My computer's recently been infected. Specifically, Norton Personal Firewall, Program Control alerts at startup that C:\WINDOWS\system32\winlogon.exe is attempting to access a remote address. I hesitate to call it a virus just yet since a Full System Scan with Norton AntiVirus using a recent set of definitions (6/16/2004) showed zero infections.
Here's a list of obsercations:
1. At startup with Local Area Network, Disabled, the Task Manager shows 49 Processes running and a CPU Usage of 89%
2. If I direct Norton Personal Firewall, Program Control to block access, the message returns. After several more attempts, the message goes away but the computer slows unbearably.
2. Spybot - Search & Destroy (Ver. 1.3) scan finds no infections
3. Symantec Corporation, W32.Netsky Fixtool scan concludes "W32.Netsky has not been found on your computer."
4. Microsoft Windows, Sasser Worm Removal Tool (KB84170) scan concludes "No infection detected."
5. CWShredder (Ver. 1.59.0.0) scan concludes that the system is free fron infection
I have and can run Hijack This, but I don't know how to interpret the results.
Any suggestions on further action to remove this infection?
