Results 1 to 8 of 8
  1. #1
    3 Star Lounger
    Join Date
    Nov 2001
    Location
    Morganville, New Jersey, USA
    Posts
    318
    Thanks
    25
    Thanked 3 Times in 3 Posts

    Launcher.exe disaster with ZoneAlarm

    Apparently the Lounge logged me off, rejecting a lengthly post when I submitted it (and I was logged in) so I'll keep this briefer.
    I'm on Windows XP (fully updated) and was due to install a new system in the next few days. However, my current pc became sluggish. Today I experienced two incidents which were allegedly ZoneAlarm but may have been fradulent.

    In the first incident I found a ZoneAlarm message similar to what I will describe next. It asked me to close other programs and ask that the uncovered trojan be treated. I was told to expect a reboot, but did not experience one. The error message was "The application or DLL C:WINDOWS\system32\mstm13.dll is not a valid system image. Please check this against your installation diskette."

    I decided to run a full ZoneAlarm system scan, last done about 3 days ago. It stopped about 17% into the scan with a similar error message, but identifying the path as "C:\Program Files\Windows Desktop Search\MSNLNameSpaceMgr.dll" The infestion was said to be in C:\Documents and Settings\Bill\Applicaiton Data\Uniblue\RegistryBooster\_temp\ub.exe" The trojan Launcher.exe was identifies as Trojan-FakeAV.Win32.RegBoster.a [one "o" in Booster] with path C:\ProgramFiles\Uniblue\RegistryBooster\Launcher.e xe .

    HELP!!!

  2. #2
    2 Star Lounger cyberdiva's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    133
    Thanks
    16
    Thanked 6 Times in 6 Posts
    Many people have found Malwarebytes' Anti-Malware to be quite effective in identifying and dealing with all kinds of malware. You might want to download a free copy at http://www.malwarebytes.org/ , install it, and run a full scan. There's also a rather helpful Malwarebytes forum at http://forums.malwarebytes.org// that can help you deal with whatever Malwarebytes may find.

  3. #3
    3 Star Lounger
    Join Date
    Nov 2001
    Location
    Morganville, New Jersey, USA
    Posts
    318
    Thanks
    25
    Thanked 3 Times in 3 Posts
    Thanks for your quick response!

    I have used Malwarebytes a number of times in the past. However, this time I received the following response when I tried to open it: "C:\Program Files\Malbarebytes' Anti-Malware\mbam.exe is not a valid Win32 application." In addition, it restarted the ZoneAlarm scan and said that it treated the previous trojan, ub.exe .

    Very strange.

  4. #4
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Hello globalist,

    Check this Security & Backups thread for a useful guide to cleaning a malware infection from a system.

    You could also check out BleepingComputer.com for tons of helpful tips on cleaning your system.

    Also, the Lounge will log out a logged on member after a time of inactivity (for whatever reason, typing a post is sensed as inactivity). Sometimes, when a post gets to be long, due to the time involved in preparing the post, you will find yourself logged out after you click 'Post Quick Reply'. There are two ways to safeguard the loss of your post. The first is to copy your post if it is a long one, so you can quickly recover your post when you log back in. The second is to use the 'auto-saved - auto-restore' system that is a recent addition to the Lounge. You will periodically notice a yellow tag titled 'auto-saved' appear during the writing of your post.

    When you log back in and return to the thread to which you were posting, you will see a button in the lower left corner of the quick reply box titled 'restore auto-saved content.' Click the button and you will retrieve most if not all of your post.

    Hope this helps.

  5. #5
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    I would try to boot into safe mode to run MalwareBytes and the various tools mentioned in the thread and article Gerald referenced. Many of these nasties are somewhat neutered in safe mode, but do not allow the mentioned tools to function properly in regular mode.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  6. #6
    2 Star Lounger cyberdiva's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    133
    Thanks
    16
    Thanked 6 Times in 6 Posts
    Quote Originally Posted by Deadeye81 View Post
    Hello globalist,
    There are two ways to safeguard the loss of your post. The first is to copy your post if it is a long one, so you can quickly recover your post when you log back in. The second is to use the 'auto-saved - auto-restore' system that is a recent addition to the Lounge. You will periodically notice a yellow tag titled 'auto-saved' appear during the writing of your post.
    I prefer a third way. On Firefox (and I think on IE and perhaps Chrome as well) one can use the Lazarus add-on. I LOVE it! It's great for exactly the kind of situation globalist encountered, where he got logged off the forum. Anytime I lose a connection or find that my message has disappeared for any reason, or I just want a copy of what I posted in anything I've written via Firefox, I just go to my Lazarus add-on. The entire message that I've posted will be there for me to retrieve. Lazarus has become far and away my favorite Firefox add-on. You can find out more and download it at
    http://lazarus.interclue.com/
    .

  7. The Following User Says Thank You to cyberdiva For This Useful Post:

    Deadeye81 (2011-08-17)

  8. #7
    Gold Lounger
    Join Date
    Oct 2007
    Location
    Johnson City, Tennessee, USA
    Posts
    3,202
    Thanks
    37
    Thanked 215 Times in 202 Posts
    Quote Originally Posted by globalist View Post
    Thanks for your quick response!

    I have used Malwarebytes a number of times in the past. However, this time I received the following response when I tried to open it: "C:\Program Files\Malbarebytes' Anti-Malware\mbam.exe is not a valid Win32 application."
    globalist,
    Hello... Sounds like the "Nasty" is stopping Malwarebytes from running...(common trick) You can try renaming malwarebytes.exe to something else.. mwb.exe ,etc. see this article MWB wont run Regards Fred
    PlainFred

    None are so hopelessly enslaved as those who falsely believe they are free (J. W. Von Goethe)

  9. #8
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Great tip, cyberdiva!

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •