WinZip_8.x_(including_SR).rar_virus_trojan symptoms ---------- slow computer; hijacked web-browser start page with "...jack..." in the url; creation of extra temp files in root; creation of folder called WinZip 8.x (including SR) which is undeletable, unremovable, unrenamable. process of infection --------------------- on internet, 57946.html --> (there is also a popup window); download link --> leads to WinZip 8.x (including SR).rar unpacking the rar gives: code57496.txt crack.exe keygen.exe click on crack.exe click on keygen.exe unknown which of these steps is responsible for the infection. full scan with a current "Microsoft® Windows® Malicious Software Removal Tool" revealed no positive infections. for the source code of html, see 57946.html.jpg
Here is the link you copied and pasted here. Are you just trying to pass infomation or are you in need of assistance? http://www.dellcommunity.com/supportforums/board/message?board.id=si_virus&message.id=66250
hi again, i guess i'm trying to inform people. it's too late for my computer. but i did further research & it looks like the files contain 2 trojans. the vundo and a dialer. here is an addition to my first post: http://tegasvegas.orgfree.com/
yes i have reformatted computer with a fresh install using the included discs. but more to the point: the two anti-vundo cleaners i found were - vundofix.exe by Atribune (version 6.7.9 built late2007/early2008) fixvundo.exe by Symantec (version 1.5 built 2005? 2006?) i think vundoFix would be the better choice as it is more current. (p.s. a subsequent virus-scan says the trojan is called vundo-1137) thanks to all concerned. sincerely, tegas. p.p.s. i am going to download hjt for use in the future if needed. (another newbie question though, ... does hjt become dated? ie, do you need a current hjt to look for infections)
Here's some of the information you asked about. Download the newest version of HijackThis here. Here's the online analyzer. http://www.hijackthis.de/ And here's some instructions for using the analyzer. http://www.bleepingcomputer.com/tutorials/tutorial42.html The rest will come with experience. Google the entries you don't understand. Ask questions. Take care... Quikdraw
