| Original message ([an error occurred while processing this directive] Views )[an error occurred while processing this directive]
| Replies:
|
| Zepy 569th Post
 
New Red Carpet Member
 
    
    
|  "Re(4):SOMEONE GONNA GET RAPED"
, posted Tue 5 Aug 08:00
Remote assistance is really useful actually. Try teaching a computer illiterate how to do a simple task like reconfiguring his proxy over the phone! Remote assistance comes into play then. I'm not sure, but I haven't read of any Remote assistance exploits that allow break-ins, but why matter, when anybody can just get full access to your computer with a few lines of code on a website as long as you're running any version of IE!
As for computer security, it doesn't really matter for the home user if he's using Win2k, WinXP, or Win2k3, it already comes with the most basic victims of computer exploitation, Internet Explorer and Outlook. And even without the aid of those programs, users seem to just run unknown backdoors all the time for some unknown reason. Its almost uncommon to find a normal user's computer without any viruses, even if he's using anti-virus.
This is partially due to the fact that, according to my own findings, popular virus scan programs from companies like Symantec and MacAfee aren't as good/perfect as many think them to be. They tend to be unable to detect a host variety of backdoors, as I've tested, among others.
So if anti-virus doesn't work, what can protect you from viruses? The best way I've found, which basically only prevents backdoors, was to check the computer processes every now and then and check for alien processes that shouldn't be there.
All those preventive measures are only for users that find themselves always being exploited by viruses, backdoors, and microsoft bugs however. I've never really gotten exploited myself, but I've had tons of experience in this because normal users are champs at this virus thing, and they like to call me. ugh.
I'm pretty sure IE is now the primary method of spreading viruses and backdoors though, I've been monitoring the computer usage habits of some people, and they don't run any suspicious programs nor do they use outlook, but some can get up to 7 unique viruses a week, not including spyware like the one from hell, Xupiter. What in the world!
And if your computer is constantly sending out data at its peak, then you're being used as a DDoS bot. Find some way to clean it.
|
| Orochi Herman
7th Post
New Customer
|  "Re(5):SOMEONE GONNA GET RAPED"
, posted Tue 5 Aug 08:17
quote:
Remote assistance is really useful actually. Try teaching a computer illiterate how to do a simple task like reconfiguring his proxy over the phone! Remote assistance comes into play then. I'm not sure, but I haven't read of any Remote assistance exploits that allow break-ins, but why matter, when anybody can just get full access to your computer with a few lines of code on a website as long as you're running any version of IE!
As for computer security, it doesn't really matter for the home user if he's using Win2k, WinXP, or Win2k3, it already comes with the most basic victims of computer exploitation, Internet Explorer and Outlook. And even without the aid of those programs, users seem to just run unknown backdoors all the time for some unknown reason. Its almost uncommon to find a normal user's computer without any viruses, even if he's using anti-virus.
This is partially due to the fact that, according to my own findings, popular virus scan programs from companies like Symantec and MacAfee aren't as good/perfect as many think them to be. They tend to be unable to detect a host variety of backdoors, as I've tested, among others.
So if anti-virus doesn't work, what can protect you from viruses? The best way I've found, which basically only prevents backdoors, was to check the computer processes every now and then and check for alien processes that shouldn't be there.
All those preventive measures are only for users that find themselves always being exploited by viruses, backdoors, and microsoft bugs however. I've never really gotten exploited myself, but I've had tons of experience in this because normal users are champs at this virus thing, and they like to call me. ugh.
I'm pretty sure IE is now the primary method of spreading viruses and backdoors though, I've been monitoring the computer usage habits of some people, and they don't run any suspicious programs nor do they use outlook, but some can get up to 7 unique viruses a week, not including spyware like the one from hell, Xupiter. What in the world!
And if your computer is constantly sending out data at its peak, then you're being used as a DDoS bot. Find some way to clean it.
I have yet to see those 6 patches windows XP issued.
However, I found my internet server to be constantly afflicted by a trojan called backdoor.sdbot. I kill it by task manager, and somehow it keeps coming back. I'll need to blacklist some sites in my proxy real soon. backdoor.sdbot is detected by symantec, but I think it updates its code regularly to evade detection.
I tried remote assistance once. Laggy sometimes. But the worse flaw XP/2k has is that net messaging thing. That was really annoying.
|
| Orochi Herman
9th Post
New Customer
| "Re(7):SOMEONE GONNA GET RAPED" , posted Tue 5 Aug 08:46
quote:
Now i'm thinking... does reformatting the drive which the OS is installed in helps? I'm not a very deep person into such stuff therefore finding a way to clear that whatever DDoS Bot Crap is beyond me.. tat farked up bot is even draining my com resources at the same time its annoying me.
Trust me, you wouldn't want to reformat and then that happening again.
First, if anyone else is using your comp, check which sites they've entered to recently. If no one else is using your comp, good. If someone else is, make sure he/she's not frequenting dubious-looking sites. Otherwise, you may have found the culprit as to why a trojan has entered your site.
Second, get ad-aware and spybot s&d. Get a clean bill of health from those then proceed to the third step.
Third, pres ctrl+alt+del and check the processess tab. If you see any process that is run by your username and NOT by the system process, kill the process. If you do find one, look for the entry in msconfig (spawned by the "run" box) and the track it down. Kill the entry afterwards.
Fourth, find the same thing in regedit in hklm/system/currentcofig/run or something. Delete too.
Fifth, search for the executable and nuke it from there. enable "view system files" and "view file extensions" before doing so. Specify in your search criteria to look in system files and folders.
Sixth, if you seem unable to find the executable, open command prompt, go to the /system or /system32 folder of your windows, and open system.ini. Some trojans insert their filenames to be opened on startup. Delete the file executable entry if you find it.
Hope that helps.
|
| He||SinG
187th Post
Regular Customer
| "Re(8):SOMEONE GONNA GET RAPED" , posted Tue 5 Aug 09:16
quote:
Now i'm thinking... does reformatting the drive which the OS is installed in helps? I'm not a very deep person into such stuff therefore finding a way to clear that whatever DDoS Bot Crap is beyond me.. tat farked up bot is even draining my com resources at the same time its annoying me.
Trust me, you wouldn't want to reformat and then that happening again.
First, if anyone else is using your comp, check which sites they've entered to recently. If no one else is using your comp, good. If someone else is, make sure he/she's not frequenting dubious-looking sites. Otherwise, you may have found the culprit as to why a trojan has entered your site.
Second, get ad-aware and spybot s&d. Get a clean bill of health from those then proceed to the third step.
Third, pres ctrl+alt+del and check the processess tab. If you see any process that is run by your username and NOT by the system process, kill the process. If you do find one, look for the entry in msconfig (spawned by the "run" box) and the track it down. Kill the entry afterwards.
Fourth, find the same thing in regedit in hklm/system/currentcofig/run or something. Delete too.
Fifth, search for the executable and nuke it from there. enable "view system files" and "view file extensions" before doing so. Specify in your search criteria to look in system files and folders.
Sixth, if you seem unable to find the executable, open command prompt, go to the /system or /system32 folder of your windows, and open system.ini. Some trojans insert their filenames to be opened on startup. Delete the file executable entry if you find it.
Hope that helps.
A million thanx for the information and step by step FAQ on how to kill these invaders. But i'm afraid i still have to reformat my cpu because..
1. Ad aware has caused me inconvenience in the past. When i deleted all the spywares frm my cpu.. alot of websites i've tried to visit ended up becoming like this "This Page Could Not be Displayed"
2.Hmm i've did the alt-ctrl-del stuff but in the processes window, it did not display whether the program is being executed by my username or the system process itself. But true enough, theres weird program names popping up in it. Example: hidden32.exe And i couldnt end the god damn program. Even the exe itself isnt deletable frm system32 because the program is running.
