A
ackeric
screen shots
everyone post your screen shots
heres a few of mine:
[Link Removed]
everyone post your screen shots
heres a few of mine:
[Link Removed]
Last edited by a moderator:
-
Hey - turns out IRC is out and something a little more modern has taken it's place... A little thing called Discord!
Join our community @ https://discord.gg/JuaSzXBZrk for a pick-up game, or just to rekindle with fellow community members.
Anyone that clicked the link in any of the threads...
The page was some sort of IE exploit, i'm not sure what exactly at this point.
ZoneAlarm seemed to allow me to block the exploit working.
Will post back with more details if I find them. Suggest you do Virus & Trojan scans though.
The page was some sort of IE exploit, i'm not sure what exactly at this point.
ZoneAlarm seemed to allow me to block the exploit working.
Will post back with more details if I find them. Suggest you do Virus & Trojan scans though.
This exploit drops a worm/trojan...
It creates \system32\schost.exe
Fortunatly my software firewall allowed me to block it getting Internet Access, see they do have benefits!
Anyways, manaul removal instructions by Me:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Removed the 'Windows configuration' entry with the data 'schost.exe'
delete \system32\schost.exe
I've tried a few things to detect it but to no avail,
It's not W32.HLLW.Gaobot according to Symantec
It's not W32.HLLW.Torvil according to Bazooka
If I were to bet on it i'd guess its a new varient of W32.HLLW.Gaobot, which is a very nasty trojan that will give someone control of our computer, and is also designed to steal CD keys. So be safe and check your system out!
Oh and that irc virus thingy that was going around, the thong pic that reboots, that was Win32:Natali btw
It creates \system32\schost.exe
Fortunatly my software firewall allowed me to block it getting Internet Access, see they do have benefits!
Anyways, manaul removal instructions by Me:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Removed the 'Windows configuration' entry with the data 'schost.exe'
delete \system32\schost.exe
I've tried a few things to detect it but to no avail,
It's not W32.HLLW.Gaobot according to Symantec
It's not W32.HLLW.Torvil according to Bazooka
If I were to bet on it i'd guess its a new varient of W32.HLLW.Gaobot, which is a very nasty trojan that will give someone control of our computer, and is also designed to steal CD keys. So be safe and check your system out!
Oh and that irc virus thingy that was going around, the thong pic that reboots, that was Win32:Natali btw
ackeric
The main thing to check for is the schost.exe If you don't have that then, as far as I can work out, your ok.
Havn't found any programs that detect it yet, Norton 2004 & Avast both fail atm.
The matter has been reported to the posters ISP and web host btw.
Havn't found any programs that detect it yet, Norton 2004 & Avast both fail atm.
The matter has been reported to the posters ISP and web host btw.
hihi glad that you can take the piss in the internet humph, because that's the only place you can do it.
his ISP will give him a warning at best, wanna bet that he will laugh about it? i would also bet that he would never touch a trojan or worm again after getting beat up. it's not nice, but it helps...
his ISP will give him a warning at best, wanna bet that he will laugh about it? i would also bet that he would never touch a trojan or worm again after getting beat up. it's not nice, but it helps...
