My newest computer question/problem...

  1. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Talking My newest computer question/problem...


    I have yet another virus/trojan on my damn system again. I was trying to download the Kazaa program to actually get more computer programs, but in doing so, it gave me a few more viruses/worms, etc.... I know it was from it too, cuz as soon as it finished DL'ing, my Avast! caught it.

    So, a month ago or so, I DL'ed this one program that was free to try and it got rid of everything super quick. BTW, I tried to fix/delete/repair it with Avast!, but no luck. Anyways, I wanna use this program again, but I went and DL'ed it again from Cnet and it said that I now have to register and buy it/trial is over.

    Isn't their a way I can still make this work?

    Damn, thats friggin' Kazaa for ya....

  2. Registered User
    NPursuit's Avatar
    Join Date
    Mar 2003
    Age
    37
    Posts
    1,803
    Answers
    0

    Go to www.mcafee.com and download Stinger. It's a free, fast, low resource hog virus scanner. Then go to google and search the programs name + crack. You should be able to find the crack or serial # you need. Which program are you trying to use?
  3. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Quote Originally Posted by NPursuit
    Go to www.mcafee.com and download Stinger. It's a free, fast, low resource hog virus scanner. Then go to google and search the programs name + crack. You should be able to find the crack or serial # you need. Which program are you trying to use?

    I'm trying to use this one on cnet:

    http://download.com.com/3000-2239-10265821.html

    (antivirus and trojan is the name) Like I said, it worked really well, like as soon as it finished DL'ing before it found ALL problems and fixed them.
    •   
       

  4. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Avast found another one, should I delete it? Its says C:\SystemVolumeInformation.... .....

    Man, I hate this ****in' ****.......
  5. Registered User
    NPursuit's Avatar
    Join Date
    Mar 2003
    Age
    37
    Posts
    1,803
    Answers
    0

    I don't know that program. I meant which program are you trying to crack? What viruses does it keep finding?
  6. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Quote Originally Posted by NPursuit
    I don't know that program. I meant which program are you trying to crack? What viruses does it keep finding?
    I guess its the same one as I posted above; the "systemvolumeinfo..."

    I dunno what you mean by crack then, I thought it was a way to use a trial program more than it allows you too, maybe not....

    Stinger is a program on mcafee, correct? I went there but couldn't find it...
  7. Registered User
    NPursuit's Avatar
    Join Date
    Mar 2003
    Age
    37
    Posts
    1,803
    Answers
    0

    Stinger link http://vil.nai.com/vil/stinger/

    Yes a crack does let you use a program that would otherwise be useless. What program are you trying to use that the trial has run out?
  8. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Quote Originally Posted by NPursuit
    Stinger link http://vil.nai.com/vil/stinger/

    Yes a crack does let you use a program that would otherwise be useless. What program are you trying to use that the trial has run out?
    The one that I'm trying to use is called Anti-virus & trojan 3.80


    Its the one that I posted above inthe link to DL.com. Anyways, I went to crackspider, etc, and couldn't come up with anything for this particular one.

    Thanx for the link, I'll give it a try...
  9. Registered User
    NPursuit's Avatar
    Join Date
    Mar 2003
    Age
    37
    Posts
    1,803
    Answers
    0

    Oh OK. I guess I was having a cracked out moment. I thought you were trying to crack a program and got some viruses and were using that anti-virus software. Doh! Anyway use Stinger it's a good small program. I use it on my network all day long. Anti virus software is the only software I would buck up the dough and purchase so you can get the updates.
  10. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Quote Originally Posted by NPursuit
    Oh OK. I guess I was having a cracked out moment. I thought you were trying to crack a program and got some viruses and were using that anti-virus software. Doh! Anyway use Stinger it's a good small program. I use it on my network all day long. Anti virus software is the only software I would buck up the dough and purchase so you can get the updates.
    LOL, yeah I know what you mean....I just ran stinger though and it didn't detect it.

