I Hate IE
#1
I was lucky enough to get a virus through internet explorer. I have ad-aware on my computer, and have run it and cleaned the 76 'information grabber' files. But the problem is not these files, the virus has dug itself somewhere and (I assume) produces these files.

The problem is not computer threatening, at least it does not appear to be. It causes internet explorer to load slowly, crash, and create pop up windows. No problems unless IE has been loaded.

As I mentioned earlier Ad-Aware has not fixed the problem (I re-downloaded the newest version available last night). When I try to load housecall from Trend Micro IE crashes. And when I try to run Housecall through mozilla firefox, it sends me to a page that requires a program be installed into my netscape plugins directory. The problem is the program won't recognize mozilla's plugin directory as correct, and will not install. I have every relevant windows update for XP.

And before people say 'switch to firefox' I already have. The funny thing is I uninstalled so I could load the new mozilla. But the servers were busy, so I reluctantly used IE last night. One night! What a mess. I've re-installed .8 and am on that now.

Like I said this problem does not appear to be *too* threatening, but I'd appreciate help as soon as possible.

-Munk
Reply
#2
Frist of all, take the internet plug out of the wall. Get a virus scanner that can run in safe mode in XP like McAfee. AVG from grisoft does not work in safe mode. Turn of system restore. I have no knowledge of norton, but I assume you can run it in safe mode if you have it. Get a firewall like Blackice. I hope that gets you started.
The mass of men lead lives of quiet desperation - Henry David Thoreau

Whatever doesn't kill you makes you stronger, and at the rate I'm going, I'm going to be invincible.

Chicago wargaming club
Reply
#3
Alright, I've run Mcafee free scan and found that I have:

Exploit-MhtRedir.gen
JS/Exploit-DialogArg.b
VBS/Psyme
Exploit-ObjectData
Exploit-IFrame

I've switched to a laptop and am on lurkerlounge right now. I don't mean this an offensive way, but is there anyway to get rid of these files, through mcafee and/or norton, that does not require money? I'm searching through their websites but have not found 'trials' or freeware.

If I have to, I'll buy the product. But I thought I'd ask first.

-Munk
Reply
#4
Entering each virus name into a search engine should get you a boatload of links on how to remove them.

For example this is the very first Google hit for "Exploit-MhtRedir.gen".

edit: before buying a commercial scanner, try out AVG or any of the other free antiviral software packages and see how they fare.
Reply
#5
Munkay,Jun 16 2004, 12:16 PM Wrote:Alright, I've run Mcafee free scan and found that I have:

Exploit-MhtRedir.gen
JS/Exploit-DialogArg.b
VBS/Psyme
Exploit-ObjectData
Exploit-IFrame

I've switched to a laptop and am on lurkerlounge right now.  I don't mean this an offensive way, but is there anyway to get rid of these files, through mcafee and/or norton, that does not require money?  I'm searching through their websites but have not found 'trials' or freeware.

If I have to, I'll buy the product.  But I thought I'd ask first.

-Munk
You are probably already doing this, but make sure you are keeping up-to-date with all of the patches available, and are running
a firewall.

I have yet to get a virus on my home windows computers (this is 3 years since I've actually settled down), and the only security precautions I have taken are:
  • Run Windows Update in automatic mode
    <>
  • Use a firewall (I now have a hardware firewall, but WinXP software firewall worked just fine)
    <>
  • Run Firefox/Mozilla instead of I.E.
    <>
  • Don't use Outlook<>
    [st]
    At work, however, it seems every virus that comes along gets everyone's PC somehow. Luckily 99% of my time is spent under Linux :P
Reply
#6
Quote:At work, however, it seems every virus that comes along gets everyone's PC somehow


Managers all want larger wangs and better sexual stamina. It's a law. They're also strangely intrigued whenever Frank in HR sends them love notes.
"AND THEN THE PALADIN TOOK MY EYES!"
Forever oppressed by the GOLs.
Grom Hellscream: [Orcish] kek
Reply
#7
I'm at my wits end.

After a very frustrating afternoon, I've still yet to make progress with the computer. AVG won't work because it can't find Shell.dll and then cannot find the temp setup.exe file. I've tried to use housecall from trend micro, to no avail. I won't bother listing the ridiculous things I've tried, but I'm at my wits end.

I get fed up fast and always end up formatting. But my harddrive can't love me too much after the multiple format's I've put it through. Should I bite the bullet and just buy norton/mcafee?

-Munk
Reply
#8
Munkay,Jun 16 2004, 08:26 PM Wrote:I'm at my wits end.

After a very frustrating afternoon, I've still yet to make progress with the computer.&nbsp; AVG won't work because it can't find Shell.dll and then cannot find the temp setup.exe file.&nbsp; I've tried to use housecall from trend micro, to no avail.&nbsp; I won't bother listing the ridiculous things I've tried, but I'm at my wits end.

I get fed up fast and always end up formatting.&nbsp; But my harddrive can't love me too much after the multiple format's I've put it through.&nbsp; Should I bite the bullet and just buy norton/mcafee?

-Munk
Don't shell out cash you don't need to just yet. Besides, there's no guarantee that either McAffe or Norton will help. It might actually be preferable to just format and reinstall.

Unfortunately I can't give you any hard and fast answers as to how you can clean up your system. I'm just not that experienced enough at malware removal. Your best bet is to look for forums specializing in this sort of thing. There are plenty out there.
Reply
#9
DeeBye,Jun 16 2004, 09:55 PM Wrote:Your best bet is to look for forums specializing in this sort of thing.&nbsp; There are plenty out there.
Much appreciated for the help thus far. It's late and I'll start the search tomorrow. Thanks DeeBye and everyone else whose helped. Damn Malware, its one of those things that you think only happens to computer illiterate porn/hack downloading goons.

Well, maybe I'm just a computer illiterate goon myself too then. If that's the case, here's to having a hearty laugh at myself. :D

Once I leave this murky swamp, I shall never set foot again into the depths of that scurvy Malware beast's lair, Internet Explorer!

-Munk
Reply
#10
Click start, then run, then type in msconfig. Then click the tab labeled "Startup" and make sure nothing nasty is starting itself up at the beginning. That's my tip for the day.
Reply
#11
Obi2Kenobi,Jun 17 2004, 05:21 AM Wrote:Click start, then run, then type in msconfig. Then click the tab labeled "Startup" and make sure nothing nasty is starting itself up at the beginning. That's my tip for the day.
You can also try one of the ultilities I couldn't live a Windows life without - CodeStuff Starter. Quickly kill all those processes that get left behind and remove startup entries left by self-important programs like Quicktime.
Lochnar[ITB]
Freshman Diablo

[Image: jsoho8.png][Image: 10gmtrs.png]

"I reject your reality and substitute my own."
"You don't know how strong you can be until strong is the only option."
"Think deeply, speak gently, love much, laugh loudly, give freely, be kind."
"Talk, Laugh, Love."
Reply
#12
ah, but does it kill quicktime everytime that it puts itself in there?
Every time you start quicktime (not as a web-plugin, as a stand alone proggy) it has the cheek to put itself BACK into your startup queue. It took me several removes from the startup queue before I figured out why it kept happening.
Someone should make a law against software that does that sort of thing, but I can't imagine it happening :(
If I put that in my manifesto, would you vote for me?

-Bob
Reply
#13
Munkay,
I had a similar problem to what you had. It is some nasty stuff. It is also a pain in the neck to get rid of, but there is help. Here is a forum website that I went to that helped me get rid of malware/spyware.

I double checked Elrics Etiquitte on this and saw that there is nothing against posting other forum websites. SpywareInfo

There are some really good info and also some good free anti-spyware software to download that works. They will help you with your malware issue. They did with me and the software I downloaded helped too. It took a while, but I did not have to reformat my drive.
**Paul**
I will make weapons from your bones--Smith
"I am pond scum"--Bull Shannon from Night Court
The last one is a line in the show. It is a very funny line. You have to watch the episode to understand the phrase.
Reply
#14
Quote:If I put that in my manifesto, would you vote for me?
Yes. But, I'm in the market for a viable 3rd party candidate. :) My solution for Quicktime is to only use it to run .qt files. After which use, I have to go through the registry and clean up after it.

Some tips not already stated (enough);

1) Turn off ActiveX scripting, or at least make it ask you before they run.
2) Learn how to use regedit to find the "Run" on startup places.
3) Turn off MSTask service, unless you need it, which most people don't.
4) Get AVG, have it update and run every day (or night if you like) -- it is as good as McAfee or Symantec.
5) Get a firewall, hardware if you can afford the $60.
6) Get a popup blocker -- 90% of the pages that are willing to send me a popup are willing to corrupt my system.
7) Use an alternative to IE
8) Avoid at all costs Outlook Express.
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.

[Image: yVR5oE.png][Image: VKQ0KLG.png]

Reply
#15
You know what they sayd about opinions and advice.....

What helped me this year when my computer suddenly got attacked by multiple viri, was the following:

1. Unplug from the internet.
2. Have a friend download drivers for you and burn them to a disk. Drivers like th mobo, graphics card, etc.
3. Get a copy of a firewall program.
4. Get an AV program.
5. Burn XP SP1 to a disk.
6. Back up all important information you may have on your hard drives onto CD-RW's.
7. Reformat.
8. Install drivers, SP1, AV, and firewall (set firewall on highest level for now).
9. Reconnect to the internet and do a Microsoft Update.
10. Use Firefox 0.9
11. Don't use Outlook or Outlook Express (like others have saud)

Here are a couple websites that will explain how to disable some of the services that MS thinks you need:

http://www.blackviper.com

http://www.tweakxp.com
The mass of men lead lives of quiet desperation - Henry David Thoreau

Whatever doesn't kill you makes you stronger, and at the rate I'm going, I'm going to be invincible.

Chicago wargaming club
Reply
#16
Bob,Jun 17 2004, 10:13 AM Wrote:ah, but does it kill quicktime everytime that it puts itself in there?
Every time you start quicktime (not as a web-plugin, as a stand alone proggy) it has the cheek to put itself BACK into your startup queue.
Sadly, no. But wouldn't it be "da bomb" if it did automagically see it and kill it? I have the shortcut on my desktop so it is very quick. I open Starter, select and delete the Quicktime startup entry, select and terminate the process it left running and close Starter. It's almost an automatic reaction to seeing Quicktime run. Even worse than Quicktime is RealPlayer. At least Quicktime leaves you alone when you use the browser plugin. RealPlayer, plugin or stand alone, always insists on working its way into your system as well as adding a new menu where it thinks it belongs. If there weren't so many technically challenged people using computers that think "it should just work" like the toaster they use each morning, maybe companies wouldn't be so quick to do such things.

Quote:If I put that in my manifesto, would you vote for me?

Yes!
Lochnar[ITB]
Freshman Diablo

[Image: jsoho8.png][Image: 10gmtrs.png]

"I reject your reality and substitute my own."
"You don't know how strong you can be until strong is the only option."
"Think deeply, speak gently, love much, laugh loudly, give freely, be kind."
"Talk, Laugh, Love."
Reply
#17
There is a download out there called RealAlternative. This gives you all the RealPlayer codecs with the real player and you can uninstall them at any time. This is a link to where you can download the codec.
The mass of men lead lives of quiet desperation - Henry David Thoreau

Whatever doesn't kill you makes you stronger, and at the rate I'm going, I'm going to be invincible.

Chicago wargaming club
Reply
#18
pakman,Jun 17 2004, 11:18 PM Wrote:There is a download out there called RealAlternative.&nbsp; This gives you all the RealPlayer codecs with the real player and you can uninstall them at any time.&nbsp; This is a link to where you can download the codec.
This post needs to be quoted one hundred times.
Reply
#19
Spybot Search and destroy, make sure you update it.
Make sure you update Ad-aware's files before running it, too.

I have had to boot computers to the command prompt in OSes from 95 to XP to remove a nasty file that won't go quietly under the normal booting of the OS, too.

There are no *easy* answers. However, I will note to you that under my normal surfing habits, I don't even get any of that spyware on my computer....
--Mav
Reply
#20
I'm an unlucky duck. I've also hit a final road block.

After an odessy involving Ad-Aware, CWShredder, Netscape, PC-Cillin, Norton, Mcafee, HijackThis, Spybot, two support forums, and a few hours of editing the registry, I think this ship is sunk.

Norton was the only program to actually find the real problem, though the full version of Norton was unable to delete, quarentine, or clean the files. I went to their website, and attempted to regedit the lines of malicious code. I hit a roadblock when my computer failed to have the all the folders and/or registry files the website mentions. I edited the ones that were there, rebooted, scanned again, and the problem is still there.

After three days of the computer, its time to abandon the sinking ship. The heralds are calling for a format. Too bad I still can't find my xp cd. <_<

Some days things just don't quite go your way. I appreciate everyones help immensely.

At the end of the day I'm just happy its a computer virus and not a real virus threatening my health.

Cheers,

-Munk
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)