Stump
SENATOR BABYHEAD  Posts: 310 Registered: 6/18/2002 Offline
|
9/5/2005 at 03:15 |
Alrighty, so my comp coincidently picks up a virus a day after the AVG free trial ends. I'm running pandasofts web-based antivirus as I type. I'm trying to figure out what it could be though, as it's apparently pretty clever. It won't let me run trendmicro's housecall or Spybot Search and Destroy. It randomly opens spam windows, adds four folders to my favorites in IE, and is hyperlinking key words like love, sex, advice. Any one exposed to this or have an idea what it could be? Too late here to go purchase an antivirus at the store and it's starting to piss me off just a little.
|
| |
mcgarpat
DARTH MENSES  Posts: 413 Registered: 7/10/2005 Offline
|
9/5/2005 at 03:30 |
Use the windows utilities to restore your registry from before the infection, youll be ok
Don't spend the money yet
____________________
Some people are like Slinkies... not really good for anything, but they still bring a smile to your face when you push them down a flight of stairs. |
| |
Crackalackin
SENATOR BABYHEAD  Posts: 389 Registered: 7/19/2004 Offline
|
9/5/2005 at 03:31 |
(a) The plural form is "viruses"
(b) Get Microsoft's Anti-Spyware (formerly Giant Anti-Spyware). It's damn good, better than even Spybot.
Here: http://www.microsoft.com/athome/security/spyware/software/default.mspx
____________________
^ Internet Porn Star |
| |
sahlgoode
SENATOR BABYHEAD  Posts: 254 Registered: 7/6/2005 Offline
|
9/5/2005 at 03:43 |
There are plenty of people in the swarm that'd give you more sound advice than I could, but it sounds like you're in a tight spot.
If it were me, (and I've been there) I'd be re-formating my drive by now.
You may want to try the free version of AVG to see if it'll kill off anything that you've contracted.
AVG Free edition from download.com
____________________
Closed indefinitely in accordance with the Digital Milennium Copyright Act (DMCA) of 1998
|
| |
government_death_robot
DARTH MENSES  Posts: 942 Registered: 4/23/2004 Offline
|
9/5/2005 at 04:22 |
I'd click all the sex hyperlinks.
That's what I'd do.
____________________
bwned. |
| |
dagwood
SENATOR BABYHEAD  Posts: 399 Registered: 12/19/2004 Offline
|
9/5/2005 at 04:53 |
Good shoes and a good antivirus solution are worth spending good money on. I use Panda Titanium $29.95 with real good success.. Best choice I found , especially since I came to hate McAtchaffee and Norton is too bloated.
I did pick up an insidious little virus that prevented me from erasing it, or updating, finally had to turn off system restore, losing all previous restore points, in order to permanently eliminate traces and reproductions of the virus following a complete scan.
One mo thang, DON"T USE IE DUMBASS!!!!!!! Firefox rocks.
____________________
not intense purposes, not intensive purposes
FOR ALL INTENTS AND FOR ALL PURPOSES
INTENTS AND PURPOSES
FUCK- nocal |
| |
azron123
I can break you with my mind. Watch, I'll do it.   SSHOLEPosts: 1505 Registered: 3/6/2003 Offline
|
9/5/2005 at 06:03 |
Get CW-shredder because what you have sounds like it might be a cool web varient.
There aqre plenty of ass kicking anti-virus/anti-trojan stuff you can get for free. Haul yore puter down the intar web to majorgeeks.com and visit the anti-virus and anti-spyware sections.
I heart freebies
____________________
If you give a man a fire you keep him warm for one night.
If you set him on fire you keep him warm for the rest of his life. |
| |
Crackalackin
SENATOR BABYHEAD Posts: 389 Registered: 7/19/2004 Offline
|
9/5/2005 at 06:08 |
dagwood: Good shoes and a good antivirus solution are worth spending good money on. I use Panda Titanium $29.95 with real good success.. Best choice I found , especially since I came to hate McAtchaffee and Norton is too bloated.