3. My cpu is fucked. msconfig doesnt seem to exist in my OS.
4. From the above situation.. i doubt i could go on to the next few steps.. so im only left with my only choice..and tts reformat. Dammit. DAMN YOU MICROSOFT.
Irresistable..!!
|
| ONSLAUGHT 2372th Post
Platinum Carpet V.I.P- Board Master
    
    
  
| "Mmmmmhh..." , posted Tue 5 Aug 10:10
quote:
A million thanx for the information and step by step FAQ on how to kill these invaders. But i'm afraid i still have to reformat my cpu because..
1. Ad aware has caused me inconvenience in the past. When i deleted all the spywares frm my cpu.. alot of websites i've tried to visit ended up becoming like this "This Page Could Not be Displayed"
2.Hmm i've did the alt-ctrl-del stuff but in the processes window, it did not display whether the program is being executed by my username or the system process itself. But true enough, theres weird program names popping up in it. Example: hidden32.exe And i couldnt end the god damn program. Even the exe itself isnt deletable frm system32 because the program is running.
3. My cpu is fucked. msconfig doesnt seem to exist in my OS.
4. From the above situation.. i doubt i could go on to the next few steps.. so im only left with my only choice..and tts reformat. Dammit. DAMN YOU MICROSOFT.
Wait, don't do that!
There are certain viruses, trojans and backdoors that keep replicating themselves when you try to eliminate them, but there's a way to "kill" or to put to "sleep" them, so you can delete them completely (I will comment on that later).
1.- try to be careful on your internet habits, downloading programs from kazaa or warez sites, is like downloading one of these pests for sure.
Don't use cracks or keygens, because they usually infect your system with a trojan that sends information to other computers (like passwords, credit card numbers and even the name of your cat).
2.- try to know and identify the normal running processes of your system. I found a site a long time ago, that lists task-list programs and the startup applications, browse it by its alphanumeric index, or browse it completely, just to be informed http://www.pacs-portal.co.uk/startup_pages/startup_full.htm and http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
3.- once you identify the running processes and startups, try to eliminate those who are giving you problems, I recommend to first run an antivirus to try to eliminate it via the normal way, but if that doesn't work (and I know it's your case), try searching for a little program called cctask.exe.
This little gem (cctask.exe), kills any running process on your computer, allowing you to eliminate said program without allowing it to spread or replicate itslef when you delete it.
For example, if you're trying to delete a trojan that's inside, mmmhh, let's say rundll32.exe, first, try to search for a backup of it, then copy it to a new folder; then proceed to delete the infected rundll32.exe thingie, and then replace it with the uninfected copy you downloaded/got earlier.
But here, you will find a little problem, usually this damn rundll32.exe is always running, and you can't rename it or delete it, so, how can you get rid of it? Simply: Use the cctask program, to kill the activity of rundll32.exe (kill it several times if it refuses to die), then delete said program, and replace it with the new copy you have on the other folder.
And that's pretty much it, however, you have to be very sure of what you're doing, if you have any doubts about killing a virus when a warning message appears or something, don't delete it, first, try to get as much info about it, don't rush it; a long time ago, I tried to eliminate this damn wyx virus (using an antivirus), without the proper information about it, and after that my fat32 was assassinated in the proccess, wich resulted in the loss of everything living inside my HD... my heart hasn't recovered from that to this day...
Well, I hope that helps a little
|
| Hungrywolf 2142th Post
Platinum Carpet V.I.P- Board Master
| "Re(1):Mmmmmhh..." , posted Tue 5 Aug 11:57
quote:
A million thanx for the information and step by step FAQ on how to kill these invaders. But i'm afraid i still have to reformat my cpu because..
1. Ad aware has caused me inconvenience in the past. When i deleted all the spywares frm my cpu.. alot of websites i've tried to visit ended up becoming like this "This Page Could Not be Displayed"
2.Hmm i've did the alt-ctrl-del stuff but in the processes window, it did not display whether the program is being executed by my username or the system process itself. But true enough, theres weird program names popping up in it. Example: hidden32.exe And i couldnt end the god damn program. Even the exe itself isnt deletable frm system32 because the program is running.