    I think I'll just fork over the mula to fix this once and for all like you suggested....thanx for your help...once again, heh...
  11. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    One more question....This is all the info I could get on the virus that I have. Do you think I can just delete this and it will be all good?
    ______________________________ _____________________
    Original file name: A0004168.exe
    Original file: C:\system volume information_restore......
    size of file: 24576
    Virus name: Win32Trojan-Gen, {VC}
    ______________________________ _____________________

    I looked on Avast!'s site and still couldn't find it in their database....
  12. Registered User
    drei's Avatar
    Join Date
    Sep 2003
    Age
    43
    Posts
    170
    Answers
    0

    Lightbulb


    Quote Originally Posted by Jergo
    One more question....This is all the info I could get on the virus that I have. Do you think I can just delete this and it will be all good?
    ______________________________ _____________________
    Original file name: A0004168.exe
    Original file: C:\system volume information_restore......
    size of file: 24576
    Virus name: Win32Trojan-Gen, {VC}
    ______________________________ _____________________

    I looked on Avast!'s site and still couldn't find it in their database....
    Bruh! You are getting to a point where you may not be able to clean your system of the Virus. Some viruses infect system files and that can be very, very bad. Also just deleting a virus file won't necessarily clean it because it may have aready cloned itself elsewhere on your pc. You may want to back up your vital information and fully restore your system. As a rule of thumb never run Virus scan software for Windows if it ain't Mcafee, Symantec (Norton), Computer Associates, Panda or Trend Micro. I personally like Mcafee for home and on my job servers. And never use file sharing software without running a good antivirus progam. If you are wondering I am a computer consultant so i fix this shyt daily.
  13. Registered User
    NPursuit's Avatar
    Join Date
    Mar 2003
    Age
    37
    Posts
    1,803
    Answers
    0

    I agree with Drei but what the hell is c:\system volume information_restore? That isn't a system file. What is the extension on that file Jergo, and do you know where the A0004168.exe file came from? Did you d/l this, or was it put on your system without your knowledge?
  14. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    Do this....

    go to the root of C:\ and find a temp folder
    C:\temp...

    delete ALL contents..

    next go to either the C:\windows or C:\Winnt depending on OS

    in there will be another temp folder

    C:\windows\temp or C:\winnt\temp

    again delete ALL contents in there..

    if you can not delete any of them, power down and start up in safe mode and repeat the process..it will get rid of them...most of the time the minor viruses are stored in the temp directories

    NEXT go to www.lavasoft.com and download adaware..the free version..

    do an update of the reference files and scan your computer...whatever it finds, delete it..normally it will make a quarantine file and make sure you delete that **** as well

    right click on my computer and hit properties...there should be a tab for system restore...disable that ****... a new virus called

    netskyp.worm or something will propogate tons of **** inside the restore files...also it saves space on your comp and improves performance

    let see...oh and you can also go to www.symantec.com and just start running random virus removal tools

    this is the free way to do everything..lol...

    for the right $$ or trade i can get you whatever software you need though

    h19
  15. Registered User
    BigTEX's Avatar
    Join Date
    Mar 2004
    Age
    60
    Posts
    35
    Answers
    0

    Well technically they are system files.
    The problem is that they are hidden and protected from deletion or
    modification by Windows XP, so most virus scanners can't delete a
    virus that gets in your restore directory.
    The solution is to "disable system restore", reboot, then run a system
    scan using your virus scanner. Once your confident that there are no
    more viruses, you can reenable system restore.

    Make sure to update your virus scanner before doing a system scan.

    If you don't have a good virus program, you can get a free one here:
    http://www.grisoft.com/us/us_dwnl_free.php


    http://service1.symantec.com/SUPPORT...rc=sec_doc_nam

    System Restore, a Windows XP feature, is similar to the "Last Known Good Configuration" in Windows NT and Windows 2000. You can use System Restore to restore the computer to a previous state, using the backups that it makes of selected system files and program files. Unlike the "Last Known Good Configuration" feature, System Restore maintains multiple restore points. This gives you the choice of restoring your computer to any number of previously saved states.

    While this is a desirable feature, in some cases it should be temporarily turned off. For example, if the computer is infected with a virus, then it is possible that the virus could be backed up by System Restore. By default, Windows prevents System Restore from being modified by outside programs. As a result, there is the possibility that you could restore a virus-infected file, or that the on-line scanners would detect the virus in that location.

    Disabling System Restore does not delete or remove any of your personal data from your computer. The only files removed are those that System Restore created, the restore points. Using System Restore to revert to a previously saved restore point does not affect any of your personal data files or any items in your My Documents folder.




    Quote Originally Posted by NPursuit
    I agree with Drei but what the hell is c:\system volume information_restore? That isn't a system file. What is the extension on that file Jergo, and do you know where the A0004168.exe file came from? Did you d/l this, or was it put on your system without your knowledge?
  16. Registered User
    BigTEX's Avatar
    Join Date
    Mar 2004
    Age
    60
    Posts
    35
    Answers
    0

    Also I would recomment Spybot 2
    http://www.pcworld.com/downloads/fil...d,22262,00.asp

    Spybot 2 and a good virus scanner will keep the junk off your computer.


    Quote Originally Posted by NPursuit
    I agree with Drei but what the hell is c:\system volume information_restore? That isn't a system file. What is the extension on that file Jergo, and do you know where the A0004168.exe file came from? Did you d/l this, or was it put on your system without your knowledge?
  17. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    ****!!!

    Man, I'm ****ing clueless now, you guys lost me like 5 years back.

    NP, like I said, I first got a virus when I DL'ed Kazaa media desktop. It was in a program called "my search bar" it was basically an added bar that displays right below the addy url window pan. or "go to" bar.

    Now, I went ahead and deleted that; it was actually a whole program. I then went and ran Adaware. That thing found like 22 different files, registry, etc. Deleted those out of my quarantine.

    SO, today AVAST! found another virus which is called what I posted above. And then I tried to do what I said about the trail-anti virus program, but w/ no luck...

    BTW,as soon as I found that first virus upon completion of DL'ing Kazaa, I went ahead and deleted Kazaa of course too, well uninstalled it.

    Hamper, I honestly don't know wtf you're talking about bro!!! LOL, would you be able to further explain what to do in "dummy terms"
  18. Registered User
    db682's Avatar
    Join Date
    Jun 2003
    Age
    35
    Posts
    777
    Answers
    0

    Its a dummy file shell. There are used to do exactly what it is doing right now. It is named in such a manner that the end user will avoid deleting it because of the possiblity of it being a system file. Ive planted a couple in my time with Sub7 before that got all the press and all the software companies started makeing anti-files for it.
    That virus is actually a common virus. Its got many other names. Either way they are not the easiest to remove because many anti-viral programs have trouble removing it because it often plants itself in an actual system file. When you do get a program that will remove it you may possibly get a message saying that you are about to delete a system file and that some programs may be affected. Thats when it gets tricky because I have a program that allows me to make java script notices and embed them in files and when the file is about to get deleted (or closed or whatever function i want the message to appear at) I can program it to display the notice with a continue and cancel button. Heres the good part. I can then program both buttons to do a certain function besides what its asking (using Visual Basic). It is then possible to have a tiny image file embedded in the host file, that is basicly a dead image or coverup for the virus the has been so convenitly hidden in the image, and have either one of those buttons reactivate the virus in the image while making it very hard for the source of the virus to be discovered. Cool ****. I learned alot in the 2 courses of computer programing that I took because some dumbass counseler told me thay would count as transferable credit. She was wrong but I learned how to **** **** up pretty good

    Anyways thats what alot of the anonomys junk email companies do to screw you good. Especially anonomys porn emails. They embed virus/trojans in images and with most computers now days the computer automatically executes a viewer or displayer that show the image on the screen. Its kinda like instead of the cancel or continue buttons on the delete message activating the culprit, your computer is actually activating it without you doing anything but thinking your just reading your email.

    Lesson for the day!
    Make sure whatever anti-virus program you use you have it scan all incoming email prior to opening anything. And even then you are not guarenteed sercurity. Welcome to the computer age ladies and gentlemen. Theres so many user friendly programs for making viruses and a decent means of delivering them that pretty soon youll be so sick of having to wipe your drive every other day that youll start buying stamps again.

    db
  19. Registered User
    db682's Avatar
    Join Date
    Jun 2003
    Age
    35
    Posts
    777
    Answers
    0

    Five people posted in the time it took me to write that. Damit man! I need to practice my typing skills.
  20. Registered User
    BigTEX's Avatar
    Join Date
    Mar 2004
    Age
    60
    Posts
    35
    Answers
    0

    The virus is in your system restore files.
    Your virus scanner can't clean it unless you "disable system restore"

    follow these instructions:
    http://service1.symantec.com/SUPPORT...rc=sec_doc_nam

    [QUOTE=Jergo]****!!!

    Man, I'm ****ing clueless now, you guys lost me like 5 years back.

    NP, like I said, I first got a virus when I DL'ed Kazaa media desktop. It was in a program called "my search bar" it was basically an added bar that displays right below the addy url window pan. or "go to" bar.

    Now, I went ahead and deleted that; it was actually a whole program. I then went and ran Adaware. That thing found like 22 different files, registry, etc. Deleted those out of my quarantine.

    SO, today AVAST! found another virus which is called what I posted above. And then I tried to do what I said about the trail-anti virus program, but w/ no luck...

    QUOTE]
  21. Registered User
    db682's Avatar
    Join Date
    Jun 2003
    Age
    35
    Posts
    777
    Answers
    0

    I guess this will teach you to download garbage off an unsecure website again.
  22. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    **** you db.. LOL...

    Well, I turned off system restore, ran Avast!; it found the same thing again. Plus another one....it was an active x type or some ****? and was in a temp folder. I deleted those two and then rebooted......

    Guess only time will tell.....thanks for the help...to whom should I send the tech support check too?
  23. Registered User
    BigTEX's Avatar
    Join Date
    Mar 2004
    Age
    60
    Posts
    35
    Answers
    0

    If all looks well then be sure to reenable system restore.

    Quote Originally Posted by Jergo
    **** you db.. LOL...

    Well, I turned off system restore, ran Avast!; it found the same thing again. Plus another one....it was an active x type or some ****? and was in a temp folder. I deleted those two and then rebooted......

    Guess only time will tell.....thanks for the help...to whom should I send the tech support check too?
  24. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    don't enable system restore..it is not necessary to have it so long as you have your OS CD handy..you can always do a repair...

    anyway..

    do this... power off your computer, turn it back on and hit F8...if you get back to windows, do it again b/c you missed the time when you need to hit F8

    so power on and keep hitting F8 unless it starts beeping, then stop..lol...but once you get to a list of options, select safe mode (alone)

    in safe mode

    right click on the start button in the lower left hand corner and click Explore

    you will see all your directories..in the C:\ drive.

    you will see a folder called temp..open and delete EVERYTHING.

    then go to the windows directory.. or winnt directory C:\windows, or C:\winnt
    and find the temp folder in there..open and delete EVERYTHING again.

    the only virus that I know of that will store info in the system restore files is the new one..

    http://securityresponse.symantec.com...oval.tool.html

    that is a link to remove all variants of the netsky virus

    also if you see any folders like FOUND.001 or something..delete them too

    If you need any more help, I charge 40/half hour for freelance work, minimum charge 1 hr..lol.....

    at the above site you can find other removal tools....the are in chronological order so you can do the most recent 5 or 10 or something..which is what i would do if you are concerned...

    also delete Kazaa and at least get Kazaa lite if you need something like that

    let see... go to

    http://www.zonelabs.com/store/conten...sp?lid=pdb_za1

    http://blackice.iss.net/product_pc_protection.php

    http://www.symantec.com/sabu/nis/npf/

    to see some options for firewall protection.... zonalarm has a free version that does not expire... might give you some trouble though...but its not bad for a free thing

    Black ice is ok..but you have to buy it

    norton is good... but only a trial then you have to buy it

    h19
  25. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Bro I went and tried to delete the temp folders. The WUTEMP folder is already empty it says. The temp folder in windows has stuff that I might need? It has Bullgard folders, adaware folders. Then it has some other stuff that I don't knowwhat it means. It has the TMP extension and then it has "jet" in the front, followed by numbers. Other folders that occupy it are altnet, offfilt, avast, and this one: _av_proI.tm~a03276

    Would I be okay in deleting these for good?

    Also, I just went and tried to turn system restore back on and it saidthat it could not be performed due to something about another drive, etc. So I restarted, and did it again, and it allowed me this time. Don';t know what that was about.

    Quote Originally Posted by hamper19
    don't enable system restore..it is not necessary to have it so long as you have your OS CD handy..you can always do a repair...

    anyway..

    do this... power off your computer, turn it back on and hit F8...if you get back to windows, do it again b/c you missed the time when you need to hit F8

    so power on and keep hitting F8 unless it starts beeping, then stop..lol...but once you get to a list of options, select safe mode (alone)

    in safe mode

    right click on the start button in the lower left hand corner and click Explore

    you will see all your directories..in the C:\ drive.

    you will see a folder called temp..open and delete EVERYTHING.

    then go to the windows directory.. or winnt directory C:\windows, or C:\winnt
    and find the temp folder in there..open and delete EVERYTHING again.

    the only virus that I know of that will store info in the system restore files is the new one..

    http://securityresponse.symantec.com...oval.tool.html

    that is a link to remove all variants of the netsky virus

    also if you see any folders like FOUND.001 or something..delete them too

    If you need any more help, I charge 40/half hour for freelance work, minimum charge 1 hr..lol.....

    at the above site you can find other removal tools....the are in chronological order so you can do the most recent 5 or 10 or something..which is what i would do if you are concerned...

    also delete Kazaa and at least get Kazaa lite if you need something like that

    let see... go to

    http://www.zonelabs.com/store/conten...sp?lid=pdb_za1

    http://blackice.iss.net/product_pc_protection.php

    http://www.symantec.com/sabu/nis/npf/

    to see some options for firewall protection.... zonalarm has a free version that does not expire... might give you some trouble though...but its not bad for a free thing

    Black ice is ok..but you have to buy it

    norton is good... but only a trial then you have to buy it

    h19
  26. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    delete everything in the temp folders......these are "temporary" files you do not need them...the only time you wouldn't want to delete them right away is if you in the middle of installing something and there were some files the software needed that were in the temp folder...even then you can delete it and just reinstall whatever it was

    trust me its ok...worst case scenario they will still be in your recycle bin for now and you could always restore...

    delete them though....its your best bet....

    also don't worry about system restore...do you have your OS cd?
  27. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    the WUtemp is a folder used when getting windows updates.

    all other **** inside ANY temp folder can be tossed..

    I do it to people in my company all the time..never checked if they needed it cause they shouldn't

    anyway..after all is done update windows, there are probably some critical security patches you could use.

    click tools in IE and select windows update

    h19
  28. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    also depending on the level of trust here (no offense taken if you don't want to do this)

    if you have windows XP I can get to your desktop from mine here..using a remote connection...if you set it up there i can get to it from here and fix your ****....all from my chair..cool right..lol

    h19
  29. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Bro I ran that symantec thing, and this is what it said:

    C:\System Volume Information: (not scanned)
    W32.Netsky has not been found on your computer.

    What does that "not scanned" mean? Thats the same file or whatever that had the virus on in the first place....( check above)
  30. Registered User
    NPursuit's Avatar
    Join Date
    Mar 2003
    Age
    37
    Posts
    1,803
    Answers
    0

    Good lord you guys have been busy. Jergo it looks like you are in good hands. Good luck.
  31. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    that is where your "system restore" files are located.....

    if you can see the folder you probably don't have access to it..right click on it and hit properties..then go to security and give yourself permission to access it..open it and you might see a tracking.log file which is ok..anything else you can delete as well..

    if you turned your sys restore off , that folder should be empty now anyway and there is no need to worry any longer about viruses in it...

    h19
  32. Jergo's Avatar
    Join Date
    Apr 2003
    Age
    33
    Posts
    1,436
    Answers
    0

    Quote Originally Posted by hamper19
    that is where your "system restore" files are located.....

    if you can see the folder you probably don't have access to it..right click on it and hit properties..then go to security and give yourself permission to access it..open it and you might see a tracking.log file which is ok..anything else you can delete as well..

    if you turned your sys restore off , that folder should be empty now anyway and there is no need to worry any longer about viruses in it...

    h19
    WHOOOWEEE!!!! LOL, Damn bro thanks for all the help. I know what you mean now about that system volume thing. No more DL'ing ANYTHING aNYMORe!!!

    Thing is, that when I got this, all I did was DL kazaa. I didn't even have a chance to DL any actual things/programs. This all came from the actual Kazaa media desktop.........And along with it came that added on feature named "my search bar". Like I said above, it was just another toolbar that floated below your url bar.

    And After I found this out, I then went to remove it from my add/remove programs feature. When I clicked it, another window said something like "Why do you want to uninstall? There's no viruses, no spyware, etc, etc. blah, blah, blah." YEAH RIGHT, eh? What a crock of ****.........

    And then after removing that program and its virus, I ran adaware and it found like 22 different things from that godamn virus infested search bar.....
  33. The True Warrior is one who conquers oneself
    hamper19's Avatar
    Stats
    5'7"  191 lbs.
    Join Date
    Oct 2002
    Age
    35
    Posts
    1,474
    Answers
    0

    yeah no problem, I will just send you the bill

    do a google search for cwshredder

    there is some crap called cool web search.its a tool bar type thing that is extremely annoying
  •   

      
     

Similar Forum Threads

  1. Fina question/problem
    By D_town in forum Anabolics
    Replies: 7
    Last Post: 01-15-2005, 07:55 PM
  2. Replies: 1
    Last Post: 12-25-2004, 11:57 AM
  3. My first thread/question.
    By pcazar in forum Weight Loss
    Replies: 3
    Last Post: 05-24-2004, 09:22 PM
  4. Keto Question/Problem
    By Rhapsody in forum Weight Loss
    Replies: 19
    Last Post: 06-16-2003, 01:37 PM
  5. Replies: 3
    Last Post: 12-20-2002, 04:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in