PDA

View Full Version : Scumbags



HotelBushranger
06-19-2006, 05:55 AM
Bastards have put a virus on me comp. I've been running AVG and Ad Aware and have gotten rid of most of it, but there's a file or so that has embedded itself in the reg files n I can't get it out. The most annoying that is that it shoves those bloody pop ups over your site! It just did it then too while I was typing http://forums.ubi.com/images/smilies/51.gif Not a happy camper. Right on the middle of me exams too!

HotelBushranger
06-19-2006, 05:55 AM
Bastards have put a virus on me comp. I've been running AVG and Ad Aware and have gotten rid of most of it, but there's a file or so that has embedded itself in the reg files n I can't get it out. The most annoying that is that it shoves those bloody pop ups over your site! It just did it then too while I was typing http://forums.ubi.com/images/smilies/51.gif Not a happy camper. Right on the middle of me exams too!

Bremspropeller
06-19-2006, 07:00 AM
Confucius says:

Never click teh wrong button on a pr0n site. http://forums.ubi.com/images/smilies/winky.gif

Xiolablu3
06-19-2006, 08:58 AM
If its giving you popups its probably a worm.

Get Hijack this, run it and post the log file here, I will see if I can sort it out.

If you dont have much stuff to save, a reformat is a sure way to get rid of it. Good time to spring clean and get all that **** off your comp http://forums.ubi.com/groupee_common/emoticons/icon_wink.gif


Hijack this! :-

http://www.majorgeeks.com/download3155.html

Grue_
06-19-2006, 09:54 AM
Usually the adware trojan will create a file in the c:\windows\system32 directory. It will be a .exe file with an unusual name and will have been created on the day your machine was infected. Make a note of the file name.

Reboot Windows in safe mode.

Go to the system32 folder and delete the file, then create a folder with the same name.

For example, if it is called trojan.exe, create a folder called trojan.exe

This will disable the trojan if you can't find any other way of removing it.

Freelancer-1
06-19-2006, 10:08 AM
Nortons site usully has fixes for these things, but a serious PITA to get rid of.

Save your pennies and get an external backup drive. Then kill System Restore as a lot of nasties will hide in there and reinstall every time you restart.

Sorry I can't help much beyond that.

justflyin
06-19-2006, 10:27 AM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Grue_:
Usually the adware trojan will create a file in the c:\windows\system32 directory. It will be a .exe file with an unusual name and will have been created on the day your machine was infected. Make a note of the file name.

Reboot Windows in safe mode.

Go to the system32 folder and delete the file, then create a folder with the same name.

For example, if it is called trojan.exe, create a folder called trojan.exe

This will disable the trojan if you can't find any other way of removing it. </div></BLOCKQUOTE>

Cool tip, Grue. I recently had to re-install on the family PC due to not being able to fully erradicate one of those. I'll have to try your isolation methods next time.

Oh and given my "click-happy" family, there will most definitely be a next time.

Amazing, you can have every protection in place, but the one thing you can't protect against is your family clicking "OK". lol I should reduce their rights, but then it becomes a PITA to have to do everything for them. At least they are getting more savvy by the month and have greatly reduced the BS they allow on the PC.

@ HB...pr0n pwns joo!!!! http://forums.ubi.com/groupee_common/emoticons/icon_razz.gif

J/K man, I hope you get it sorted quickly.

Grue_
06-19-2006, 11:25 AM
It's a trick I've used loads of times because my customers insist on downloading tripe from the internet and installing it on their computers.

These trojans are getting more and more sophisticated - one I saw the other day disabled task manager, regedit and the services control panel for example.

None of the anti-spyware software is 100% effective, I find Windows Defender to be a reasonable defence and it doesn't bother you with loads of nag messages.

The safest way to browse the internet these days is to create a user on your computer with 'Restricted User' permissions and surf the web as that user.

All those nasty little java scripts lurking on dodgy websites can't install themselves as they can't write to Windows.

Xiolablu3
06-19-2006, 12:23 PM
He doesnt mean he has an 'Adware' trojan.

He said he has used Ad-Aware to try and get rid of it

Ad-Aware is a spyware,trojan remover http://forums.ubi.com/groupee_common/emoticons/icon_wink.gif

B16Enk
06-19-2006, 12:25 PM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">The safest way to browse the internet these days is to create a user on your computer with 'Restricted User' permissions and surf the web as that user. </div></BLOCKQUOTE>

Good sage advise, taking a leaf out of the Unix/Linux book of only using root (admin) when you need to.

Of course that is a PITA too, which is why some clever geezer came up with the 'Browser Appliance'.
This is a virtual machine (virtual PC in fact) that runs within the excellent and free VMWare Player application.

If any one is interested just go to VMWare Player pages (http://www.vmware.com/products/player/), and also the Virtual Appliance pages (http://www.vmware.com/vmtn/appliances/directory/cat/51)

Grue_
06-20-2006, 08:33 AM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">He doesnt mean he has an 'Adware' trojan.

He said he has used Ad-Aware to try and get rid of it

Ad-Aware is a spyware,trojan remover </div></BLOCKQUOTE>

http://en.wikipedia.org/wiki/Adware http://forums.ubi.com/images/smilies/16x16_smiley-wink.gif

MadRuski
06-20-2006, 09:04 AM
i also have a annoying virus on my comp...after my teenage brother came over one weekend and decided that it would be ookay to look up pr0n with his best friend....now iam stuck with pr0n popups that come up wen iam working or playing a game..but a good re-format is needed on my comp anyway, to much sh*t on it

justflyin
06-20-2006, 09:29 AM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Grue_:
It's a trick I've used loads of times because my customers insist on downloading tripe from the internet and installing it on their computers.

These trojans are getting more and more sophisticated - one I saw the other day disabled task manager, regedit and the services control panel for example.

None of the anti-spyware software is 100% effective, I find Windows Defender to be a reasonable defence and it doesn't bother you with loads of nag messages.

The safest way to browse the internet these days is to create a user on your computer with 'Restricted User' permissions and surf the web as that user.

All those nasty little java scripts lurking on dodgy websites can't install themselves as they can't write to Windows. </div></BLOCKQUOTE>

Good stuff, Grue. Thanks.

Xiolablu3
06-20-2006, 09:43 AM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by Grue_:
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">He doesnt mean he has an 'Adware' trojan.

He said he has used Ad-Aware to try and get rid of it

Ad-Aware is a spyware,trojan remover </div></BLOCKQUOTE>

http://en.wikipedia.org/wiki/Adware http://forums.ubi.com/images/smilies/16x16_smiley-wink.gif </div></BLOCKQUOTE>

I know what adware is http://forums.ubi.com/groupee_common/emoticons/icon_smile.gif I was just saying that he hasnt said anything about adware. He said he used Ad- Aware to try and get rid of it

http://www.lavasoft.de/software/adaware/
http://forums.ubi.com/groupee_common/emoticons/icon_wink.gif

Grue_
06-20-2006, 10:38 AM
Let's have a pint and call it quits http://forums.ubi.com/images/smilies/16x16_smiley-happy.gif

LStarosta
06-20-2006, 10:43 AM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by MadRuski:
i also have a annoying virus on my comp...after my teenage brother came over one weekend and decided that it would be ookay to look up pr0n with his best friend....now iam stuck with pr0n popups that come up wen iam working or playing a game..but a good re-format is needed on my comp anyway, to much sh*t on it </div></BLOCKQUOTE>

Hope you Lysoled the mouse and keyboard.

Pirschjaeger
06-20-2006, 10:43 AM
In my experience, nothing fixes worms or viruses better than formatting and reinstalling the OS.

When you fight your opponant you stand the chance of losing. Just kill'em. http://forums.ubi.com/images/smilies/shady.gif

BTW, Windows installation was designed with cold beer in mind. Depending on your rig, you got 1 hour to reinstall.

Prost!

Werre_Fsck
06-20-2006, 11:03 AM
Roses are red,
LW guys flew blue,
PC is for gaming,
while Windows BLOWS MOULDY CHIMPANZEE BALLS.

Backup early, backup often.
Get a Mac or use Unix for real work.
You'll live longer (stress shortens lifespan).

Werre_Fsck
06-20-2006, 11:06 AM
<BLOCKQUOTE class="ip-ubbcode-quote"><div class="ip-ubbcode-quote-title">quote:</div><div class="ip-ubbcode-quote-content">Originally posted by B16Enk:
[QUOTE]
This is a virtual machine (virtual PC in fact) that runs within the excellent and free VMWare Player application.
</div></BLOCKQUOTE>

I wholeheartedly agree. Running Windows in virtual machine, while not suitable for gaming, actually becomes semi-tolerable:
- every change can be undoed
- the virtual hardware never changes
- easy to backup
- easy to make snapshots along the say
Restoring from some catastrophic OOPS takes under 10 seconds...