3. My cpu is fucked. msconfig doesnt seem to exist in my OS.
4. From the above situation.. i doubt i could go on to the next few steps.. so im only left with my only choice..and tts reformat. Dammit. DAMN YOU MICROSOFT.
Wait, don't do that!
There are certain viruses, trojans and backdoors that keep replicating themselves when you try to eliminate them, but there's a way to "kill" or to put to "sleep" them, so you can delete them completely (I will comment on that later).
1.- try to be careful on your internet habits, downloading programs from kazaa or warez sites, is like downloading one of these pests for sure.
Don't use cracks or keygens, because they usually infect your system with a trojan that sends information to other computers (like passwords, credit card numbers and even the name of your cat).
2.- try to know and identify the normal running processes of your system. I found a site a long time ago, that lists task-list programs and the startup applications, browse it by its alphanumeric index, or browse it completely, just to be informed http://www.pacs-portal.co.uk/startup_pages/startup_full.htm and http://www.answersthatwork.com/Tasklist_pages/tasklist.htm
3.- once you identify the running processes and startups, try to eliminate those who are giving you problems, I recommend to first run an antivirus to try to eliminate it via the normal way, but if that doesn't work (and I know it's your case), try searching for a little program called cctask.exe.
This little gem (cctask.exe), kills any running process on your computer, allowing you to eliminate said program without allowing it to spread or replicate itslef when you delete it.
For example, if you're trying to delete a trojan that's inside, mmmhh, let's say rundll32.exe, first, try to search for a backup of it, then copy it to a new folder; then proceed to delete the infected rundll32.exe thingie, and then replace it with the uninfected copy you downloaded/got earlier.
But here, you will find a little problem, usually this damn rundll32.exe is always running, and you can't rename it or delete it, so, how can you get rid of it? Simply: Use the cctask program, to kill the activity of rundll32.exe (kill it several times if it refuses to die), then delete said program, and replace it with the new copy you have on the other folder.
And that's pretty much it, however, you have to be very sure of what you're doing, if you have any doubts about killing a virus when a warning message appears or something, don't delete it, first, try to get as much info about it, don't rush it; a long time ago, I tried to eliminate this damn wyx virus (using an antivirus), without the proper information about it, and after that my fat32 was assassinated in the proccess, wich resulted in the loss of everything living inside my HD... my heart hasn't recovered from that to this day...
Well, I hope that helps a little
Nice to see you, Onslaught.
"You're good baby I'll give you that.....but me? I'm magic!"
-Bullseye Daredevil movie
Hungry Like the Wolf
|
| Adon 1139th Post
Red Carpet Premium Member+
| "Re(9):SOMEONE GONNA GET RAPED" , posted Tue 5 Aug 12:15
quote:
Now i'm thinking... does reformatting the drive which the OS is installed in helps? I'm not a very deep person into such stuff therefore finding a way to clear that whatever DDoS Bot Crap is beyond me.. tat farked up bot is even draining my com resources at the same time its annoying me.
Trust me, you wouldn't want to reformat and then that happening again.
First, if anyone else is using your comp, check which sites they've entered to recently. If no one else is using your comp, good. If someone else is, make sure he/she's not frequenting dubious-looking sites. Otherwise, you may have found the culprit as to why a trojan has entered your site.
Second, get ad-aware and spybot s&d. Get a clean bill of health from those then proceed to the third step.
Third, pres ctrl+alt+del and check the processess tab. If you see any process that is run by your username and NOT by the system process, kill the process. If you do find one, look for the entry in msconfig (spawned by the "run" box) and the track it down. Kill the entry afterwards.
Fourth, find the same thing in regedit in hklm/system/currentcofig/run or something. Delete too.
Fifth, search for the executable and nuke it from there. enable "view system files" and "view file extensions" before doing so. Specify in your search criteria to look in system files and folders.
Sixth, if you seem unable to find the executable, open command prompt, go to the /system or /system32 folder of your windows, and open system.ini. Some trojans insert their filenames to be opened on startup. Delete the file executable entry if you find it.
Hope that helps.
A million thanx for the information and step by step FAQ on how to kill these invaders. But i'm afraid i still have to reformat my cpu because..
1. Ad aware has caused me inconvenience in the past. When i deleted all the spywares frm my cpu.. alot of websites i've tried to visit ended up becoming like this "This Page Could Not be Displayed"
2.Hmm i've did the alt-ctrl-del stuff but in the processes window, it did not display whether the program is being executed by my username or the system process itself. But true enough, theres weird program names popping up in it. Example: hidden32.exe And i couldnt end the god damn program. Even the exe itself isnt deletable frm system32 because the program is running.
3. My cpu is fucked. msconfig doesnt seem to exist in my OS.
4. From the above situation.. i doubt i could go on to the next few steps.. so im only left with my only choice..and tts reformat. Dammit. DAMN YOU MICROSOFT.
hmm I am in the same boat as you. I have to reformat. My knowledge of comps is limited. I am too experincing NT Authority System doing its random shutdowns. Most of my programs our corrupt including office which is the main reason the ARCS arent up now and everything is registered in C for my drive when a repair/re-install was done it renamed it to F for the hard drive
|
| ONSLAUGHT 2373th Post
Platinum Carpet V.I.P- Board Master
| "Sadistic rapist" , posted Mon 11 Aug 21:32
quote:
Hey guys, thanx for all the help.
No prob man, I'm glad evrything is ok.
BTW, have you seen this? I know is the subject of this thread, but I didn't know the name of the worm, you can find info here.
http://story.news.yahoo.com/news?tmpl=story&u=/nm/20030812/wr_nm/tech_windows_worm_dc_3
I had this problem today, and downloaded the patch (It was an odissey, because I had problems searching for the damned spanish patch), but it doesn't get rid of the problem.
Anyway, I deleted this worm, it was called msblaster.exe, I hope you can delete said worm too.
I installed the latest version of Ad-Aware as well, and found tons of critters hidden inside my HD.
Well, that's all for now.
|
| He||SinG
206th Post
Frequent Customer
| "Re(1):Sadistic rapist" , posted Tue 12 Aug 00:07
quote:
Hey guys, thanx for all the help.
No prob man, I'm glad evrything is ok.
BTW, have you seen this? I know is the subject of this thread, but I didn't know the name of the worm, you can find info here.
http://story.news.yahoo.com/news?tmpl=story&u=/nm/20030812/wr_nm/tech_windows_worm_dc_3
I had this problem today, and downloaded the patch (It was an odissey, because I had problems searching for the damned spanish patch), but it doesn't get rid of the problem.
Anyway, I deleted this worm, it was called msblaster.exe, I hope you can delete said worm too.
I installed the latest version of Ad-Aware as well, and found tons of critters hidden inside my HD.
Well, that's all for now.
WOAH. Ive detected that worm as well. So how do i delete it? Simply throw it into the trash or is there a much complicated process?
Feel the Blood Of Orochi
|
| CrazyMax 286th Post
Copper Customer
| "Re(3):Sadistic rapist" , posted Tue 12 Aug 07:43:
quote:
WOAH. Ive detected that worm as well. So how do i delete it? Simply throw it into the trash or is there a much complicated process?
Yeah, just try to delete it, but first stop its activity, via the taskmanager (you know the control+alt+del thingie), you should be fine after that.
If you find the virus again, it's probably that it is copying itself when you try to delete it.
Give me your mail, and I will send you a program that can stop any activity on your computer, allowing you to delete these wormies with ease.
I have that worm as well. Could you email me the patch as well.
dirtyworx@yahoo.com
I recently updated fire alarm software, which meant that all my progs had to 'ask' again if they could be let access to the internet. Two progs I didn't recognize wanted access, so I denied them permanently. That's when that box about the system shutting down due to NT/Authority started popping up. Now when I look I see that MSBLAST.exe is in my system. I killed the process but admit I don't have the knowledge to go & remove it completely.
Also thanks to whoever for the yahoo article. I was doing searches on the net for msblast and found nothing.
Thanks everyone.
[this message was edited by CrazyMax on Tue 12 Aug 07:44] |
| ONSLAUGHT 2380th Post
Platinum Carpet V.I.P- Board Master
| "Re(3):Rape, Robbery, Violence and Barfing Pig" , posted Tue 12 Aug 22:29
quote:
Hmm, so its yet another virus coming from e-mail?
No, I don't think it's coming from an E-Mail.
I don't have outlook installed (in fact, I've never used it), and I rarely check my mail (from yahoo). This worm, infected the computer thanks to a security hole in Güindous (doesn't surprise me).
Anyway, the threat is over for now, let's wait for the next security hole and some smart ass hacker trying to steal our porno files...
|
| Juke Joint Jezebel 2167th Post
Platinum Carpet V.I.P- Board Master
|  "Re(3):Rape, Robbery, Violence and Barfing Pig"
, posted Tue 12 Aug 22:47
quote:
Hmm, so its yet another virus coming from e-mail?
Solution is simple:
1. Disable scripts.
2. Do not use Outlook (or other e-mail clients that inherit Microsoft's security holes). There are many other e-mail clients out there that will do the job. [shameless plug]I have been using Mozilla for a long time now, and besides being invulnerable to vbscript, it has an extremely powerful spam filter[/shameless plug]
it's easier said than done. although your tips are very useful (i sorta use those tips myself), there's several people dealing with this mess that aren't completely computer literate. also, i know a few that are "forced" to use Outlook Express at work for their work e-mail, and i'm convinced that the e-mail program that MSN's service provides is just a "pretty" version of Outlook. besides, scripts are used to make many web sites look the way they do. it can be a hassle adjusting your settings frequently just to view certain sites
no easy solution to these things. i guess, stay alert and keep with the times. (this post sort of contradicts itself. time for a booster!)
|
| DarkZero
205th Post
Frequent Customer
| "Re(4):Rape, Robbery, Violence and Barfing Pig" , posted Tue 12 Aug 23:24
The reports have been sketchy so far, but it appears that the worm is based both through automatic exploits in a port (like Slammer) and through email, like a common email worm. I'm not sure if this is all the same virus or a main virus assisted by a set of variants, though. At the moment I'm not feeling up to much more than making sure that my system is secure, so I haven't waded through all of the network security list/site info about it yet.
quote:
Solution is simple:
1. Disable scripts.
2. Do not use Outlook (or other e-mail clients that inherit Microsoft's security holes). There are many other e-mail clients out there that will do the job. [shameless plug]I have been using Mozilla for a long time now, and besides being invulnerable to vbscript, it has an extremely powerful spam filter[/shameless plug]
Your solution is more complex than it needs to be. Here's my version:
Step 1. Do whatever you want with your computer. Keep using IE, Outlook, Windows, and whatever else you like.
Step 2. Windows Update.
Step 3. You're done.
Geeks and /.ers like to make it sound very complicated, but really, you don't need anything more than Windows Update to keep Windows secure. So far, I have yet to hear anyone say, "I ran Windows Update, but I still got the worm". Some people that aren't even using firewalls have still remained virus-free simply because Windows Update removed all of the Microsoft software exploits on their system.
|
|
|
"SOMEONE GONNA GET RAPED" 
"Re(9):SOMEONE GONNA GET RAPED" 
"Re(10):SOMEONE GONNA GET RAPED" 
MESSATSU 
"Re(2):SOMEONE GONNA GET RAPED" 
"Re(5):SOMEONE GONNA GET RAPED" 
"Re(10):SOMEONE GONNA GET RAPED" 
