Full Version: Best Virus And Trojan Spotting/destroying Software?
i think i have a virus! i need a link to a good piece of kit thats free. hurry please!!
AVT from www.download.com
Quick, simple and best of all absolutely free. Never had a problem with it since switching from Norton 2 years ago.
Peace
Sam Semillia
Quick, simple and best of all absolutely free. Never had a problem with it since switching from Norton 2 years ago.
Peace
Sam Semillia
QUOTE(Sam Semillia @ Feb 1 2008, 01:54 PM) 
AVT from www.download.com
Quick, simple and best of all absolutely free. Never had a problem with it since switching from Norton 2 years ago.
Peace
Sam Semillia
Quick, simple and best of all absolutely free. Never had a problem with it since switching from Norton 2 years ago.
Peace
Sam Semillia
thanx bro
AVG free edition, comodo firewall, windows defender and spybot
careful though if you think you have one already..because i've recently had a virus that when you install new anti virus software it fools them into thinking theirs no virus or it wont let you install the anti virus programs properly!
careful now..
careful now..
If you can do CTRL-ALT-DEL and see the process list in the Task Manager, you can be pretty certain you don't have much wrong.
It's a good habit to get into - like using your handbrake in case the main brakes fail
Thereafter there are a few bits of malware - mostly based around "MyWebSearch" - or "Lop" that may hide in some of those processes ...
It's a good habit to get into - like using your handbrake in case the main brakes fail
Thereafter there are a few bits of malware - mostly based around "MyWebSearch" - or "Lop" that may hide in some of those processes ...
Also make sure you turn off windows restore otherwise your virus will lurk in there ready to reappear after you think you've nailed it with your anti-virus prog!
Personally my favourite anti virus prog is Nod32, superb prog, not free, unless you look, but worth it.
Personally my favourite anti virus prog is Nod32, superb prog, not free, unless you look, but worth it.
¿Why not try an Ewido Online Scan for malware?
Oh, and use Firefox as you web browser.
¿What are the symptoms you're getting that make you think you're infected, and what anti-virus software are you currently running/have installed?
Oh, and use Firefox as you web browser.
¿What are the symptoms you're getting that make you think you're infected, and what anti-virus software are you currently running/have installed?
okay im really fucked here guys and i need your help, preferably scribble because i trust his knowledge. Let me explain from the beginning, im currently using a 600gb sony viao VGC-RC204 which i upgraded to around 6gb of ram. I've had it for about a year. Im running firefox with no firewalls. Yesterday i downloaded limewire. today half way through downloading what i thought was 'v for vendetta' my computer started to act all weird, slow etc so i came here to find out what to download. I went for AVG Free Edition....the installation was fine but midway through my first search (which located 20trojans and viruses overall) i couldn't open any files, it kept saying i didn't have acess priviledges! So i went to start menu > run and typed in 'cmd' and it sent me to an 'Open With' page!! So i go to control panel > user accounts and it comes up with an error message
C:\WINDOWS\system32\rundll32.exe
Application not found
And now it does this for every application i try to open. Please help!! After the AVG search located 20trojans it didn't do anything it just returned to the main window without deleting the trojans or anything. I think im ready to restore this computer back to its factory settings but i remember trying to do that a few months ago and it didn't let me for some reason i didn't/don't have the CD!
C:\WINDOWS\system32\rundll32.exe
Application not found
And now it does this for every application i try to open. Please help!! After the AVG search located 20trojans it didn't do anything it just returned to the main window without deleting the trojans or anything. I think im ready to restore this computer back to its factory settings but i remember trying to do that a few months ago and it didn't let me for some reason i didn't/don't have the CD!
First of all, you do know that there's absolutely no point in having 6GB of RAM unless you're running a 64-Bit version of XP (or Vi$ta 
) - 32Bit version of OSes like Window$ can only 'see' and use the first 3.5GB of it - the remainder is effectively being wasted. 
¿What version of Window$ are you using, BTW?
Limewire is one of the (if not one of the Top 5) P2P clients out there - it's just chock-full of viruses and malware - not to mention fake files - ¡get rid of that shit!
Do yourself a favour and use BitTorrent for new/big stuff, and something decent eMule eMule Xtreme for the smaller, more obscure stuff, like individual MP3s and eBooks etc.
Right, anyway - ¿could you perform the Ewido online scan at all - if so, what did it say?
You might want to do any further scans with AVG etc in Safe Mode, so that it will be able to delete any files that are currently open which it can't do while they're in use - also make sure that you've downloaded the latest update patches/virus definitions for it.
If the Ewido and/or the Safe Mode scans don't work out for you, you should download and install HijackThis, then run it, and then paste the contents of the logfile it generates into a post in this thread - this way I'll be able to look over it and tell you if anything's amiss, and what to delete - in fact you should do this anyway.
You could always attach the .txt file of the log it generates to your post - IIRC UK420 allows .txt files as attachments - it certainly allows .zip files, so you could ZIP it up and attach it, too.
Don't just go click happy deleting stuff you decide you don't like the look of in HT - you will hose your system more that it might be hosed already - you have been warned.
Tell me how you get on.
) - 32Bit version of OSes like Window$ can only 'see' and use the first 3.5GB of it - the remainder is effectively being wasted. ¿What version of Window$ are you using, BTW?
Limewire is one of the (if not one of the Top 5)
P2P clients out there - it's just chock-full of viruses and malware - not to mention fake files - ¡get rid of that shit!Do yourself a favour and use BitTorrent for new/big stuff, and something decent eMule eMule Xtreme for the smaller, more obscure stuff, like individual MP3s and eBooks etc.
Right, anyway - ¿could you perform the Ewido online scan at all - if so, what did it say?
You might want to do any further scans with AVG etc in Safe Mode, so that it will be able to delete any files that are currently open which it can't do while they're in use - also make sure that you've downloaded the latest update patches/virus definitions for it.
If the Ewido and/or the Safe Mode scans don't work out for you, you should download and install HijackThis, then run it, and then paste the contents of the logfile it generates into a post in this thread - this way I'll be able to look over it and tell you if anything's amiss, and what to delete - in fact you should do this anyway.
You could always attach the .txt file of the log it generates to your post - IIRC UK420 allows .txt files as attachments - it certainly allows .zip files, so you could ZIP it up and attach it, too.
Don't just go click happy deleting stuff you decide you don't like the look of in HT - you will hose your system more that it might be hosed already - you have been warned.
Tell me how you get on.
Sorry for the double-post, but it's just occurred to me - ¡¿you're running Window$ & Limewire without a firewall in place?¡ 
It's a bloody marvel you've made it this long and this far, I tell you.
Even if you're behind a firewalled/NAT router, you should still have a firewall in place - even something free, like Comodo Firewall will serve your needs.
It's a bloody marvel you've made it this long and this far, I tell you.
Even if you're behind a firewalled/NAT router, you should still have a firewall in place - even something free, like Comodo Firewall will serve your needs.
First of all, you do know that there's absolutely no point in having 6GB of RAM unless you're running a 64-Bit version of XP (or Vi$ta ) - 32Bit version of OSes like Window$ can only 'see' and use the first 3.5GB of it - the remainder is effectively being wasted.
I used to have 2gb but upgraded to 4 and then 6 because i've watched so many movies on it. this pc is basically my tv. and yes i think i am running 64-bit, it's plugged into my plasma tv.
¿What version of Window$ are you using, BTW?
xp
Limewire is one of the (if not one of the Top 5) P2P clients out there - it's just chock-full of viruses and malware - not to mention fake files - [b]¡get rid of that shit![/b]
get rid of limewire? i've tried but it won't let me.
Do yourself a favour and use BitTorrent for new/big stuff, and something decent eMule eMule Xtreme for the smaller, more obscure stuff, like individual MP3s and eBooks etc.
yeah i have always used Azureus, but only got limewire to find a few single songs and then got a bit carried away.
Right, anyway - ¿could you perform the Ewido online scan at all - if so, what did it say?
no it said i needed java enabled, when i checked i was enabled so i don't no whats going on!
You might want to do any further scans with AVG etc in [b]Safe Mode, so that it will be able to delete any files that are currently open which it can't do while they're in use - also make sure that you've downloaded the latest update patches/virus definitions for it.
[/b]
how can i go into safe mode?
If the Ewido and/or the Safe Mode scans don't work out for you, you should download and install HijackThis, then run it, and then paste the contents of the logfile it generates into a post in this thread - this way I'll be able to look over it and tell you if anything's amiss, and what to delete - in fact you should do this anyway.
okay i downloaded it onto my desktop, when i go to open it an 'Open With' screen comes up.
[b]Don't just go click happy deleting stuff you decide you don't like the look of in HT - you will hose your system more that it might be hosed already - you have been warned.[/b]
i won't
p.s. i thought i didn't need a firewall as i was using firefox....yes. im a tit.!
) - 32Bit version of OSes like Window$ can only 'see' and use the first 3.5GB of it - the remainder is effectively being wasted. I used to have 2gb but upgraded to 4 and then 6 because i've watched so many movies on it. this pc is basically my tv. and yes i think i am running 64-bit, it's plugged into my plasma tv.
¿What version of Window$ are you using, BTW?
xp
Limewire is one of the (if not one of the Top 5)
P2P clients out there - it's just chock-full of viruses and malware - not to mention fake files - [b]¡get rid of that shit![/b]get rid of limewire? i've tried but it won't let me.
Do yourself a favour and use BitTorrent for new/big stuff, and something decent eMule eMule Xtreme for the smaller, more obscure stuff, like individual MP3s and eBooks etc.
yeah i have always used Azureus, but only got limewire to find a few single songs and then got a bit carried away.
Right, anyway - ¿could you perform the Ewido online scan at all - if so, what did it say?
no it said i needed java enabled, when i checked i was enabled so i don't no whats going on!
You might want to do any further scans with AVG etc in [b]Safe Mode, so that it will be able to delete any files that are currently open which it can't do while they're in use - also make sure that you've downloaded the latest update patches/virus definitions for it.
[/b]
how can i go into safe mode?
If the Ewido and/or the Safe Mode scans don't work out for you, you should download and install HijackThis, then run it, and then paste the contents of the logfile it generates into a post in this thread - this way I'll be able to look over it and tell you if anything's amiss, and what to delete - in fact you should do this anyway.
okay i downloaded it onto my desktop, when i go to open it an 'Open With' screen comes up.
[b]Don't just go click happy deleting stuff you decide you don't like the look of in HT - you will hose your system more that it might be hosed already - you have been warned.
[/b]i won't
p.s. i thought i didn't need a firewall as i was using firefox....yes. im a tit.!
cheers for the heads up scribble... im suffering 2 , and its been about 6 months , reformats followed by more reformats
Something tells me that you're not running the 64-Bit version of XP (it's rare as hen's teeth, and it's a PITA to use - drivers are practically non-existent for it amongst other things I won't get into here. ) - the max RAM that you can actually use is 3.5GB out of the 6GB you have installed.
You still need a firewall in Window$ even if you're using Firefox - Firefox (esp. with Addons like NoScript, FlashBlock and AdBlockPlus) helps keep you safe from all the nasties that Internet Exploder falls for every time and gets your machine 0wn3d by, but the firewall's needed to protect Window$ as a whole.
Aaanyways :-
Download and run this non-Java version of the Ewido scanner.
Hmm - that is if it'll let you - you don't seem to be able to install stuff from what you've said already. (The 'Open With' problem which will be related to the 'missing RUNDLL32.EXE' thing.)
To fix this, try going to Start->Run then type cmd in the box to get a DOS terminal up - in the DOS terminal, type sfc /scannow - this will hopefully repair the missing/corrupt file.
As for booting in Safe Mode - as the computer is booting press and hold your 'F8 Key' which should bring up the 'Windows Advanced Options Menu' as shown below. Use your arrow keys to move to 'Safe Mode' and press your Enter key.
So, you want to select Safe Mode (the top-most option - I know that's not the one highlighted now, but I'm working quickly, so please forgive me) from this screen at startup after you've pressed F8:
If you have trouble getting into Window$ XP Safe mode, like if after several attempts you are unable to get into Safe Mode as the computer is booting into Windows, turn off your computer. When the computer is turned on the next time Windows should notice that the computer did not successfully boot and give you the Safe Mode screen as above.
When in Safe Mode, then run your AVG (and make sure it's up to date first while you're now online).
) - the max RAM that you can actually use is 3.5GB out of the 6GB you have installed. You still need a firewall in Window$ even if you're using Firefox - Firefox (esp. with Addons like NoScript, FlashBlock and AdBlockPlus) helps keep you safe from all the nasties that Internet Exploder falls for every time and gets your machine 0wn3d by, but the firewall's needed to protect Window$ as a whole.
Aaanyways :-
Download and run this non-Java version of the Ewido scanner.
Hmm - that is if it'll let you - you don't seem to be able to install stuff from what you've said already. (The 'Open With' problem which will be related to the 'missing RUNDLL32.EXE' thing.)
To fix this, try going to Start->Run then type cmd in the box to get a DOS terminal up - in the DOS terminal, type sfc /scannow - this will hopefully repair the missing/corrupt file.
As for booting in Safe Mode - as the computer is booting press and hold your 'F8 Key' which should bring up the 'Windows Advanced Options Menu' as shown below. Use your arrow keys to move to 'Safe Mode' and press your Enter key.
So, you want to select Safe Mode (the top-most option - I know that's not the one highlighted now, but I'm working quickly, so please forgive me
) from this screen at startup after you've pressed F8:If you have trouble getting into Window$ XP Safe mode, like if after several attempts you are unable to get into Safe Mode as the computer is booting into Windows, turn off your computer. When the computer is turned on the next time Windows should notice that the computer did not successfully boot and give you the Safe Mode screen as above.
When in Safe Mode, then run your AVG (and make sure it's up to date first while you're now online).
QUOTE(Scribble @ Feb 1 2008, 04:30 PM)
Something tells me that you're not running the 64-Bit version of XP (it's rare as hen's teeth, and it's a PITA to use - drivers are practically non-existent for it amongst other things I won't get into here. ) - the max RAM that you can actually use is 3.5GB out of the 6GB you have installed.
You still need a firewall in Window$ even if you're using Firefox - Firefox (esp. with Addons like NoScript, FlashBlock and AdBlockPlus) helps keep you safe from all the nasties that Internet Exploder falls for every time and gets your machine 0wn3d by, but the firewall's needed to protect Window$ as a whole.
Aaanyways :-
Download and run this non-Java version of the Ewido scanner.
Hmm - that is if it'll let you - you don't seem to be able to install stuff from what you've said already. (The 'Open With' problem which will be related to the 'missing RUNDLL32.EXE' thing.)
To fix this, try going to Start->Run then type cmd in the box to get a DOS terminal up - in the DOS terminal, type sfc /scannow - this will hopefully repair the missing/corrupt file.
As for booting in Safe Mode - as the computer is booting press and hold your 'F8 Key' which should bring up the 'Windows Advanced Options Menu' as shown below. Use your arrow keys to move to 'Safe Mode' and press your Enter key.
So, you want to select Safe Mode (the top-most option - I know that's not the one highlighted now, but I'm working quickly, so please forgive me) from this screen at startup after you've pressed F8:
If you have trouble getting into Window$ XP Safe mode, like if after several attempts you are unable to get into Safe Mode as the computer is booting into Windows, turn off your computer. When the computer is turned on the next time Windows should notice that the computer did not successfully boot and give you the Safe Mode screen as above.
When in Safe Mode, then run your AVG (and make sure it's up to date first while you're now online).
) - the max RAM that you can actually use is 3.5GB out of the 6GB you have installed. You still need a firewall in Window$ even if you're using Firefox - Firefox (esp. with Addons like NoScript, FlashBlock and AdBlockPlus) helps keep you safe from all the nasties that Internet Exploder falls for every time and gets your machine 0wn3d by, but the firewall's needed to protect Window$ as a whole.
Aaanyways :-
Download and run this non-Java version of the Ewido scanner.
Hmm - that is if it'll let you - you don't seem to be able to install stuff from what you've said already. (The 'Open With' problem which will be related to the 'missing RUNDLL32.EXE' thing.)
To fix this, try going to Start->Run then type cmd in the box to get a DOS terminal up - in the DOS terminal, type sfc /scannow - this will hopefully repair the missing/corrupt file.
As for booting in Safe Mode - as the computer is booting press and hold your 'F8 Key' which should bring up the 'Windows Advanced Options Menu' as shown below. Use your arrow keys to move to 'Safe Mode' and press your Enter key.
So, you want to select Safe Mode (the top-most option - I know that's not the one highlighted now, but I'm working quickly, so please forgive me
) from this screen at startup after you've pressed F8:If you have trouble getting into Window$ XP Safe mode, like if after several attempts you are unable to get into Safe Mode as the computer is booting into Windows, turn off your computer. When the computer is turned on the next time Windows should notice that the computer did not successfully boot and give you the Safe Mode screen as above.
When in Safe Mode, then run your AVG (and make sure it's up to date first while you're now online).
okay il give that a go, i tried getting into the dos terminal but the same 'open with' screen came up after i entered 'cmd' - back in a bit.
You might have to get the boot menu up with F8 like I showed you, and then choose the 'Safe Mode with Command Prompt' then type and run the sfc /scannow command - then after it's repaired, you should then reboot again, press F8 again, and then choose Safe Mode this time, and then you can run an AVG scan.
And then - reboot normally, and see if you can install HiJackThis and Ewido after it's hopefully repaired the RUNDLL32.EXE file.
Good luck.
And then - reboot normally, and see if you can install HiJackThis and Ewido after it's hopefully repaired the RUNDLL32.EXE file.
Good luck.
QUOTE(Scribble @ Feb 1 2008, 02:58 PM)
Sorry for the double-post, but it's just occurred to me - ¡¿you're running Window$ & Limewire without a firewall in place?¡
It's a bloody marvel you've made it this long and this far, I tell you.
Even if you're behind a firewalled/NAT router, you should still have a firewall in place - even something free, like Comodo Firewall will serve your needs.
It's a bloody marvel you've made it this long and this far, I tell you.
Even if you're behind a firewalled/NAT router, you should still have a firewall in place - even something free, like Comodo Firewall will serve your needs.
And no anti virus either??
Also no back up?
Such a mega spec system, with a small fortune spent on it, used as your main tv etc & no protection....
It's like buying a porche & leaving the keys in it then crying when it gets nicked!
Seriously dude...learn from this & beef up your security & protection.
Use Nortons Ghost or something to do regular back-ups so if this happens again you can simply restore to before you got a problem.
If you're using torrents & limewire then you can't say you can't find the software.....?
ARRRRRRRRRRRGGGGGGGGGGGGHHHHHHHHHHHHHHHHH fuck sake this is so annoyingly difficult.
Okay i done what you said, i went to f8 i did the safe mode with command prompt, the command prompt came up on screen i typed in sfc /scannow and it said that it can't initiate scan!! However i did find out how to open programs, so i did manage to install comodo firewall and hijackthis, i also did the scan wih log file so if you want it scribble its here mate. Do you have msn? if so i'll add you and send it via that, that way i can easily send screenshots etc yes?
And no anti virus either??
Also no back up?
Such a mega spec system, with a small fortune spent on it, used as your main tv etc & no protection....
It's like buying a porche & leaving the keys in it then crying when it gets nicked!
Seriously dude...learn from this & beef up your security & protection.
Use Nortons Ghost or something to do regular back-ups so if this happens again you can simply restore to before you got a problem.
If you're using torrents & limewire then you can't say you can't find the software.....?
Gnu man i no, i no.....BAD suspect! You have to understand though that when it comes to security i don't know diddly shit about nothing! I've had this computer for over a year and it's been the same since, so i never felt the need to do anything about it, but believe me i'll pay more attention now!!
Right so i have got
Firefox
Azureus
Limewire
Hijackthis
Comodo Firewall
anything else?
QUOTE(Scribble @ Feb 1 2008, 04:46 PM)
You might have to get the boot menu up with F8 like I showed you, and then choose the 'Safe Mode with Command Prompt' then type and run the sfc /scannow command - then after it's repaired, you should then reboot again, press F8 again, and then choose Safe Mode this time, and then you can run an AVG scan.
And then - reboot normally, and see if you can install HiJackThis and Ewido after it's hopefully repaired the RUNDLL32.EXE file.
Good luck.
And then - reboot normally, and see if you can install HiJackThis and Ewido after it's hopefully repaired the RUNDLL32.EXE file.
Good luck.
Okay i done what you said, i went to f8 i did the safe mode with command prompt, the command prompt came up on screen i typed in sfc /scannow and it said that it can't initiate scan!! However i did find out how to open programs, so i did manage to install comodo firewall and hijackthis, i also did the scan wih log file so if you want it scribble its here mate. Do you have msn? if so i'll add you and send it via that, that way i can easily send screenshots etc yes?
QUOTE(Gnu Boy @ Feb 1 2008, 07:32 PM)
QUOTE(Scribble @ Feb 1 2008, 02:58 PM)
Sorry for the double-post, but it's just occurred to me - ¡¿you're running Window$ & Limewire without a firewall in place?¡
It's a bloody marvel you've made it this long and this far, I tell you.
Even if you're behind a firewalled/NAT router, you should still have a firewall in place - even something free, like Comodo Firewall will serve your needs.
It's a bloody marvel you've made it this long and this far, I tell you.
Even if you're behind a firewalled/NAT router, you should still have a firewall in place - even something free, like Comodo Firewall will serve your needs.
And no anti virus either??
Also no back up?
Such a mega spec system, with a small fortune spent on it, used as your main tv etc & no protection....
It's like buying a porche & leaving the keys in it then crying when it gets nicked!
Seriously dude...learn from this & beef up your security & protection.
Use Nortons Ghost or something to do regular back-ups so if this happens again you can simply restore to before you got a problem.
If you're using torrents & limewire then you can't say you can't find the software.....?
Gnu man i no, i no.....BAD suspect! You have to understand though that when it comes to security i don't know diddly shit about nothing! I've had this computer for over a year and it's been the same since, so i never felt the need to do anything about it, but believe me i'll pay more attention now!!
Right so i have got
Firefox
Azureus
Limewire
Hijackthis
Comodo Firewall
anything else?
Right - I'm back...
Let's see - right, good - I don't IM or use MSN or any of that - just post the results of the HijackThis scan as a .txt file attachment to a post in this thread, and I'll have a look-see over it.
¿Now that you can run stuff, have you run that Ewido Scanner program that I linked for you - the non-Java version one?
¿If so, what did it pick up?
¿Did you manage to run AVG in Safe Mode?
¿If so, what did it pick up/delete?
We can sort out what other softs you might need to install after we've made sure that your machine is nice and clean.
Let's see - right, good - I don't IM or use MSN or any of that - just post the results of the HijackThis scan as a .txt file attachment to a post in this thread, and I'll have a look-see over it.
¿Now that you can run stuff, have you run that Ewido Scanner program that I linked for you - the non-Java version one?
¿If so, what did it pick up?
¿Did you manage to run AVG in Safe Mode?
¿If so, what did it pick up/delete?
We can sort out what other softs you might need to install after we've made sure that your machine is nice and clean.
I tried uploading the attachment as a txt file and as a zip file but all it keeps saying is ''Upload failed. You are not permitted to upload this type of file'' so if you wan't i could just post the log file on here. yes?
e2a: also the AVG scan doesn't work, an error message comes up everytime i try opening it, saying 'This service is not available in safe mode'
e2a: also the AVG scan doesn't work, an error message comes up everytime i try opening it, saying 'This service is not available in safe mode'
QUOTE(Suspect @ Feb 1 2008, 08:35 PM)
ARRRRRRRRRRRGGGGGGGGGGGGHHHHHHHHHHHHHHHHH fuck sake this is so annoyingly difficult.
Gnu man i no, i no.....BAD suspect! You have to understand though that when it comes to security i don't know diddly shit about nothing! I've had this computer for over a year and it's been the same since, so i never felt the need to do anything about it, but believe me i'll pay more attention now!!
Right so i have got
Firefox
Azureus
Limewire
Hijackthis
Comodo Firewall
anything else?
Gnu man i no, i no.....BAD suspect! You have to understand though that when it comes to security i don't know diddly shit about nothing! I've had this computer for over a year and it's been the same since, so i never felt the need to do anything about it, but believe me i'll pay more attention now!!
Right so i have got
Firefox
Azureus
Limewire
Hijackthis
Comodo Firewall
anything else?
Dude...i feel your pain...we've all been there at the start & it gets ever more tricky to get rid of some of these little buggers, i've got the works here & i still get stung occasionally.(scribs if you mention ubuntu here...well i'll criticise your interior decor..!)..but my secret weapon is Ghost...it does one main backup per month plus weekly incremental backups
all fully automatic, i only back up my C: drive as that has all th system files, most of my installs or progs go on another partition, so this keeps the backup file to 4-5 gig...so i can back up to dvd too for added security...
The end result is if i get my system trashed i can restore, lose no more than a weeks stuff....all in about 15 mins!
Nortons Ghost....cos you're worth it!
Just a thought, if you get your system running again have a search for boot discs & repair disks in torrents, there are lots about that boot direct from the dvd, & load a suite of utils usually including a decent anti virus...i got one called Mr.O's rescue disc" another is "Hirens Boot Cd"...lots of stuff you'll never need but it has a nice version of kasperky anti virus that updates,scans, innoculates...then you boot up from the hdd & hopefully all is well again...
ed to add....
Good suspect on Firefox....download a plug in or two as well...one i rate VERY highly is "No Scripts", this stops all web page scripts from running unless you are sure its ok to do so...like your bank, here etc...this stops any chance of malicious scripts hijacking your browser & worse.
Also if you do use your pc for logging into secure sites, banks etc...download & install "Keyscrambler" this encrypts your keystrokes & screws up people viewing your packets or using keyloggers or viewers.
From Firefox...
KeyScrambler Personal encrypts your keystrokes at the kernel driver level to protect your login information from keyloggers.. see Here
Noscript
Winner of the "2006 PC World World Class Award", this tool provides extra protection to your Firefox.
It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, and guards the "trust boundaries" against cross-site scripting attacks (XSS).
Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality...
Experts do agree: Firefox is really safer with NoScript ;-)
Both free just go HERE
If you can get hold of Microsoft defender, if you have kosher windows or "fixed", splendid little prog
Once you have all this you'll be 95% safe....Ghost will do the rest...
I love Ghost...ra ra rA
QUOTE(Gnu Boy @ Feb 1 2008, 10:15 PM)
Dude...i feel your pain...we've all been there at the start & it gets ever more tricky to get rid of some of these little buggers, i've got the works here & i still get stung occasionally.(scribs if you mention ubuntu here...well i'll criticise your interior decor..!)..but my secret weapon is Ghost...it does one main backup per month plus weekly incremental backups
all fully automatic, i only back up my C: drive as that has all th system files, most of my installs or progs go on another partition, so this keeps the backup file to 4-5 gig...so i can back up to dvd too for added security...
The end result is if i get my system trashed i can restore, lose no more than a weeks stuff....all in about 15 mins!
Nortons Ghost....cos you're worth it!
Just a thought, if you get your system running again have a search for boot discs & repair disks in torrents, there are lots about that boot direct from the dvd, & load a suite of utils usually including a decent anti virus...i got one called Mr.O's rescue disc" another is "Hirens Boot Cd"...lots of stuff you'll never need but it has a nice version of kasperky anti virus that updates,scans, innoculates...then you boot up from the hdd & hopefully all is well again...
all fully automatic, i only back up my C: drive as that has all th system files, most of my installs or progs go on another partition, so this keeps the backup file to 4-5 gig...so i can back up to dvd too for added security...
The end result is if i get my system trashed i can restore, lose no more than a weeks stuff....all in about 15 mins!
Nortons Ghost....cos you're worth it!
Just a thought, if you get your system running again have a search for boot discs & repair disks in torrents, there are lots about that boot direct from the dvd, & load a suite of utils usually including a decent anti virus...i got one called Mr.O's rescue disc" another is "Hirens Boot Cd"...lots of stuff you'll never need but it has a nice version of kasperky anti virus that updates,scans, innoculates...then you boot up from the hdd & hopefully all is well again...
Sounds like a plan, well luckily enough all my movies and music etc are on external hard drives so im fine on that front and im more than happy to take my computer apart if need be and find the restart button if you no what i mean.
scribble as for AVG well i ended up spending the whole day in safe mode, right clicking each folder and selecting 'scan with AVG' i think i got most, if not all of them because my AVG scans are comming up empty now...however the computer is far from fixed. there were about 9trojans in my c:/windows/system32 folder and a load of others scattered around in java and program files. Is it possible to find a rundll32 file on the net and just put it in my computer or is that a no no?
If the log dump is actually renamed to hijackthis.txt from hijackthis.log you should be able to attach it to a post here on UK420:
Click to view attachment
Rename the HJThis log dump to a .txt suffix, and attach it to a post in this thread.
Click to view attachment
Rename the HJThis log dump to a .txt suffix, and attach it to a post in this thread.
Dunno about you Scrib's but from the sounds of things i reckon Suspect would be better re-formatting?
Start again, from scratch, put everything on you suggest...then he knows he's 100% clear?
A pain i know...but assorted viruses & trojans are never good to clear out & build on safely imo ?
Start again, from scratch, put everything on you suggest...then he knows he's 100% clear?
A pain i know...but assorted viruses & trojans are never good to clear out & build on safely imo ?
Nothing will get past a good HiJackThis scan and scrub by me, GB. 
He doesn't have an XP CD, anwyay.
GB, read my rant/screed in the other thread.
e2a: Reformatting, antivirus problems, trojans etc - doncha just looove Window$ - I know I don't.
He doesn't have an XP CD, anwyay.
GB, read my rant/screed in the other thread.
e2a: Reformatting, antivirus problems, trojans etc - doncha just looove Window$ - I know I don't.
You were just about to mention Ubuntu again there weren't you?!!!
Thing i was wondering about was depending on the virus...it could have screwed up lots of files...i had one little git a year or two back infected over 500 files in hours!!!?
Still worth a good scrub..especially if he's no XP disc....BAD Suspect...torrent yourself a good copy of XP ya big Jessie!
Thing i was wondering about was depending on the virus...it could have screwed up lots of files...i had one little git a year or two back infected over 500 files in hours!!!?
Still worth a good scrub..especially if he's no XP disc....BAD Suspect...torrent yourself a good copy of XP ya big Jessie!
okay, job done. do your magic scribbla
e2a:
, im not worthy!
e2a:
QUOTE(Gnu Boy @ Feb 1 2008, 10:41 PM)
You were just about to mention Ubuntu again there weren't you?!!!
Thing i was wondering about was depending on the virus...it could have screwed up lots of files...i had one little git a year or two back infected over 500 files in hours!!!?
Still worth a good scrub..especially if he's no XP disc....BAD Suspect...torrent yourself a good copy of XP ya big Jessie!
Thing i was wondering about was depending on the virus...it could have screwed up lots of files...i had one little git a year or two back infected over 500 files in hours!!!?
Still worth a good scrub..especially if he's no XP disc....BAD Suspect...torrent yourself a good copy of XP ya big Jessie!
, im not worthy!
Scribs...whats the story with Ubuntu 64bit?
Still better to stick with the stander x86 version?
Still better to stick with the stander x86 version?
Gnu_Boy: If you've a 64Bit CPU then Linux has been 64-Bit compliant for years, all it takes is changing one line in the startup file - all you may have to do is use a 32-Bit version of Firefox so that you can use the 32-Bit version of Flash Player (Adobe's fault, that - closed source bastards that they are )- it's totally transparent to you in use, though.
__________________________________________________________________________________________________
Right, Suspect:
I am happy to report that I have found a few infections on your PC - you have what looks to be some kind of CWS variant, a bestreak/viruxz.dll fake malware scanner, and a W32.Spybot variant - oh, and your DNS servers have been manually set somehow to those of TELEFONICA DE ESPANA (80.58.61.250 & 80.58.61.254) - I wonder how the bloody hell *that* happened!?
Delete these keys from within HiJackThis:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CECD247-A53D-4D93-A0F8-6C2E372C3E3F}: NameServer = 80.58.61.250,80.58.61.254
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CtrlMod20] C:\DOCUME~1\Admin\LOCALS~1\Temp\ctrlAT20.exe -m 72 -p"F:"
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://www.faceb00k.com
O23 - Service: Registry Backup Wizard - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
O23 - Service: Windows Update Service - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
Then download, unpack & run CWShredder.
Then download, install and run CCleaner (Crap Cleaner - to clean all unused and temp files up)
Then make sure that you have System Restore turned off - this will prevent Window$ from re-infecting itself again from old backups of files.
Steps to turn off System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore? After a few moments, the System Properties dialog box closes.
Also download and run ComboFix.
This will close all browser windows, take a few minutes to scan, and then it will reboot your machine - follow it's onscreen instructions on how to proceed.
After all this, your PC should be nice and clean - you should then (& always) make sure that you have all the latest Windows Updates installed on your machine - this is very important.
You should also, as GB suggested, if you have no XP install CD - download one via BitTorrent - there's loads seeded out there - this will help save your bacon in future.
You can extract your XP CD-Key using the free and very cool
When you've rebooted your machine, and installed all your updates - try the Ewido Free Online Scan again - it should come up sparkly clean.
As for your Java, when you're all done, check your Java installation here, and if it's not installed or not the latest version, download it from here.
Good luck, and do let us know how you get on.
)- it's totally transparent to you in use, though. __________________________________________________________________________________________________
Right, Suspect:
I am happy to report that I have found a few infections on your PC - you have what looks to be some kind of CWS variant, a bestreak/viruxz.dll fake malware scanner, and a W32.Spybot variant - oh, and your DNS servers have been manually set somehow to those of TELEFONICA DE ESPANA (80.58.61.250 & 80.58.61.254) - I wonder how the bloody hell *that* happened!?
Delete these keys from within HiJackThis:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CECD247-A53D-4D93-A0F8-6C2E372C3E3F}: NameServer = 80.58.61.250,80.58.61.254
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CtrlMod20] C:\DOCUME~1\Admin\LOCALS~1\Temp\ctrlAT20.exe -m 72 -p"F:"
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://www.faceb00k.com
O23 - Service: Registry Backup Wizard - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
O23 - Service: Windows Update Service - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
Then download, unpack & run CWShredder.
Then download, install and run CCleaner (Crap Cleaner - to clean all unused and temp files up)
Then make sure that you have System Restore turned off - this will prevent Window$ from re-infecting itself again from old backups of files.
Steps to turn off System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore? After a few moments, the System Properties dialog box closes.
Also download and run ComboFix.
This will close all browser windows, take a few minutes to scan, and then it will reboot your machine - follow it's onscreen instructions on how to proceed.
After all this, your PC should be nice and clean - you should then (& always) make sure that you have all the latest Windows Updates installed on your machine - this is very important.
You should also, as GB suggested, if you have no XP install CD - download one via BitTorrent - there's loads seeded out there - this will help save your bacon in future.
You can extract your XP CD-Key using the free and very cool
When you've rebooted your machine, and installed all your updates - try the Ewido Free Online Scan again - it should come up sparkly clean.
As for your Java, when you're all done, check your Java installation here, and if it's not installed or not the latest version, download it from here.
Good luck, and do let us know how you get on.
Nod32 is teh shit
cracked versions are getting rarer though, luckily got mine on cd (never fails to update virus sigs)
cracked versions are getting rarer though, luckily got mine on cd (never fails to update virus sigs)
QUOTE(Scribble @ Feb 1 2008, 11:53 PM)
Right, Suspect:
I am happy to report that I have found a few infections on your PC - you have what looks to be some kind of CWS variant, a bestreak/viruxz.dll fake malware scanner, and a W32.Spybot variant - oh, and your DNS servers have been manually set somehow to those of TELEFONICA DE ESPANA (80.58.61.250 & 80.58.61.254) - I wonder how the bloody hell *that* happened!?
Delete these keys from within HiJackThis:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CECD247-A53D-4D93-A0F8-6C2E372C3E3F}: NameServer = 80.58.61.250,80.58.61.254
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CtrlMod20] C:\DOCUME~1\Admin\LOCALS~1\Temp\ctrlAT20.exe -m 72 -p"F:"
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://www.faceb00k.com
O23 - Service: Registry Backup Wizard - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
O23 - Service: Windows Update Service - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
Then download, unpack & run CWShredder.
Then download, install and run CCleaner (Crap Cleaner - to clean all unused and temp files up)
Then make sure that you have System Restore turned off - this will prevent Window$ from re-infecting itself again from old backups of files.
Steps to turn off System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore? After a few moments, the System Properties dialog box closes.
Also download and run ComboFix.
This will close all browser windows, take a few minutes to scan, and then it will reboot your machine - follow it's onscreen instructions on how to proceed.
After all this, your PC should be nice and clean - you should then (& always) make sure that you have all the latest Windows Updates installed on your machine - this is very important.
You should also, as GB suggested, if you have no XP install CD - download one via BitTorrent - there's loads seeded out there - this will help save your bacon in future.
You can extract your XP CD-Key using the free and very cool
When you've rebooted your machine, and installed all your updates - try the Ewido Free Online Scan again - it should come up sparkly clean.
As for your Java, when you're all done, check your Java installation here, and if it's not installed or not the latest version, download it from here.
Good luck, and do let us know how you get on.
I am happy to report that I have found a few infections on your PC - you have what looks to be some kind of CWS variant, a bestreak/viruxz.dll fake malware scanner, and a W32.Spybot variant - oh, and your DNS servers have been manually set somehow to those of TELEFONICA DE ESPANA (80.58.61.250 & 80.58.61.254) - I wonder how the bloody hell *that* happened!?
Delete these keys from within HiJackThis:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customi...arch.yahoo.com/
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CECD247-A53D-4D93-A0F8-6C2E372C3E3F}: NameServer = 80.58.61.250,80.58.61.254
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CtrlMod20] C:\DOCUME~1\Admin\LOCALS~1\Temp\ctrlAT20.exe -m 72 -p"F:"
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\IntCodec\isamonitor.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O15 - Trusted Zone: http://www.faceb00k.com
O23 - Service: Registry Backup Wizard - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
O23 - Service: Windows Update Service - Unknown owner - C:\WINDOWS\system32\os2\dll\packs\services.exe
Then download, unpack & run CWShredder.
Then download, install and run CCleaner (Crap Cleaner - to clean all unused and temp files up)
Then make sure that you have System Restore turned off - this will prevent Window$ from re-infecting itself again from old backups of files.
Steps to turn off System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore? After a few moments, the System Properties dialog box closes.
Also download and run ComboFix.
This will close all browser windows, take a few minutes to scan, and then it will reboot your machine - follow it's onscreen instructions on how to proceed.
After all this, your PC should be nice and clean - you should then (& always) make sure that you have all the latest Windows Updates installed on your machine - this is very important.
You should also, as GB suggested, if you have no XP install CD - download one via BitTorrent - there's loads seeded out there - this will help save your bacon in future.
You can extract your XP CD-Key using the free and very cool
When you've rebooted your machine, and installed all your updates - try the Ewido Free Online Scan again - it should come up sparkly clean.
As for your Java, when you're all done, check your Java installation here, and if it's not installed or not the latest version, download it from here.
Good luck, and do let us know how you get on.
i think before i touch anything you should no im currently in spain and i set the dns servers myself so that i could port forward blah blah for Azureus (which worked in the end), is any of the above going to effect my dns server etc?
Ah, OK - just leave this line in, don't delete it :
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CECD247-A53D-4D93-A0F8-6C2E372C3E3F}: NameServer = 80.58.61.250,80.58.61.254
That's it.
:O17 - HKLM\System\CCS\Services\Tcpip\..\{9CECD247-A53D-4D93-A0F8-6C2E372C3E3F}: NameServer = 80.58.61.250,80.58.61.254
That's it.
Okay dude so far so good. I've done everything up to System Restore. Now heres the tricky bit. When i go into start menu > 'right click' my computer > properties it comes up with a error message
C:\WINDOWS\system32\rundll32.exe
Application Not Found
Is there anyway around that? Is it very important?
C:\WINDOWS\system32\rundll32.exe
Application Not Found
Is there anyway around that? Is it very important?
You're gonna have to figger out a way to do the sfc /scannow thing to repair that file - failing that, if I were you, I'd download a copy of the XP install CD, and then you will have to copy the missing/corrupted RUNDLL32.EXE file from there, I reckon, maybe using a 'Repair Install' or something like that.
¿Any news on what any of the scanning programs have said they've detected on your machine, and which ones have said what?
¿Any news on what any of the scanning programs have said they've detected on your machine, and which ones have said what?
sorry to double post. I did a search for system restore and i came up with this, can i do anything from here?
Just so you know it won't let me click or right click to 'system restore settings' on the left!! but everything on the right is do able
Just so you know it won't let me click or right click to 'system restore settings' on the left!! but everything on the right is do able
You could also try and run the EXE File Association Fix which may solve your problems.
Do that, and if it hasn't helped, maybe you can run stuff by right-clicking on stuff and clicking on 'Open'.
Do that, and if it hasn't helped, maybe you can run stuff by right-clicking on stuff and clicking on 'Open'.
QUOTE(Scribble @ Feb 2 2008, 01:37 AM)
You're gonna have to figger out a way to do the sfc /scannow thing to repair that file - failing that, if I were you, I'd download a copy of the XP install CD, and then you will have to copy the missing/corrupted RUNDLL32.EXE file from there, I reckon, maybe using a 'Repair Install' or something like that.
¿Any news on what any of the scanning programs have said they've detected on your machine, and which ones have said what?
¿Any news on what any of the scanning programs have said they've detected on your machine, and which ones have said what?
well after manually going through the drives with AVG its pretty clean now, nothings coming up. the crap cleaner deleted all my temp files/cookies etc. the cw shredder didn't delete much but there wasn't much to delete. should i still download and run the combofix or should i just go straight onto downloading the install cd?
QUOTE(Suspect @ Feb 2 2008, 12:38 AM)
sorry to double post. I did a search for system restore and i came up with this, can i do anything from here?
Just so you know it won't let me click or right click to 'system restore settings' on the left!! but everything on the right is do able
Just so you know it won't let me click or right click to 'system restore settings' on the left!! but everything on the right is do able
¡NO!
¡You would just be making a quite possibly infected Restore Point of your PC, or rolling back to an even more b0rk3d system than you already have!
You want to disable System Restore - leave that screen well alone.
QUOTE(Scribble @ Feb 2 2008, 01:41 AM)
You could also try and run the EXE File Association Fix which may solve your problems.
Do that, and if it hasn't helped, maybe you can run stuff by right-clicking on stuff and clicking on 'Open'.
Do that, and if it hasn't helped, maybe you can run stuff by right-clicking on stuff and clicking on 'Open'.
your a fuckin genius!
e2a: it worked....scribs i love you dude, seriously! I turned off system restore im about to download combofix, so i'll see you on the otherside.
An alternative to the usual method of enabling and disabling Windows XP's System Restore feature is to use the registry. To use this alternative, perform the following steps: Start the registry editor (regedit.exe).
Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore.
If a "DisableSR" value doesn't exist, go to the Edit menu, select New, DWORD value, and create the value.
Set the value to 1 to disable System Restore or 0 to enable System Restore.
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr to prevent the System Restore service from starting.
Double-click Start, and set the value to 4 to stop the service from starting or to 0 for normal startup. Close the registry editor.
Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore.
If a "DisableSR" value doesn't exist, go to the Edit menu, select New, DWORD value, and create the value.
Set the value to 1 to disable System Restore or 0 to enable System Restore.
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr to prevent the System Restore service from starting.
Double-click Start, and set the value to 4 to stop the service from starting or to 0 for normal startup. Close the registry editor.
Well it's all done, the pc is spick and span and im about to try ewido. Scribble, 'Thank You' doesn't quite cut it. I owe you man, i know it isn't much but i've got an invite to 'thebox.bz' if your interested, big spliff coming your way at the next expo.
¿So what did the logs say that they've stripped out for you, then?
Maybe you can post the log details of what's been removed after you've done the Ewido scan - it's always of great interest to see what the current state-of-the art is with people's infected Window$ machines.
You know, if you switched over to 64-Bit Linux - say Ubuntu Linux - for day-to-day desktop stuff, and net browsing etc., you not only would never have to worry about viruses any spyware etc again, but you would also be able to use those 2.5GB of RAM in your machine that you'll never touch using Window$.
I'm OK over at thebox - my ratio's up to nearly 5.0 - ¿aren't I a good seeder?
e2a: Don't forget to check your Java is OK, and make sure that you're up-to-date with all the current Window$ Updates like I said in an earlier post.
Maybe you can post the log details of what's been removed after you've done the Ewido scan - it's always of great interest to see what the current state-of-the art is with people's infected Window$ machines.
You know, if you switched over to 64-Bit Linux - say Ubuntu Linux - for day-to-day desktop stuff, and net browsing etc., you not only would never have to worry about viruses any spyware etc again, but you would also be able to use those 2.5GB of RAM in your machine that you'll never touch using Window$.
I'm OK over at thebox - my ratio's up to nearly 5.0 - ¿aren't I a good seeder?
e2a: Don't forget to check your Java is OK, and make sure that you're up-to-date with all the current Window$ Updates like I said in an earlier post.
QUOTE(Scribble @ Feb 2 2008, 02:11 AM)
¿So what did the logs say that they've stripped out for you, then?
Maybe you can post the log details of what's been removed after you've done the Ewido scan - it's always of great interest to see what the current state-of-the art is with people's infected Window$ machines.
You know, if you switched over to 64-Bit Linux - say Ubuntu Linux - for day-to-day desktop stuff, and net browsing etc., you not only would never have to worry about viruses any spyware etc again, but you would also be able to use those 2.5GB of RAM in your machine that you'll never touch using Window$.
I'm OK over at thebox - my ratio's up to nearly 5.0 - ¿aren't I a good seeder?
e2a: Don't forget to check your Java is OK, and make sure that you're up-to-date with all the current Window$ Updates like I said in an earlier post.
Maybe you can post the log details of what's been removed after you've done the Ewido scan - it's always of great interest to see what the current state-of-the art is with people's infected Window$ machines.
You know, if you switched over to 64-Bit Linux - say Ubuntu Linux - for day-to-day desktop stuff, and net browsing etc., you not only would never have to worry about viruses any spyware etc again, but you would also be able to use those 2.5GB of RAM in your machine that you'll never touch using Window$.
I'm OK over at thebox - my ratio's up to nearly 5.0 - ¿aren't I a good seeder?
e2a: Don't forget to check your Java is OK, and make sure that you're up-to-date with all the current Window$ Updates like I said in an earlier post.
While Ewido is scanning i installed Java just fine, and my window updates are all up to scratch. I'll definately look into linux now, i've never even heard of it.
5.0 ratio?! Im on a pitiful 1.5! It's all those bloody Louis Theroux Torrents i keep downloading that are doing it for me! The Ewido program is still scanning would you like the Combofix log in the mean time?
Right - to also pimp your PC so that it won't be as susceptible to getting pwn3d again, install these Firefox add-ons, like I (& GB) suggested to you earlier:
AdBlockPlus
Adblock Filterset.G Updater
FlashBlock
NoScript
CustomizeGoogle
Download Embedded
Video DownloadHelper
This will ensure that not only will your Firefox be even more protected against potential nasties than the usual vanilla version out-of-the-box, it will also mean that you'll never be bothered by another Web advert again.
Download Embedded is a handy tool to have:
If you want to nick video files from sites like YouTube, and be able to download them to your hard-drive to play at your leisure or burn out to disc, or whatever, then Video DownloadHelper is the add-on to use.
To convert the FLV Flash video files to loads of other formats, like .avi or whatever, vixy.net is a great online tool that will do that for you - FLV files can be played natively on your PC using the magnificent VLC Player which is a great player to have on-board your machine, as it will literally play almost any type of media file, without the need for installing external CODECs to do so.
Note: When you're running Firefox with NoScript and FlashBlock, any sites that use Flash and/or Java stuff (like youtube, for example) you will have to click on the NoScript icon on the FF toolbar, and tell it to 'Allow <Site>' or 'Temporarily Allow <Site>' to be able to run the Flash/Java content.
FlashBlock will make it so that FF, instead of automatically playing Flash stuff (a lot of which is bollocks and you not only don't want to bother running, it's a waste of bandwidth as well) it will put a box with a 'Play' icon (like on a VCR or sometimes like a stylised 'F') in the middle of it - if you then want to go ahead and play the Flash animation, you just click the 'Play' button.
You'll no doubt find yourself setting sites like UK420 and YouTube to 'Allow <Site>', which will allow scripts to run permanently on those sites - but while you're browsing random other sites on the 'net, you can just click on 'Temporarily Allow <Site>' if you come across some random site that you want to allow to run scripts just that once whilst you're visiting them.
Browsing the 'net like this will protect you from 90%+ of all the nasties out there.
Let us know if you need to know any more, or are having problems with any aspect of things.
e2a: Sure - post up any and all logs from the scans done on your PC - it'll be educational to see what they say.
One of the beauties of Ubuntu Linux is that you can install it as a 'dual-boot' on your PC - you just have to devote a bit of hard-drive space to partition to put it on, and then when you install it from the install CD you can download, it will automatically detect the Window$ installation on your PC, and automatically put a boot menu that will come up when you switch your machine on, giving you a menu with a choice of whether you want to boot Window$ or Ubuntu.
Linux with the 3D Beryl/Compiz desktop installed - ¿kinda makes Vi$ta look like the pile of crap that it is, doncha think? :
AdBlockPlus
Adblock Filterset.G Updater
FlashBlock
NoScript
CustomizeGoogle
Download Embedded
Video DownloadHelper
This will ensure that not only will your Firefox be even more protected against potential nasties than the usual vanilla version out-of-the-box, it will also mean that you'll never be bothered by another Web advert again.
Download Embedded is a handy tool to have:
QUOTE
Downloads all or selected embedded objects on a webpage. Can be used for downloading movies, mp3s, flash, quicktime, or other embedded files (although this does NOT work on video embedded in flash [ youtube, video.google.com, etc.. ].
If you want to nick video files from sites like YouTube, and be able to download them to your hard-drive to play at your leisure or burn out to disc, or whatever, then Video DownloadHelper is the add-on to use.
To convert the FLV Flash video files to loads of other formats, like .avi or whatever, vixy.net is a great online tool that will do that for you - FLV files can be played natively on your PC using the magnificent VLC Player which is a great player to have on-board your machine, as it will literally play almost any type of media file, without the need for installing external CODECs to do so.
Note: When you're running Firefox with NoScript and FlashBlock, any sites that use Flash and/or Java stuff (like youtube, for example) you will have to click on the NoScript icon on the FF toolbar, and tell it to 'Allow <Site>' or 'Temporarily Allow <Site>' to be able to run the Flash/Java content.
FlashBlock will make it so that FF, instead of automatically playing Flash stuff (a lot of which is bollocks and you not only don't want to bother running, it's a waste of bandwidth as well) it will put a box with a 'Play' icon (like on a VCR or sometimes like a stylised 'F') in the middle of it - if you then want to go ahead and play the Flash animation, you just click the 'Play' button.
You'll no doubt find yourself setting sites like UK420 and YouTube to 'Allow <Site>', which will allow scripts to run permanently on those sites - but while you're browsing random other sites on the 'net, you can just click on 'Temporarily Allow <Site>' if you come across some random site that you want to allow to run scripts just that once whilst you're visiting them.
Browsing the 'net like this will protect you from 90%+ of all the nasties out there.
Let us know if you need to know any more, or are having problems with any aspect of things.
e2a: Sure - post up any and all logs from the scans done on your PC - it'll be educational to see what they say.
One of the beauties of Ubuntu Linux is that you can install it as a 'dual-boot' on your PC - you just have to devote a bit of hard-drive space to partition to put it on, and then when you install it from the install CD you can download, it will automatically detect the Window$ installation on your PC, and automatically put a boot menu that will come up when you switch your machine on, giving you a menu with a choice of whether you want to boot Window$ or Ubuntu.
Linux with the 3D Beryl/Compiz desktop installed - ¿kinda makes Vi$ta look like the pile of crap that it is, doncha think?
:QUOTE(Scribble @ Feb 2 2008, 02:44 AM)
Right - to also pimp your PC so that it won't be as susceptible to getting pwn3d again, install these Firefox add-ons, like I (& GB) suggested to you earlier:
AdBlockPlus
Adblock Filterset.G Updater
FlashBlock
NoScript
CustomizeGoogle
Download Embedded
Video DownloadHelper
This will ensure that not only will your Firefox be even more protected against potential nasties than the usual vanilla version out-of-the-box, it will also mean that you'll never be bothered by another Web advert again.
Download Embedded is a handy tool to have:
If you want to nick video files from sites like YouTube, and be able to download them to your hard-drive to play at your leisure or burn out to disc, or whatever, then Video DownloadHelper is the add-on to use.
To convert the FLV Flash video files to loads of other formats, like .avi or whatever, vixy.net is a great online tool that will do that for you - FLV files can be played natively on your PC using the magnificent VLC Player which is a great player to have on-board your machine, as it will literally play almost any type of media file, without the need for installing external CODECs to do so.
Note: When you're running Firefox with NoScript and FlashBlock, any sites that use Flash and/or Java stuff (like youtube, for example) you will have to click on the NoScript icon on the FF toolbar, and tell it to 'Allow <Site>' or 'Temporarily Allow <Site>' to be able to run the Flash/Java content.
FlashBlock will make it so that FF, instead of automatically playing Flash stuff (a lot of which is bollocks and you not only don't want to bother running, it's a waste of bandwidth as well) it will put a box with a 'Play' icon (like on a VCR or sometimes like a stylised 'F') in the middle of it - if you then want to go ahead and play the Flash animation, you just click the 'Play' button.
