Virus, Trojan, Worm? Must Hard Drive be Reformatted? A Puzzle For You!!!

WinXP Home, Dell 8300, DialUpATT, ZoneAlrmv3.7.202, VisualZone, Norton SystemWorks, NAV2003 w/current updates, Sysbot S-D, NO CHAT, MUCH
Internet Website Hopping on seedy locations.  1st:ZoneAlarm mssg "I am
infected w/known malicious program-don't allow it internet Access. (COM Surrogate-DLL Host.exe is a known malicious prgm also known as Nachi or Welchia. My NAV full sys scans never detected this. Ran 2 removers from Symantec site: WBlaster.D & Nachi, nothing found, ran safe mode & regular.
2nd.Noticed many SRVHOST.exe in TaskMgr-Process List. GenerincHost Process for Win 32 were present (2 of them)seen on top of ZoneAlarm & if these were not given access to net via InterExplorer 6.2600 no internet contact possible. One of these always was monitoring Ports b/n # 3400 to 3599. These were always like this. I restrict all on ZoneAlarm, only IExplr6 is direct to the internet as Server. The Spooler SubSystem, Generic Host 32,
LiveUpdate, & Spybot Search-Destroy. ALL WAS OK FOR A WHILE...NEXT
came a delay upon clicking the Desktop Icon, any Icon... I click & no response whatsoever, until apx. 2 minutes pass & then all of those prior clicks appear @ once...(Dozens)...then if I shut all but one, I could use syst.
Next it became worse such that it isn't possible to use computer. I manage to get on w/comp but barely. I have all the Windows Updates installed, run the AV always & keep it current, Sysbot SD daily, no Chatting ever. Today I changed the Icon on a desktop Shortcut via its Properties access and after doing this a new problem began...a rectangular 3" X 4" box kept flashing on & off, it said..."File Download" w/a green bar across center, a globe icon upper left & folder icon upper right. When this flashed on every 1 seond it
would take control of the desktop menu. The Task Manager showed 1 to 2 flashing rectangles & said only "File Download" this went on for 1/2 hr & unit was never online during this. Manual Power Reset & then OK, until I clicked that same desktop short cut, it began again. I deleted the Icon & it continued, until Recycle bin was emptied. I had been told by Dell Tech that maybe too many startup items, msconfig to uncheck most...same prblm w/
delayed icon activation. After this came the flashing FileDownload & we
went into service.msc changes the three "what to do if system fails" to do nothing, also changed something else in there...same problem w/Icons on Desktop & start menu....we used systemrestore in sys tools to reset system to Oct. week back...the oldest date available. It still does same delayd activation of Icons.  I am hoping I can resolve this unknown prblm w/o wiping my hard drive and reinstalling. I am holding off on a major software install (3Gig & 2 complex search engines. NO ONE KNOWS WHAT
ON THE ACTUAL PROBLEM.  I am also concerned that the problem might be from a bit of infested data...jpg, gif, doc, txt, ??? Help????Thanks much!!!! Be advised-tonight I ran another Virus Scan at & this came out clean.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ok it is a long story and it will take longer to troubleshoot, the best and shortest answer will be backing up your files, formatting the HD, reinstall windows and all software and its updates, restore your files, I do this without any hesitation when any OS I use start to show weired stuff


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
I like that answer.   before trying to sort all that out, think of this: Go offnet, Erase all HD, install OS, Install ZoneAlarm, Install all upgrades to OS and patch all the holes. Install applications like Office, and patch all of them. You didn't forget the IE and IRC patches, right? Now if that was done, what are we left with?  OK, add SAV with updated pattern to ready to detect new malwares.

> Be advised-tonight I ran another Virus Scan at & this came out clean.

Why? Oh, I guess that may help if some malware trashed the local AV files. But if you want webscan, why not run Symantec's? (except that it does not manage IE windows well):

Run the online security check on the right hand side of that link

Your comment is quite a runon, you're competing well with me with that. The answer to what happened, is, I think, that you failed to maintain your upgrades to MS wares such as IE and OS.  You probably got hit by at least one if not two malwares, one that trips up you A/V detect, so you'd have to reinstall that, and reinstall ZA, but not until the beast is DOA. You probably got another that exploited IE to maladjust your DNS.  One of the latest also hooked google's engine. Can you use browser to go to google? If not, this is most likely qhosts. Here's the tool for that very popular one:

>  & then all of those prior clicks appear @ once...(Dozens)...then if I shut all but one, I could use syst.

do you think you may have a neighbour who is interested in hacking your system via key trackin and remote control?  Guess what, a lot of them programs are so junky that they don't work and the intruder is caught.  You have to accept that you'll be outted before you should try any of that.
Hard drives do not have to be reformatted, but it is a good practice. I agree with the comments the others have made above.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.