Join the most popular community of UK swingers now
Login

Very techie Q about a possble worm infection......

last reply
9 replies
708 views
1 watcher
0 likes
easy
Sex God
I was very bored tonight so I did my usual once a week maintenance...AdAware, Spybot and AVG scans... All clear. biggrin
Thought I'd be extra vigilant today and do a Trend housecall as well.... only to discover it finds WORM_MUMU.E in my WinRAR files. .... ) :shock: :shock: :shock: :shock:
I go and check out the definition and then head for the registry editor to bomb the little ..... worm.
Check through the registry and I can't find any "phantom" files anywhere where trend say they will be. mad :x :x
So the question is am I infected or not? Or is it the virus scanner mistaking WinRAR files for a virus? I've been doing a lot of downloards (torrents) lately so could it have slipped in on one of those. I've definately not had any dodgy emails for ages (unless you count the 1 from Neilinleeds confused ).
Both my antivirus and windows are current and up to date (auto updates every day).
:? :? :? :?
BTW Trend can't resolve the issue and suggest a manual removeal (as per usual) so I'm stuck at the mo.
Anyone any ideas?
SilkandBigG
Sex God
Did you make sure you disabled system restore before you followed the removal instructions ? Thats really important weve had similar ones.
neilinleeds
Sex God
I've been doing a lot of downloards (torrents) lately so could it have slipped in on one of those.

ha! well you've been downloading porn haven't you. well what do you expect? rolleyes least you got torrents to work? no joy here on that one! :confused:
I've definately not had any dodgy emails for ages (unless you count the 1 from Neilinleeds

oi! :mad: what you doing reading the countess's mails then? it weren't for you matey! :mad: ;)
cheers for the trend link easy. never come across that one. dunno about the worm? sometimes these scanners flag things that ain't really there just to prove how good they are? :confused: if the software flagging it can't remove it, and regedit / regcleaner can't find it, i'd suspect it ain't really there, but don't mind me i'm crap at the whole technoshite ((( TM Jags 2004 ))) thing!
suspect a rar file is being picked up as a worm signature, but i'd delete the entire winrar folder and rescan to be on the safeside and reinstall if that's where it's being flagged?
n x x x ;)
Ice_Pie
Sex God
For worm infections, I recommend Bob Martins, available from all good pet shops and Chinese restaurants.
easy
Sex God
Quote by neilinleeds
ha! well you've been downloading porn haven't you. well what do you expect? rolleyes least you got torrents to work? no joy here on that one! :confused:

Mostly music actually :smug: (the importatnt word there is "mostly"..... redface lol :lol: )
Where are you going for your listings? I can recommend a couple of sites. What's the problem with the torrents?
Quote by neilinleeds
oi! :mad: what you doing reading the countess's mails then? it weren't for you matey! :mad: ;)

Well if ya send it to a computer I usually use what do you expect...... :roll: :P :lol: :lol:
Quote by neilinleeds
cheers for the trend link easy. never come across that one. dunno about the worm? sometimes these scanners flag things that ain't really there just to prove how good they are? :confused: if the software flagging it can't remove it, and regedit / regcleaner can't find it, i'd suspect it ain't really there, but don't mind me i'm crap at the whole technoshite ((( TM Jags 2004 ))) thing!

Yeah that's what I thought as well. Sometimes these scans are a bit touchy about what they detect. Like I say windows is up to date, so I'm guessing the patch is already in to prevent this and AVG is up to date and doesn't find it (then again it's not in their virus library either).
Not so much an auto remove I actually went onto the regedit and tried to find the little sod's crap and found nothing. confused :? :?
Quote by neilinleeds
suspect a rar file is being picked up as a worm signature, but i'd delete the entire winrar folder and rescan to be on the safeside and reinstall if that's where it's being flagged?
n x x x ;)

Well I've deleted the infected file (sent to recycle bin), but if it's a payload type I guess it'll have done the deed and the file will be useless. I've binned it with no problems and WinRAR seems to run ok. dunno
Running another scan now, but Trend does a check for any running worms etc before it actually starts the virus scan and doesn't find anything.
The worrying thing is that I use my PC for banking and shopping, so I've entered my account access and debit crd details into it an this bloody worm has a keystroke logger as well as opening a back door to the system.
I've noticed the computer is running a bit off every now and again, but I've not noticed outlook express or MSN opening by themselves, or any emails being sent without my permission. :dunno: Maybe I'm being paranoid as well as the Trend scan. :lol:
Icey I tried that last time, but they just made my PC throw up a big pile of 1, 0 and carrots ( :? ) all over my carpet, so I won't be doing that again. evil
*UPDATE* the Trend scan's just gone flying past the winrar file without finding anything now. biggrin
neilinleeds
Sex God
Quote by easy
ha! well you've been downloading porn haven't you. well what do you expect? rolleyes least you got torrents to work? no joy here on that one! :confused:

Mostly music actually :smug: (the importatnt word there is "mostly"..... redface lol :lol: )
Where are you going for your listings? I can recommend a couple of sites. What's the problem with the torrents?
ummmmm . . . the main problem, is i simply don't know how to use it! surprisedops: no i reckon it was a firewall thingie. no honest i'm sure it was! :roll:
i'm using eMule, which is good but slow, and winMX, which is fast but crashes the pooter all the bloody time. you could pm me the torrents links if you'd be so kind?
Quote by easy
suspect a rar file is being picked up as a worm signature, but i'd delete the entire winrar folder and rescan to be on the safeside and reinstall if that's where it's being flagged?
n x x x ;)

Well I've deleted the infected file (sent to recycle bin), but if it's a payload type I guess it'll have done the deed and the file will be useless. I've binned it with no problems and WinRAR seems to run ok. dunno
Running another scan now, but Trend does a check for any running worms etc before it actually starts the virus scan and doesn't find anything.
*UPDATE* the Trend scan's just gone flying past the winrar file without finding anything now. biggrin
oooo was i right? :bounce: i was wasn't i? :smug:
neilinleeds - helpful technical type person! :D
JQL
Orgasminator
Easy,
If you hadn't "run" the infected file in the winrar then you should be ok. I would also delete it from your recycle bin as well.
Unknown User
Quote by Ice Pie
For worm infections, I recommend Bob Martins, available from all good pet shops and Chinese restaurants.

rotflmao
Nice one! You beat me to it - I was gonna suggest a vet!
PS - sorry to mock your problem easy rolleyes
Unknown User
adawre 6 prof is good i can send you this in a zip if you want. dj
easy
Sex God
Quote by JQL
Easy,
If you hadn't "run" the infected file in the winrar then you should be ok. I would also delete it from your recycle bin as well.

Hi. I've not run it, but I use WinRAR a lot, so I don't know if that's triggered it. Like I said above I can't find any of the entries in the registry, so all seems well. Hopefully it's bot gone off. biggrin
It's gone from the folder and from the recycle bin as well, so hopefully that's the last of it.
S'ok I live with Countess so I'm used to it now. :shock: lol :lol: :lol: :lol:
Thanks for the help guys. I was 80% sure I didn't have a problem, but I just wanted to make sure I wasn't doing something dumb. :D