You'll no doubt find yourself setting sites like UK420 and YouTube to 'Allow <Site>', which will allow scripts to run permanently on those sites - but while you're browsing random other sites on the 'net, you can just click on 'Temporarily Allow <Site>' if you come across some random site that you want to allow to run scripts just that once whilst you're visiting them.
Browsing the 'net like this will protect you from 90%+ of all the nasties out there.
Let us know if you need to know any more, or are having problems with any aspect of things.
e2a: Sure - post up any and all logs from the scans done on your PC - it'll be educational to see what they say.
One of the beauties of Ubuntu Linux is that you can install it as a 'dual-boot' on your PC - you just have to devote a bit of hard-drive space to partition to put it on, and then when you install it from the install CD you can download, it will automatically detect the Window$ installation on your PC, and automatically put a boot menu that will come up when you switch your machine on, giving you a menu with a choice of whether you want to boot Window$ or Ubuntu.
Linux with the 3D Beryl/Compiz desktop installed - ¿kinda makes Vi$ta look like the pile of crap that it is, doncha think? :
AdBlockPlus
Adblock Filterset.G Updater
FlashBlock
NoScript
CustomizeGoogle
Download Embedded
Video DownloadHelper
This will ensure that not only will your Firefox be even more protected against potential nasties than the usual vanilla version out-of-the-box, it will also mean that you'll never be bothered by another Web advert again.
Download Embedded is a handy tool to have:
QUOTE
Downloads all or selected embedded objects on a webpage. Can be used for downloading movies, mp3s, flash, quicktime, or other embedded files (although this does NOT work on video embedded in flash [ youtube, video.google.com, etc.. ].
If you want to nick video files from sites like YouTube, and be able to download them to your hard-drive to play at your leisure or burn out to disc, or whatever, then Video DownloadHelper is the add-on to use.
To convert the FLV Flash video files to loads of other formats, like .avi or whatever, vixy.net is a great online tool that will do that for you - FLV files can be played natively on your PC using the magnificent VLC Player which is a great player to have on-board your machine, as it will literally play almost any type of media file, without the need for installing external CODECs to do so.
Note: When you're running Firefox with NoScript and FlashBlock, any sites that use Flash and/or Java stuff (like youtube, for example) you will have to click on the NoScript icon on the FF toolbar, and tell it to 'Allow <Site>' or 'Temporarily Allow <Site>' to be able to run the Flash/Java content.
FlashBlock will make it so that FF, instead of automatically playing Flash stuff (a lot of which is bollocks and you not only don't want to bother running, it's a waste of bandwidth as well) it will put a box with a 'Play' icon (like on a VCR or sometimes like a stylised 'F') in the middle of it - if you then want to go ahead and play the Flash animation, you just click the 'Play' button.
You'll no doubt find yourself setting sites like UK420 and YouTube to 'Allow <Site>', which will allow scripts to run permanently on those sites - but while you're browsing random other sites on the 'net, you can just click on 'Temporarily Allow <Site>' if you come across some random site that you want to allow to run scripts just that once whilst you're visiting them.
Browsing the 'net like this will protect you from 90%+ of all the nasties out there.
Let us know if you need to know any more, or are having problems with any aspect of things.
e2a: Sure - post up any and all logs from the scans done on your PC - it'll be educational to see what they say.
One of the beauties of Ubuntu Linux is that you can install it as a 'dual-boot' on your PC - you just have to devote a bit of hard-drive space to partition to put it on, and then when you install it from the install CD you can download, it will automatically detect the Window$ installation on your PC, and automatically put a boot menu that will come up when you switch your machine on, giving you a menu with a choice of whether you want to boot Window$ or Ubuntu.
Linux with the 3D Beryl/Compiz desktop installed - ¿kinda makes Vi$ta look like the pile of crap that it is, doncha think?
:okay well i got all the add ons for firefox nice and easy. Will definately be getting ubuntu, that 3d desktop looks crazy! How long does it take to install because if its not very long i might do it tonight, if not then tomorrow def. Ewido is STILL scanning so i'll give you the combofix log.
"To convert the FLV Flash video files to loads of other formats, like .avi or whatever, vixy.net is a great online tool that will do that for you"
do you know of any software like this for ubuntu gutsy?
do you know of any software like this for ubuntu gutsy?
It only takes 30 minutes or an hour or so to install Ubuntu, and actually takes less keystrokes than it does to type in the Window$ CD-Key.
Don't forget that you'll have to download the install CD for it as well from Ubuntu's site.
You'll be wanting the Desktop Edition - Ubuntu 7.10 - Standard personal computer (x86 architecture, PentiumTM, CeleronTM, AthlonTM, SempronTM)
That's the 32Bit version - have a play with that 1st, and then later you can get the 64Bit version if you have a 64Bit CPU - ¿what processor do you have in your PC, anyway?
I'd leave it till tomorrow, though, as you're going to have to defrag your drive and make a 10 Gig or more seperate partition on it so that Ubuntu can install on there - ¿you don't want to go screwing up your nicely newly cleaned Win system, do you?
Or, you could always treat yourself to another hard-drive - you can get 160GB ones for about £30 now - stick that in your PC as a slave, and install Ubuntu onto that - it'll quite happily install itself onto another separate drive and still do the boot menu thing automatically for you.
¿It's nice though, ain't it? Sure makes Vi$ta look like the bag'o'shite that it is. :
That cube can spin, BTW, and you can have up to 6 different separate desktops all with different stuff happening on them, like Office work open on one face of the cube, a movie playing on another, your pr0n on another, and of course - UK420 open on yet another - it's mint, I tells ya.
Maybe tomorrow, after Ewido has finished, I'd like you to run HijackThis again and post a new log in this thread, just so we can make sure that absolutely everything has been banished from your machine, for sure.
Don't forget that you'll have to download the install CD for it as well from Ubuntu's site.
You'll be wanting the Desktop Edition - Ubuntu 7.10 - Standard personal computer (x86 architecture, PentiumTM, CeleronTM, AthlonTM, SempronTM)
That's the 32Bit version - have a play with that 1st, and then later you can get the 64Bit version if you have a 64Bit CPU - ¿what processor do you have in your PC, anyway?
I'd leave it till tomorrow, though, as you're going to have to defrag your drive and make a 10 Gig or more seperate partition on it so that Ubuntu can install on there - ¿you don't want to go screwing up your nicely newly cleaned Win system, do you?
Or, you could always treat yourself to another hard-drive - you can get 160GB ones for about £30 now - stick that in your PC as a slave, and install Ubuntu onto that - it'll quite happily install itself onto another separate drive and still do the boot menu thing automatically for you.
¿It's nice though, ain't it? Sure makes Vi$ta look like the bag'o'shite that it is.
:That cube can spin, BTW, and you can have up to 6 different separate desktops all with different stuff happening on them, like Office work open on one face of the cube, a movie playing on another, your pr0n on another, and of course - UK420 open on yet another - it's mint, I tells ya.
Maybe tomorrow, after Ewido has finished, I'd like you to run HijackThis again and post a new log in this thread, just so we can make sure that absolutely everything has been banished from your machine, for sure.
QUOTE(Saddam @ Feb 2 2008, 02:19 AM)
"To convert the FLV Flash video files to loads of other formats, like .avi or whatever, vixy.net is a great online tool that will do that for you"
do you know of any software like this for ubuntu gutsy?
do you know of any software like this for ubuntu gutsy?
Yeah VLC Player will convert stuff to any format you want, while your watching it on-screen, or silently in the background, if you like.
Here's a HOWTO on how to do it with VLC Player.
Vixy.net will do it online for you though, and fast - whatever OS you're running.
If you're talking about doing industrial amounts and quality video transcoding, though, you should look at tools like AVIdemux and/or mediacoder.
PS - Dark brown text isn't a good colour to write your posts in, dude, as many people use UK420 with the black skin.
sorry mate i've switched to the black skin now
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.