The online racing simulator
Virus Help Part 2
1
(38 posts, started )
Virus Help Part 2
Right, so, my earlier thread got deleted when i was asking where to download adobe CS2, i don't want to crack it, i just can't get CS2 from adobe anymore only CS4 which won't download for me.

Anyway i was recommended Warez, so i tried to download a CS2 which kinda failed and now i have a virus on my computer which when i got into documents and clikc a folder it pops up saying its a virus and i got one pop saying "you've downloaded horse_****ing_girl.avi" do you want to watch it now, so im kinda like wtf ive only just got rid of a virus that ruined my computer, will this likely ruin my computer again? :\
Maybe. Probably.

If you know what you`re doing, use some tools to get rid of it, if not, reinstall. It`s the safest and surest way to guarantee you`re clean.

Where one virus/worm/trojan lives, others of some sort are sure to follow.

When the machine is virus free and happy again, head over here - http://download.adobe.com/pub/ ... /Photoshop_CS2_tryout.zip

330M trial version, and utterly virus free (unlike them skanky warez)
why did u download beastality?????
Do you have something like AVG free edition which detects viruses contained in files on the fly? There have been a few things I have downloaded that AVG has detected as a virus straight away, and AVG can remove the virus without it effecting my system.

Saying that I have never come across a virus called "horse_****ing_girl.avi"
Quote from RossUK :Do you have something like AVG free edition which detects viruses contained in files on the fly? There have been a few things I have downloaded that AVG has detected as a virus straight away, and AVG can remove the virus without it effecting my system.

Saying that I have never come across a virus called "horse_****ing_girl.avi"

AVG is one of the worst antivirus IMO, and is proved to be one of the antivirus with the most number of false alarms... it'll probably delete a lot of other programs and stuff you have that are not viruses lol
Instead, download the AVIRA free antivirus. It's proven the best antivirus solution for PC, and is FOR FREE. The av-comparatives.org has it on number 1 of many of its tests for best antivirus solutions.

http://www.download.com/Avira- ... utton&cdlPid=10986298

Download it, make a full system scan and then your problems will surely be solved. (They have to be solved, it's the number 1 antivirus on av-comparatives lol)
(I still use Norton360 thought, but I know many of you just won't download it so download AVIRA lol. (Norton is on the 3rd place of this same list))

Also, warez IS pirate/generic/etc software, and is by 99% chance a fail.
Quote from pearcy_2k7 :Right, so, my earlier thread got deleted when i was asking where to download adobe CS2, i don't want to crack it, i just can't get CS2 from adobe anymore only CS4 which won't download for me.

Anyway i was recommended Warez, so i tried to download a CS2 which kinda failed and now i have a virus on my computer which when i got into documents and clikc a folder it pops up saying its a virus and i got one pop saying "you've downloaded horse_****ing_girl.avi" do you want to watch it now, so im kinda like wtf ive only just got rid of a virus that ruined my computer, will this likely ruin my computer again? :\

I hate to say this, but:

"I told you so!!"

(in previous post..."I has no sercurity"...and I gave you links to good AV/Malware killers.)
Quote from Velociround :AVG is one of the worst antivirus IMO, and is proved to be one of the antivirus with the most number of false alarms... it'll probably delete a lot of other programs and stuff you have that are not viruses lol
Instead, download the AVIRA free antivirus. It's proven the best antivirus solution for PC, and is FOR FREE. The av-comparatives.org has it on number 1 of many of its tests for best antivirus solutions.

http://www.download.com/Avira- ... utton&cdlPid=10986298

Download it, make a full system scan and then your problems will surely be solved. (They have to be solved, it's the number 1 antivirus on av-comparatives lol)
(I still use Norton360 thought, but I know many of you just won't download it so download AVIRA lol. (Norton is on the 3rd place of this same list))

Also, warez IS pirate/generic/etc software, and is by 99% chance a fail.

Well in my opinion it's better to be safe than sorry, some viruses can totaly wipe your HD and cause a machine failure.

Pearcy, post a hi-jack this log again, or run it through http://www.hijackthis.de/. When downloading photoshop (or any other program from teh torrentz), it's suggested you only download ones with a very high seed/leech and be sure to check the comments. Use your brain as to whether they're spammed by the same person with different names, and just make sure people are like "yeh cool it's clean, ty" or something.

Ghey you have another virus.
k ill do it now, does my nut in! Computer works fine until i try to open a folder in my documents. Its usually a little popup window that comes up saying youve got a virus and wants you to download something but thats the virus doing it, then is did the horse one only once :\

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:07, on 13/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Warez\Warez.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.warez.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: LamasBar.Ie - {46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5} - C:\WINDOWS\system32\knzg.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Warez] "C:\Program Files\Warez\Warez.exe" /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?510c4fe6c4a44124af28ff8f0e9dd119
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?510c4fe6c4a44124af28ff8f0e9dd119
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

--
End of file - 4782 bytes
Also i downloaded avaast which didn't get rid of it But is blocking the extra pop-up when you click yes/no coming up.
I hope there's been a lesson learned about warez sites here
-
(AMB) DELETED by SamH : Offering illegal software
Quote from pearcy_2k7 :O2 - BHO: LamasBar.Ie - {46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5} - C:\WINDOWS\system32\knzg.dll

First Google result for knzg.dll.

Also, I wouldn't be happy with a process called warez.exe running on my PC.
I thought it was a download thing. Its like Flashget or uTorrent. Should i delete what you showed?
I'm too much of a noob in these things myself, so I better not give any advice.

I just thought this was suspicious, googled for it and let you know that it actually is.

I don't think just deleting that one file will be enough, though.
on a side note percy please stay away from any unknown websites or ANY popup warez things allso NEVER EVER accept anything from a warez site that you didnt request.

on a side note the only game i have ever paid for is LFS, FEAR and Lineage2

i found the best thing to do when u got a virus not a trogan is formating
trogans are easy to remove safe mode no net and check registry keys as well as run time process's


allso the virus would not be called
horse_****ing_girl.avi
like zeugnimod said warez.exe = BAD

i dont like the look of these
-----------------------------------------------------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe i dont know what avast is but prolly ok
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
--------------------------------------------------------------------
:\Program Files\Warez\Warez.exe VERY BAD
O4 - HKCU\..\Run: [Warez] "C:\Program Files\Warez\Warez.exe" /minimized

O2 - BHO: LamasBar.Ie - {46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5} - C:\WINDOWS\system32\knzg.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

is it just me or has this hijacked msn?
Another warez monkey gets what he deserves.
Quote from thisnameistaken :Another warez monkey gets what he deserves.

Funniest thing is; he did it on an unprotected computer! Sorry, but I have no sympathy for self-inflicted virii.
Rule #1 about illegal downloading. Don't download from any sites which use the word 'warez' anywhere.
Avast is an antivirus system. What I find quite amusing is that it picked up my homework as a virus the other day . Although I sort of got bored and called it spoolvs.exe . Spoolsv.exe is the printer spooler service, spoolvs.exe is a virus!
Quote from shaun463 :Avast is an antivirus system. What I find quite amusing is that it picked up my homework as a virus the other day . Although I sort of got bored and called it spoolvs.exe . Spoolsv.exe is the printer spooler service, spoolvs.exe is a virus!

Exactly as I said: Avast and AVG have a high number of false alarms... this has been proved by av-comparatives for many years
Use AVIRA instead: number 1 antivirus solution on av-comparatives, and it's free for personal use!
Quote from Velociround :AVG is one of the worst antivirus IMO, and is proved to be one of the antivirus with the most number of false alarms... it'll probably delete a lot of other programs and stuff you have that are not viruses lol

Say what you like about AVG, I have never had a virus with it and it has never thrown up a false alarm for legal software. Doesn't hog my resourses like some either. Then again avoiding viruses is more important than deleting them after they have infected.

Quote from Velociround :Download it, make a full system scan and then your problems will surely be solved. (They have to be solved, it's the number 1 antivirus on av-comparatives lol)
(I still use Norton360 thought, but I know many of you just won't download it so download AVIRA lol. (Norton is on the 3rd place of this same list))

Of course no anti-virus software can totally protect you, even with specialized tools targeting one type of virus, it can still not be enough. Its foolish to think you can just download random stuff and your AV will protect you.

IMO 70% Common sence + prevention, 30% anti-virus software.

Quote from Velociround :Also, warez IS pirate/generic/etc software, and is by 99% chance a fail.

Unless you know what you're doing...
#22 - arco
Pearcy, hop on irc.
Quote from MAD3.0LT :on a side note percy please stay away from any unknown websites or ANY popup warez things allso NEVER EVER accept anything from a warez site that you didnt request.

on a side note the only game i have ever paid for is LFS, FEAR and Lineage2

i found the best thing to do when u got a virus not a trogan is formating
trogans are easy to remove safe mode no net and check registry keys as well as run time process's


allso the virus would not be called
horse_****ing_girl.avi
like zeugnimod said warez.exe = BAD

i dont like the look of these
-----------------------------------------------------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe i dont know what avast is but prolly ok
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
--------------------------------------------------------------------
:\Program Files\Warez\Warez.exe VERY BAD
O4 - HKCU\..\Run: [Warez] "C:\Program Files\Warez\Warez.exe" /minimized

O2 - BHO: LamasBar.Ie - {46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5} - C:\WINDOWS\system32\knzg.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

is it just me or has this hijacked msn?

Bolded are all part of Avast's antivirus.
It's all sorted now thats to sexy arco, thanks for the support guys, im not knowledgeable at all but in future ill be alot more carefull, thanks to arco again.
stop downloading porn, and that's it.... o,, and your avatar earcy
1

Virus Help Part 2
(38 posts, started )
FGED GREDG RDFGDR GSFDG