More Nefarious Strain of Zacinlo Malware Infecting Windows 10 Machines

Page 1 of 2 12 LastLast
  1. simrick's Avatar
    Posts : 15,923
    W10Prox64
       #1

    More Nefarious Strain of Zacinlo Malware Infecting Windows 10 Machines


    Revamped Zacinlo Malware Poses More Serious Threat to Windows 10 PCs, antivirus, anti-malware, Malwarebytes, Symantec

    Re-designed to specifically target W10 machines
    Installs low-level Rootkit
    Disables AV
    Uploads info to C&C server
    Serves ads
    Runs a UI-free browser secretly in the background
    Sets up MIM attacks

    Kujawa said that Zacinlo needs to be taken seriously. “Despite it’s seemingly benign threat to users, Zacinlo and other similar threats, contain the ability to install additional malware on the system.”
    Currently the best known means of transmitting the Zacinlo malware is as part of the payload for a fake VPN package. The package looks like a VPN client, but doesn’t actually do anything except install the malware. However, there are likely other means of spreading this malware beyond the fake VPN.
    Once it’s installed in your system, Zacinlo is nearly impossible to detect, but fortunately, it takes a little while for that to happen. “Malwarebytes can detect and remove the adware (adware.5hex) threat once identified, however, this particular malware updates itself so frequently and keeps such a close eye on how security solutions are stopping it, that being able to ensure identification and removal of the rootkit at any time is difficult to promise, especially once the rootkit has been had time to ‘dig in’ to the system.”
      My Computer

  2. BigFatBoy's Avatar
    Posts : 24
    W10x64 - v.1909 Build 18363.592
       #2

    Reply to Thread


    up until now, i have not had any experiences with malware that was not addressed. however, recently i was stung severely and as yet I have not been able to cleanup and move on.... the following describes my dilemma, perhaps you can help. Some of the symptoms I had and have are similar to your post narrative.

    Issue:
    Windows 10x64 b:1803After the latest MS Updates (june 2018) to W10 (MS not to blame) I noticed strange W10x64 behavior in the 'Windows Defender Security Center (WDSC): namely the Virus and Protection Section; Threat History, Threat Protection Settings, and Virus and Threat Protection Updates.The WDSC categories indicated: 1)my latest WDMW scan signature was not current; 2) the OFFLINE SCAN function failed to work, and 3) the latest Windows Protection updates were not being updated. - I also noticed after booting thru the Update/Security Settings that "Advanced Options" was missing from the "Recovery Options".- Each boot drive option (SSD,DVD,USB) in UEFI failed to load Windows Safe Mode. - The end result is a system that will not boot into Windows or Window safe mode.- At the present time, I am only able to boot in to the UEFI and the blue pages of Recovery Option. But none of the offerings have even dented the issue.- I have seen no clue as to the source of the destruction.- I need, but have not yet found, an Offline virus or anti malware program that I can boot and Run from a DVD or USB in UEFI and might remove the malware.I am lost and stuck after much work and lots of time.... What can I do now....? Any suggestions or information?thank you -
      My Computer

  3. Clintlgm's Avatar
    Posts : 1,037
    Win 10 pro Upgraded from 8.1
       #3
      My Computers

  4. Try3's Avatar
    Posts : 4,390
    Windows 10 Home x64 Version 1909 Build 18363.778
       #4

    BigFatBoy said:
    I need, but have not yet found, an Offline virus or anti malware program that I can boot and Run
    Windows Defender Offline [separate downloadable tool] - Windows Help

    Denis
      My Computer

  5. simrick's Avatar
    Posts : 15,923
    W10Prox64
    Thread Starter
       #5

    BigFatBoy said:
    up until now, i have not had any experiences with malware that was not addressed. however, recently i was stung severely and as yet I have not been able to cleanup and move on.... the following describes my dilemma, perhaps you can help. Some of the symptoms I had and have are similar to your post narrative.

