Please help! I just got infected by your thread on " Browser exploit test & ..."

Discussion in 'malware problems & news' started by chew, Jul 15, 2004.

Thread Status:
Not open for further replies.
  1. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Hi everyone,

    I was reading the Wilders Security Forums just now when I clicked on the link to thread " Browser Exploit test and alternative defences", even before I managed to read, my McAfee V shield capture a trojan virus. I nearly got a heart attack. (very shocking)

    My computer knowledge is not at all good and this really stressed me up very much and a shock to me. I come to WSF to learn and not to get infected.

    So please help.

    This is what McAfee V Shield has writtten:
    -----------------------------------------------------------------------------------------
    McAfee V Shield: Virus found in file

    C:\documents & settings \me\application data\mozilla\firefox\profiles\default\o5s\cache71C3afO2dO1\17C3AFO2DO1 could not be cleaned.

    Virus name: Exploit-URLSpoo.gen

    Access to file was denied.

    ------------------------------------------------------------------------------------------

    I used McAfee to scan it again but found nothing ... but when I tried to launch Firefox 0.9.2 later on ... the McAfee Message popped up again warning me the Virus was found in file.

    I used Spysweeper 2.6.1 to scan but came up with nothing.

    I used SpywareBlaster to scan and came up with nothing.

    I used MRU-Blaster to clear everything but it was so clean there was nothing.

    I went to McAfee website to search for information ... they just advised to delete the file.

    But when I tried to delete the file ... it wouldn´t let me.

    So please help.

    I am terrify at all viruses ....

    Thank you.

    Chew

    Edited: I have just created a folder for that Virus and used McAfee to move the infected file there. It wouldn´t let me clean it ... but do you think I should just delete it? Thank you.

    P/s: It wouldn´t let me delete it as the messeage said " the file could not be deleted. Please check access right to media where this file is found."
     
    Last edited: Jul 15, 2004
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi chew,

    Did u try emptying your browser cache in Firefox?



    snowbound
     
  3. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Also, i moved your thread to Virus and Worms for better attention.



    snowbound
     
  4. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Hi Snowbound

    Yes, I emptied everything in the Firefox Browser Cache.

    I launched the FF browser again ... and each time the message kept coming up.

    Please help.

    Chew
     
  5. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    OK ... I went to the location of the infected file.

    But when I tried to delete it from the folder ... it wouldn´t let me and came up with a message that it is "write protected or something like" and wouldn´t even let me delete or move it.

    Chew
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,721
    Location:
    Texas
    Set your browser cache to 0 and close the browser. Tools, privacy, cache.
     
  7. dog

    dog Guest

    Hi Chew, ;)

    Open the folder ... and select ALL it's contents (ctrl + A) and delete.

    dog - *puppy*
     
  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    When I used to run mcafee it always alerted me on the same thing chew is getting when I went to this link at this thread [Browser Exploit test and alternative defences] It alerts because of the type of test that the site uses to test your browser. It is not a threat in this case. To get rid of the alert disable system restore reboot and then reenable system restore. This is how I got rid of it on my xp pro sp1.
     
  9. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Hi Dog

    Yes, I have deleted everything except that particular One left in the folder and it just won´t let me delete it.

    Kept coming out with somelike ... "write protected ..."

    hmmm ...
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,721
    Location:
    Texas
    Testing one, two, three.
     
  11. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    In a case where you can not delete a file because it is in use or what ever always try to delete in safe mode.
     
  12. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    bigc73542

    But that is Not healty at because I just cannot delete the file. I could with the rest ...

    I can detele the rest but this one just won´t let me do it.

    I have all the protection and it still got through and I didn´t even double click on any of the test but merely click the thread.

    My McAfee keeps coming up with the message and I really want to get rid of it ...

    Please help.

    Chew
     
  13. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I was running mcafee 7.03.6000 at the time.
     
  14. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I did not have to run the test to get the alert all I had to do was just click the link also. Mcafee is about the only av that alerts on this particular thing.
     
  15. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Please be slow on me as I am new to all computing ... I am trying to learn as much as I can ...

    Please let me know step by step in how to delete the virus.

    You need to guide me slowly ...

    Thanks

    Chew
     
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,721
    Location:
    Texas

    It ran some tests. I didn't wait long enough. No alerts.
     
  17. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Back when I had it do this I didn't have to run test, just click on the link.
     
  18. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,721
    Location:
    Texas

    Check this link. http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

    Restart your computer after you disable system restore and do a scan.
     
  19. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    My McAfee Virus Shield is Version 4.5.1,
    Scan engine is 4.3.20.
    DAT is 4376.

    My infected machine is diconnected from the net now ... and I am using a friend´s pc to post here.

    Chew

    P/S: Ronjo ... I have disabled the System restore ... but if I cannot get rid of it how am I going to use thatþ?
     
  20. dog

    dog Guest

    Hi Chew, ;)

    Are you looking for directions for booting in safe mode? ... Here's a quick quote from this Symantec Link ... the link has directions for all windows operating systems ... just expand the applicable one to you. Then try an delete the file in safe mode (it should work with no trouble).

     
  21. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    According to the mcafee virus information site there is no virus Exploit-URLSpoo.gen In their data base.
     

    Attached Files:

  22. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Dog

    I don´t know which to do now ...

    Disabling System restore?

    Or what?

    Thanks ...

    Chew
     
  23. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Try to delete the file in safe mode first.
     
  24. dog

    dog Guest

    Try an delete the file first in safe mode ...
     
  25. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Do this first.


    snowbound
     
Loading...
Thread Status:
Not open for further replies.