BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 50d, 18h, 26m | CPU: 20% | MEM: 5613MB of 12227MB used
{The community for beta collectors}

Forum rules


Any off topic discussions should go in this forum. Post count is not increased by posting here.
FTP Access status is required to post in this forum. Find out how to get it


Post new topic Reply to topic  [ 14 posts ] 
Author Message
 PostPost subject: Why do people do these things?!?!        Posted: Thu Aug 28, 2008 10:27 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Mon May 21, 2007 5:08 pm

Posts
192
So, I went on my computer and I found that the computer has been infected with a rather nasty piece of spyware. It renders the control panel useless (says that the administrator has disabled it even though I AM the administrator), along with the task manager and regedit. It also makes an annoying balloon appear every minute or so. I am currently running Malwarebytes' Anti-Malware and NOD32 Antivirus. It also deselects the window, which is really irritating when you're typing. I believe this is the nasty 'privacy_danger' spyware. It also places the alarming words VIRUS ALERT! next to the clock and all the times on the files, etc. Is there anything I can do apart from format the PC (I have a lot of important files and not enough backup media)?

Why do people make spyware and malware? It's really annoying!


Top  Profile
 PostPost subject:        Posted: Thu Aug 28, 2008 10:42 pm 
Reply with quote
FTP Access
Offline

Joined
Sun Jan 28, 2007 5:27 pm

Posts
29
you could try finding recent antivirus/spyware software you could run from dos so that you could put it on a bootable cd and scan/repair the system before windows boots


Top  Profile
 PostPost subject: Re: Why do people do these things?!?!        Posted: Thu Aug 28, 2008 10:44 pm 
Reply with quote
FTP Access
User avatar
Offline

Joined
Sat Jun 14, 2008 10:26 pm

Posts
327

Location
USA

Favourite OS
Windows 2000 SP4
WeirdEars wrote:
So, I went on my computer and I found that the computer has been infected with a rather nasty piece of spyware. It renders the control panel useless (says that the administrator has disabled it even though I AM the administrator), along with the task manager and regedit. It also makes an annoying balloon appear every minute or so. I am currently running Malwarebytes' Anti-Malware and NOD32 Antivirus. It also deselects the window, which is really irritating when you're typing. I believe this is the nasty 'privacy_danger' spyware. It also places the alarming words VIRUS ALERT! next to the clock and all the times on the files, etc. Is there anything I can do apart from format the PC (I have a lot of important files and not enough backup media)?

Why do people make spyware and malware? It's really annoying!


Most do it to harvest your financial details and passwords, or to make your computer part of a giant botnet that they can use to DDOS a site or to send out phising emails to gather more passwords, or to use you as a proxy for criminal activities. Some though, do it simply to see how much damage they can cause or how much they can annoy victims, just for the hell of it.


Top  Profile
 PostPost subject:        Posted: Thu Aug 28, 2008 11:19 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Wed Aug 27, 2008 12:52 am

Posts
890

Location
United States

Favourite OS
Windows Server 2008 Standard
If you can still access the internet, try ComboFix. When I was infected with a Trojan, explorer.exe kept restarting. But I used ComboFix, and the trojan went bye-bye...

http://www.bleepingcomputer.com/combofi ... e-combofix

before you use it though, you should know that after you use ComboFix, your AV may not startup anymore and some system icons won't come up (based on personal experience :o)


Top  Profile
 PostPost subject:        Posted: Fri Aug 29, 2008 5:08 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
Every time that I've run across malware that does this simply removing it doesn't fix the disabled stuff. That function is build into Windows but most people don't have the software/knowledge to change the stuff back. You can manually dig through the registry if you want or try to find the system policies in the mmc snapin. You could try to make a new user because most of the restrictions have the option of being system-wide or only user based. Usually it's just easier and faster to reload Windows.


Top  Profile
 PostPost subject:        Posted: Fri Aug 29, 2008 10:05 am 
Reply with quote
Donator
User avatar
Offline

Joined
Sat May 12, 2007 1:05 pm

Posts
5271

Location
The Collection Book

Favourite OS
Windows & Phone
I dont know why they do this.

But just boot from a CD Linux/PE and copy your files that you want to save (only your documents and check them for virusses) and do with DISKPART an CLEAN ALL command (whipes the drive 4 times, can take upto 5/6 hours on a 500GB drive.

And then reinstall Windows and your anti-virus, and then copy all NON-INFECTED files back.

_________________
Image
http://www.thecollectionbook.info
Subscribe to our Image for updates and like us on Image.

Reading Mode only, PM's possible.


Top  Profile  WWW
 PostPost subject:        Posted: Fri Aug 29, 2008 2:47 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12465

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Boot up in safe mode and try removing it that way.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject:        Posted: Sat Aug 30, 2008 3:28 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
Andy wrote:
Boot up in safe mode and try removing it that way.


That's still not going to fix his policy problems.

Also, you don't have to do a zero-fill on the drive (which is what "clean all" does, a quick format would suffice, which doesn't take 5/6 hours but more like 30 seconds, you can do one in the Windows setup.


Top  Profile
 PostPost subject:        Posted: Sat Aug 30, 2008 8:21 am 
Reply with quote
Donator
User avatar
Offline

Joined
Sat May 12, 2007 1:05 pm

Posts
5271

Location
The Collection Book

Favourite OS
Windows & Phone
Well, no.

With a quick format, ALL files and folders are still there and some virusses retrieve it and youre problems can start all over again.

Quick format = Only MBR is erased and a new one is created
Format = All files and folders are deleted 1 time, but still retrievable
''Zero'' out = All files and folders are deleted and can never be retrieved.

_________________
Image
http://www.thecollectionbook.info
Subscribe to our Image for updates and like us on Image.

Reading Mode only, PM's possible.


Top  Profile  WWW
 PostPost subject:        Posted: Sat Aug 30, 2008 8:35 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
The only difference between a quick format and a full format is that a full format does a surface scan. Sure, you can find files if you do a scan of raw data after a format and reinstall, but files don't just reappear, let alone run themselves. Viruses don't come back after formats, quick or not. A zero-fill just writes zeros to the entire hard-drive which makes the data irretrievable. It's not necessary to do this to get rid of viruses. Maybe if you wanted to hide something you would do a zero-fill.


Top  Profile
 PostPost subject:        Posted: Sat Aug 30, 2008 11:40 am 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12465

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
DjRob wrote:
Well, no.

With a quick format, ALL files and folders are still there and some virusses retrieve it and youre problems can start all over again.

Quick format = Only MBR is erased and a new one is created
Format = All files and folders are deleted 1 time, but still retrievable
''Zero'' out = All files and folders are deleted and can never be retrieved.


Last one isn't quite correct. A single pass "zero" out can still render files retrievable. Do a 7-32 pass "zero" out then you're talking. :)

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject:        Posted: Sat Aug 30, 2008 11:47 am 
Reply with quote
Donator
User avatar
Offline

Joined
Sat May 12, 2007 1:05 pm

Posts
5271

Location
The Collection Book

Favourite OS
Windows & Phone
Ok.

But anyway, if i have an old computer from work that needs to be replaced and its a harddrive that contained valuable data, i would erase it.

I would get an axe and distroy the harddrive that way (the old ones i currently work with that needs to be destroyed are about 3GB to 20GB max.
And a very old.

Still its an effective way.

_________________
Image
http://www.thecollectionbook.info
Subscribe to our Image for updates and like us on Image.

Reading Mode only, PM's possible.


Top  Profile  WWW
 PostPost subject:        Posted: Sat Aug 30, 2008 8:24 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
That's true, smashing hard-drives is the quickest and easiest way to get rid of data. I know that Acronis makes some DoD grade data wiping software... never had the need to use it though so I have no idea how long it takes, I'm sure it takes forever.


Top  Profile
 PostPost subject:        Posted: Fri Sep 12, 2008 4:51 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
Alright, I found this utility that lets you reset policies that have been set by malware, along with do a lot of other useful things. It's called Dial-a-fix, it only works in XP: http://lunarsoft.net/downloads/cat_view ... -utilities

You might consider looking at some of their other utilities as well.


Top  Profile
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 14 posts ] 




Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS