Jump to content

help with computer virus

XChris1632X

By XChris1632X
in Dumpster

 Share

Recommended Posts

XChris1632X Newbie

XChris1632X

Posted
Posted
i have a very bad trojan virus. damn porn spammers, why cant people just look at good hearty porn without problems. anyways ive had it for probly 6 months and it put a bunch of spyware on my computer. well my spybot and virus scan got rid of the spy sherrif program that was fucking with my shit and the only thing is left that my virus scan says is present but cannot fix is a corupt system32\browsela.dll how can i fix this. my computer acts up every now and then and performance is affected.
Link to comment
Share on other sites
XChris1632X Newbie

XChris1632X

Posted
  • Author
Posted

as soon as i hit the save button to install that i now get this message from my anti virus

 

 

 

 

Scan type: Realtime Protection Scan

Event: Virus Found!

Virus name: Downloader

File: C:\WINNT\system32\cfgmngr32.dll

Location: C:\WINNT\system32

Computer: PING05

User: Chris

Action taken: Clean failed : Quarantine failed : Access denied

Date found: Tuesday, July 25, 2006 7:35:05 PM

Link to comment
Share on other sites
XChris1632X Newbie

XChris1632X

Posted
  • Author
Posted

now as im scanning this comes up again

 

 

 

Scan type: Realtime Protection Scan

Event: Virus Found!

Virus name: Downloader

File: C:\WINNT\system32\browsela.dll

Location: C:\WINNT\system32

Computer: PING05

User: Chris

Action taken: Clean failed : Quarantine failed : Access denied

Date found: Tuesday, July 25, 2006 7:38:56 PM

Link to comment
Share on other sites
XChris1632X Newbie

XChris1632X

Posted
  • Author
Posted

and this

 

 

 

 

Scan type: Realtime Protection Scan

Event: Virus Found!

Virus name: Downloader

File: C:\Documents and Settings\Paul\Local Settings\Temp\giejttpv.exe

Location: C:\Documents and Settings\Paul\Local Settings\Temp

Computer: PING05

User: Chris

Action taken: Clean failed : Quarantine failed : Access denied

Date found: Tuesday, July 25, 2006 7:48:56 PM

 

 

 

 

 

Scan type: Realtime Protection Scan

Event: Virus Found!

Virus name: Backdoor.Trojan

File: C:\WINNT\system32\msupdate32.dll

Location: C:\WINNT\system32

Computer: PING05

User: Chris

Action taken: Clean failed : Quarantine failed : Access denied

Date found: Tuesday, July 25, 2006 8:03:07 PM

Link to comment
Share on other sites
Casper Grand Master

Casper

Posted
Posted

I Drive It... It Breaks! -- Whatever you do, don't install that shit "ironeagle" linked you to. He linked you to more spam. I edited his post. Do NOT buy any software. They're all hoaxes. Seriously. Check your PMs. My office number is there. Call me tomorrow. I'll help you out. In the meantime, download theses apps and run them.

 

SpyBot - http://www.download.com/3000-2144-10122137.html

AdAware - http://www.lavasoftusa.com/software/adaware/

 

And if you're running Windows XP SP2:

Microsoft Defender - http://www.microsoft.com/downloads/details.aspx?FamilyId=435BFCE7-DA2B-4A6A-AFA4-F7F14E605A0D&displaylang=en

 

Here's detail manual instructions for removing it:

Delf.aeo manual removal:

Delete registry values:

HKEY_CLASSES_ROOT\CLSID\{31EE3286-D785-4E3F-95FC-51D00FDABC01}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\browsela

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{31EE3286-D785-4E3F-95FC-51D00FDABC01}

How to (BUT DON'T DOWNLOAD ANYTHING!!): http://www.2-spyware.com/articles/security/46.html

 

Unregister DLLs:

browsela.dll

How to (BUT DON'T DOWNLOAD ANYTHING!!): http://www.2-spyware.com/articles/security/54.html

 

Delete files:

browsela.dll

 

Misc:

The browsela.dll file can be found in default system directory, which is one of the following: C:\Windows\System, C:\Windows\System32, C:\Winnt\System32.

Link to comment
Share on other sites
Farkas Newbie

Farkas

Posted
Posted
I would recommend booting your computer up in Safe-mode that way no other un-needed programs run in the backround and re-create files that you delete and run ad-aware, spybot, your Antivirus software whatever..
Link to comment
Share on other sites
Casper Grand Master

Casper

Posted
Posted
I would recommend booting your computer up in Safe-mode that way no other un-needed programs run in the backround and re-create files that you delete and run ad-aware, spybot, your Antivirus software whatever..

 

 

Yeah, that worked on viruses in like, the early 90s... :nono:

Link to comment
Share on other sites
Casper Grand Master

Casper

Posted
Posted
Annnnnnnd it still works... imagine that

 

There's a reason for safe mode and it still does it's job.

 

Uhm, no... not really. For instance: backdoor.haxdoor.o (7/24/06) -- It installs as a rootkit, and runs as a service. It loads in safemode w/ and w/o network support. So, booting in safemode does no good. You have to disable system restore, and boot to an NTFS bootable floppy. Then delete 12 or so files via command line. Then boot back up to Windows, and remove 4 or 5 registry keys. I'd venture to say almost 70% of the viruses I see run in a very similar way, making safemode pointless.

 

 

i apologize this was not intentional. i did have the same thing and used some software to get rid of it. obviously it wasn't the correct site

 

No problem man.

 

 

Listen to Ben, he can fix it, he has this ultimate set of tools.

 

BTW Ben if you ever need that drive recovery SW, let me know.

 

I am spyware/adware God. And yeah, I still need that software. Haha. I'll get ahold of you sometime this week. Thanks.

Link to comment
Share on other sites
Rally Pat Newbie

Rally Pat

Posted
Posted

There are some trojans you just cant get rid of unless you rewrite your entire registry by hand. In cases like that, its best to go the geek squad route. Back up your shit you had on there in thats important (which you should be doing anyway, out of good practice), and just format it and reinstall everything. Dont waste your time hunting down spyware you probobly cant get rid of.

 

Trust me on this one, Ive been through this a lot with other people's computers, not just my own.

Link to comment
Share on other sites
Casper Grand Master

Casper

Posted
Posted
There are some trojans you just cant get rid of unless you rewrite your entire registry by hand. In cases like that, its best to go the geek squad route. Back up your shit you had on there in thats important (which you should be doing anyway, out of good practice), and just format it and reinstall everything. Dont waste your time hunting down spyware you probobly cant get rid of.

 

Trust me on this one, Ive been through this a lot with other people's computers, not just my own.

 

 

That's probably the single worst bit of IT advice I've ever heard. Congrats. I've heard a lot of stupid shit. The only good point you made was to backup stuff regularly. Ever other bit was straight retarded. ALL spyware/adware can be removed, and in a decent amount of time. I deal with spyware/adware everyday, unfortunately. If I told someone I was just going to format their PC and start over, I'd probably get fired. But I guess that's why I work in IT and you work where? Kroger? McDonald's?

Link to comment
Share on other sites
XChris1632X Newbie

XChris1632X

Posted
  • Author
Posted
the only reason i didnt format before is because i was stupid and didnt back up any of my shit and there is stuff i have on this computer that i cant get rid of. if i can start fresh i will always back stuff up from now on. i didnt want to try to back things up now and then format becuase i figured i might back up an infected file.
Link to comment
Share on other sites
Rally Pat Newbie

Rally Pat

Posted
Posted
That's probably the single worst bit of IT advice I've ever heard. Congrats. I've heard a lot of stupid shit. The only good point you made was to backup stuff regularly. Ever other bit was straight retarded. ALL spyware/adware can be removed, and in a decent amount of time. I deal with spyware/adware everyday, unfortunately. If I told someone I was just going to format their PC and start over, I'd probably get fired. But I guess that's why I work in IT and you work where? Kroger? McDonald's?

 

I work at my church doing custodial and computer work, asshole. As I have made a point in earlier posts, people on this forum think that they are God.You didnt need to be such a fucking prick about it. All you had to say was "No, I dont agree with that.", but instead you had to wave your dick around.

 

So congrats CR, another member of your administration leaves a bad impression on the users.

Link to comment
Share on other sites
Casper Grand Master

Casper

Posted
Posted
I work at my church doing custodial and computer work, asshole. As I have made a point in earlier posts, people on this forum think that they are God.You didnt need to be such a fucking prick about it. All you had to say was "No, I dont agree with that.", but instead you had to wave your dick around.

 

So congrats CR, another member of your administration leaves a bad impression on the users.

 

You're 17. Go cry to mommy, and stop playing IT guy until you know what you're talking about. I'm the resident asshole, aka Satan. Not God. Not trying to be God. Deal with it.

 

And congrats organized religion, another member of your congregation shows their true side by swearing and being generally vulgar.

 

Go church goers!!! :thumbup:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...