Computer Hope
Software => Computer viruses and spyware => Topic started by: chriscool9 on October 19, 2006, 11:35:17 AM
-
Ok guys, i was on a WAREZ site (yes ive learnt my lesson from the stupid websites) and within a half a second of the site loading i get the little window that you get when you select to download something, ie if you want to 'Save to Disk' or 'Open With'. Then about half a second later i see a message bottom right that tells me a virus has tried to get into my laptop (ive seen it before so it didint bother me) but then Avast! goes mad and starts telling me what to do with it, it recomends that i move it to chest, which i do. So i instantly press the button on my laptop to disable the wireless card. Problem over? I hope so but i have a couple of questions.
The virus name was Win32: Dialer-521 [Trj], so i googled it and i went on a forum and it said that someone had caught it but Avast! didint pick it up, so this has got me worried. Ill do a scan, but what if it doesnt pick it up :(
Also im running on wireless, so even if i am infected will it even have any effect?
Thanks in advance
Chris
-
use ewido spybot adaware windows defender
its a dailer spybot should get it
nice to see you here chris
unlovedwarrior
-
nice to see you here chris
Hehehe thanks.
I tried Edwido a while back and i had to uninstall it becuase it kept making false reports on things on my laptop. Anyway i went onto Avast! and selected 'Scheduale Boot Time Scan' so it told me to restart laptop where it did a scan. Everything came up clean, but one thing worried me. It said access to one file was denied. Here is the log below:
10/19/2006 18:39
Scan of all local drives
File C:\hiberfil.sys Error 0xC0000022 {Access Denied}
Number of searched folders: 6234
Number of tested files: 89998
Number of infected files: 0
So she says theres no viruses but like i said earlier i found a post on a forum that he did ahve the virus but no scanners piked it up :(
Thanks for help Unloved
Chris
-
http://www.google.com/search?hl=en&q=hiberfil.sys&btnG=Google+Search
LOOK AROUND HERE
did you try the other programs
aslo try stinger from the FAQ spyware/virus sticky
-
Are you an Internet Explorer user?
::)
-
http://www.google.com/search?hl=en&q=hiberfil.sys&btnG=Google+Search
LOOK AROUND HERE
did you try the other programs
aslo try stinger from the FAQ spyware/virus sticky
Brillient thanks matey!!!
Also Raptor no i use Firefox, find it alot more user friendly, attractive and faster.
Chris
-
I have no problems with Ewido...i don't use the live scanning process as well.
patio. 8-)
-
Well it was ok, untill that really irritating alarm started sounding alerting me that firefox was chockablock full of spyware. It then tried to tell me that numerous other programs where full of it, so i jsut uninstalled it.
Anyway Unlovedwarrior ive decided that its best off not deleating the hiberfil.sys seing as its used for hibernation and my laptop has a dodgey power connection which can often result in it going into hibernation. Thanks so much for the info anyway.
Also should i still be worried that the virus still might be active within my laptop eventhough it wasnt picked up, bearing in mind that there was another user that has it but Avast! didint pick it up.
Thanks again
Chris
-
did you try stinger
-
Its scanning now...
Although when i looked at the List Viruses it didint ahve the one im worried about. Still no harm in running it. Ill edit this psot with the results once i get them.
Thanks
Chris
-
u dled the new one right
-
The new one Stinger v2.6.0??
Chris
-
k what about spybot??
-
Nothing with that.... So far so good!!!!
Btw thanks for all this!
Chris
-
no problem this section is where i belong and enjoy being here. try avg free, uninstall avast and install avg free patio just posted the newest one in this forum :D
and if your real freaked out about you can back up any important files and reformat thatll it rid of the buggger
-
Hehehe, well this stinger could take a good while. Could be a good 30 mins so ill reply when its finished.
Chris
-
Avast! goes mad and starts telling me what to do with it, it recomends that i move it to chest, which i do.
Apparently AVAST did pick it up as soon as it downloaded. It is now safely quarentined so that it cannot execute. When you scan, it won't detect it inside its own quarentine folder because it put it there. You can go into that folder and permanently delete the item. The guy who got infected with it was like the old saying, "a day late and a dollar short". He either didn't have his virus protection running or it was not properly updated.
-
Avast! goes mad and starts telling me what to do with it, it recomends that i move it to chest, which i do.
Apparently AVAST did pick it up as soon as it downloaded. It is now safely quarentined so that it cannot execute. When you scan, it won't detect it inside its own quarentine folder because it put it there. You can go into that folder and permanently delete the item. The guy who got infected with it was like the old saying, "a day late and a dollar short". He either didn't have his virus protection running or it was not properly updated.
Ok thanks for that, it reasures me, ill just deleate it via the cheast.
Anyway ive got that thing done Unlovedwarrior and its says im completely free of anything.
So i take it from all the scans and whatnot ive done, they have all come up clear, i presume im safe?!
Chris
-
to make run avast again a quick scan
-
Ok, i might not have the results of it up by tonight but defo tommorow seeing as im not at school for the whole of this week :(
Chris
-
You should download the Noscript extension for Firefox and only manually accept and deny cookies. Disable third party cookies as they are always irrelevant.
-
Yea ive got my FF custome enabled for cookies, only websites i put in the list are able to.
Ok well scan done unlovedwarrior and everything seems ticketyboo.
But i did get this, ive attached an image of it, as you may notice all the files have something to do with Rihanna (the singer, shes stuning!!) , could these files be infected, becuase all it says is 'Unable to scan'....
Thanks again in advance
Chris
-
try scanning them in safe mode the whole folder that there are in
-
Rihanna who? I still listen to Ella Fitzgerald. :)
Strange that your files are unscanable . In what folder are they located?
-
Errrmm, good question Raptor, give me a few mins.
Chris
-
This might sound silly but i dont think they exist, i cant find them anywhere and some of them i dont even think ive downloaded :(
Anyway i think theyll be ok becuase theyre files that cant really become infected, i mean .m3u (which is a playlist i think) isnt able to be infected....
So am i all clear?!
Chris
-
if avg found them then they are they some where are u sure they arent hidden
-
AVG?
Do you mean Avast! ?? Anyway ill have another look around.
Chris
-
yea do a search for one of the songs
start search
-
Ok i looked at that log and it made me remember that a while back I 'accuired' Rihanna's album (it's WinRar'd), i went to where the album was located and sure enough all the file names in the log are the same as the ones in the Rar file. But its funny because there are alot of other Rar'd files in that directory and they scan fine.
Chris
-
This might sound silly but i dont think they exist, i cant find them anywhere and some of them i dont even think ive downloaded :(
Anyway i think theyll be ok becuase theyre files that cant really become infected, i mean .m3u (which is a playlist i think) isnt able to be infected....
So am i all clear?!
Chris
Try a registry cleaner, perhaps they're broken entries of some sort..
-
Ok i looked at that log and it made me remember that a while back I 'accuired' Rihanna's album (it's WinRar'd), i went to where the album was located and sure enough all the file names in the log are the same as the ones in the Rar file. But its funny because there are alot of other Rar'd files in that directory and they scan fine.
Chris
Thanks anyway Raptor, sorted it, still a bit weried though that it wont scan Rihanna but will the others. Just one of those things i guess..
Again thanks anyway.
Does everything look ok to you two..??
Chris
-
if you want you can use Ccleaners issue scan to clean ur register up a notch... but is everything working fine other wise?? or are there other issues??
-
Hey, soz i didint reply i had to get to sleep. Im not used to being on the laptop for that much time, was like 3 hours or something :(
I got CCleaner already and jsut cleaned everythig up. Also yea i think everything else seems in working order, everythings clean.
Right well i think ive learnt my lesson, and thanks Raptor, 2_k Dummy and Unloved, its all appreciated loads!!!
Thanks again
Chris
-
Ok i looked at that log and it made me remember that a while back I 'accuired' Rihanna's album (it's WinRar'd), i went to where the album was located and sure enough all the file names in the log are the same as the ones in the Rar file. But its funny because there are alot of other Rar'd files in that directory and they scan fine.
Chris
Thanks anyway Raptor, sorted it, still a bit weried though that it wont scan Rihanna but will the others. Just one of those things i guess..
Again thanks anyway.
Does everything look ok to you two..??
Chris
THey're rarred? If they're passworded they can't be scanned.
-
Ahhh it does seem to be passworded, i think i might be able to get around it.
Chris
-
if you want you could just reformat the laptop and be completely safe but its up to you
-
No thanks, i dont beleive in formatting. I think i am safe though becuase ll the tests have came up negative.
Thanks again for all the info and help guys
Chris
-
y dont u believe in it?
-
Mainly becuase i would prefer to find the problem and find a fix for it without having to format and lose everything, just seems a bit lazy to me.
I know i could back up everything but like i said i would prefer to find the problem and fix it myself so i know for next time.
Chris
-
Mainly becuase i would prefer to find the problem and find a fix for it without having to format and lose everything, just seems a bit lazy to me.
I know i could back up everything but like i said i would prefer to find the problem and fix it myself so i know for next time.
Chris
Reformatting everytime something goes wrong is the granny way of resolving this.
But if your security has been compromised to a point where you can no longer trust your Windows installation, it is the best option in my eyes.
-
Me personally i would boot into safemode and delete anything that relates to Rhianna just to be safe.
-
I think it is safe becuase lot of my other mates have it, ive found out the pass and scanned it and its ok. Thanks alot guys
Chris
-
your very welcome chris dont be shy come back anytime
-
Me personally i would boot into safemode and delete anything that relates to Rhianna just to be safe.
She's not even that good...
-
Mainly becuase i would prefer to find the problem and find a fix for it without having to format and lose everything, just seems a bit lazy to me.
I don't know about that, but sometimes a good format and reinstall is quicker, and is a guaranteed fix, for a while.
-
Me personally i would boot into safemode and delete anything that relates to Rhianna just to be safe.
She's not even that good...
Yeah. Did I mention I still listen to Ella Fitzgerald? I've got a casket...
Mainly becuase i would prefer to find the problem and find a fix for it without having to format and lose everything, just seems a bit lazy to me.
I don't know about that, but sometimes a good format and reinstall is quicker, and is a guaranteed fix, for a while.
I think reformatting is a bit overkill in this situation, though.
-
I think reformatting is a bit overkill in this situation, though.
It was a general comment. I have seen some of these threads go on for weeks, when a reinstall would have fixed the problem in hours. ;)
-
lol but its up to the owner
-
There's a lot to be said for both cleaning and reformatting, you can always do both.
That way you gain some knowledge in both areas.
I also believe that manual cleaning by deletion of files and or removal of entries with HJT does not necessarily complete the job properly.
I even have my doubts about so called cleaning programs.
You only have to uninstall a program then check your registry and program files to see what crap is left over from legitimate programs.
-
lol but its up to the owner
And what their time is worth. Ours is free, so I suspect that's why some of the threads do drag on.......
-
lol but its up to the owner
And what their time is worth. Ours is free, so I suspect that's why some of the threads do drag on.......
Nope, that's because we get paid by the hour...
-
There's a lot to be said for both cleaning and reformatting, you can always do both.
That way you gain some knowledge in both areas.
I also believe that manual cleaning by deletion of files and or removal of entries with HJT does not necessarily complete the job properly.
I even have my doubts about so called cleaning programs.
You only have to uninstall a program then check your registry and program files to see what crap is left over from legitimate programs.
no program is prefect and the left over are just a side efffect thats why its always good to reformat every so often