• All Purchases made this month instantly go into the draw to win a USD $ 200.00 credit to your HoP account.
 
Page: 123
.Morph.
.Morph.

addict
Location: Lancashire, UK
Member Since: 23rd Mar 2002
Total posts: 669
Posted:Help!

Just spent the last 5 hours getting rid of a whole load of nasty-pc-destroying viral exe's. But can't get rid of one hiding in my recycle bin confused

The bin's empty, but the location of the virus is C:\Recycled\Q166352.exe
Its a trojan.startpage.

Any help much appreciated
weavesmiley
M.


Delete Topic

rarr
rarr

rrragghh!
Location: Manchester, UK
Member Since: 13th Jul 2004
Total posts: 121
Posted:whats it say when you try to delete it?

Have you tried running in safe mode and deleteing it then?


Delete

Nantheos
Nantheos

Member
Location: Netherlands - Hengelo
Member Since: 19th Aug 2004
Total posts: 82
Posted:you might want to try to find a removal tool on an antivirus website like symantec.com. These tools are ussualy free.

Hij die zijn kind benzine voert moet niet roken als het boert.

Love you MyIng ubblove

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted:Open windows explorer or "run"



type in c:\recycled\



Delete the file manually.



Then get

www.grisoft.com

their anti virus. its free.



then on to www.microsoft.com/spyware/

to get their anti spyware scanner



then to www.download.com and get Spybot.



wtih those three, you should be sorted for life.



smile


Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:It's worth mentioning I think, that you'll only be sorted for life if you ensure that all the above software is updated on a very regular basis with the latest virus/spyware definitions.

Malware is constantly being modified so it can get past defensive software, so it's vital to keep them up to date.

Another thing you could consider would be to join the growing minority of people who disable javascript and activeX in their browsers- these are the main means by which viruses and spyware get onto your system, disabling them will make 99% of malware inneffective.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted:All of the above programmes automatically update themeselves when a new version is available.

kiss

wink


Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:Written by: Unfortunatly Can Obtain Fruit




then on to www.microsft.com/spyware/

to get their anti spyware scanner







that link's broken, there's an 'o' missing from 'soft'.



How would you rate the microsoft spyware scanner? Personally, I wouldn't rely on anything from microsoft to combat spyware as I consider them partly responsible for the current malware situation, but I'd be interested in the opinion of people who do use it.



---



Written by: Unfortunatly Can Obtain Fruit


All of the above programmes automatically update themeselves when a new version is available.









I use AVG and it's never updated itself automatically; I know it's got a scheduler but on mine it seems to have downloaded with a daily check timed between 8.00 and 9.00 am, which isn't much use for those on dial-up (as they may well not be on-line during the scheduled time).



I do agree that AVG is an excellent anti-virus free package though.



And 'zonealarm' is another good free program (firewall).



I still reckon though, that disabling javascript and activeX is pretty much the safest approach; for anyone interested in how to do this, here's a link to a thread I posted on this, and other, security issues: -



http://www.homeofpoi.com/ubbthreads/show...rev=#Post286532


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted:I rate the microsoft AS very highly.

Its sorted out problems that other programs couldnt, found things that other programs dont.

iIts also very very easy to use.

odd that your AVG doesnt automatically update Dave. Have you got the new version? That automatically checks for new virus definitions and program updates whenever windows loads up.

I rate Zonealarm highly too www.zonelabs.com is the address I believe.


Delete

mech
mech

Carpal \'Tunnel
Location: "In your ear"
Member Since: 9th Jun 2003
Total posts: 6207
Posted:i use panda software

http://www.pandasoftware.com/
br>
it does all the stuff you need, firewall, scanner, and money protection

plus kills all know addware on yoru machine, auto update, and it rather nice


Step (el-nombrie)

Delete

.Morph.
.Morph.

addict
Location: Lancashire, UK
Member Since: 23rd Mar 2002
Total posts: 669
Posted:Nice one, cheers smile

I've found all the files with the probs: C:\_restore\archive\
I've tried deleting them, noth normal mode & safe mode, but it won't as they're in use.......
any tips?

I've just installed McAfee net security 2005....& am looking at getting the links you've posted, cheers.

weavesmiley


Delete

GothFrogette
GothFrogette

grumpy poorly froggy
Location: Nuneaton
Member Since: 10th Oct 2004
Total posts: 3999
Posted:i have to go with the panda too biggrin

Life's too short to worry about where you put your marshmallows

Delete

Nucleopoi
Nucleopoi

chemical attraction
Location: Ilkeston, Derbyshire, England
Member Since: 6th Nov 2004
Total posts: 1097
Posted:i havent had any of these viruses.i must be lucky lol

Delete

FireByNite
FireByNite

Are you up for it??
Location: Auckland
Member Since: 8th Dec 2004
Total posts: 349
Posted:with regards the AVG with dial up, if your not online when its set up to update, then it just does it when you next go online, personally I have a different problem with AVG, my version doesnt like updating from the broadband connection I set up a couple of weeks ago. I'm now running symantec anti virus & your usual spyware & have no probs with viruses. Any that come throuhg are caught b4 they can do anything.

Are you up for it?
wink;)

Delete

.Morph.
.Morph.

addict
Location: Lancashire, UK
Member Since: 23rd Mar 2002
Total posts: 669
Posted:Turned out to be the System Restore, kindly keeping a copy of all the trojans should I want to re-instate them. rolleyes
Considerate to a falt. wink


Delete

Valura
Valura

Mumma Hen
Location: Brisbane, Australia
Member Since: 25th Apr 2002
Total posts: 6391
Posted:help help help.



We have a clicker trojan. I cannay for the life of me remove it.

We have AVG and Spybot and ALSO adaware.



None of them can get rid of it.



I have had a techhy guy come out and he got rid of it and then installed a removal tool called SmitRem 2.9 and said that if it came back to start the computer and then run smitrem and then spybot and it would take care of it.



I have done that(about 20 times) but its not getting rid of it...AVG says it cant remove the file into the vault because its not allowed for that file.. The file it is in is sys32... the path for it is C:\WINDOWS\system32\{0164A28f-C9B5-4C11-B131-4A4E158B8B36}.exe

Now I know next to nada about pootahs so Im getting pretty shitty here.... The virus vault states that there are 231 virus' in the vault!!!



*headdesk*



Please any help would be so appreciated...



Then can you guys tell me how to remove the hidden windows that are trying to highjack my home page... When I open the task manager IEXPLORER.EXE is there but we dont use Internet explorer... BAH humbug... damn these bloody virus thingos.


TAJ "boat mummy." VALURA "yes sweetie you went on a boat, was daddy there with you?" TAJ "no, but monkey on boat" VALURA "well then sweetie, Daddy WAS there with you"

Delete

Ry
Ry

Gromit's Humble Squire
Location: Brisbane, Australia
Member Since: 2nd Feb 2005
Total posts: 4496
Posted:Well.. standard procedure, run lavasoft ad-aware, then run spybot search and destroy, then run norton antivirus, then go to the symantec page and look for specific removal tools, then run norton windoctor (systemworks/utilities) to check your general registry stuff.

If that doesn't work, I'd reinstall windows because it's probably ****ed.

Good luck?


Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted:Turning off activeX and javascript is a bit like trying to hold your breath so you don't get a cold. Sure, it'll work, but a t what cost?

ActiveX isn't great, and web sites that rely on it wont work on anything other than IE on a windows PC. Turning this off would work, but using a good browser would be much better. Opera, Firefox, Safari and others don't support it, so you're safe from any attack. Javascript in itself isn't bad at all, and many sites use it to make it a bit batter. The insert URL/image buttons on HoP use it.

Anyway, back on topic.

Valura, we'll been more info than that. Do you have the name AVG gives then virus? What other problems do you have other than IE running? You should turn off system restore for a start, then run msconfig and have a look for anything that looks bad (it'll be a long list of things you may not understand, but justhave a lok anyawy - take a screen shot if you like, and post it).

Then run regedit (start > run > type regedit) and look in all the places listed here again, look out for odd looking things, or take a screenshot/copy it here.

Some times this works in normal (unsafe?) mode, but try it in safemode if it doesn't work. this should stop the virus starting up and AVG should be able to remove it. If that doesn't work, I have a cunning way of cleaning startup hooks - but I'll talk you thoug that later on. AVG wont run in safe mode I don't think, but you might be able to remove the file yourself from system32 if you boot in to it.

However, I'll await more info smile

hug


There's too many home fires burning and not enough trees

Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted:The good thing about switching off javascript/activeX is that they are prime means by which ad/spy/malware and viruses install themselves.



Disabling them doers involve inconvenience on those sites which rely on them to work (arguably, such sites are badly designed- it's OK to use javascript to enhance the site, but to rely on it for the site to function at all is not good) but many are happy to pay this small price if it means their systems tend to remain malware-free.





"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted:But that is only if you use IE on windows. You will be able to get bad programs from IE even if you turn off activeX and javascript, so the best advice is to use a good secure browser on a good system. Firefox on windows is secure enough for most people.

Really, just dump IE and you will be fine with javascript turned on. Really.


There's too many home fires burning and not enough trees

Delete

K__
K__

...join us...
Location: Oxford
Member Since: 9th Jun 2006
Total posts: 184
Posted: Written by: Sym


Firefox on windows is secure enough for most people. Really, just dump IE...



Absolutely - Firefox rules biggrin


Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted: Written by: Sym


But that is only if you use IE on windows. You will be able to get bad programs from IE even if you turn off activeX and javascript, so the best advice is to use a good secure browser on a good system. Firefox on windows is secure enough for most people.

Really, just dump IE and you will be fine with javascript turned on. Really.



Even with IE on windows, disabling JS and ActiveX will lead to a great reduction in malware getting onto the system, because the majority of malware uses JS or ActiveX to get onto the system.

As for Firefox- the version I've got has JavaScript disabled as a default setting, which perhaps explains why it is less susceptible to malware attacks?

The nice thing about Firefox is that you can download a nice add-on which enables you to temporarily allow JS on sites which use it.

Personally, since sorting out my IE security settings and disabling JS and ActiveX, i've had no problems whatsoever with malware getting in- I do use firefox as a back-up- purely for when i want to allow a site to use JS, cos it's much easier to temporarily allow it with firefox.

Speaking as someone who has been subject to malware problems in the past, I really can recommend that disabling JS/ActiveX is a very, very good thing to do (in conjunction with good anti-virus and firewall of course) and will leave your PC much less likely to fall victim to all the malware out there.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted: Written by: onewheeldave


Even with IE on windows, disabling JS and ActiveX will lead to a great reduction in malware getting onto the system, because the majority of malware uses JS or ActiveX to get onto the system.



ActiveX, yes. Disabling this will help you out. JavaScript, no. You won't really get much of a security boost from disabling it and you wont get the best view on the internet. As I've said, just get a good browser and you don't have to disable anything.
 Written by: onewheeldave


As for Firefox- the version I've got has JavaScript disabled as a default setting, which perhaps explains why it is less susceptible to malware attacks?




I have been with firefox since before it was called firefox. I think I've been using it for about 3 years (maybe 3 and a half, I forget) and I have gone though times of downloading the nightly builds or at least downloading every update. It's because of that that I feel safe in saying that firefox has never, never disabled JavaScript out of the box. At all. If you could give me a build number then I will be able to look at the notes for it to check. Are you sure you are not talking about activeX? Firefox doesn't support this at all, so you may be getting mixed up.

 Written by: onewheeldave


The nice thing about Firefox is that you can download a nice add-on which enables you to temporarily allow JS on sites which use it.



Yes, this is great smile I use it to test for accessibility when advising on updates to sites.

 Written by: onewheeldave


Personally, since sorting out my IE security settings and disabling JS and ActiveX, i've had no problems whatsoever with malware getting in- I do use firefox as a back-up- purely for when i want to allow a site to use JS, cos it's much easier to temporarily allow it with firefox.

Speaking as someone who has been subject to malware problems in the past, I really can recommend that disabling JS/ActiveX is a very, very good thing to do (in conjunction with good anti-virus and firewall of course) and will leave your PC much less likely to fall victim to all the malware out there.



My point is that Ie and windows are not secure. If you are happy with removing feature after feature until you end up with just a text based browser then thats great. If someone came up to me and said "I want to use software that I know isn't secure, but I want to make it a little bit more secure by removing futures" then I would pass them on to you. For everyone else, I would just say, use a good browser, on a good OS (read, anything thing other than Windows). Using a good OS is harder than using a good browser, but anything other than IE will give you more of a security boost than disabling JavaScript and or activeX


There's too many home fires burning and not enough trees

Delete

ben-ja-men
ben-ja-men

just lost .... evil init
Location: Adelaide
Member Since: 12th Jun 2003
Total posts: 2474
Posted:my little brother has this knack for getting spyware etc, all i have to say is praise be to the system restore its sooooooooo good

valura try doing this http://www.windowsreinstall.com/install/winxp/howto3/lauchsystemrestore.htm
br>
like seriously system restore saves me soooooooooooOOOOOOooooo much spyware removeal pain


Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness that most frightens us. We ask ourself, who am I to be brilliant, gorgeous and talented? Who are you NOT to be?

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted:Sorry Ben, I dont know how much I agree with you there. umm

I always found the system_restore_information folder to be where all the spyware and viruses would end up hiding, either through design by the programmer, or by windows automatically creating a system restore point on the computer when there was a virus and/ or spyware.

I always turn it off as one of the first things I do after doing a total reinstall.

Valura: http://www.pctools.com/downloads/sdsetup.exe
(right click save as) Try using that.... then be suprised at how many things it finds that all the others miss! biggrin


Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted: Written by: UmbiliciformCraterOnFace


I always found the system_restore_information folder to be where all the spyware and viruses would end up hiding, either through design by the programmer, or by windows automatically creating a system restore point on the computer when there was a virus and/ or spyware.

I always turn it off as one of the first things I do after doing a total reinstall.




I agree - I always turn it off as well smile


There's too many home fires burning and not enough trees

Delete

onewheeldave
Carpal \'Tunnel
Location: sheffield
Member Since: 28th Aug 2002
Total posts: 3252
Posted: Written by:





ActiveX, yes. Disabling this will help you out. JavaScript, no. You won't really get much of a security boost from disabling it and you wont get the best view on the internet.





There have been several malware attacks on firefox that used javascript bugs-



http://www.google.co.uk/search?hl=en&q=firefox+and+javascript+security+malware&meta=
br>


and



http://www.informationweek.com/industries/showArticle.jhtml?articleID=190400479
br>


Most sites dealing with security/malware issues will advise that disabling javascript is effective in defending against malware- maybe they're all wrong and you're right- i don't know, i'm simply pointing out that generally, javascript is regarded as a security risk.



Lastly, as I'm sure you know, but just bringing it up to clarify for those who don't- the reason IE is considered insecure is not simply because it has exploitable holes- another factor is that, as it was, in the past, by far the most used browser, that, consequently, the majority of mal/spy/adware/viruses where designed to attack IE.



As alternative browsers like firefox grow in popularity, more and more malware will be developed to attack them also.



So placing sensible limits on security risks like javascript and activeX will become ever more the responsibility of browser users who wish to remain malware free.


"You can't outrun Death forever.
But you can make the Bastard work for it."

--MAJOR KORGO KORGAR,
"Last of The Lancers"
AFC 32


Educate your self in the Hazards of Fire Breathing STAY SAFE!

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted: Written by: OWD

As alternative browsers like firefox grow in popularity, more and more malware will be developed to attack them also.



Which is exactly why people saying "get linux and forget about viruses and hackers" are talking utter codswallop.

There are only so many security holes in windows becuase it is the most used OS in the world.

Thus, more people will spend time looking on ways to tinker with it.

If Linux gets more popular and widely used, people will start to spend time looking on ways to exploit it too.

..and seeing as its open source anyway just gives them an instruction manual on how to do it. ubblol


Delete

Valura
Valura

Mumma Hen
Location: Brisbane, Australia
Member Since: 25th Apr 2002
Total posts: 6391
Posted:um sym...Im pretty much brain dead when it comes to these things so I um, cant do the stuff you have asked me... thats so embrassing!
I will perhaps ring the tech dood and get him back... thanks for trying to help though guys and also a big thanks to cantus... wink hug


TAJ "boat mummy." VALURA "yes sweetie you went on a boat, was daddy there with you?" TAJ "no, but monkey on boat" VALURA "well then sweetie, Daddy WAS there with you"

Delete

UCOF
UCOF

Carpal \'Tunnel

Member Since: 17th Apr 2002
Total posts: 15414
Posted: Written by: ME from earlier

Valura: http://www.pctools.com/downloads/sdsetup.exe
(right click save as) Try using that.... then be suprised at how many things it finds that all the others miss!



D'ja try that? umm


Delete

Sym
Sym

Geek-enviro-hippy priest
Location: Diss, Norfolk
Member Since: 28th Sep 2004
Total posts: 1858
Posted: Written by: Sym


Valura, we'll been more info than that. Do you have the name AVG gives then virus? What other problems do you have other than IE running?



There's too many home fires burning and not enough trees

Delete

Valura
Valura

Mumma Hen
Location: Brisbane, Australia
Member Since: 25th Apr 2002
Total posts: 6391
Posted:C:\WINDOWS\system32\{0164A28f-C9B5-4C11-B131-4A4E158B8B36}.exe is the path and clicker.FR is the name that AVG gives it. I have also used Ewido and it calls it Downloader.agent.uj and then wont let me quarentine it. Addaware freezes...and spy bot says there is nothing wrong...yet AVG has a window pop up every min saying *warning CLICKER.FR virus* and then wont let me remove it... frown
YeahI did Youcough but nothing happened~! *grrrr*

and also there seem to be more hidden windows now.. like WINWORD.EXE coming up in the windows task manager and also SOUNDMAN.EXE

I ahve rung the pootah man who seems to want to charge me again

*headdesk*


TAJ "boat mummy." VALURA "yes sweetie you went on a boat, was daddy there with you?" TAJ "no, but monkey on boat" VALURA "well then sweetie, Daddy WAS there with you"

Delete

Page: 123

Similar Topics

Using the keywords [viru* problem] we found the following similar topics.
1. Learn > Cartoons, Fun, Jokes > Pictures, Cartoons, Meme > The New 2 Person Hoop, only has one problem *help/resource
2. Forums > virus and login problem [6 replies]
3. Forums > Virus Problem [61 replies]
4. Forums > Virus [2 replies]
5. Forums > New Virus [7 replies]

     Show more..