troubleshooting Question

wscript.exe in the startup of windows XP, 99% of the resources

Avatar of thyet
thyetFlag for Spain asked on
VulnerabilitiesWindows XPAnti-Spyware
7 Comments1 Solution3711 ViewsLast Modified:
Hi all,

curiosly since yesterday this process appears in the moment in which one of our computers is restarted. The process is wscript.exe and the consumption of this process is the 99% of the resources. This process blocks the computer completelly, specially in terms of the internet and outlook connections. All the applications are blocked.

I dont really know if it is a virus or not, i could read different things. The first is next fro microsoft:

wscript.exe file information. The process Microsoft (r) Windows Based Script Host belongs to the software Microsoft (r) Windows Script Host or wscript.exe by Microsoft Corporation (www.microsoft.com).
Description: File wscript.exe is located in the folder C:\Windows\System32. Known file sizes on Windows XP are 114688 bytes (68% of all occurrence), 118834 bytes, 151552 bytes.
The file is a trustworthy file from Microsoft. The program has no visible window. Therefore the technical security rating is 5% dangerous.

If wscript.exe is located in a subfolder of C:\Windows then the security rating is 16% dangerous. File size is 114688 bytes. The program is not visible. File wscript.exe is a trustworthy file from Microsoft. File wscript.exe is not a Windows core file.


and this another found in the Internet (http://www.auditmypc.com/process/wscript.asp):
 
wscript.exe - Here is the scoop on Vbswg.Aq Worm as it pertains to computer network security. The big question: what is wscript.exe and is it spyware, a trojan and if so, how do I get rid of Vbswg.Aq Worm?
wscript.exe (Vbswg.Aq Worm) - Details
If a process named wscript.exe is running on your computer, you may have been infected with a strain of the Vbswg.Aq worm.

wscript.exe is considered to be a security risk, not only because antivirus programs flag Vbswg.Aq Worm as a virus, but also because a number of users have complained about its performance.

Vbswg.Aq Worm is likely a virus and as such, presents a serious vulnerability which should be fixed immediately! Delaying the removal of wscript.exe may cause serious harm to your system and will likely cause a number of problems, such as slow performance, loss of data or leaking private information to websites.

You should visit our Anonymous Surfing section to make sure your system is not giving away information like that of wscript.exe.

WSCRIPT.EXE - Disclaimer
Every attempt has been made to provide you with the correct information for wscript.exe or VBSWG.AQ WORM. Many spyware / malware programs use filenames of usual, non-malware programs. If we have included information about wscript.exe that is inaccurate, we would greatly appreciate your help by updating the Process Information database and we will do our best to correct it.

You should verify the accuracy of information we provided about wscript.exe. Vbswg.Aq Worm may have had a status change since this page was published.

Could you help on that?
thanks

wscript.doc
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 7 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 7 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros