Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Opened The File Rarpassgen.exe


  • Please log in to reply
5 replies to this topic

#1 Robbiedh

Robbiedh

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 02 October 2008 - 08:11 AM

Hi,

I've opened the file RARpassgen.EXE, it came with a password protected .RAR archive and the readme file which also came with the archive said that you would get the password for the archive by opening RARpassgen.EXE. I didn't trust this so i first scanned RARpassgen.exe with McAfee antivirus, but it said it was clear of any viruses or malicious software, so i opened RARpassgen.EXE anyway. That wasn't so smart. Now i've got all kinds of disturbing pictograms on my desktop like 'gay fetisj.exe' and I had a process called Windowsav.exe running which was never there before. So I think i've got a bad virus but i don't know what i can do about it. I've did a scan already with McAfee after i got infected but it doesn't find anything. Also when I try to delete the file RARpassgen.EXE it gives an error that it cannot be deleted.
Can somebody help me get rid of all this nonsense

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:33 PM

Posted 02 October 2008 - 08:50 AM

Password protected RAR archives bearing Zlob

The practice of using crack or keygen tools is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

If you use those kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, these sites are infested with a smörgåsbord of malware. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note:
-- If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 -koz-

-koz-

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 19 October 2008 - 06:51 AM

You should never trust a single AV scanner. I would suggest when you do not trust a file, you submit the file to an online virusscanner tool such as http://www.virustotal.com ; a free service from Hispasec Sistemas. It scans your submitted file with mulitple (currently 36) AV scanners. Besides that I submit the file to Norman Sandbox ; http://www.norman.com/microsites/nsic/Submit ; this wil execute the file in a quarantined environment and sends back the results to you via email.

Normally you should immediatly delete such files, because they have only one desire, and that is to spread virussen and add your PC to a zombie network.

For the record, AV scanners are not the "Holy Grail" when it comes to protection. Some of the biggest AV companies have disappointing results on the latest modern virusses.

Protect yourself. :thumbsup:

Edited by -koz-, 19 October 2008 - 06:54 AM.


#4 realitycheck1

realitycheck1

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:33 PM

Posted 19 October 2008 - 07:43 AM

The post by "quietman7" is what's commonly referred to as pure "FUD"

Far from being "infested with a smörgåsbord of malware", the overwhelming majority crack, keygen, warez and other pirated software sites DO NOT have any kind of viruses.

The idea that there is "nothing you can do besides reformatting and reinstalling the OS" is idiotic to say the least!

Anyone reading this should be STRONGLY ADVISED that the previous poster is actually trying to sell some software product ("Malwarebytes anti malware" - hmmm... anti malware malware?!) and is doing nothing more than advertising their product.

There are plenty of FREE antivirus products on the internet, just waiting to be downloaded and used, and leave "quietman7"'s crap alone.

Edited by realitycheck1, 19 October 2008 - 07:44 AM.


#5 chrisxa

chrisxa

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Location:Luthien, Draconis Combine
  • Local time:08:33 AM

Posted 19 October 2008 - 07:52 AM

RARpassgen.EXE <-.EXE

a rar have .rar

I suggest running your OS in safe mode and manually delete it, rescan your pc, purge them and do system restore and rescan again.
Beneath wings of darkness, wings of death, I dwell in shadows,
Here I have found a kingdom, here I have found a princess; the princess of darkness.
She's the only one I fear, my princess wrapped in shadows, my princess beloved.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:33 PM

Posted 19 October 2008 - 02:24 PM

Welcome to BC realitycheck1.

Its always a pleasure to greet a new member who can provide such technical advice to our BC community of members needing assistance with malware removal. From your reply, it seems you know quite a bit about this subject so I sincerely hope you don't mind sharing some of that knowledge with those of us eager to learn. First, please tell us about yourself, what experience you have with malware disinfection, and where you perform this invaluable service to assist others like we do here.

Also, please let me address some of the well thought out points you have made. They certainly were thought provoking comments which I have not heard before.

Far from being "infested with a smörgåsbord of malware", the overwhelming majority crack, keygen, warez and other pirated software sites DO NOT have any kind of viruses.

I was not aware of that. Could you please direct me to where you got that information as I am always open to learning something new.

It has always been my understanding that toolbars, dialers, browser hijackers, Trojans and similar malware distribute themselves through warez sites. Not being the expert you appear to be, I can only base my knowledge on information provided by Microsoft, security experts and anti-virus vendors who deal with warez, crack and keygen tools on a daily basis. Below are a few examples where I found information which I tried to share in my warning about this practice.

Warez, or pirated software, while free often comes with an exceptionally high cost in the form of viruses, spyware and more....One of the problems with these sites or the folks that contribute to them is that they often use the lure of free software to get people to download virus and spyware laden versions of those programs. Download one of those and when you install you'll end up with a machine full of malware....

What are Warez? They appear to be free, but are they safe?

Warez, also known as pirated software, has been and continues to be a serious issue for the computer industry. Below are highly recommended reasons not to pirate or download warez.
1. It's illegal
2. One of the most common ways to get computer viruses...

Warez

...the University of Washington study on spyware...adult sites was one of the categories. The other categories were entertainment sites, celebrity, games, kids’ sites, music sites, online news, warez/piracy, screensaver/wallpaper and CNET’s download.com. It’s no surprise to me that warez/piracy sites ranked the highest in downloading spyware...

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...

Bad Web Sites

...For some users, it has become a habit to download software from free trackers. And sometimes they get away with warez or cracked software. In other cases, like this one, the cost of free software might be too high, as these trojans may steal your data.

The Cost of Free $oftware

Crack and keygen tools are often obtain via peer-to-peer (P2P) or file sharing programs which too are a security risk. The reason for this is that file sharing relies on its members giving and gaining unfettered access to computers across the P2P network. This practice can make you vulnerable to data and identity theft, system infection and remote access exploit by attackers who can take control of your computer without your knowledge. Even if you change the risky default settings to a safer configuration, downloading files from an anonymous source increases your exposure to infection because the files you are downloading may actually contain a disguised threat. Many malicious worms and Trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities. In some instances the infection may cause so much damage to your system that recovery is not possible and a Repair Install will NOT help!. In those cases, the only option is to wipe your drive, reformat and reinstall the OS.

Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The best way to eliminate these risks is to avoid using P2P applications. Read P2P Software User Advisories, Risks of File-Sharing Technology and P2P file sharing: Anticipate the risks....

The idea that there is "nothing you can do besides reformatting and reinstalling the OS" is idiotic to say the least!

Security and malware removal experts don't think reformatting is so idiotic but maybe you know more than they do and can enlighten those of us who think otherwise.

"When should I re-format? How should I reinstall?"
"Help: I Got Hacked. Now What Do I Do?"
"Where to draw the line? When to recommend a format and reinstall?"

Anyone reading this should be STRONGLY ADVISED that the previous poster is actually trying to sell some software product ("Malwarebytes anti malware" - hmmm... anti malware malware?!) and is doing nothing more than advertising their product.

MBAM was developed by several well know malware removal security experts to help users who become infected. If you had taken the time to research this product, you would see that many experts recommend using MABM while assisting members with infected computers. It is a very potent and effective tool. The developers do not charge any money for using their program unless you want to register and take advantage of is real-time protection features.

With that said, I am certainly open to any more effective alternatives you may have to offer since your studious reply seems to suggest I should not recommend this program. Perhaps you could even share with us why MABM is not worth using. I know some of the developers involved and would be glad to pass along any recommendations to improve this program.

I am looking forward to another informative reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users