Bitcoin Forum
December 04, 2016, 02:04:49 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Are you a worm/trojan/virus expert?  (Read 4248 times)
tiptopgemdotcom
Legendary
*
Offline Offline

Activity: 1204


fine gemstones and jewelry directly to you


View Profile
January 20, 2012, 08:06:20 PM
 #21

No really help me!!!!
1480817089
Hero Member
*
Offline Offline

Posts: 1480817089

View Profile Personal Message (Offline)

Ignore
1480817089
Reply with quote  #2

1480817089
Report to moderator
1480817089
Hero Member
*
Offline Offline

Posts: 1480817089

View Profile Personal Message (Offline)

Ignore
1480817089
Reply with quote  #2

1480817089
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
January 21, 2012, 09:13:16 AM
 #22

Reinstall windows dude. Its the only way to be sure.
Maged
Legendary
*
Offline Offline

Activity: 1260


View Profile
January 22, 2012, 01:42:07 AM
 #23

Reinstall windows dude. Its the only way to be sure.
Just noticed that he has XP... Unfortunately, I must agree with this statement.

ZodiacDragon84
Sr. Member
****
Offline Offline

Activity: 266


The king and the pawn go in the same box @ endgame


View Profile
January 22, 2012, 01:58:37 AM
 #24

any one want to bet that the file share program (emule) is being used as a bot communication relay to communicate with the botmaster hijacking his computer

Looking for a quick easy mining solution? Check out
www.bitminter.com

See my trader rep at Bitcoinfeedback.com
!
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
January 22, 2012, 05:13:37 AM
 #25

Combofix deleted everything related to bitcoin for me. I lost .01 BTC.

Does anyone know why it would do this?
ZodiacDragon84
Sr. Member
****
Offline Offline

Activity: 266


The king and the pawn go in the same box @ endgame


View Profile
January 22, 2012, 07:41:06 AM
 #26

Combofix deleted everything related to bitcoin for me. I lost .01 BTC.

Does anyone know why it would do this?

no idea, but if it makes you feel better, ill kick a bitcent your way!

Looking for a quick easy mining solution? Check out
www.bitminter.com

See my trader rep at Bitcoinfeedback.com
!
bb113
Hero Member
*****
Offline Offline

Activity: 728


View Profile
January 22, 2012, 07:49:11 AM
 #27

Haha, I wouldn't worry about it but it would be my first donation. Send here if you like:

19x2RUBSXzgBsD5HVsW5HZHiGvMzjuReF7
ZodiacDragon84
Sr. Member
****
Offline Offline

Activity: 266


The king and the pawn go in the same box @ endgame


View Profile
January 22, 2012, 07:54:10 AM
 #28

Haha, I wouldn't worry about it but it would be my first donation. Send here if you like:

19x2RUBSXzgBsD5HVsW5HZHiGvMzjuReF7

kicked .02 your way. now i can say I put my 2 cents in! Cheesy

Looking for a quick easy mining solution? Check out
www.bitminter.com

See my trader rep at Bitcoinfeedback.com
!
Matthew N. Wright
Untrustworthy
Hero Member
*****
Offline Offline

Activity: 588


Hero VIP ultra official trusted super staff puppet


View Profile
January 22, 2012, 08:26:05 AM
 #29

I'm just going to answer the first part of the OP:

Are you a worm/trojan/virus

Yes.

ZodiacDragon84
Sr. Member
****
Offline Offline

Activity: 266


The king and the pawn go in the same box @ endgame


View Profile
January 22, 2012, 10:51:57 PM
 #30

I'm just going to answer the first part of the OP:

Are you a worm/trojan/virus

Yes.

you a L33tHackers.com forum member by chance?

Looking for a quick easy mining solution? Check out
www.bitminter.com

See my trader rep at Bitcoinfeedback.com
!
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
January 23, 2012, 03:31:27 AM
 #31

Seriously, fuck XP - it is slow as dog shit and just as insecure. Uses admin accounts with full privs by default, which is likely how you got infected to start with.

Windows 7 is leaps and bounds better than XP, even if only from a security perspective.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
Freeway
Member
**
Offline Offline

Activity: 105


Always follow the Road Less Traveled


View Profile WWW
April 27, 2012, 05:12:07 AM
 #32

Reinstall windows dude. Its the only way to be sure.
Just noticed that he has XP... Unfortunately, I must agree with this statement.
So if you are running Windows 7, would you have to re-install?  Or no?  I am curious because my son-in-law started playing/downloading stuff for x-box gold and micro-soft points, attempting to get "free codes" on one of my computers that is not partitioned nor protected, using utorrent.   

I am running scans now, (517 errors Sad ), was awesome to find the malwarebytes link, thank you, I will run that next.

I guess my question is, is utorrent safe?  Is bittorrent better?  What about freenet or darknet?  Or should I tell him just stay the f... off of there and go to? .... He is trying to find codes for free or discounted.  Is this even legal?  If not, and he continues to use my computer, if I partitioned of an area off the hard drive just for him, would it affect me?

Any info is appreciated.  Thank you

Freeway
Member
**
Offline Offline

Activity: 105


Always follow the Road Less Traveled


View Profile WWW
April 27, 2012, 05:13:21 AM
 #33

And what is emule???  I found it and deleted it, but???

mufa23
Legendary
*
Offline Offline

Activity: 1022


I'd fight Gandhi.


View Profile
April 27, 2012, 05:37:36 AM
 #34

Malwarebytes
MSE
CCleaner

Clear all your webbrowsers (chrome, IE, firefox, all of them) of cookies, history, and everything! Then run all three programs.

Positive rep with: pekv2, AzN1337c0d3r, Vince Torres, underworld07, Chimsley, omegaaf, Bogart, Gleason, SuperTramp, John K. and guitarplinker
Freeway
Member
**
Offline Offline

Activity: 105


Always follow the Road Less Traveled


View Profile WWW
April 27, 2012, 06:00:09 AM
 #35

Malwarebytes
MSE
CCleaner

Clear all your webbrowsers (chrome, IE, firefox, all of them) of cookies, history, and everything! Then run all three programs.

Okay.  Malwarebytes is running now.  So far 7 infections just on Chrome.  Guess it will be a long night.

check_status
Full Member
***
Offline Offline

Activity: 196


Web Dev, Db Admin, Computer Technician


View Profile
April 27, 2012, 09:01:56 AM
 #36

If you running windows no reason you can't be running a rollback software like RollbackRX or some such similar.
SandboxIE for your browser.
WinMHR to scan for non rootkit files, kicks any individual AV's arse.
Delete/Remove Java, Flash, anything Adobe.
Create a new profile in Firefox.

For Bitcoin to be a true global currency the value of BTC needs always to rise.
If BTC became the global currency & money supply = 100 Trillion then ⊅1.00 BTC = $4,761,904.76.
P2Pool Server List | How To's and Guides Mega List |  1EndfedSryGUZK9sPrdvxHntYzv2EBexGA
Freeway
Member
**
Offline Offline

Activity: 105


Always follow the Road Less Traveled


View Profile WWW
April 27, 2012, 03:02:14 PM
 #37

If you running windows no reason you can't be running a rollback software like RollbackRX or some such similar.
SandboxIE for your browser.
WinMHR to scan for non rootkit files, kicks any individual AV's arse.
Delete/Remove Java, Flash, anything Adobe.
Create a new profile in Firefox.

Thank you.  I had never heard of Rollback Rx.  I know this is prob a silly question.  Malwarebytes removed 7 infections.  Should I still do these other procedures?

I know.  Prob yes.  Just trying to save a few hours.   Undecided

EDIT:  Is there a safe way to obtain a code generator or are they always a virus?

P4man
Hero Member
*****
Offline Offline

Activity: 504



View Profile
April 27, 2012, 03:20:34 PM
 #38

EDIT:  Is there a safe way to obtain a code generator or are they always a virus?

code generators and activation 'patches' are almost always identified as viruses, particularly if you enable heuristics in the AV. And yet often they arent, but how can one know? 

If you only need the code generator, run it in a VM.  If you need to patch your app, well,.. buy it. Or find a free alternative.

Freeway
Member
**
Offline Offline

Activity: 105


Always follow the Road Less Traveled


View Profile WWW
April 27, 2012, 03:34:10 PM
 #39

If you only need the code generator, run it in a VM.  If you need to patch your app, well,.. buy it. Or find a free alternative.
Thanks. 

amencon
Sr. Member
****
Offline Offline

Activity: 411


View Profile
April 28, 2012, 09:28:36 AM
 #40

Hmm forgot to check back on this.

Tiptop I assume your issue has been long resolved however for the symptoms you described (BSOD and the error message) I'd try running cmd prompt as administrator, putting XP OS CD in drive and run command "sfc /scannow".  If it finds any system files that appear to have compromised integrity it will replace them with the original versions.

After that reboot and load off the XP CD, on the first screen choose "R" to bring up the recovery console and from the command prompt run "CHKDSK C: /R" (assuming you use C as primary drive).

As others have said it's sometimes best to just nuke it from orbit (wipe/reload XP) but with these issues I hate doing it as it feels like admitting defeat.  There are a few other things you can try if the above don't help.

Bitcoin113: Very interesting that ComboFix deleted bitcoin related stuff and good to know for the future.  Glad you didn't lose more than a fraction of a coin.

Freeway: uTorrent is as safe as the files you download with it.  Since all the files you get are shared P2P there are no guarantees that they aren't infected.  A way to mitigate the risk is only download torrents from thepiratebay.org from "trusted" users (they'll have a skull icon near their name ironically).  Another thing that will help is after every download prior to launching the downloaded file scan it with malwarebytes.  You can do this easily by browsing to it and right clicking the folder or file and the option should show up in the menu options.  
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!