Virus!
(108 posts, closed, started )
@Jakg: How is it the 3rd in a year? Also, it is not actually my fault this time as I think it was my IP address being hacked. I can not stop people seeing my IP without a proxy of which I can not afford. I did try Invisible IP Map, but it annoyed me as when I bought it the serial which I bought was banned due to the fact it was similar to an illegal serial key (difference being zero and O).
Shaun I dont think its as seroius as some Low life sitting at his computer and specifically targeting your IP address

Download Hijack this search it in google and post up a log but I dont think you should do it here.

www.bleepingcomputer.com would be the best spot The guys there will help you out

If you want you can add me in MSN and you can show me the log and a combofix log and we could sorth something out it sounds like youve got a Trojan/Vundo virus because those infect your Iexplore.exe

But yes A long with everyone else I am still going too say STOP DOWNLOADING DODGY PORN
Have you tried doing a system restore. I had the same thing happen about a month or so ago. I tried everything and every program I had to try and get rid of the problem. As a last resort before reformatting I tried a restore back to when I knew it was working. It worked, and then I used fix-it utilities to cleanup the registry. Been working fine ever since.
#29 - CSU1
Quote from Jakg :Re-install Windows and stop being such a nub - this is like the 3rd virus you've had in a year ffs.

You've used n-lite before haven't you?...iirc can't you point n-lite to the local i386 folder instead of using the OEM CD?

Anyway, the only way I can see of you getting it back shaun463 is with the use of a second PC running n-lite using your old i386 folder which you'll need to copy whilst booted up in Ubuntu...

...Or, if no OS choices are available at boot you could try rescue the boot loaders through Ubuntu:

1. Boot up the Ubuntu Live CD or just boot straight into Ubuntu(to fix windows loader skip this to step 2.):

Once you are at the desktop open up a terminal
sudo grub

This will get you a "grub>" prompt (i.e. the grub shell). At grub>. enter these commands
find /boot/grub/stage1

This will return a location. If you have more than one, select the installation that you want to provide the grub files.
Next, THIS IS IMPORTANT, whatever was returned for the find command use it in the next line (you are still at grub>. when you enter the next 3
commands)
root (hd?,?)

Again use the value from the find command i.e. if find returned (hd0,1) then you would enter root (hd0,1)
Next enter the command to install grub to the mbr
setup (hd0)

Finally exit the grub shell
quit

2.
To fix the Windows MBR:
sudo nano -w /boot/grub/menu.lst

Scroll down to the bottom of the file and add this:
# Windows
title Windows
root (hd0,?)
savedefault
makeactive
chainloader +1

where ? is the number of your windows partition. So, if it is /dev/sda4 you would put a 3.

Restart and your windows boot option should be there.

Edit:

To find your XP key without being able to boot into windows will be trick, the only suggestion I have is to use the key reader attached through WINE in Ubuntu whilst it's placed on the XP NTFS partition - I have no idea if this will work but hey it's worth a try. XP-KeyReader.zip
Attached files
XP-KeyReader.zip - 19.5 KB - 139 views
I found the XP product key on te side of my PC! My next worry is that I have a lot of important data (e.g. Homework and my radio station) that I can't backup. I will try System Restore!
Quote from shaun463 :I will try System Restore!

don't bother... most viruses infect the restore db as well.
SpybotSD, it turns out, did not make a restore point at all. Argh.
#33 - Jakg
Quote from shaun463 :@Jakg: How is it the 3rd in a year? Also, it is not actually my fault this time as I think it was my IP address being hacked. I can not stop people seeing my IP without a proxy of which I can not afford. I did try Invisible IP Map, but it annoyed me as when I bought it the serial which I bought was banned due to the fact it was similar to an illegal serial key (difference being zero and O).

WTF - your IP is being targeted? Bullshit. Utter bullshit.

They are targeting your IP - which goes to your router. From there on, where will they pick which PC to target?
Quote from CSU1 :You've used n-lite before haven't you?...iirc can't you point n-lite to the local i386 folder instead of using the OEM CD?

**** knows
Quote from shaun463 :I found the XP product key on te side of my PC! My next worry is that I have a lot of important data (e.g. Homework and my radio station) that I can't backup. I will try System Restore!

Oh come on - you must have a pendrive. An 8GB pendrive (admittedly a shit slow one) is £10 from Play - that'll hold any work you've done and a fair amount of music too...






If this was me i'd re-install and use some proper AV protection and stop being such a nub. If you don't have the disc - torrent it, just try to find a NON cracked version. You can find your key using magical jellybean...
I don't have a pendrive. I do have some decent protection such as: Avast!, AVG, SpybotS&D, Ad-Aware, PrevX (admittedly rather crap but actually does work), RegRun (same story to PrevX), Malware-Bytes Anti-Malware and Spyware Doctor. The main issue with this virus is that to get rid of it I must remove iexplore.exe, msnmsgr.exe and svchost.exe. I have the key and will probably not use Windows System Restore, but the amazing EI SYSTEM system restore. A crap PC like this one is not worth spending lots of money on. Also the IP probably was hacked as at the time I was 10.1.1.1. This network is so unsecure, I can even hack my dad's laptop with my Nintendo DS .
#35 - Jakg
There is so much fail in your post it's unbelievable.

Do you HONESTLY think your experiencing a "normal" computer user experience?

Quote from shaun463 :Whilst searching the forums some virus called thezirius has been getting in

Quote from shaun463 :I was on the LFS forums when the virus got in and and i only use Firefox plus i dont use limewire and rsc lfsforums and lfs.net are the only websites i go on much

Quote from shaun463 :i have been using Ad ware 2007, Spybot search and destroy, avg anti-rootkit, avg anti-virus, avg anti-spyware, nod32, avast, norton internet secruity 2006 and regrun

Quote from shaun463 :A virus has got in now I cant use appwiz.cpl to remove daemon tools to get rid of sptd.dll which stops safe mode from working and I need safe mode to get control panel back. What do I do?

Quote from shaun463 :Avast is an antivirus system. What I find quite amusing is that it picked up my homework as a virus the other day . Although I sort of got bored and called it spoolvs.exe . Spoolsv.exe is the printer spooler service, spoolvs.exe is a virus!

Quote from shaun463 :I got the same thing and got rid of it in 5 minutes . I found this thing called RegRun Reanimator (don't ever pay for it! Also only ever download the Reanimator as the rest is crap) and it is supposed to be rubbish. However this thing has actually killed mgrs.exe, spoolvs.exe and all those other ones included in that major virus. It was also what got rid of the virus you got .

Quote from shaun463 :WEll I had mgrs.exe spoolvs.exe and many more virii! I used RegRun Reanimator to delete the virus (all you need to know is the virus' name!!)

I've had 2 virus'es, ever - both due to my own stupidity!
Quote from Jakg :I've had 2 virus'es, ever - both due to my own stupidity!

I never had a antivirus and had 2 viruses - both removed using regedit + total commander in safemode, beat that
Quote from Shadowww :I never had a antivirus and had 2 viruses - both removed using regedit + total commander in safemode, beat that

That´s because virus thinks you´re not worth it, because you only watch old gay porn.
Quote from Shadowww :I never had a antivirus and had 2 viruses - both removed using regedit + total commander in safemode, beat that

i have never had a virus EVER beat that.
antivir PE classic.
Quote from Bose321 :That´s because virus thinks you´re not worth it, because you only watch old gay porn.

Virus can't think
Quote from mutt107 :i have never had a virus EVER beat that.
antivir PE classic.

You have antivirus, that's a cheat.
Again seriously shaun what on earth do you do on the internet?
Throw computer out the window.

Virus gone.
-
(DevilDare) DELETED by DevilDare
I wonder the same thing, for many folks who post virus stuff here.

Mostly what people call a virus is nothing more than a pest. A browser hijacker and popup pest.

I've been on the net since 1995 and I don't actively run anitvirus. I have it installed, just nothing running and watching. I've had 2 "viruses" as well in 14 years. One was 6-9 months ago when I was on Ikea's website and downloaded what I thought was a simple little "room organizer" program and the other from a browser game I play (cyberairlines.net). Neither were really a virus, just a hijacker thing that created popups and hijacked the browser. Scanned with AVG and Malware Bytes and it was taken care of easily enough.

When you are constantly downloading porn, music, and pirated software on P2P networks, yeah, you are bound to have virus problems. Live with it, or quit stealing other peoples stuff.
If you have access to another computer with a XP install you can use the Ultimate Boot CD. It will allow you to boot from the XP install on the CD and run from that. You should have full access to your files. It also comes with a couple antivirus/spyware removal tools and a ton of other stuff.. Always good to have around in case of intances like so..
Quote from Shadowww :Virus can't think You have antivirus, that's a cheat.

its not cheating, its just being smart
and not downloading porn.
Quote from mrodgers :I wonder the same thing, for many folks who post virus stuff here.

Mostly what people call a virus is nothing more than a pest. A browser hijacker and popup pest.

I've been on the net since 1995 and I don't actively run anitvirus. I have it installed, just nothing running and watching. I've had 2 "viruses" as well in 14 years. One was 6-9 months ago when I was on Ikea's website and downloaded what I thought was a simple little "room organizer" program and the other from a browser game I play (cyberairlines.net). Neither were really a virus, just a hijacker thing that created popups and hijacked the browser. Scanned with AVG and Malware Bytes and it was taken care of easily enough.

When you are constantly downloading porn, music, and pirated software on P2P networks, yeah, you are bound to have virus problems. Live with it, or quit stealing other peoples stuff.

Lol Words to live by ^

Only viruses I've ever gotten was from Porn sites or from downloading programs off torrents back in the day, when I was more of a moron... I've had no viruses in like, ohh years...

Now for music I use one of those FLV conversion programs and for pr0nz I have trusted websites..
Despite other posts in here, i would say that not running an antivirus and firewall is nothing short of internet suicide, and i will tell you why....


Whan i had to reformat my HDD i only had xp sp1, which was less than ideal, but i thought it'll be fine, ill get straight on windows update as soon as i connect to the net and get sp3, while downloading zonealarm in another tab.

It was 2 minutes and 43 seconds ( i know it's exact, but i timed it ) before lsass.exe crashed and made the PC count down from 60 seconds and then shut down, which is the sasser virus.

Once i rebooted, i had got an ms-dos batchfile called A.bat on my C drive, plus something called hellmsn.exe, and lots of randomly named files that were not there before.

Now lets not forget, i had only been connected to the web for less than three minutes and my whole install was ****ed.

I have jakg to thank for posting me a copy of sp3 on disk to my house, so i will thank him again for getting me out of trouble.

So, in short, dont run without protection, no mater who says it's ok, because it isnt.

It's like going 'bareback' (not using condoms) with loads of girls and then being surprised when you find that you have caught gonorrhea.
#48 - VoiD
Quote from Jakg :There is so much fail in your post it's unbelievable.

[insert shaun´s quotes here]



I´d like to thank you: Best read for today...

Quote from Jakg :I've had 2 virus'es, ever - both due to my own stupidity!

Same here, first back in the early 90´s, second ~5 years ago...
Quote from danthebangerboy :...

I remember on an old episode of the Gadget show they connected a PC to the Internet for a few hours and came back to see how many viruses they had. They had a lot. I remember at the time that I could not believe that this was possible; but I guess your story is a small piece of proof.
I have never had an anti-virus program installed and I've NEVER had a virus on my computer.

I just seem to know what sites are good or bad by looking at names, and I don't download illegal programs ever, so I've never had to worry about it.

I laugh at people that say XP isn't secure enough because they are getting viruses constantly. They just shoulden't be doing what they are doing, simple as that.
This thread is closed

Virus!
(108 posts, closed, started )
FGED GREDG RDFGDR GSFDG