Viruses.. They are getting annoying!!
-
Rocky Moore wrote:
Would someone just take this morons who are writing the virus out behind the wood shed for a little spanking?
Spanking? Spanking? How about putting them in a little red dress, lipstick, and heels, and dumping them in the nearest maximum security prison? How about burying them in a fire ant nest? How about mounting their heads on pikes outside the castle walls as a warning to others?
Software Zen:
delete this;How about hiring them to write Microsoft products (Or any product that lands in our sucks list). They do produce some quite nice software bloatware Malware that works, right? Ever seen any virus itself crashing?
-
A family member said their computer was blue screening.. Got this great little yellow popup saying the computer is infected and to click to protect your machine from spyware. Okay, thow Avg on there and ready to go.. Nope, AVG will not start after installed. Alight, will try Avast, nope the virus kills it. Though in Hackthis to check it out and the virus deletes it. Would someone just take this morons who are writing the virus out behind the wood shed for a little spanking? This is getting too costly in time!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
Hey - I came home last night and not only were the virues on my machine kicking off anyone they didn't like, they'd ordered in pizza and were sitting on my couch finishing off the last of my beer. Something has to be done. As soon as I can get myself out of my basement. Help?
cheers, Chris Maunder The Code Project Co-founder Microsoft C++ MVP
-
Hey - I came home last night and not only were the virues on my machine kicking off anyone they didn't like, they'd ordered in pizza and were sitting on my couch finishing off the last of my beer. Something has to be done. As soon as I can get myself out of my basement. Help?
cheers, Chris Maunder The Code Project Co-founder Microsoft C++ MVP
-
Your basement? Isn't it your mothers?
Visit http://www.notreadytogiveup.com/[^] and do something special today.
You mean with the rocking chair and all?
cheers, Chris Maunder The Code Project Co-founder Microsoft C++ MVP
-
A family member said their computer was blue screening.. Got this great little yellow popup saying the computer is infected and to click to protect your machine from spyware. Okay, thow Avg on there and ready to go.. Nope, AVG will not start after installed. Alight, will try Avast, nope the virus kills it. Though in Hackthis to check it out and the virus deletes it. Would someone just take this morons who are writing the virus out behind the wood shed for a little spanking? This is getting too costly in time!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
Consider that your family member should be punished for allowing the virus to be installed.
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001 -
A family member said their computer was blue screening.. Got this great little yellow popup saying the computer is infected and to click to protect your machine from spyware. Okay, thow Avg on there and ready to go.. Nope, AVG will not start after installed. Alight, will try Avast, nope the virus kills it. Though in Hackthis to check it out and the virus deletes it. Would someone just take this morons who are writing the virus out behind the wood shed for a little spanking? This is getting too costly in time!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
A couple of days back Avast upon boot-time scan caught some trojans and took care of them. I felt releived until i saw some suspicious processes (in Task Manager) still running. So I had just the names of these exe's and wanted to know their location. These were communicating with some junk websites (could see them in Avast's Web shield or Internet shield ...don't remember). A little bit of Googling and I struck upon SysInternals' ProcessExplorer with which i could trace the path to these exes and subsequently deleted them and deleted their Startup config from Registry. Phew....
-
I had an infection on Monday. The only thing that cured it was a Vista System Restore, to the morning before I got infected.
Brady Kelly wrote:
I had an infection on Monday.
Just make sure that it isn't H1N1. :omg:
It is a crappy thing, but it's life -^ Carlo Pallini
-
And why would that be? rather than paying the Dutch people for hosting forced tourists, we have found a way to solve the problem for free. Thnak you Moroccan prisons. :laugh:
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
To bad they don't all end up there ;P
-
Ah; that explains it. I've only watched Babylon 5 through once (but I plan to do so again), so I don't have many of the lines 'on tap'.
Software Zen:
delete this;Sorry. Vir's answer to Morden's one of the show's best known quotes and is repeated here on a semi regular basis. I guess I should've been more explicit in my intent with an FTFY statement.
The European Way of War: Blow your own continent up. The American Way of War: Go over and help them.
-
Sorry. Vir's answer to Morden's one of the show's best known quotes and is repeated here on a semi regular basis. I guess I should've been more explicit in my intent with an FTFY statement.
The European Way of War: Blow your own continent up. The American Way of War: Go over and help them.
's OK. I'm a Babylon 5 fan, but have only watched the entire series once, so I don't have the lines down. Yet :rolleyes:.
Software Zen:
delete this; -
Hey - I came home last night and not only were the virues on my machine kicking off anyone they didn't like, they'd ordered in pizza and were sitting on my couch finishing off the last of my beer. Something has to be done. As soon as I can get myself out of my basement. Help?
cheers, Chris Maunder The Code Project Co-founder Microsoft C++ MVP
Sounds like an inside job... Have you upset the hamsters lately?
Software Zen:
delete this; -
A good hammer works wonders.
"...great scott!" Dilbert: Aren't all meetings like this... Richard Dawkins: "What if you're wrong?"
-
Is the hammer for the virus, the system, or the virus makers? You might need a set of hammers...
As long as it's big and heavy I think it'll suit all of 'em!
"...great scott!" Dilbert: Aren't all meetings like this... Richard Dawkins: "What if you're wrong?"
-
A family member said their computer was blue screening.. Got this great little yellow popup saying the computer is infected and to click to protect your machine from spyware. Okay, thow Avg on there and ready to go.. Nope, AVG will not start after installed. Alight, will try Avast, nope the virus kills it. Though in Hackthis to check it out and the virus deletes it. Would someone just take this morons who are writing the virus out behind the wood shed for a little spanking? This is getting too costly in time!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
-
A family member said their computer was blue screening.. Got this great little yellow popup saying the computer is infected and to click to protect your machine from spyware. Okay, thow Avg on there and ready to go.. Nope, AVG will not start after installed. Alight, will try Avast, nope the virus kills it. Though in Hackthis to check it out and the virus deletes it. Would someone just take this morons who are writing the virus out behind the wood shed for a little spanking? This is getting too costly in time!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
...when are users gonna learn not to believe everything their web browser tells them while surfing porn. Technically, that's more spyware/adware than virus but you are right they dig in like ticks and refuse disable or block everything that could fix them easily. They key to removing most of these to disable System Restore as it sticks itself in there and restores itself on restart. From there scanning from safe mode or from a DOS based AV will usually start to sweep it up. You may need to scan again in Windows and do some manual cleaning Hosts File, IE Add-ins and etc. This is just social engineering at it's finest like the Anna Kornikova virus.
-
Another way to get rid of it without putting it in another machine is to get something like Ultimate Boot CD for Windows and run your antivirus from that CD. That CD has proven invaluable to me for troubleshooting and rescuing dead or dying machines.....
David Knechtges wrote:
Another way to get rid of it without putting it in another machine is to get something like Ultimate Boot CD for Windows and run your antivirus from that CD. That CD has proven invaluable to me for troubleshooting and rescuing dead or dying machines.....
Nods in agreement...best tool I have used.
-
...when are users gonna learn not to believe everything their web browser tells them while surfing porn. Technically, that's more spyware/adware than virus but you are right they dig in like ticks and refuse disable or block everything that could fix them easily. They key to removing most of these to disable System Restore as it sticks itself in there and restores itself on restart. From there scanning from safe mode or from a DOS based AV will usually start to sweep it up. You may need to scan again in Windows and do some manual cleaning Hosts File, IE Add-ins and etc. This is just social engineering at it's finest like the Anna Kornikova virus.
jeffwask wrote:
This is just social engineering at it's finest like the Anna Kornikova virus.
But ... wait ... she said she loved me. She sent pictures and everything!
-
A couple of days back Avast upon boot-time scan caught some trojans and took care of them. I felt releived until i saw some suspicious processes (in Task Manager) still running. So I had just the names of these exe's and wanted to know their location. These were communicating with some junk websites (could see them in Avast's Web shield or Internet shield ...don't remember). A little bit of Googling and I struck upon SysInternals' ProcessExplorer with which i could trace the path to these exes and subsequently deleted them and deleted their Startup config from Registry. Phew....
That is the part that is amazing me. The process does not even appear in ProcessExplorer. They must be running a normal process (overtakening a standard process), but still cannot track it down by the windows, it revers to a sub of Explorer. The took some time for this one. If you download the loader for Avast, it will terminate the connection while downloading it. Once you put it in the system you luck out and get a scan while bootup, which found some viruses but not the main one, and then when the machine continues to boot into Windows, it will delete the primary file for Avast. You run any of the antivirus, it will delete their EXE file. It also likes to take your right to edit the registry away which gives you the message "your administrator has turned off editing of the registry" when you run regedit. At least I have a patch for that.. I managed to get AVG to run a scan in Command Window mode once, but then it will never install again and the virus hosed it so it won't scan. Was intersting buining up AVG clicking on SCAN and it did nothing, just sit there. Then the virus thought it was not good enough to just disable the scan button it deleted the EXE file for it. As that was not enough, it keeps a dll copy of the primary scan dll running and if you delete it will replicate more of the same DLL which is one of the reasons you can never install AVG again as it dumps in the install with an error. You can even uses their clean tool to wipe out all appearances of AVG but it still will not install again. To add to all this pain, it shows the system as having an antivirus program running and active (says it is McFee) but McFee does not exist on the computer, it is just another area to block installation and opperation of antiviruses. What a pain!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
-
That is the part that is amazing me. The process does not even appear in ProcessExplorer. They must be running a normal process (overtakening a standard process), but still cannot track it down by the windows, it revers to a sub of Explorer. The took some time for this one. If you download the loader for Avast, it will terminate the connection while downloading it. Once you put it in the system you luck out and get a scan while bootup, which found some viruses but not the main one, and then when the machine continues to boot into Windows, it will delete the primary file for Avast. You run any of the antivirus, it will delete their EXE file. It also likes to take your right to edit the registry away which gives you the message "your administrator has turned off editing of the registry" when you run regedit. At least I have a patch for that.. I managed to get AVG to run a scan in Command Window mode once, but then it will never install again and the virus hosed it so it won't scan. Was intersting buining up AVG clicking on SCAN and it did nothing, just sit there. Then the virus thought it was not good enough to just disable the scan button it deleted the EXE file for it. As that was not enough, it keeps a dll copy of the primary scan dll running and if you delete it will replicate more of the same DLL which is one of the reasons you can never install AVG again as it dumps in the install with an error. You can even uses their clean tool to wipe out all appearances of AVG but it still will not install again. To add to all this pain, it shows the system as having an antivirus program running and active (says it is McFee) but McFee does not exist on the computer, it is just another area to block installation and opperation of antiviruses. What a pain!
Rocky <>< Recent Blog Post: Chocolate Chip Cookies!
Rocky Moore wrote:
That is the part that is amazing me. The process does not even appear in ProcessExplorer. They must be running a normal process (overtakening a standard process), but still cannot track it down by the windows, it revers to a sub of Explorer.
I fixed a friends machine last week that was doing this... The virus was a DLL that was attached to every single running executable. There was a registry key which for the life of me I cannot remember, that basically told Windows to attach this DLL to every process! I'm sure there's a legitimate use for such a registry key, but it just seems like a wide open opportunity for someone to mess things up...
The StartPage Randomizer - The Windows Cheerleader - Twitter
-
Sorry. Vir's answer to Morden's one of the show's best known quotes and is repeated here on a semi regular basis. I guess I should've been more explicit in my intent with an FTFY statement.
The European Way of War: Blow your own continent up. The American Way of War: Go over and help them.
One of my favorite B5 quotes as well. Not to mention the many episode (almost 2 seasons IIRC) delay between the setup and the payoff. That's a writer with patience. Although I am also rather fond of Carter's quip during the 1st encounter with one of the "old-timer" alien races...