Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: [SOLVED] Issue with a possible malware

  1. #1
    Join Date
    Apr 2014
    Posts
    5

    Default [SOLVED] Issue with a possible malware

    ZoneAlarm

    SUSPICIOUS BEHAVIOR

    "ukeqvi.exe is trying to set "OZkutiteokb" to run each time your computer is started"

    then if I click "Show More Info", this is displayed in the same message box:

    "Application:C:\Users\(my name)\AppData\Roaming\Itazrupy\ukeqvi.exe"

    There are buttons at the bottom of the box to "Allow" or "Deny", but even when I deny, the same button pops up again almost instantly.

    Any ideas? Thanks in advance for any assistance!

  2. #2
    Sky Soldiers Guest

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    First provide from the following link thread # 2.The information requested & paste it here so users can better understand & address your issue:

    https://www.zonealarm.com/forums/sho...660#post300660

    Also see if any relevant information from SmartDefense Advisor Overview & Technical Info Tabs.

    By default, all Firewall events are recorded in the Log Viewer.

    Go to Tools > Logs > Log Viewer > Select Log Type > Program.

    See If there is a New Program > Description & IP Adress recorded there relevant to your query.

    You can click the Tab at the bottom right." More Info "

    SmartDefense Advisor will provide information on Alert.Take a look at both Overview & Technical Info Tabs.
    Last edited by Sky Soldiers; April 16th, 2014 at 05:06 PM. Reason: Rephrase

  3. #3
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,833

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    Hello;

    I am very sorry you are having problems with ZA and hopefully I will be able to find a solution for you


    Right click the ZA icon near the clock --> About --> Copy to Clipboard --> Paste in a reply here. Mind to remove the license key (if applicable).

    Exact version of OS used? XP SP3? Windows 7 SP? Windows 8? 8.1? Localized Language version? English version?
    Other security Programs running on the desktop PC? Laptop? Netbook?

    The More information you post the more likely users here will be able to understand the issue and try to help.
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  4. #4
    Join Date
    Apr 2014
    Posts
    5

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    THank you for the replies.

    ZoneAlarm Free Firewall version: 13.0.208.000
    Vsmon version: 13.0.208.0
    Driver version: 13.0.70.0

    Windows 7 Home Premium
    Firefox 28.0

  5. #5
    Sky Soldiers Guest

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    No official support on free products.

    You need to provide more information then that, So users can help you.

    No information on Google search.Upload file to VirusTotal to analyzes suspicious file.

    https://www.virustotal.com/en/

  6. #6

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    Cryptic file names are usually caused by a malware infection, maybe a rootkit. I suggest to follow the malware removal guidance here.

  7. #7
    Sky Soldiers Guest

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    Here is another option you can look into using this Tutorial.

    How to remove these infections manually

    http://www.bleepingcomputer.com/tuto...rm-or-malware/

    Autoruns for Windows v11.70 :

    http://technet.microsoft.com/en-us/s.../bb963902.aspx
    Last edited by Sky Soldiers; April 17th, 2014 at 08:18 PM. Reason: typo

  8. #8
    Join Date
    Apr 2014
    Posts
    5

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    Again, thanks for the replies. I basically ran out of time the other day to gather and post more info, but here it is:

    Screenshots of the logs (can't expand the window enough to see the entire path at one time, so I took 3 photos):






  9. #9
    Join Date
    Apr 2014
    Posts
    5

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    Quote Originally Posted by Sky Soldiers View Post
    No official support on free products.

    You need to provide more information then that, So users can help you.

    No information on Google search.Upload file to VirusTotal to analyzes suspicious file.

    https://www.virustotal.com/en/
    But how do I locate the actual file? The path name doesn't appear when I try to follow it manually. Sorry if I'm being dense about this, BTW...

  10. #10
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,655

    Default Re: Can anyone help me identify/get rid of this pop-up message?

    As already suggested by Darklord666 you need check for malware and most of all post your log at bleepingcomputer.com or spywarehammer.com as we do not do here malware cleanup or malware diagnosis.

    Link to those above mentioned sites are in Darklord666 post (hyperlink).

    Thanks and good luck.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] ConduitSilentUninstaller.exe --> Part of ZA toolbar and not malware
    By jhvance in forum General - Questions that don't fit any other category
    Replies: 4
    Last Post: August 7th, 2011, 10:16 PM
  2. Replies: 6
    Last Post: May 7th, 2011, 06:24 PM
  3. [SOLVED] Malware/Virus confused/desparate.
    By rimmer in forum Malware Discussion
    Replies: 5
    Last Post: March 11th, 2011, 11:33 PM
  4. Replies: 5
    Last Post: November 27th, 2010, 05:10 AM
  5. [SOLVED - Malware related] User Interface doesn't respond upon opening ZA.
    By stormsy in forum General - Questions that don't fit any other category
    Replies: 9
    Last Post: August 25th, 2009, 12:53 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •