Results 1 to 14 of 14

Thread: Heeeeeeeeeellllllllllllppppppp!

  1. #1
    Senior Member wannabgeek's Avatar
    Join Date
    Jan 2005
    Location
    Essex
    Posts
    723
    Thanks
    8
    Thanked
    1 time in 1 post
    • wannabgeek's system
      • Motherboard:
      • Asus M4A89GTD-Pro-USB3
      • CPU:
      • AMD x6 1055T Phenom @3.3ghz with Hyper 212+ HSF
      • Memory:
      • 4GB Corsair XMS3 (2x2GB) since upgraded to Corsair DD3 XMS3 8gb (2x 4gb) CMX8GX3M2A1600C9
      • Storage:
      • OCZ 120GB SSD / 250GB Samsung Spinpoint Sata H / 200GB Maxtor
      • Graphics card(s):
      • Powercolor HD 6850 1GB GDDR5
      • PSU:
      • Tx 650w Corsair PSU
      • Case:
      • Lancool K62
      • Operating System:
      • Windows 7 64 Ultimate (the cheapest)
      • Monitor(s):
      • Dell 19"
      • Internet:
      • Firefox & 20MB Sky max

    Heeeeeeeeeellllllllllllppppppp!

    Sorry for the title dramatics but i am sure i have this new 'EXPLOIT VIRUS' It all started on the 28th when my AV (Norton) could no longer Auto protect my PC! ( I have since changed my AV Prog to Ez (etrust) so at least i am now protected,abeit to late!) And to top it all i have now got another security zone called 'your computer' in Internet options which ive never seen before Now I have ran all of my AV/ad/spy/Malaware progs & online scans but the ony things found, was by 'Spysweeper' & Ez AV and they were ; 2 Rootkit masked Karaoke files! And a prog called 'Rootkitreveal' also found another 3 different missmatched items! Since then i cannot even get into my XP Security center or even the Win update site!So can aybody tell me what this virus actually does as my PC is not freezing or slow! Theres no Pop ups etc! So what do i do,shall i install the patch or is that too late? And am i able to go on my Bank sites or Paypal or is that to risky Pls help i am very confused as i have only ever had 2 minor viruses in over 3 yrs so this is wierd

    My Progs which have tried to find the Virus :

    Ez AntiVirus
    Kerio Firewall
    Hardware Firewall (DG834 Router)
    Spysweeper
    Ewido
    Adaware se
    Spybot
    Spyblaster
    Cwshredder
    CCleaner
    Rootkitreveal
    ...& online scans: Housecall/Bitdefender/Symantec
    Windows 7 64 Ultimate
    AMD x6 1055T Phenom @3.3ghz
    Asus M4A89GTD-Pro-USB3
    HD 6850 1GB GDDR5
    4GB Corsair XMS3 (2x2GB)
    Tx 650w Corsair PSU
    250GB Samsung Spinpoint Sata HD
    200GB Maxtor Dmax10 IDE
    LG Sata2 DVD/RW
    Lancool K62 Case

  2. #2
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,662
    Thanks
    53
    Thanked
    383 times in 313 posts
    Sounds like one of the trickier to remove ones , from experiance removal requires more than just running a cleaning program.

    Try running Spybot when you are in safe mode.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  3. #3
    Senior Member wannabgeek's Avatar
    Join Date
    Jan 2005
    Location
    Essex
    Posts
    723
    Thanks
    8
    Thanked
    1 time in 1 post
    • wannabgeek's system
      • Motherboard:
      • Asus M4A89GTD-Pro-USB3
      • CPU:
      • AMD x6 1055T Phenom @3.3ghz with Hyper 212+ HSF
      • Memory:
      • 4GB Corsair XMS3 (2x2GB) since upgraded to Corsair DD3 XMS3 8gb (2x 4gb) CMX8GX3M2A1600C9
      • Storage:
      • OCZ 120GB SSD / 250GB Samsung Spinpoint Sata H / 200GB Maxtor
      • Graphics card(s):
      • Powercolor HD 6850 1GB GDDR5
      • PSU:
      • Tx 650w Corsair PSU
      • Case:
      • Lancool K62
      • Operating System:
      • Windows 7 64 Ultimate (the cheapest)
      • Monitor(s):
      • Dell 19"
      • Internet:
      • Firefox & 20MB Sky max
    Cheers MD but tried that!

  4. #4
    Studmuffin Flibb's Avatar
    Join Date
    Jul 2003
    Location
    Kent
    Posts
    4,904
    Thanks
    31
    Thanked
    324 times in 277 posts
    • Flibb's system
      • Motherboard:
      • Gigabyte GA-970A-UD3
      • CPU:
      • AMD FX-6300
      • Memory:
      • 16GB Crucial Ballistix DDR3 PC3-12800
      • Storage:
      • Samsung SSD 840 EVO 250G
      • Graphics card(s):
      • 3GB MSI Radeon HD 7950 Twin Frozr
      • PSU:
      • FSP
      • Operating System:
      • Win7 64bit
      • Monitor(s):
      • Deffl TFT thing
    I have used avast on peoples computers to remove trojans. Download, update, then tell it to do a full scan on next boot, it scans the PC before windows loads (think its similar to scanning in safemode)

  5. #5
    Senior Member wannabgeek's Avatar
    Join Date
    Jan 2005
    Location
    Essex
    Posts
    723
    Thanks
    8
    Thanked
    1 time in 1 post
    • wannabgeek's system
      • Motherboard:
      • Asus M4A89GTD-Pro-USB3
      • CPU:
      • AMD x6 1055T Phenom @3.3ghz with Hyper 212+ HSF
      • Memory:
      • 4GB Corsair XMS3 (2x2GB) since upgraded to Corsair DD3 XMS3 8gb (2x 4gb) CMX8GX3M2A1600C9
      • Storage:
      • OCZ 120GB SSD / 250GB Samsung Spinpoint Sata H / 200GB Maxtor
      • Graphics card(s):
      • Powercolor HD 6850 1GB GDDR5
      • PSU:
      • Tx 650w Corsair PSU
      • Case:
      • Lancool K62
      • Operating System:
      • Windows 7 64 Ultimate (the cheapest)
      • Monitor(s):
      • Dell 19"
      • Internet:
      • Firefox & 20MB Sky max
    Is that the free AV?

  6. #6
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,662
    Thanks
    53
    Thanked
    383 times in 313 posts
    it has a 30 day trial
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  7. #7
    Senile Member
    Join Date
    Dec 2003
    Posts
    442
    Thanks
    3
    Thanked
    0 times in 0 posts
    I wouldnt use it for anything senstive.

    If I were you I would do a full reinstall of windows - it would be quicker than trying to use all these other tools to clean up your pc.

  8. #8
    Senior Member wannabgeek's Avatar
    Join Date
    Jan 2005
    Location
    Essex
    Posts
    723
    Thanks
    8
    Thanked
    1 time in 1 post
    • wannabgeek's system
      • Motherboard:
      • Asus M4A89GTD-Pro-USB3
      • CPU:
      • AMD x6 1055T Phenom @3.3ghz with Hyper 212+ HSF
      • Memory:
      • 4GB Corsair XMS3 (2x2GB) since upgraded to Corsair DD3 XMS3 8gb (2x 4gb) CMX8GX3M2A1600C9
      • Storage:
      • OCZ 120GB SSD / 250GB Samsung Spinpoint Sata H / 200GB Maxtor
      • Graphics card(s):
      • Powercolor HD 6850 1GB GDDR5
      • PSU:
      • Tx 650w Corsair PSU
      • Case:
      • Lancool K62
      • Operating System:
      • Windows 7 64 Ultimate (the cheapest)
      • Monitor(s):
      • Dell 19"
      • Internet:
      • Firefox & 20MB Sky max
    If I were you I would do a full reinstall of windows - it would be quicker than trying to use all these other tools to clean up your pc.
    If i reinstall now i will probally get infected again straight away! How long will it take for MS to fix this new exploit do you think
    Windows 7 64 Ultimate
    AMD x6 1055T Phenom @3.3ghz
    Asus M4A89GTD-Pro-USB3
    HD 6850 1GB GDDR5
    4GB Corsair XMS3 (2x2GB)
    Tx 650w Corsair PSU
    250GB Samsung Spinpoint Sata HD
    200GB Maxtor Dmax10 IDE
    LG Sata2 DVD/RW
    Lancool K62 Case

  9. #9
    Real Ultimate Power! Grey M@a's Avatar
    Join Date
    Oct 2003
    Location
    Newcastle
    Posts
    4,625
    Thanks
    52
    Thanked
    156 times in 139 posts
    • Grey M@a's system
      • Motherboard:
      • Gigabyte Z97X Gaming 7
      • CPU:
      • i7 4790K (With H100i cooling)
      • Memory:
      • Corsair Vengeance Pro 16GB DDR3 (2 x 8GB)
      • Storage:
      • Samsung 840 Pro 128GB SSD, 1TB Cavier Black WD HD, 4TB Cavier Black WD HD
      • Graphics card(s):
      • MSI R9 390X Gaming Edition 8GB
      • PSU:
      • SuperFlower Leadex GOLD 850W Fully Modular
      • Case:
      • Corsair 650D
      • Operating System:
      • Windows 8.1 Pro x64
      • Monitor(s):
      • 24" LG 24GM77-B 144Hz
      • Internet:
      • 100MB Virgin Media Cable
    This is the info MS updated as of this morning

    http://www.microsoft.com/technet/sec...ry/912840.mspx

    there is no patch but apparently the link on their knowledge base post at the link above links you to the MS live checker which will tell you there and then if you have anything that shouldn't be there. Double check first in case you are trying to diagnose the wrong issue.

  10. #10
    Senile Member
    Join Date
    Dec 2003
    Posts
    442
    Thanks
    3
    Thanked
    0 times in 0 posts
    Quote Originally Posted by wannabgeek
    If i reinstall now i will probally get infected again straight away!
    Not if you take precautions this time. I personally wouldn't be satisfied without a clean reinstall but its up to you and depends on how confident you are about reinstalling - Since its a mesh PC i'm guessing they gave you a "restore" cd.

  11. #11
    Admin team peterb's Avatar
    Join Date
    Aug 2005
    Location
    Southampton
    Posts
    19,381
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts
    • peterb's system
      • Motherboard:
      • Nascom 2
      • CPU:
      • Z80B
      • Memory:
      • 48K 8 bit memory on separate card
      • Storage:
      • Audio cassette tape - home built 5.25" floppy drive
      • Graphics card(s):
      • text output (composite video)
      • PSU:
      • Home built
      • Case:
      • Home built
      • Operating System:
      • Nas-sys
      • Monitor(s):
      • 12" monocrome composite video input
      • Internet:
      • No networking capability on this machine
    Have any of the programs you have run (listed in the first thread) actually detected the exploit?
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  12. #12
    Senior Member wannabgeek's Avatar
    Join Date
    Jan 2005
    Location
    Essex
    Posts
    723
    Thanks
    8
    Thanked
    1 time in 1 post
    • wannabgeek's system
      • Motherboard:
      • Asus M4A89GTD-Pro-USB3
      • CPU:
      • AMD x6 1055T Phenom @3.3ghz with Hyper 212+ HSF
      • Memory:
      • 4GB Corsair XMS3 (2x2GB) since upgraded to Corsair DD3 XMS3 8gb (2x 4gb) CMX8GX3M2A1600C9
      • Storage:
      • OCZ 120GB SSD / 250GB Samsung Spinpoint Sata H / 200GB Maxtor
      • Graphics card(s):
      • Powercolor HD 6850 1GB GDDR5
      • PSU:
      • Tx 650w Corsair PSU
      • Case:
      • Lancool K62
      • Operating System:
      • Windows 7 64 Ultimate (the cheapest)
      • Monitor(s):
      • Dell 19"
      • Internet:
      • Firefox & 20MB Sky max
    Have any of the programs you have run (listed in the first thread) actually detected the exploit?
    No nothing at all about exploit only the winsock problems! But i still have no security center and what is the 5th icon in internet options via security called 'YOUR COMPUTER' the pictures of ie with 2 keys How did that get there i keep asking but nobody is telling me
    Windows 7 64 Ultimate
    AMD x6 1055T Phenom @3.3ghz
    Asus M4A89GTD-Pro-USB3
    HD 6850 1GB GDDR5
    4GB Corsair XMS3 (2x2GB)
    Tx 650w Corsair PSU
    250GB Samsung Spinpoint Sata HD
    200GB Maxtor Dmax10 IDE
    LG Sata2 DVD/RW
    Lancool K62 Case

  13. #13
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,147
    Thanks
    798
    Thanked
    2,151 times in 1,407 posts
    A very important question, is why?

    why did u catch it, what were you surfing on?

    With 'new' threats its probably easyest to reload, because i'm guessing you where running as administrator when you got compramised, ergo, its got the whole of your PC near as makes no odds?
    throw new ArgumentException (String, String, Exception)

  14. #14
    Senior Member wannabgeek's Avatar
    Join Date
    Jan 2005
    Location
    Essex
    Posts
    723
    Thanks
    8
    Thanked
    1 time in 1 post
    • wannabgeek's system
      • Motherboard:
      • Asus M4A89GTD-Pro-USB3
      • CPU:
      • AMD x6 1055T Phenom @3.3ghz with Hyper 212+ HSF
      • Memory:
      • 4GB Corsair XMS3 (2x2GB) since upgraded to Corsair DD3 XMS3 8gb (2x 4gb) CMX8GX3M2A1600C9
      • Storage:
      • OCZ 120GB SSD / 250GB Samsung Spinpoint Sata H / 200GB Maxtor
      • Graphics card(s):
      • Powercolor HD 6850 1GB GDDR5
      • PSU:
      • Tx 650w Corsair PSU
      • Case:
      • Lancool K62
      • Operating System:
      • Windows 7 64 Ultimate (the cheapest)
      • Monitor(s):
      • Dell 19"
      • Internet:
      • Firefox & 20MB Sky max
    Hi Thanks for the help! As you guessed i am rather naive when it comes to security but i always am usually fully protected! It all started when i purchased spysweepr (before i'd used all free progs) what a mistake that was! I was advised on CCleaners forum to uninstal MSantispy, A2 & also disable teatimer as i had too many progs at start up and all i neede was 1 prog guard to protect all (Spysweeper) oh and he told me to DL'd Ewido as it was the best! ......"Dont say it" i know i should of stuck with what i had but all i wanted to do was be more secure...Doh! Anyway it looks as if somewhere along the line whilst i was uninstalling something must of got in! Oh by the way i also installed a prog called xpsafe of which i put on the recommended settings but when trouble started i switch back!

    By the way i have XP home so i am always admin!
    Windows 7 64 Ultimate
    AMD x6 1055T Phenom @3.3ghz
    Asus M4A89GTD-Pro-USB3
    HD 6850 1GB GDDR5
    4GB Corsair XMS3 (2x2GB)
    Tx 650w Corsair PSU
    250GB Samsung Spinpoint Sata HD
    200GB Maxtor Dmax10 IDE
    LG Sata2 DVD/RW
    Lancool K62 Case

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •