PDA

View Full Version : Wincod Trojan driving me nuts, whats the fix?


Can'thavenuthingood
10-29-2009, 6:50 PM
So in all the time I have been shopping around for shirts, shirt designs, printers and fabric designers I have finally been infected. About the same time I performed a Windows update at the Microsoft site, got a bunch of the Security updates.
Don't know where it came from but its here and won't let go. Everything is huge on the monitor and popups are frequent. Popups say my audio codecs are destroyed and I need to fix them by going to Wincodec Pro (http://wincodec.net/purchase.php?id=2) and buying the software.

It appears to be the Wincodec Trojan from what I have read.

I downloaded ParetoLogic (http://www.paretologic.com/products/paretologicas/index.aspx) since they said they find it and remove it to which I claim BS, its still in there.

I also downloaded Dr. Spyware (http://www.pctools.com/spyware-doctor/) and it too has failed miserably.

I have gone into the regedit for manual removal but the file path given for removal/deletion is incorrect for what I see in my file path. This from several sources.

My machine is an Acer S220, WIN XP Pro SP3.

Anyone come up with a way to get rid of this critter?

Vick

Cokebottle
10-29-2009, 6:55 PM
Spybot S&D, Lavasoft Adaware, and AVG are what I use.
Never had a problem, and I am not careful where I surf.

the_natterjack
10-29-2009, 7:20 PM
Boot into safe mode by hitting F8 when starting up.

Run your favorite anti-virus, I'm currently running Microsoft security essentials.

Reboot and go back to work.

Brian

justaguy
10-29-2009, 7:38 PM
Malwarebytes Anti-malware.
Google it. It has always worked for me on stubborn cases that are resistant to the usual removal tools.

dubious
10-29-2009, 7:57 PM
Serious, I'm an uber techie professional, GET Avast! It has made my life virus free for years now. This is by far the best anti virus software. I've tried it all.

darkshier
10-29-2009, 8:38 PM
I have been using Microsoft Security Essentials for only 2 days now, but it seems to be a pretty solid anti-malware piece of software. As Dubious said, AVAST kicks *** and is FREE! Either way, try them out and do a full scan on your system. However sometimes even if the program says that it "cleaned" the problem out, it isn't always the case. Sometime you have to go whole hog and just reformat the affected drive and re-install windows.

GameAPBT
10-29-2009, 9:05 PM
Malwarebytes Anti-malware.
Google it. It has always worked for me on stubborn cases that are resistant to the usual removal tools.

Malwarebytes is a great program. If this doesn't work, then you might have a rootkit trojan and you will need a rootkit remover. Unhackme is a great one to use.

Someoneelseok
10-30-2009, 3:16 PM
ComboFix is effective against rootkits and some of the stickier malware/spywares.

http://www.combofix.org/

Can'thavenuthingood
11-01-2009, 5:32 AM
Trojan still active and slowing down the machine.
Task manager has been disabled by this critter and it now appears Control Panel is affected.

UnHackme has been downloaded and used a few times. Working with Tech support sending bootlogs etc.

I'm on the verge or reformatting.

Going to try Combofix now.

Vick

darkshier
11-01-2009, 9:19 AM
Sounds like your going to have to reformat...:(

Can'thavenuthingood
11-02-2009, 7:28 PM
Can't believe we're 10 posts in and someone hasn't mentioned Linux.
www.ubuntu.com (http://www.ubuntu.com)

I've looked at your link. Are there system requirements?

I have an old Futjitsu laptop, I think a DX4. It was bought on the cusp of the WIN 95 transition to WIN 98. With all the Windows in there it got quite slow and was thinking awhile back about trying Linux in it.

Ubuntu shows 700MB worth of stuff on the CD. That includes everything I think. I already use Open Office and Firefox.

By the way, my Wincod trojan problem seems to have been somewhat wounded. While the screen is still going to huge the popups have stopped.

A side benefit is I can sit way back from the screen now:)

Vick

Digital_Boy
11-10-2009, 8:25 AM
Nuke and pave.

1JimMarch
11-10-2009, 8:08 PM
Ubuntu has very light system requirements for something at LEAST as full-featured as XP and in some ways gives Vista/7 a run for it's money. It'll run respectably well in 512megs RAM and a 20gig HD. If you have less RAM, you might want to use one of the less memory-intense graphical user interfaces.

OK...this will seem weird to a Windows user, but...Linux isn't monolithic. In other words, if you don't like one particular "module" of the operating system, you can replace it with another. "Linux" itself is the "kernel". "Ubuntu" is a complete "kit" containing the Linux kernel, the Gnome graphical user interface, and a whole ton more.

"Gnome" is the user interface. If you don't like it, or you want something that looks different, there's "Kubuntu" - meaning it's got KDE in it, the other full-featured user interface besides Gnome.

Here's what a fully pimped-out Gnome desktop looks like on decent hardware (still less than $500 worth of *laptop* bought new today can pull this stuff off):

http://www.youtube.com/watch?v=_ImW0-MgR8I

Then if your machine has less power or you want something that runs faster, there's the XFCE user interface, and Ubuntu with that is Xubuntu. See the pattern?

So let's say you install Xubuntu, downloaded from:

http://www.xubuntu.org/

And you find XFCE to be a bit of a drag. No problem. Open a terminal window (Linux equivelent to a "DOS prompt") and type one of the following in bold:

sudo apt-get install kubuntu-desktop (installs KDE)

sudo apt-get install ubuntu-desktop (installs Gnome)

sudo apt-get install Lubuntu-desktop (installs LXDE, an even sleeker speedster than XFCE)

sudo apt-get install xubuntu-desktop (installs XFCE if you started with something else)

(In these commands, "sudo" means "do this command as the administrator" and it asks for your password, "apt-get" means access the software installer system, "install" is obvious, and whatever after that is whatever you're installing. It could be any number of things, and if you want multiple things installed separate 'em by spaces. There are other easier ways to install applications through menus but when installing a major combination of packages like these whole user interfaces, it's best to go "old school" at the command line.)

Once a different user interface is loaded in, when you do a normal shutdown/restart and get to the place where you login under your own name, you can change to a different "session" in a little menu. You can pick and choose at this point which complete graphical user interface you want to use right then.

LXDE/Lubuntu is particularly well suited for older/creaky hardware. On older hardware I would start with the Xubuntu installer and add lubuntu-desktop manually as described.

It gets better.

Let's say a particular graphical user interface breaks on you, or you break it :). You screw it up to a point where it's unusable. If you started with, say, Gnome (standard Ubuntu) but you also loaded LXDE, if you manage to screw up Gnome just tap the power button briefly, it will do a normal shutdown, on startup pick the LXDE session, you now have a working machine, full Internet access, web browser works, etc. Go online, get help fixing Gnome :). Do so, reboot, go back into Gnome. Can't figure out how to fix Gnome? Arright, no sweat, at least you can back up your /home directory with all your stuff in it to an external disk, reinstall Ubuntu or one of it's variants, reload your /home dir, good to go.

You flat won't believe how cool this stuff it. I repeat: the whole graphical user interface can go belly-up dead as a doornail and you're only a reboot away from swapping in a whole 'nuther one. Instantly.

If MS-Windows was a zombie in George Romero flick, it wouldn't be very scary. Shoot it in the big toe and it'll go "OW OW OW" and collapse. It's monolithic. In Linux was a zombie it would be one scary MFer - blast big chunks out, the rest will keep going or be instantly replaced.

Yeah.

See, in the Linux world, it's perfectly OK to build your own derivative of somebody else's project, tweaked (or twisted) in whatever way you want. The only rule is, if you tweak it and pass it along, you also have to pass along HOW you tweaked it by releasing the full source code...teaching others along the way. So you get real computer science going on. With Windows, and Microsoft holding everything secret, everybody else is just guessing as to what's up inside the OS...so instead of computer science, you get computer voodoo.

Which is why you're constantly tearing your hair out making it all work.

I haven't booted Windows on any computer I own since Sept. 2006. NO REGRETS. Sure as hell cured the rootkit virus in XP I spent three days chasing before taking the plunge with no Unix-family experience whatsoever.

OK, here's a funny for ya.

Sometimes tweaks to a Linux system don't happen for technical reasons, they happen for other reasons. For example, there's a complete variant of Ubuntu out there with included bible study tools and a porn filter. It's called "Ubuntu Christian Edition". Yeah, really - google it. So that concept got copied - Ubuntu Islamic Edition has an even more stringent porn filter, there's a Hindu variant, etc.

So somebody parodied all that and put together:

http://ubuntusatanic.org/ (NOT SAFE FOR WORK!!!)

...complete with porn INDEX.

:D

What else...

Linux is what would happen if the geeks were in charge, with no "adult supervision" in the form of marketing departments, managers, etc. So you get...weird stuff. It works, works great, but...

Example: names. Each Ubuntu version has a number based on year.month of release. I'm running 9.10, just shy of a month old since official release. It's code name is "Karmic Koala". Before that was 9.04 Jaunty Jackalope, 8.10 Intrepid Ibex, 8.04 Hardy Heron, etc. going back to the original (Warty Warthog, which was a warning since it was brand new...)

So it's a slightly funky ride but by GOD it feels good to be totally free of the clutches of both Billy Gates and company plus the various idiotic half-geek nephews of Ukranian mobsters who write the sort of malware you're dealing with.

At it's core, Linux is a cousin to the latest Mac OSes, both part of the Unix family tree with real security and stability built in. It's impossible to overstate how much better both are over Windows. The main difference is, the Mac is more polished in some ways but needs expensive hardware to run on. Linux is FAR more flexible, runs on dirt-cheap PC hardware and the cost can't be beat ($0).