    Issue:
    Windows 10x64 b:1803After the latest MS Updates (june 2018) to W10 (MS not to blame) I noticed strange W10x64 behavior in the 'Windows Defender Security Center (WDSC): namely the Virus and Protection Section; Threat History, Threat Protection Settings, and Virus and Threat Protection Updates.The WDSC categories indicated: 1)my latest WDMW scan signature was not current; 2) the OFFLINE SCAN function failed to work, and 3) the latest Windows Protection updates were not being updated. - I also noticed after booting thru the Update/Security Settings that "Advanced Options" was missing from the "Recovery Options".- Each boot drive option (SSD,DVD,USB) in UEFI failed to load Windows Safe Mode. - The end result is a system that will not boot into Windows or Window safe mode.- At the present time, I am only able to boot in to the UEFI and the blue pages of Recovery Option. But none of the offerings have even dented the issue.- I have seen no clue as to the source of the destruction.- I need, but have not yet found, an Offline virus or anti malware program that I can boot and Run from a DVD or USB in UEFI and might remove the malware.I am lost and stuck after much work and lots of time.... What can I do now....? Any suggestions or information?thank you -
    Hi.
    You could boot your system to Kyhi's custom recovery media, connect to the internet, open Malwarebytes Antimalware, update the virus definitions, and run a scan of your OS drive, being sure to select "rootkit" in the MBAM options. Then, open Macrium Reflect and select the option to "fixboot".
    Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums
    .
      My Computer

  6. BigFatBoy's Avatar
    Posts : 24
    W10x64 - v.1909 Build 18363.592
       #6

    simrick...

    my first post to your thread was not my attempt to kidnap your input.. I thought I said something about that in my first post but apparently i did not. My apologies, since i could find "EDIT" on my post, I am commenting here....
      My Computer


  7. BigFatBoy's Avatar
    Posts : 24
    W10x64 - v.1909 Build 18363.592
       #7

    Simrick.....
    your reply to me- where can I find Kyhi's custom recovery media ???

    thanks
    bfb
      My Computer

  8. Clintlgm's Avatar
    Posts : 1,037
    Win 10 pro Upgraded from 8.1
       #8

    BigFatBoy said:
    Simrick.....
    your reply to me- where can I find Kyhi's custom recovery media ???

    thanks
    bfb
    Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums
      My Computers

  9. simrick's Avatar
    Posts : 15,923
    W10Prox64
    Thread Starter
       #9

    BigFatBoy said:
    simrick...

    my first post to your thread was not my attempt to kidnap your input.. I thought I said something about that in my first post but apparently i did not. My apologies, since i could find "EDIT" on my post, I am commenting here....
    No problem at all.
    BigFatBoy said:
    Simrick.....
    your reply to me- where can I find Kyhi's custom recovery media ???

    thanks
    bfb
    I linked it in my reply. Clintlgm also linked it for you. Good luck. Let us know if you need any more help.
      My Computer

  10. BigFatBoy's Avatar
    Posts : 24
    W10x64 - v.1909 Build 18363.592
       #10

    Reply to Simrick: Your POST No.5


    In your post [no.5] you said the following:"You could boot your system to Kyhi's custom recovery media, connect to the internet, open Malwarebytes Anti-malware, update the virus definitions, and run a scan of your OS drive, being sure to select "rootkit" in the MBAM options. Then, open Macrium Reflect and select the option to "fixboot"."I downloaded Kyhi's Recovery Media from: Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums. The file was in an .ISO format that I saved on this computer's DATA drive. After downloading, I mounted the file to open its content. Kyhi's narrative for the Application stated: 'You would have to download the ISO and then burn it to USB or CD to create a bootable WinPE disk.' Simple, I can do that. Q:After I boot the Application on the 'infected computer' (a PC that can not run W10 loaded originally on its SSD as partition C:\ ), can I do all the tasks outlined above from within Kyhi's rescue Application?Q: IF everything went well in each and every Task above, the infected PC should boot on its own from the now repaired W10 install. Is this correct?I want to make sure I am doing what is required; and I am as tired as an Old Lost Dog and need to double check and double check again before I take my next step.....thanks again for your continuing support with this issue....bfb @tenforums.com
      My Computer


 

Related Threads
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:26.
Find Us




Windows 10 Forums