[bcab] Re: malware I can't find

• From: "Dj Paddy" <mygroups@xxxxxxxxxxxxx>
• To: <bcab@xxxxxxxxxxxxx>
• Date: Thu, 24 May 2007 18:41:14 +0100

Hi did you run the thorough scan, not just the normal scan?

Dj Paddy
Ôà

To: <bcab@xxxxxxxxxxxxx>
Sent: Thursday, May 24, 2007 6:25 PM
Subject: [bcab] Re: malware I can't find

first, I have nod 32 on here and             have already done a scan.
Nod32 updates itself fine.

No problems were found.

Cheers

Graham

----- Original Message ----- From: "Dj Paddy" <mygroups@xxxxxxxxxxxxx>

To: <bcab@xxxxxxxxxxxxx>
Sent: Thursday, May 24, 2007 4:50 PM
Subject: [bcab] Re: malware I can't find


Graham,

Wow that's alot of stuff going on there.

The very first thing to do is get yourself a demo copy of NOD32,

Go into the indepth scanning settings and check the boxes for it to scan
everything.

That's the first thing you need to do, let us know how you get on.

IMHO, if NOD32 can't find and remove everything it's probably going to be a

re-format of the system.

I'd also recommend installing Look And Stop, as a software firewall.

Dj paddy

Ôà

----- Original Message ----- From: "Graham Page" <gpage@xxxxxxxxxxxxxx>

To: <bcab@xxxxxxxxxxxxx>
Sent: Thursday, May 24, 2007 4:23 PM
Subject: [bcab] malware I can't find


Hi all.

In the last couple of days, I think I have had someone try and succeed in

getting through my firewall. I found this out because I got a message that

appeared from the Microsoft firewall which is all I was using at the time.
It said it had blocked something called File Transfer Program and asked to

keep blocking or unblock. I accidentally pressed enter on unblock and that

is where my problems began.

My PC shut down automatically and then restarted. Everything appeared to be fine until an mp3 file started playing on the PC automatically. I therefore

asumed someone had gained remote access to my PC, having got through the
router on my firewall.

I was also working on a new laptop at the time and put the Sygate firewall
on this.  I got a dialog there saying a module called I believe Windows
Services was wanting to contact a server called garbage.scrappy.cc

The Garbage and cc bits are certainly correct. I did not let this through.

I tried to do a system restore and got the message:

C:\WINDOWS\system32\Restore\rstrui.exe

Windows cannot access the specified device, path, or file. You may not have

the appropriate permissions to access
the item.
OK

also after doing a windows update I get a message telling me the update is

complete and asking me to restart and when I do I do a windows update again

and the update that I installed is listed as downloaded but not installed.

I have tried installing the sygate firewall but this does not work either.

I have tried logging on as user admin and this does nnot work either.

Running Adaware tells me there is no spyware apart from a few tracking
cookies and I have corrected these errors.

Anyone any ideas what I can do?  it seems as though I have been denied
permision to certain key parts of the system but I am not sure how to get
them back.

Since this all happened I have changed the password on my account and
router.

Regards

Graham

Graham Page
Home Phone: 0207 265 9493
Mobile: 07753 607980
Fax:  0870 706 2773
Email: gpage@xxxxxxxxxxxxxx
MSN: gabriel_mcbird@xxxxxxxxxxx
Skype: gabriel_mcbird

***  BCAB List administration ***

If you wish to unsubscribe, set vacation,, request a digest or carry out
routine maintenance on your subscription to the list then go to:
http://www.bcab.org.uk/mailing-list.html

Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word

faqin the subject line. You'll receive an email with advice on managing your

subscription to the list.

If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx


__________ NOD32 2290 (20070524) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com


***  BCAB List administration ***

If you wish to unsubscribe, set vacation,, request a digest or carry out routine maintenance on your subscription to the list then go to:

http://www.bcab.org.uk/mailing-list.html

Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word faqin the subject line. You'll receive an email with advice on managing your subscription to the list.

If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx

***  BCAB List administration ***

If you wish to unsubscribe, set vacation,, request a digest or carry out 
routine maintenance on your subscription to the list then go to:
http://www.bcab.org.uk/mailing-list.html

Alternatively, send an email to bcab-request@xxxxxxxxxxxxx with the word faqin 
the subject line. You'll receive an email with advice on managing your 
subscription to the list.

If you wish to discuss the administration of the list then contact:
bcab-moderators@xxxxxxxxxxxxx

• Follow-Ups:
  • [bcab] Re: malware I can't find
    • From: Graham Page

• References:
  • [bcab] malware I can't find
    • From: Graham Page
  • [bcab] Re: malware I can't find
    • From: Dj Paddy
  • [bcab] Re: malware I can't find
    • From: Graham Page

Other related posts:

• » [bcab] malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find
• » [bcab] Re: malware I can't find

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription