tiptopgemdotcom (OP)
Legendary
Offline
Activity: 1736
Merit: 1000
Truly decentralized stable asset
|
|
January 20, 2012, 08:06:20 PM |
|
No really help me!!!!
|
|
|
|
bb113
|
|
January 21, 2012, 09:13:16 AM |
|
Reinstall windows dude. Its the only way to be sure.
|
|
|
|
Maged
Legendary
Offline
Activity: 1204
Merit: 1015
|
|
January 22, 2012, 01:42:07 AM |
|
Reinstall windows dude. Its the only way to be sure.
Just noticed that he has XP... Unfortunately, I must agree with this statement.
|
|
|
|
ZodiacDragon84
Sr. Member
Offline
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
|
|
January 22, 2012, 01:58:37 AM |
|
any one want to bet that the file share program (emule) is being used as a bot communication relay to communicate with the botmaster hijacking his computer
|
|
|
|
bb113
|
|
January 22, 2012, 05:13:37 AM |
|
Combofix deleted everything related to bitcoin for me. I lost .01 BTC.
Does anyone know why it would do this?
|
|
|
|
ZodiacDragon84
Sr. Member
Offline
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
|
|
January 22, 2012, 07:41:06 AM |
|
Combofix deleted everything related to bitcoin for me. I lost .01 BTC.
Does anyone know why it would do this? no idea, but if it makes you feel better, ill kick a bitcent your way!
|
|
|
|
bb113
|
|
January 22, 2012, 07:49:11 AM |
|
Haha, I wouldn't worry about it but it would be my first donation. Send here if you like:
19x2RUBSXzgBsD5HVsW5HZHiGvMzjuReF7
|
|
|
|
ZodiacDragon84
Sr. Member
Offline
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
|
|
January 22, 2012, 07:54:10 AM |
|
Haha, I wouldn't worry about it but it would be my first donation. Send here if you like:
19x2RUBSXzgBsD5HVsW5HZHiGvMzjuReF7
kicked .02 your way. now i can say I put my 2 cents in!
|
|
|
|
Matthew N. Wright
Untrustworthy
Hero Member
Offline
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
|
|
January 22, 2012, 08:26:05 AM |
|
I'm just going to answer the first part of the OP:
Are you a worm/trojan/virus
Yes.
|
|
|
|
ZodiacDragon84
Sr. Member
Offline
Activity: 266
Merit: 250
The king and the pawn go in the same box @ endgame
|
|
January 22, 2012, 10:51:57 PM |
|
I'm just going to answer the first part of the OP:
Are you a worm/trojan/virus
Yes.
you a L33tHackers.com forum member by chance?
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
January 23, 2012, 03:31:27 AM |
|
Seriously, fuck XP - it is slow as dog shit and just as insecure. Uses admin accounts with full privs by default, which is likely how you got infected to start with.
Windows 7 is leaps and bounds better than XP, even if only from a security perspective.
|
|
|
|
Freeway
Member
Offline
Activity: 105
Merit: 10
Always follow the Road Less Traveled
|
|
April 27, 2012, 05:12:07 AM |
|
Reinstall windows dude. Its the only way to be sure.
Just noticed that he has XP... Unfortunately, I must agree with this statement. So if you are running Windows 7, would you have to re-install? Or no? I am curious because my son-in-law started playing/downloading stuff for x-box gold and micro-soft points, attempting to get "free codes" on one of my computers that is not partitioned nor protected, using utorrent. I am running scans now, (517 errors ), was awesome to find the malwarebytes link, thank you, I will run that next. I guess my question is, is utorrent safe? Is bittorrent better? What about freenet or darknet? Or should I tell him just stay the f... off of there and go to? .... He is trying to find codes for free or discounted. Is this even legal? If not, and he continues to use my computer, if I partitioned of an area off the hard drive just for him, would it affect me? Any info is appreciated. Thank you
|
|
|
|
Freeway
Member
Offline
Activity: 105
Merit: 10
Always follow the Road Less Traveled
|
|
April 27, 2012, 05:13:21 AM |
|
And what is emule??? I found it and deleted it, but???
|
|
|
|
mufa23
Legendary
Offline
Activity: 1022
Merit: 1001
I'd fight Gandhi.
|
|
April 27, 2012, 05:37:36 AM |
|
Malwarebytes MSE CCleaner
Clear all your webbrowsers (chrome, IE, firefox, all of them) of cookies, history, and everything! Then run all three programs.
|
Positive rep with: pekv2, AzN1337c0d3r, Vince Torres, underworld07, Chimsley, omegaaf, Bogart, Gleason, SuperTramp, John K. and guitarplinker
|
|
|
Freeway
Member
Offline
Activity: 105
Merit: 10
Always follow the Road Less Traveled
|
|
April 27, 2012, 06:00:09 AM |
|
Malwarebytes MSE CCleaner
Clear all your webbrowsers (chrome, IE, firefox, all of them) of cookies, history, and everything! Then run all three programs.
Okay. Malwarebytes is running now. So far 7 infections just on Chrome. Guess it will be a long night.
|
|
|
|
check_status
Full Member
Offline
Activity: 196
Merit: 100
Web Dev, Db Admin, Computer Technician
|
|
April 27, 2012, 09:01:56 AM |
|
If you running windows no reason you can't be running a rollback software like RollbackRX or some such similar. SandboxIE for your browser. WinMHR to scan for non rootkit files, kicks any individual AV's arse. Delete/Remove Java, Flash, anything Adobe. Create a new profile in Firefox.
|
For Bitcoin to be a true global currency the value of BTC needs always to rise. If BTC became the global currency & money supply = 100 Trillion then ⊅1.00 BTC = $4,761,904.76. P2Pool Server List | How To's and Guides Mega List | 1 EndfedSryGUZK9sPrdvxHntYzv2EBexGA
|
|
|
Freeway
Member
Offline
Activity: 105
Merit: 10
Always follow the Road Less Traveled
|
|
April 27, 2012, 03:02:14 PM |
|
If you running windows no reason you can't be running a rollback software like RollbackRX or some such similar. SandboxIE for your browser. WinMHR to scan for non rootkit files, kicks any individual AV's arse. Delete/Remove Java, Flash, anything Adobe. Create a new profile in Firefox.
Thank you. I had never heard of Rollback Rx. I know this is prob a silly question. Malwarebytes removed 7 infections. Should I still do these other procedures? I know. Prob yes. Just trying to save a few hours. EDIT: Is there a safe way to obtain a code generator or are they always a virus?
|
|
|
|
P4man
|
|
April 27, 2012, 03:20:34 PM |
|
EDIT: Is there a safe way to obtain a code generator or are they always a virus?
code generators and activation 'patches' are almost always identified as viruses, particularly if you enable heuristics in the AV. And yet often they arent, but how can one know? If you only need the code generator, run it in a VM. If you need to patch your app, well,.. buy it. Or find a free alternative.
|
|
|
|
Freeway
Member
Offline
Activity: 105
Merit: 10
Always follow the Road Less Traveled
|
|
April 27, 2012, 03:34:10 PM |
|
If you only need the code generator, run it in a VM. If you need to patch your app, well,.. buy it. Or find a free alternative.
Thanks.
|
|
|
|
amencon
|
|
April 28, 2012, 09:28:36 AM |
|
Hmm forgot to check back on this.
Tiptop I assume your issue has been long resolved however for the symptoms you described (BSOD and the error message) I'd try running cmd prompt as administrator, putting XP OS CD in drive and run command "sfc /scannow". If it finds any system files that appear to have compromised integrity it will replace them with the original versions.
After that reboot and load off the XP CD, on the first screen choose "R" to bring up the recovery console and from the command prompt run "CHKDSK C: /R" (assuming you use C as primary drive).
As others have said it's sometimes best to just nuke it from orbit (wipe/reload XP) but with these issues I hate doing it as it feels like admitting defeat. There are a few other things you can try if the above don't help.
Bitcoin113: Very interesting that ComboFix deleted bitcoin related stuff and good to know for the future. Glad you didn't lose more than a fraction of a coin.
Freeway: uTorrent is as safe as the files you download with it. Since all the files you get are shared P2P there are no guarantees that they aren't infected. A way to mitigate the risk is only download torrents from thepiratebay.org from "trusted" users (they'll have a skull icon near their name ironically). Another thing that will help is after every download prior to launching the downloaded file scan it with malwarebytes. You can do this easily by browsing to it and right clicking the folder or file and the option should show up in the menu options.
|
|
|
|
|