks man, I'll try this out next time i fire up the infected comp...

lilady, can you operate in safe mode or f2 into your system BIOs at start up?

[liladypokerpro]

Quote:

Originally Posted by RiverstarsVictim Sorry but I've had to come back to the beginning of this thread. Can you supply a link which clearly states this file (WUDFTrace.etl) is a trojan? The reason I ask is after googling it, the only real reference I can find to it is when it comes up in user's Kasperspy Online Scanner reports. The common entry seems to be: C:WindowsSystem32LogFilesWUDFWUDFTrace.etl Object is locked skipped Nowhere do I see the Techie Geeks condemning this file. The only other reference would be from 'Erica R' and quite frankly, the responses to her post have no merit whatsoever. Apologies if you feel I'm doubting you but your original post is quite scary and it would be a pity if fellow posters started deleting (possibly) necessary files on the strength of sounding "suspicious".

I found the same links as you, but also another forum but now I can't find the damn link Also a buddy of mine also said this file was infected and that it is a common problem for generic trojans to attack this particular file, which I should have clarified but I was so upset and frustrated my words didn't come out right.

The other reference you refer to is my question on Yahoo answers... *(Erica R)* Is ME... and I agree, the answers there were totally useless

Anyway I've got a buddy coming over soon, as I was finally able to get rid of the generic trojan as well as a worm the computer also had. I used BitDefender, and thank goodness it worked. Now I just need a fresh re-install of Windows to repair all the missing configuration files so the computer will run properly again.

Quote:

Originally Posted by vwpunk lilady, can you operate in safe mode or f2 into your system BIOs at start up?

I am able to access the BIOS and run in Safe Mode but the OS itself is corrupt so Safe Mode has the exact same problems...a buddy of mine said a fresh OS reinstall is the only way to go now that the virus and worm are gone.

[RiverstarsVictim]

Quote:

Originally Posted by liladypokerpro [color="DarkSlateBlue"]I found the same links as you, but also another forum but now I can't find the damn link Also a buddy of mine also said this file was infected and that it is a common problem for generic trojans to attack this particular file, which I should have clarified but I was so upset and frustrated my words didn't come out right. The other reference you refer to is my question on Yahoo answers... *(Erica R)* Is ME... and I agree, the answers there were totally useless Anyway I've got a buddy coming over soon, as I was finally able to get rid of the generic trojan as well as a worm the computer also had. I used BitDefender, and thank goodness it worked. Now I just need a fresh re-install of Windows to repair all the missing configuration files so the computer will run properly again.R

I'm pleased you've got/getting your computer fixed but isn't it fair to admit you were wrong with your assumption of the original file being a trojan?

I've no idea how I would've reacted had I found this file on my comp

[liladypokerpro]

Well in all fairness I was moreso misinformed than anything else...and my panicked state didn't help matters either. Still, as my friend stated, it is common for this file to be infected by generic trojans, so it can't hurt for people to at least scan the file (if they have it on their pc) with their anti virus software and be sure they are not also infected, because it's done a bang up job on screwing up my computer

EDIT: ORIGINAL POST WAS UPDATED TO SHOW THE CORRECT INFORMATION.

[123bird]

Quote:

Originally Posted by liladypokerpro Recently I've spoken with many people on another site which have also been hacked as we were. It turns out, although the minor issues were resolved, the following program file was infected with a Generic Trojan Horse: WUDFTrace.etl The Trojan is hidden in the System32 Log File folder WUDF. Check your computers and be sure you are not infected....Simply go to Search and type in the above file name and look in C:/ to check for it. If you DO have it, scan it with your antivirus software OR go online and use the BitDefender Online Scanning tool, OR Kaspersky 7.0 Online Scanning tool and make sure it's not infected, as a friend of mine says this particular file is a common target of generic trojan viruses. Our computer is FUBAR...EVERYTHING BUT Internet Explorer has crashed. Which means I cannot even play poker, because I cannot access the software at all. So, I won't be able to join you in the Freeroll Challenge, nor will I be able to play in the PTOTW this weekend.

Thanks for the tip.

I have a question, as I'm relatively new to the computer & know very,very little, where do i do the search from ?

Another quick question which is the best free anti-virus scan system or is it worth investing in a pay anti-virus system

thanks
123bird

[vwpunk]

Quote:

Originally Posted by 123bird Thanks for the tip. I have a question, as I'm relatively new to the computer & know very,very little, where do i do the search from ? Another quick question which is the best free anti-virus scan system or is it worth investing in a pay anti-virus system thanks 123bird

i use AVG, and I think for the most part it does a great job, and it's free. Just do a search for AVG and you will find several downloads for it. I also like Spybot, which is a free adware scanner that is pretty good as well...

lilady I'm glad you were able to get rid of your problem without having to buy a new computer

[liladypokerpro]

Bird:

Well unfortunately although AVG is very good, it didn't pick up on the trojan or the worm that our computer was infected with.

The way I finally found and got rid of these things was I used the BitDfender Online Scan Tool...worked brilliantly. It's also free, and you don't have to download it, which is a plus because AVG eats up a lot of memory.

VW:

Thanks hun, I just wish the virus hadn't fried our computer before I got rid of it. At least Internet Explorer still half-way works...so I am not missing out on the forum