System32.p2p-worm.alcra.a

Hi Jooske! I'm not sure what you mean by the above. I think your speaking techie language and I'm only a self taught techie amateur! Can you please elaborate on the "administrative reaction"? I did post a link to my log in the thread they asked me too. But not since I got my system32 file out of hiding. Think I should post again just to make sure? They haven't replied to it yet.

I totally agree with that! Thanks for reminding me!

I'm happy to say, no! There are no more alarms or files (extra or missing!)

Yes I sure did! I have learned so much from this experience. And you were a big help. You didn't have the exact answers but you had a lot of ideas and gave me some excellent references! And you didn't treat me like an idiot. You're awesome!

 

MZJAZZ2U: glad I could help you. Though it might seem as if I am an expert, I'm a "self taught techie amateur" as you are. What bothers me most (hope someone can give me that answer) is how the virus got on my computer. I downloaded quite some things with Limewire (music, video's, but also executables). Is the virus only spread by these executables, or can it be spread by just logging in on Limewire? If the last one is the case, next question would be how to protect myself against these attacks (it did pass my frequently updated Norton Antivirus).

Hope someone can help me with this one.

Greetz,
Cyberik

 

Administrative reaction, i mean there was just some info and request to post a link to your thread in that HJT collection, no helpful instruction on the logs themselves.

TDS (trojans, worms, spyware, adware, keyloggers, etc etc) exec protection (in the registered version) would prevent malware from executing and installing on your system, WormGuard same for other worms and scripts, ProcessGuard (processes, files and applications) and RegDefend (registry) will be very preventive while Port Explorer (ports, connections) shows you in one blink of the eye all possible illegal connections with your system.

In the symantec site it doesn't say how the worm comes on your system, it is remarkable it says it spreads through such p2p networks, so i wonder.
You should always check everything you download from anywhere.

The forum is rather educative, we all learn from every question, so we can all be learners and educators at the same moment. Respecting each other is one of the first basics of the forums.
I'm very sorry you were hurt earlier.

 

I scan every file I download from the internet before I run it and the infection isn't always detected. I'm not sure exactly how the viruses/worms get on your computer but my guess is through *.exe programs. And from what I understand (from installing Worm Guard), an exe can be disguised as another type of file. So if for example, you download a movie (which I'd never do and wouldn't recommend), it may look on the outside like an avi file but it also has an exe extension. I also read that music files are at risk too and I think they particularly mentioned wma files. They can be infected with adware and malware which infects your system. I believe I found a link to the article on the gnutella/Limewire forum somewhere. My answer is to uninstall Limewire. Even though this is the first time I've had trouble with it after years of use, I've had it.

By the way, there is also a alcra.b that came out a few days after alcra.a so beware! I eventually found that I had both. so if you've used Limewire since you cleaned up your system, I'd do a scan with Norton in safe mode again. Apparently Alcra.b has symptoms that react a little bit differently then Alcra.a so you may not know you have it for awhile. Another tip I can give you is to check your prefetch files if you run Windows XP. There will be references to the files the worm dumped on your pc in that folder. I don't know if they could be harmful but I deleted them anyway.

 

Thanks. That is what I didn't quite understand. And I did get a new HJT log posted and put a link in the thread they requested. Still haven't had a response but I'm not in a big hurry since I feel I have my system under control!

 

I just found out that i had alcan.a on my system. The solution that worked for me, can be found here: http://www.geekstogo.com/forum/index.php?showtopic=77529&hl=alcan.a

What i found disturbing was that neither Nod 32 or Spysweeper (two programs i bought because everyone is shouting hallelujah when they are mentioned) detected it at all. To do that, i had to download and execute a program called Xoftspy. If i believed all the stuff that is written on usenet about Xoftspy, i would think that it is as worse than the viruses itself. Thank god, i didn't listened to that, because Xoftspy found and identified the problem, giving me the chance to find the solution.

But it isn't very comforting that that a program that get loads of criticism, does the job where programs that gets all the praise utterly fails.