Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Trojan Issue UltimateDefender  (Read 48923 times)

0 Members and 1 Guest are viewing this topic.

06Honda

    Topic Starter


    Rookie

    Trojan Issue UltimateDefender
    « on: October 26, 2008, 02:17:26 PM »
    While browsing the net yesterday my pc just shutdown and restarted along with tried to auto dial. I disconnected the line before it could dial in (I am on dial-up). After running Zone Alarm AntVirus and Superspyware both of which were last update that same day, I was able to get no infections from either after restarting my pc. The issue I have know is when I attempt to update Zone Alarm or Superspy its won't download and I get an error connect. I attempted to download other programs such as spybot and adaware but it won't let me install them as I get a corrupted file error on both. My ZA & Spyware both scan but cannot update. Thanks for any help.   
    The items located & removed are listed below:
    (1) Backdoor.Win32.UltimateDefender.a
    (2) Backdoor.Win32.Small.girn
    (3) Backdoor.Win32.UltimateDefender.gfs

    evilfantasy

    • Malware Removal Specialist
    • Moderator


    • Genius
    • Calm like a bomb
    • Thanked: 489
    • Experience: Familiar
    • OS: Windows 10
    Re: Trojan Issue UltimateDefender
    « Reply #1 on: October 27, 2008, 01:19:55 PM »

    06Honda

      Topic Starter


      Rookie

      Re: Trojan Issue UltimateDefender
      « Reply #2 on: October 27, 2008, 07:21:18 PM »
      Thanks for the post back. I one problem I have is any programs I download I cannot install them as I get a corrupt file error and any programs I currently have I cannot update them. All of the links in the other area from the link you posted give me " Internet Explorer cannot display the webpage". When I attempt to access the Windowsupdate it gives me the "Internet Explorer cannot display the webpage" as well. When searching in google regardless of what I enter gives me web sites to buy software everytime, really strange may have something to do with the original trojan listed above. I have done these steps so far obtained from the Zonealarm forum:
        Hi!
       
      See below:
       
      NOTE: the steps below works only if you are on the latest versions of ZA (7.0.470.000 or later). If you are not, please update.
      Try to perform a full Antivirus/Antispyware scan but in SAFE MODE WITH NETWORKING.

      1. Disable system restore;
      2. Set ZA antispyware to "Deep inspection scan" under the advanced options on ZA antivirus/antispyware tab (detection);
      3. Reboot in SAFE MODE WITH NETWORKING;
      4. Manual run ZASS (ZA firewall will be OFF but Antivirus/Antispyware will be functional);
      5. Run a full ZA AV/AS scan;
      5. Reboot in Normal Mode
      6. Set ZA antispyware back to recommended settings ("Intelligent quick scan")
      7. Ensable System restore
      Nothing detected as far as malware.

      evilfantasy

      • Malware Removal Specialist
      • Moderator


      • Genius
      • Calm like a bomb
      • Thanked: 489
      • Experience: Familiar
      • OS: Windows 10
      Re: Trojan Issue UltimateDefender
      « Reply #3 on: October 27, 2008, 09:52:00 PM »
      Please print these instructions as they will be needed later when Internet access is not available.
       
      Download SDFix by AndyManchesta and save it to your desktop. http://rapidshare.com/files/157266031/SDFix.exe.html

      When using this tool, you must use the Administrator's account or an account with Administrative rights
      • Double click SDFix.exe and it will extract the files to %systemdrive%
      • (this is the drive that contains the Windows Directory, typically C:\SDFix).
      • DO NOT use it just yet.
      .Reboot your computer in Safe Mode using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".
       
      Open the SDFix folder and double click RunThis.bat to start the script.
      • Type Y to begin the cleanup process.
      • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
      • Press any Key and it will restart the PC.
      • When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
      • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
      • Copy and paste the contents of the results file Report.txt in your next reply.