Having worked about five years in this area, I still have an avid interest in the subject. I would have to warn you guys against using less-than-reputable anti-virus solutions. Which Panda is. I have not heard much at all about, or from Spanish security researchers.
AFAIK, there's no such thing as a good, free, general-purpose computer virus removal tool.
The people at the Norton's lab, as well as McAfee's, are top-notch, and the engine upgrades happen fast enough to evade tool-specific stealth viruses.
If you hate these brands (I don't know why you would), the next best thing is probably F-Prot by Frisk (good guy, knows his stuff really well, and the engine has grown to be very impressive).
[Edited on 5/9/2005 by Crackalackin]
____________________
^ Internet Porn Star |
| |
Lefen
I think Clavis wins my heart <3  SSHOLEPosts: 903 Registered: 9/16/2003 Offline
|
9/5/2005 at 06:18 |
These guys have told you right, but can I suggest that you also download and run the McAfee AVERT Stinger - saved my ass many times.
Also check out How I manually rid my system of a persistant trojan.
Best of luck matey 
____________________
< barfass> hey, fuck your crumpets, postman pat |
| |
fastlane
Zombie scream style  SSHOLEPosts: 708 Registered: 2/7/2004 Offline
|
9/5/2005 at 06:22 |
dagwood: I came to hate McAtchaffee and Norton is too bloated.
One mo thang, DON"T USE IE DUMBASS!!!!!!! Firefox rocks.
Those anti-virii are good but slows my PC down. I have tried lots of AV/Firewall programs and found F-Secure to be adequate.
Stump you can use HiJack This and create a log then paste it in here http://www.help2go.com/modules.php?name=HJTDetective
____________________
I love the sound of silence. It gives me something else to break. |
| |
dagwood
SENATOR BABYHEAD Posts: 399 Registered: 12/19/2004 Offline
|
9/5/2005 at 06:55 |
Crackhead- I have noticed on frequent occasions that you seem to really know your shit and I respek dat. But, while I'm not bold , rich, or knowledgeable enough to be a trailblazer I hate the fuking bandwagon. When EVERYONE's got it, I'm looking elsewhere. So except for the XP OS my dumbass has gotta use, I support healthy competition. I was using Firefox before it was cool, and got an AMD because it ws a viable alternative to the Pentium. I had a bad experience with not being able to upgrade an expired version of McAfee that was preloaded on my machine and Norton seems to have so many products and accesories I thought they were getting too big for my britches. I get alot of info from multiple e-mails from PC Mag and they reviewed teh Panda real well. Tech support, the couple of times I've needed it is in CA, so no habla is no problema.
I will try that MS spyware tool, Spybot is a free and apparently non-updating thing I've been having, along with Ad-aware and Reg Mech.
What kinda textwar is that ? A fukin slashdot? HA!!
____________________
not intense purposes, not intensive purposes
FOR ALL INTENTS AND FOR ALL PURPOSES
INTENTS AND PURPOSES
FUCK- nocal |
| |
Stump
SENATOR BABYHEAD Posts: 310 Registered: 6/18/2002 Offline
|
9/5/2005 at 17:46 |
I've run CleanUp, can't run Spybot, Ad-Aware, or CWSShredder 4.0 as it's a clever little bugger and I keep getting a 'no disk in drive' error. I've discovered what it is through the Panda scan, it's a .dll named gpstool. Gonna try installin Hijack this or running a registry editor to delete it and see if that works. |
| |
DonQuixote
DARTH MENSES  Posts: 641 Registered: 4/22/2005 Offline
|
9/5/2005 at 18:18 |
government_death_robot: I'd click all the sex hyperlinks.
That's what I'd do.
^^LOL
I'd go wiht cracka lackin on this. Then go out and buy/borow/steal norton system works 2005 premier. That and a couple anti spy ware progs like what crack said should keep you golden. WHile you at it get the use Zone alarm or get Norton Personal FIrewall as well. Don't for get to partition your hard drive/s and make ghost disks. The best offense is a good defense.
Oh and you can also try entering all the symptoms of your virus into google and seeing what comes up.
Hope that helps.
GDR's thing is fucking hilarious.
____________________
( . )( . ) <--- Boobs. |
| |
DonQuixote
DARTH MENSES Posts: 641 Registered: 4/22/2005 Offline
|
9/5/2005 at 18:21 |
BTW guys - Everything is free on BT. 
____________________
( . )( . ) <--- Boobs. |
| |
vasudeva
Bad Taste in your Mouth  SSHOLEPosts: 4538 Registered: 3/8/2002 Offline
|
9/5/2005 at 18:54 |
dagwood: But, while I'm not bold , rich, or knowledgeable enough to be a trailblazer I hate the fuking bandwagon. When EVERYONE's got it, I'm looking elsewhere.
Actually a bad idea, in my opinion, when it comes to software. The popular, well-used stuff by definition gets the most field-testing, the most bug reports, and the greatest number of familarized users who can help you in support fora. With something like anti-virus apps, that's what you want.
____________________
slippedhole> I am on to you and your evil intentions. I am the true protector of this website and am willing to do battle with you. |
| |
government_death_robot
DARTH MENSES Posts: 942 Registered: 4/23/2004 Offline
|
9/5/2005 at 20:01 |
dagwood: But, while I'm not bold , rich, or knowledgeable enough to be a trailblazer I hate the fuking bandwagon. When EVERYONE's got it, I'm looking elsewhere.
TAKE OFF YOUR GOTH EYELINER AND BE A CONFORMIST!
____________________
bwned. |
| |
Uart
DARTH MENSES  Posts: 1228 Registered: 3/5/2005 Offline
|
9/6/2005 at 18:55 |
Stump: yada yada yada, I don't know the difference between spyware/adware and viruses.
You don't have a virus, that my friend is teh spyware. If you're good with computers, a simple google-search will tell you what shit to delete, if you aren't, then get yourself a GOOD anti-spyware program. Ad-Aware is good for a freebie, but something like Spy Sweeper is better (CNET usually has a review of them somewhere).
Go into SAFE MODE -- you hit like F8 while booting, and it gives you a menu, at which you choose "safe mode." Then, go ahead and run the anti-spyware program. If it can't remove it in safe mode, then you're going to have to go into the registry and start deleting things that are set to auto-load at startup.
Viruses can be contracted accidentally, but spyware is almost always your fault. Don't install just anything you can download online for "free" (bonzi buddy, weatherbug, even AIM are pretty shitty), don't click ok to every window that comes up, and don't use IE unless you have to. |
| |
Lefen
I think Clavis wins my heart <3 SSHOLEPosts: 903 Registered: 9/16/2003 Offline
|
9/6/2005 at 19:07 |
Uart:
If it can't remove it in safe mode, then you're going to have to go into the registry and start deleting things that are set to auto-load at startup.
No he fucking wont -- do it using spybot (in spybot: tools>system startup).
Spybot lists all the startup entries for you and tells you what each one does and you also have the option to either disable (temp safe measure) or completely remove individual startup entries.
____________________
< barfass> hey, fuck your crumpets, postman pat |
| |
Stump
SENATOR BABYHEAD Posts: 310 Registered: 6/18/2002 Offline
|
9/7/2005 at 04:56 |
O.k., originally thought it was a virus since it wasn't allowing me to run AVG or Spybot scans. It also did the same with ewido and Adaware. After some digging I realize it was spyware (BHO). I was finally able to disable it using HijackThis, my antivirus and spybot scans still won't work though. Next day off may still be burning, formatting and reloading. I really gotta restrict the permissions better for the other account on this system. |
| |
