Worm? Help!

Discussion in 'malware problems & news' started by valval10, Jun 1, 2005.

Thread Status:
Not open for further replies.
  1. valval10

    valval10 Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    2
    Worm? Help!--ALL FIXED!

    ALL FIXED!!

    I did a booboo by starting to open a file called 06_05_2005.exe, when i realized it I stopped. But it has taken my firewall away, corrupted my AVG updating capabilites and I can not get to any Yahoo sites or any sites that has anything to do with downloading any sort of virus protection or spyware or worm fix. I have run what I have on my computer AVG, Spybot, Spy Killer, Ad-aware & adware. I have no idea what to do next since I don't even know what it is. Any helpo_O :'(

    Thanks...
     
    Last edited: Jun 3, 2005
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi valval10. :)

    Welcome to Wilders.

    Though Wilders no longer offers Hijack cleaning services, u might want to visit one of the sites at this link,

    https://www.wilderssecurity.com/showthread.php?t=42148

    The best thing to do is register at the site of your choosing then post a HijackThis log and let the experts there advise u as too any malware found on your system.


    snowbound
     
  3. wormvirus

    wormvirus Registered Member

    Joined:
    May 24, 2005
    Posts:
    17
    Location:
    Beijing,China
    Another virus,which can kill the process of antivirus tools and firewalls it knows.To clean this u can choose a unfamous and uncommon antivirus tool,while it is unknown for the virus,u can use it kill the virus.

    U can use the online scanner yet to find virus,if found,reboot yr PC,press F8 to enter safe mode,then del all virus files displayed by online scanner,ok.For the most part of virus can be found for free form the URL:http://online.rising.com.cn/ravonline/RavSoft/Rav.asp (But the language is Chinese. :p )
     
  4. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Hope you got everything cleaned up OK :)

    That file (with similar filenames) is circulating around - I've received several by email, and I kept one thinking to test out my firewall to see if it would block the disable attempt. If the firewall is password protected, it should block an attempt to disable the service, and my Kerio 2.1.5 did. I ran the file from my desktop and it brought up immediately the password prompt. See screenshot:

    http://www.rsjones.net/firew/

    When you get things straightened out, check to see if you can set a password for your firewall.

    regards,

    -rich
     
  5. valval10

    valval10 Registered Member

    Joined:
    Jun 1, 2005
    Posts:
    2
    Not cleared up yet. I posted a "snapshot" on the site snowbound suggested but it seems they are very behind there. So I will just keep searching the internet to try to find something but without being able to even get to many sites it makes it a little difficult.

    Thanks again!

    Val
     
  6. pcalvert

    pcalvert Registered Member

    Joined:
    May 21, 2005
    Posts:
    203
Loading...
Thread Status:
Not open for further replies.