Results 1 to 2 of 2

Thread: Malware or Virus??

  1. #1
    ecw Guest

    Default Malware or Virus??




    Hi all,


    I have a recurring problem and not sure what is causing it. Here ya go...

    This happened several times on 2 machines running WinXP Pro with Adaware Pro (Adwatch enabled) & ZoneAlarm Internet Security Suite (AV, Anti Spyware & Firewall) V7.0.337 and V7.0.363.

    Symptoms:
    - In the 'Run...' Dialog, all files (.com and .exe) produce the error "This file
    does not have a program associated with it for performing this action. Create an
    association in the Folder Options control panel."
    - Almost all icons are the 'white page' with the little window in it, the default
    icon for an unrecognized file.
    - Double clicking icons to open them, or single-clicking icons in the Quicklaunch
    bar, doesn't open anything. Instead, double-clicking files 'fades' them, as though
    they are hidden files. Double clicking on file un-fades other files, though hidden
    files (such as desktop.ini) are visible, but always remain faded.
    Also, double-clicking the 'recycle bin' creates a Shortcut to the recycle-bin ("Shorcut
    to Recycle Bin.lnk&quot on the desktop, and trying to open the control panel from the
    Start Menu illicits an error("Windows cannot create a shortcut in this folder. Would
    you like to creat it on the desktop instead?&quot
    - Cannot run any java in Internet Explorer
    - ALL Files in 'All Programs' are incorrectly displaying the 'white page' icon
    - Double clicking a folder in the start menu does not open an explorer window
    - Right clicking on a file has the following context menu: {Cut, Copy, Create Shortcut,
    Delete, Rename, Properties}. Everything works in this menu. There is no 'Open With...'
    or 'Open' or 'Send To' menus. 'Find Target' does not work on shortcut properties
    dialogs, though 'Change Icon' does display the correct icon for an item, although
    explorer continues to use the 'whitepage' icon.
    - Clearly, I cannot access the registry or run any programs.

    What is normal:
    - Windows starts normally
    - Most Icons in the start menu appear normally(My Documents/Computer etc, Internet
    (IE), E-mail(Outlook), Control Panel/Printers/Run
    - IE starts, as does Outlook (Though with many errors in the Latter, pertaining
    to Javascript errors and .dll file errors)
    - I can use the web, though I cannot use ActiveX controls or anything fancy (Thus
    ruling out all the online Virus Checkers I've tried)
    - Using IE, I can navigate the file system, but again clicking does not work; I
    must type in the folders I want to navigate to in the address bar
    - I can access Folder Options via the menu in IE. Many filetypes exist under the
    'File Types' tab, and seem to be properly associated. I cannot add,remove, or edit
    file types.

    What I've tried:
    - Booting in Safe Mode (Did nothing)
    - Repairing windows from the CD (No errors - Did Nothing except install some annoying
    Viewpoint toolbar)
    - Doing an online Virus Scan (Doesn't work, can't get the pages to work properly)
    - From the System Recovery Console I performs 'chkdsk C: /r', which didn't do anything
    at all (I didn't really expect it to, I'm just becoming a bit desperate)



    Any ideas? Thanks if you can help me!

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Malware or Virus??

    Sounds like a trojan or malware, not viri, I could be wrong. It maybe a worm.

    Solutions:

    Use the non-active X on line scanner available from trendmicro (uses java instead):

    http://uk.trendmicro-europe.com/ente...all_launch.php

    Donwload and run a DOS virus scan from F-Prot:

    http://www.f-prot.com/products/home_use/dos/index.html

    One of these methods should work.

    Additional freeware scanners to download/install and update, combined they are covering everything from spyware to malware to troyans to worms to rootkits to viri:

    http://www.emsisoft.com/en/software/free/

    http://www.superantispyware.com/

    http://www.majorgeeks.com/RogueRemover_Free_d5360.html

    http://www.majorgeeks.com/McAfee_AVE...ger_d4063.html

    http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html

    Check the ZA logs for application and internet activity. There maybe something valuable found.

    Check with the lavasoft forum for advice. They do HiJack-This logs and this problem could be related to the new Ad-Aware release. The HJThis log postings will be usesful either way.


    Is the hardware OK? Bad RAM mem or soon-to-be failing HDD could be a problem.

    Cheers,

    Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •