Prev: neat script
Next: wmi namespace ? virus
From: Gandalf on 8 Sep 2009 01:38
Hi all
I have been lurking here for some time and just taking the knowledge of all
you guys. I have been trying to find the best tools for keeping things
running ok and recently installed GMER and ran it for the one and only time.
When I ran it I got a blue screen which I'm sure most of have seen that says
that the computer has been shut down to avoid damage blah blah blah. But
the thing was that is it says that it (the shutdown) was caused by the
presence of file aujasnkj.sys. Having done some googling I'm still not sure
what this is. First up, a search of the laptop couldn't find it. From what
I've been reading some say this is a backdoor trojan, others say that it is
file created by GMER and then deleted when it is done which doesn't make
sense in my case because GMER made things crash. My laptop has definitely
been running much slower over recent weeks and I can't seem to work out shy.

Does anybody have any ideas about this on?

Thanks for any answers or comments that may come.


From: 1PW on 8 Sep 2009 02:44
Gandalf wrote:
> Hi all
> I have been lurking here for some time and just taking the knowledge of all
> you guys. I have been trying to find the best tools for keeping things
> running ok and recently installed GMER and ran it for the one and only time.

If you had to "install" GMER, you have the wrong one. The legitimate
GMER is a singular, executable file from:

<http://www.gmer.net/#files>

Clicking the "Download EXE" button is preferred and renders a
randomized executable file name.

> When I ran it I got a blue screen which I'm sure most of have seen that says
> that the computer has been shut down to avoid damage blah blah blah. But
> the thing was that is it says that it (the shutdown) was caused by the
> presence of file aujasnkj.sys.

Please quote the contents of the screen /exactly/ in your reply.

> Having done some googling I'm still not sure
> what this is. First up, a search of the laptop couldn't find it. From what
> I've been reading some say this is a backdoor trojan, others say that it is
> file created by GMER and then deleted when it is done which doesn't make
> sense in my case because GMER made things crash. My laptop has definitely
> been running much slower over recent weeks and I can't seem to work out why.
>
> Does anybody have any ideas about this on?

Has your laptop's HDD transfer mode gone from DMA to PIO?

Have you checked the running processes? Sysinternal's "Process
Explorer" is good for this.

How much RAM does your computer have? What is the make and model?

Have you defragged your HDD very recently? Chkdsk?

> Thanks for any answers or comments that may come.

What are all your antimalware applications?

Do a "Windows Key" + R and enter winver. Please transcribe your full
OS details in a reply.

The suspect file may be hidden. Set your system to display all files
and their extensions before searching.

When found, send the aujasnkj.sys file to:

<http://www.virustotal.com/>

Do not cut and paste the result to a reply - just post the URL for its
report although you can give us an executive summary of the VT evaluation.

You might wish to intersperse your answers for the sake of completeness.

Regards.

--
1PW
 | 
Pages: 1
Prev: neat script
Next: wmi namespace ? virus