The Trojans Have Raped My Ass
Good [+1]Toggle ReplyLink» Choda_Bean replied on Thu Mar 12, 2009 @ 12:45am |
my fucking computer is under attack again!!!
i've been able to handle shit before, but this time i don't know what's going on, i can't get rid of the infections! with spybot for example, it notices like 5 infections, i fix them, delete the back up etc, then scan again right after, and the same shit pops up.... i know there was some hints in another thread, but i cant find it, anyone have some proper software, settings etc for me? i need help, even my audio driver gets affected, and i have to restart my stupid computer all the time... heres a recent list of crap i found: Company: Product: Win32.Small.azl Threat: Trojan Description Win32.Small.azl connects to the internet in background, loads Yazzle, Virtumonde, creates randomly named directories, starts itself in autorun as "WinAble", "divipavk", "runner1", "CTDrive" without giving the user a possibility to cancel that process. Company: Product: Virtumonde.sdn Threat: Trojan Description Virtumonde.sdn consists of Virtumonde variants that load themselves into the Winlogon to get started on system log on. They also run as browser helper objects to take control of the users internet surfing. Virtumonde variants usually promote or install fake security software, they also install pop up advertising and other malware. Company: Product: Smitfraud-C. Threat: Description This program installs itself through the internet and creates new desktop wallpaper. This wallpaper looks like a Windows 98 blue screen and contains a warning that the computer is infected with viruses, that one should download run a virus scanner and that the computer wouldn't work in normal mode. In addition to this one gets a desktop icon leading to a pretended anti virus application named PSGuard. Scanning the computer with this software will return a virus found (that was installed by this software itself). In order to remove this virus one has to download the full version for about 20 EUR. Another unpleasant effect of Smitfraud-C. is that some configuration options in the Control Panel will no longer be available. This way it stops the user from changing the wallpaper and forces him to keep the blue screen. Overall Smitfraud-C is a very sneaky software trying to sell PSGuard by frightening less experienced users. Company: Product: WindowsSecurityCenter_disabled Threat: Security Functionality if the Windows Security Center is disabled this entry will be shown Description Malware can disable the Windows Security Center to make your System more vulnerable. If you have other security software suit installed, this may also deactivate the Windows Security Center to avoid double warning messages. | |
I'm feeling like ezbake right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Thu Mar 12, 2009 @ 1:08am |
run regedit (regedit.exe)
and remove the strings, i also hope you have unlock hidden files & sytem files and delete the instances, if you cant delete you can always try to boot with a live version of linux (backtrack preferably) and from their drivers you should be able to delete them even if your on an windows/admin ntfs Update » cutterhead wrote on Thu Mar 12, 2009 @ 1:12am press F3 in regedit to search, or go in the menu.
lots of windows services should all be reviewed in your profile next time to prevent such attack. maybe use firefox with noscript plugin & update spybot all the time. this i have tested numerous times and is almost flawless. also in your browser try disabling shared objects etc.. (spybot advanced console) Update » cutterhead wrote on Thu Mar 12, 2009 @ 1:15am but virtumond wraps the environment and XOR copy itself till forever if your in windows, hence doing the same thing with a backtrack cd. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» Mico replied on Thu Mar 12, 2009 @ 1:09am |
This happened to me a about a month ago. Specifically that Virtumonde.
I got AVG, Spybot, plus my Bell Sympatico anti-virus, and just scanned, and scanned, and scanned until everything nothing came back. I think I also returned my windows to a previous state from before I got the infection. I'll tell you, it took me a few days to get everything back to normal, and even at this point, my windows is still a little screwy. Good luck. | |
I'm feeling cool right now.. |
Good [+1]Toggle ReplyLink» Nuclear replied on Thu Mar 12, 2009 @ 1:16am |
Good [+1]Toggle ReplyLink» cutterhead replied on Thu Mar 12, 2009 @ 1:21am |
if your not dependant of old versions i agree that vista ultimate is a beautifull system. lacks retro support imo but hopfully we can multiboot.
i have seen the same problem on vista if not updated or pached with alternatives. this autorun/inuse file also lives on soulpads (usbkeys) Update » cutterhead wrote on Thu Mar 12, 2009 @ 1:25am a response to such rootkit is to rootkit yourself : you boot linux / bsd and mount the filesystem from where you can most of the time inject more code than in your defective environment shell. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» Choda_Bean replied on Thu Mar 12, 2009 @ 1:32am |
Good [+1]Toggle ReplyLink» Lone_Star replied on Thu Mar 12, 2009 @ 1:43am |
Good [+1]Toggle ReplyLink» v.2-1 replied on Thu Mar 12, 2009 @ 1:46am |
Good [+1]Toggle ReplyLink» Screwhead replied on Thu Mar 12, 2009 @ 7:10am |
For starters, Spybot is an anti spyware/malware, not an anti virus; trojans are a form of virus, so it's not going to clean those out properly. Get yourself AVG if you can. | |
I'm feeling your norks right now.. |
Good [+1]Toggle ReplyLink» karma.millie replied on Thu Mar 12, 2009 @ 7:19am |
Originally Posted By NUCLEAR
vista will save your ass... install it now... Xp ! | |
I'm feeling kiss mah face! right now.. |
Good [+1]Toggle ReplyLink» JojoBizarre replied on Thu Mar 12, 2009 @ 8:12am |
Good [+1]Toggle ReplyLink» Sparklz replied on Thu Mar 12, 2009 @ 10:14am |
Originally Posted By LONE_STAR
I say--screech-- you insta--screech-- Windows 7, eh Hugo? lol peter. Did you hear he had a dream where the his voice was starting to do the windows 7 noise? Too funny ;) | |
I'm feeling a little teapot right now.. |
Good [+1]Toggle ReplyLink» El_Presidente replied on Thu Mar 12, 2009 @ 11:05am |
i use the geek squad MRI. uses about 10 antivirus while you sleep. does everything for you. takes about 12h tho | |
I'm feeling tipsy for prez 2009 right now.. |
Good [+1]Toggle ReplyLink» Lone_Star replied on Thu Mar 12, 2009 @ 2:41pm |
Good [+1]Toggle ReplyLink» JojoBizarre replied on Thu Mar 12, 2009 @ 2:42pm |
Good [+1]Toggle ReplyLink» v.2-1 replied on Thu Mar 12, 2009 @ 2:43pm |
It's a geek in a box ! Geek in a box, yeah. | |
I'm feeling like nico bellic right now.. |
Good [+1]Toggle ReplyLink» ufot replied on Thu Mar 12, 2009 @ 2:43pm |
WELL, dave, you shouldn't have brought in that huge wooden horse on wheels, I told you it was a bad idea...
Ufot-hwouin | |
I'm feeling haxin an milkin all right now.. |
Good [+1]Toggle ReplyLink» Turtle replied on Thu Mar 12, 2009 @ 3:09pm |
I heard about this one!!! My pc is alomost burnt out big time i got trojan 2 times....Fried hard drives and all my pc is so slow i can't record all i can do is play games.
lynzyn saving to buy a MAC | |
I'm feeling gohabsgo right now.. |
Good [+1]Toggle ReplyLink» cutterhead replied on Thu Mar 12, 2009 @ 4:17pm |
pc needs lots of maintenance, not for the faint of hart , but i386 architectures are everywhere.
i agree the toolbox required to manage such problem is big since it helps using more than one pc. but like i said , virtualise and boot a " linux live cd ", or vm machine if you want to go halfway or try a different approach. Update » cutterhead wrote on Thu Mar 12, 2009 @ 4:20pm this is why you should have your personnal files in one disk preferably , if not an other partition than the system drive. | |
I'm feeling 4hz even if you dont right now.. |
Good [+1]Toggle ReplyLink» Choda_Bean replied on Fri Mar 13, 2009 @ 10:45am |
Originally Posted By SCREWHEAD
For starters, Spybot is an anti spyware/malware, not an anti virus; trojans are a form of virus, so it's not going to clean those out properly. Get yourself AVG if you can. ok so i re-installed AVG again, got er updated and scanning. i did a full system scan of my 4 drives, and it found like 47 threats and a bunch of tracking cookies... it seems to have worked, cuz when i scan now nothing shows up (in AVG) altho my PC is still clearly infected. simple executables become quickly non-responsive, and my task manager doesnt even pop up, it just stays locked in the system tray... other things like disk defrags n shit keep popping up error msgs before even initializing also. oh and on top of that, i can no longer connect to the internet (i'm currently on a laptop connected to my wireless router/modem, so dont tell me to unplug, replug it) it tells me my connection has little or no connectivity, and when i try to repair it, it says that it fails to renew my IP adress... its been awhile since i've done any basic troubleshooting like this, so my skills are rusty, any tips for fixing this internet problem for starters? p.s. AVG scans are clean, but spybot is still showing a couple of infections... how do i get this geeksquad app?? Update » Choda_Bean wrote on Fri Mar 13, 2009 @ 10:49am oh and i tried to run a system restore, and it seems to work up until the last step where i'm supposed to click "Next" to start it. i click, but nothing starts... even when i try to restart or shutdown nothing happens, and i need to do it manually....errrrrr | |
I'm feeling like ezbake right now.. |
The Trojans Have Raped My Ass
[ Top Of Page ] |
Post A Reply |
You must be logged in to post a reply.
[ Top Of Page ] |