Results 1 to 8 of 8

Thread: It wormed its way in, help

  1. #1
    hapkine Guest

    Default It wormed its way in, help


    I don't know even what Zone Alarm is but please: can
    anyone here
    help me identify and rid this virus?
    On Feb 9th I foolishly executed
    a file from a slime site which is no longer a valid URL.After running, the file deleted itself. It was 132 KB file. Another file just like it was found easily on the Web, and it is archived as my crack1037.zip, for which the passwod is "suspect". This file is available, but I have NOT attached it hereto ...yet.
    Since then I have had various symptoms.
    System Restore is disabled! I can select an old checkpoint to restore from, but when it's all ready to proceed at the next screen and I hit "Next", nothing happens. And NO checkpoints have been recorded since Feb. 9th!
    I am unable to visit certain anti-virus websites, like trendmicro.com for example, also majorgeeks.com and geekstogo.com, claiming domain name server problems and such! It still works in Opera though, perhaps temporarily, but like the other 2 browsers I tried this under, when I tried to launch HouseCall, TrendMicro's online free virus scan, it goes through the initial steps and then just sits idle interminably!
    No virus is detected by MacAfee Stinger, and no virus is detected by MacAfee Klez or Bugbear removal tools. I downloaded their very latests ('had to use a different PC) and ran each fully!
    Browsers, especially my default Firefox, tend to get hung up and crash, fail to load certain pages or run certain scripts correctly. It's difficult to pin down, but for example I cannot login to my site running Mambo 4.5.2 since Feb. 9th and I get no error message only a blank page after trying.
    Other than the above, I don't discern any obvious symptoms. There are no new entries in my PC's Startup list, as far as I can see.



    Operating System:Windows XP Home Edition
    Software Version:8.0
    Product Name:ZoneAlarm (Free)

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: It wormed its way in, help

    Best regards.
    oldsod

  3. #3
    hapkine Guest

    Default Re: It wormed its way in, help

    Hey thanks, guru! That's a very long sermon.

    Fortunately there's another PC in the house and I downloaded and transferred over on thumb drive and ran some of the free malware removal software found/touted at the forum at majorgeeks.com, without even having to register or post. Maybe the same is available here. Yes, I'm getting sloppy in my old age, arghh!

    So, my PC had a case of Rootkit.Agent/Gen-UACFake and I think that eventually sneaked in a Trojan.Dropper/FakeAlert. I believe I am rid of it all now, thanks to SUPERAntiSpyware, preceded by CCleaner.

    Thanks for being all ears, guru

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: It wormed its way in, help

    From your first post, I had already guessed you got a rootkit and some malware installed by your self.
    From the second post, I am guessing there maybe some form of malware still left over in the windows, not detected by the scanners.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    hapkine Guest

    Default Re: It wormed its way in, help

    Wow you are just too kind, sir! Thank you for that tip. I am definitely getting sloppy in my old age: 'turned 58 yesterday.

    So I went back and got the other 3 apps and one of those, MalwareByte's Anti-Malware, found several other rootkits and 2 more trojans. ComboFix and MGTools found nothing additional (save a few registry orphans). I suppose the initial infection spawned/invited others.

    Afterward, I reran SUPERAntiMalware's Quick Scan and it detected nothing.

    Then, just for good measure, I went to TrendMicro.com and employed their Java-based HouseCall online scan (partial, just C:\WINDOWS, for brevity), and nothing else was detected.

    I hope that does it. One way I can be cued if there are more encroachments is if System Restore again stops making daily checkpoints.

    I owe you

  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: It wormed its way in, help

    Download GMER to the root of the drive and install and then immedaitely run it - it will discover any remaining rootkits still undetected. Very nice application but beforewarned to leave it in the default settings or you may find yourself unable to use or start windows!
    Download also from majorgeeks.com.
    (to uninstall GMER - execute the .bat file found in the WINDOWS directory and then use 'gmer' in the Find of the registry as there should be about three reg keys or so left over).


    Also look at this thread for a few other ideas:

    http://forum.zonelabs.org/zonelabs/b...essage.id=4280.

    Oldsod.
    Best regards.
    oldsod

  7. #7
    hapkine Guest

    Default Re: It wormed its way in, help

    I saw something in ComboFix's DOS command window about inclusion of GMER. But I went and downloaded the latest and scanned anyway, and I came up clean. Thank you.

    So besides thwarting its own removal and maybe inviting other sleazeware aboard, was this invader going to eventually get around to substantially harming my PC? ..or was that calamitous event maybe rigged to be remotely-activated by the conniver himself?

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: It wormed its way in, help

    Good chance your passwords and private info is already stolen.
    I strongly suggest to follow this up - change your passwords and logins for email, forums, banks, billings, etc.
    Also if you had credit card or banking details stored in the computer - change these immedaitely.
    Deter or prevent any theft of any kind this way.

    It would probably have made your computer into a toy of their own eventually.
    Eventually the best solution would be reformat and reinstall.

    Life gets boring not getting infected for many years - so I purposely infect a windows from time to time (no firewall or antivirus running) with cracks, gens, troyans, toolbars, adware, worms, etc.
    Just to see what it does and how, and then how to remove the junk and more importantly how to repair the damage caused to windows by the malware.
    Keeps me in practise.

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •