Windows 10: More Nefarious Strain of Zacinlo Malware Infecting Windows 10 Machines Solved

Page 1 of 2 12 LastLast
  1.    20 Jun 2018 #1

    More Nefarious Strain of Zacinlo Malware Infecting Windows 10 Machines


    Revamped Zacinlo Malware Poses More Serious Threat to Windows 10 PCs, antivirus, anti-malware, Malwarebytes, Symantec

    Re-designed to specifically target W10 machines
    Installs low-level Rootkit
    Disables AV
    Uploads info to C&C server
    Serves ads
    Runs a UI-free browser secretly in the background
    Sets up MIM attacks

    Kujawa said that Zacinlo needs to be taken seriously. “Despite it’s seemingly benign threat to users, Zacinlo and other similar threats, contain the ability to install additional malware on the system.”
    Currently the best known means of transmitting the Zacinlo malware is as part of the payload for a fake VPN package. The package looks like a VPN client, but doesn’t actually do anything except install the malware. However, there are likely other means of spreading this malware beyond the fake VPN.
    Once it’s installed in your system, Zacinlo is nearly impossible to detect, but fortunately, it takes a little while for that to happen. “Malwarebytes can detect and remove the adware (adware.5hex) threat once identified, however, this particular malware updates itself so frequently and keeps such a close eye on how security solutions are stopping it, that being able to ensure identification and removal of the rootkit at any time is difficult to promise, especially once the rootkit has been had time to ‘dig in’ to the system.”
      My ComputerSystem Spec

  2.    05 Jul 2018 #2

    Reply to Thread


    up until now, i have not had any experiences with malware that was not addressed. however, recently i was stung severely and as yet I have not been able to cleanup and move on.... the following describes my dilemma, perhaps you can help. Some of the symptoms I had and have are similar to your post narrative.

    Issue:
    Windows 10x64 b:1803After the latest MS Updates (june 2018) to W10 (MS not to blame) I noticed strange W10x64 behavior in the 'Windows Defender Security Center (WDSC): namely the Virus and Protection Section; Threat History, Threat Protection Settings, and Virus and Threat Protection Updates.The WDSC categories indicated: 1)my latest WDMW scan signature was not current; 2) the OFFLINE SCAN function failed to work, and 3) the latest Windows Protection updates were not being updated. - I also noticed after booting thru the Update/Security Settings that "Advanced Options" was missing from the "Recovery Options".- Each boot drive option (SSD,DVD,USB) in UEFI failed to load Windows Safe Mode. - The end result is a system that will not boot into Windows or Window safe mode.- At the present time, I am only able to boot in to the UEFI and the blue pages of Recovery Option. But none of the offerings have even dented the issue.- I have seen no clue as to the source of the destruction.- I need, but have not yet found, an Offline virus or anti malware program that I can boot and Run from a DVD or USB in UEFI and might remove the malware.I am lost and stuck after much work and lots of time.... What can I do now....? Any suggestions or information?thank you -
      My ComputerSystem Spec

  3. Clintlgm's Avatar
    Posts : 820
    Win 10 pro Upgraded from 8.1
       05 Jul 2018 #3
      My ComputersSystem Spec


  4. Posts : 921
    Windows 10 Home x64 and Pro x86
       06 Jul 2018 #4

    BigFatBoy said: View Post
    I need, but have not yet found, an Offline virus or anti malware program that I can boot and Run
    Windows Defender Offline [separate downloadable tool] - Windows Help

    Denis
      My ComputerSystem Spec

  5.    06 Jul 2018 #5

    BigFatBoy said: View Post
    up until now, i have not had any experiences with malware that was not addressed. however, recently i was stung severely and as yet I have not been able to cleanup and move on.... the following describes my dilemma, perhaps you can help. Some of the symptoms I had and have are similar to your post narrative.

    Issue:
    Windows 10x64 b:1803After the latest MS Updates (june 2018) to W10 (MS not to blame) I noticed strange W10x64 behavior in the 'Windows Defender Security Center (WDSC): namely the Virus and Protection Section; Threat History, Threat Protection Settings, and Virus and Threat Protection Updates.The WDSC categories indicated: 1)my latest WDMW scan signature was not current; 2) the OFFLINE SCAN function failed to work, and 3) the latest Windows Protection updates were not being updated. - I also noticed after booting thru the Update/Security Settings that "Advanced Options" was missing from the "Recovery Options".- Each boot drive option (SSD,DVD,USB) in UEFI failed to load Windows Safe Mode. - The end result is a system that will not boot into Windows or Window safe mode.- At the present time, I am only able to boot in to the UEFI and the blue pages of Recovery Option. But none of the offerings have even dented the issue.- I have seen no clue as to the source of the destruction.- I need, but have not yet found, an Offline virus or anti malware program that I can boot and Run from a DVD or USB in UEFI and might remove the malware.I am lost and stuck after much work and lots of time.... What can I do now....? Any suggestions or information?thank you -
    Hi.
    You could boot your system to Kyhi's custom recovery media, connect to the internet, open Malwarebytes Antimalware, update the virus definitions, and run a scan of your OS drive, being sure to select "rootkit" in the MBAM options. Then, open Macrium Reflect and select the option to "fixboot".
    Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums
    .
      My ComputerSystem Spec

  6.    07 Jul 2018 #6

    simrick...

    my first post to your thread was not my attempt to kidnap your input.. I thought I said something about that in my first post but apparently i did not. My apologies, since i could find "EDIT" on my post, I am commenting here....
      My ComputerSystem Spec

  7.    07 Jul 2018 #7

    Simrick.....
    your reply to me- where can I find Kyhi's custom recovery media ???

    thanks
    bfb
      My ComputerSystem Spec

  8. Clintlgm's Avatar
    Posts : 820
    Win 10 pro Upgraded from 8.1
       07 Jul 2018 #8

    BigFatBoy said: View Post
    Simrick.....
    your reply to me- where can I find Kyhi's custom recovery media ???

    thanks
    bfb
    Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums
      My ComputersSystem Spec

  9.    07 Jul 2018 #9

    BigFatBoy said: View Post
    simrick...

    my first post to your thread was not my attempt to kidnap your input.. I thought I said something about that in my first post but apparently i did not. My apologies, since i could find "EDIT" on my post, I am commenting here....
    No problem at all.
    BigFatBoy said: View Post
    Simrick.....
    your reply to me- where can I find Kyhi's custom recovery media ???

    thanks
    bfb
    I linked it in my reply. Clintlgm also linked it for you. Good luck. Let us know if you need any more help.
      My ComputerSystem Spec

  10.    08 Jul 2018 #10

    Reply to Simrick: Your POST No.5


    In your post [no.5] you said the following:"You could boot your system to Kyhi's custom recovery media, connect to the internet, open Malwarebytes Anti-malware, update the virus definitions, and run a scan of your OS drive, being sure to select "rootkit" in the MBAM options. Then, open Macrium Reflect and select the option to "fixboot"."I downloaded Kyhi's Recovery Media from: Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums. The file was in an .ISO format that I saved on this computer's DATA drive. After downloading, I mounted the file to open its content. Kyhi's narrative for the Application stated: 'You would have to download the ISO and then burn it to USB or CD to create a bootable WinPE disk.' Simple, I can do that. Q:After I boot the Application on the 'infected computer' (a PC that can not run W10 loaded originally on its SSD as partition C:\ ), can I do all the tasks outlined above from within Kyhi's rescue Application?Q: IF everything went well in each and every Task above, the infected PC should boot on its own from the now repaired W10 install. Is this correct?I want to make sure I am doing what is required; and I am as tired as an Old Lost Dog and need to double check and double check again before I take my next step.....thanks again for your continuing support with this issue....bfb @tenforums.com
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Every...i mean every anti malware blocked by unknown malware/virus in AntiVirus, Firewalls and System Security
i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on 1. the PC got infected on windows defenders watch, the infection...
Just when you thought ransomware couldn't get any nastier :shock: New ransomware lets you decrypt your files — by infecting other users | ZDNet
Sometimes when i play a really intensive game on my system it crashes with a error code of non correctable. also whenever i shutdown, sleep, or restart the pc hangs/crashes and then restarts, when this happens i get a nonpaged error. This problem...
Warning: Latest Petya Ransomware Strain Comes with a Failsafe: Mischa 79958 See also here: https://www.tenforums.com/windows-10-news/50417-warning-latest-petya-ransomware-strain-comes-failsafe-mischa.html
Latest Petya Ransomware Strain Comes with a Failsafe: Mischa 79957 Read more: https://threatpost.com/latest-petya-ransomware-strain-comes-with-a-failsafe-mischa/118072/
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 21:03.
Find Us