Demand your FTP!

Post all House of Hermskii {HOH} Website and Forum related content here!
User avatar
Hook
Posts: 3444
Joined: Fri Feb 16, 2007 9:41 am
What is the middle number? (one, TWO, three): 3
extraextraantispam: No
NoMoreSpam: Silver
Location: Minnesota USA (Just West of MPLS - by a pond beneath a tree - Dead & Buried)
Contact:

Re: Demand your FTP!

Post by Hook » Wed Oct 27, 2010 2:03 pm

You know - I think this is what MAY be wrong with my daughter's comp Hermskii and Gopo.
She cannot run any "exec" files - so Malwarebytes won't run for her - as it sits anyway.

So - how do we start one of these babies on her comp? (she's running XP)
=Hook= of Hook's UT Place - Hopelessly Addicted to UT99!
Forum: https://hooksutplace.freeforums.net
CROSSBONES Missile Madness {CMM} (GT Top 50)
PRO-Redeemer | PRO-SNIPER-Redeemer | SEEKER-Redeemer
Birth Place of ALL Seeker/Scoped Deemers!
IP: NEW IP to come!
CROSSBONES Monster Hunt {CMH} (Special Edition MH by mars007)
IP: 108.61.238.93:7777

User avatar
Hermskii
Site Admin
Posts: 8500
Joined: Sun Jul 10, 2005 9:56 pm
What is the middle number? (one, TWO, three): 2
ExtraAntiSpam: Blue
extraextraantispam: Yes
NoMoreSpam: Silver
Location: Houston, Texas
Contact:

Re: Demand your FTP!

Post by Hermskii » Wed Oct 27, 2010 8:24 pm

Muhahaha! I told you that time you were house sitting for her to call me. I can easily talk you through it and beat it with no antivirus or malwarebytes. I'm that good! Give me a call HOOK, the next time you are sitting in front of her computer!
~Peace~

Hermskii

User avatar
Fuzz_Ball
Posts: 822
Joined: Thu Nov 13, 2008 5:18 pm
What is the middle number? (one, TWO, three): 3
extraextraantispam: No
NoMoreSpam: Silver
Location: PHX, AZ
Contact:

Re: Demand your FTP!

Post by Fuzz_Ball » Wed Oct 27, 2010 10:46 pm

A good place for learning how to remove all sorts of nasties from your computer is bleepingcomputer.com. I've often referred to this site for great info on malware and viruses.

They have a good guide on installing and using Combo Fix:

bleepingcomputer.com/combofix/how-to-use-combofix

Also a good article on using the MS Recovery console. It allows you to access the files, format drives, disable and enable services, and other tasks from a console prompt while the operating system is not loaded:

bleepingcomputer.com/tutorials/tutorial117.html
_ Image * * Image

User avatar
Hook
Posts: 3444
Joined: Fri Feb 16, 2007 9:41 am
What is the middle number? (one, TWO, three): 3
extraextraantispam: No
NoMoreSpam: Silver
Location: Minnesota USA (Just West of MPLS - by a pond beneath a tree - Dead & Buried)
Contact:

Re: Demand your FTP!

Post by Hook » Wed Oct 27, 2010 10:48 pm

Hermskii - I did call you back. :?
I left you a message.
You must not have gotten it.

I WILL call you back when I can get back on her comp.
I'll let you know - Until then buddy! :wink:
=Hook= of Hook's UT Place - Hopelessly Addicted to UT99!
Forum: https://hooksutplace.freeforums.net
CROSSBONES Missile Madness {CMM} (GT Top 50)
PRO-Redeemer | PRO-SNIPER-Redeemer | SEEKER-Redeemer
Birth Place of ALL Seeker/Scoped Deemers!
IP: NEW IP to come!
CROSSBONES Monster Hunt {CMH} (Special Edition MH by mars007)
IP: 108.61.238.93:7777

gopostal
Posts: 1396
Joined: Tue Nov 18, 2008 9:32 am

Re: Demand your FTP!

Post by gopostal » Thu Oct 28, 2010 3:23 pm

If you try to "trick" it without a proper cleaning, you are wasting your time. It will only come back. I study these things Herm and people very often think "I got it!" when all they have done is deleted the stuff they see while the executable lies dormant for a predetermined time, only to come back without warning. Most people have seen this when they get a virus but go "I wasn't even on the computer all week? WTH?!?"....The malware sat silent and waited because it wasn't properly cleansed.

If it is that deeply affected hook download combofix to the desktop (but don't run it). You might even use a jump drive if you can't access internet. Just be sure to let combofix scan the jump drive too. This thing is nasty and will proliferate anywhere it can.

Now boot to safe on a restart (even a hard restart will work fine). On my comp you bang the f5 button as it loads to get to the safe prompt, but some rigs are different. If you load safe mode the malware will not come on so it cannot hook the exe's as they fire up. Once you get to desktop run combofix and let it do its thing. I'd skip malwarebytes if it is that badly infected.

User avatar
Hook
Posts: 3444
Joined: Fri Feb 16, 2007 9:41 am
What is the middle number? (one, TWO, three): 3
extraextraantispam: No
NoMoreSpam: Silver
Location: Minnesota USA (Just West of MPLS - by a pond beneath a tree - Dead & Buried)
Contact:

Re: Demand your FTP!

Post by Hook » Fri Oct 29, 2010 12:59 pm

Does this sound familiar?...
On my daughter's comp, it all started when they installed Norton Anti Virus protection she and her husband told me.
After that, nothing seemed to work - no execs anyway. :|
Her MSN web browser still works and I can open IE through her msn messenger window is all.
And I could only play UT on her comp by adding a server's IP as a favorite in IE and clicking on the favorite.
You could not directly start any exec file though.
Do you (Herm and Gopo) both feel that this is malware?
=Hook= of Hook's UT Place - Hopelessly Addicted to UT99!
Forum: https://hooksutplace.freeforums.net
CROSSBONES Missile Madness {CMM} (GT Top 50)
PRO-Redeemer | PRO-SNIPER-Redeemer | SEEKER-Redeemer
Birth Place of ALL Seeker/Scoped Deemers!
IP: NEW IP to come!
CROSSBONES Monster Hunt {CMH} (Special Edition MH by mars007)
IP: 108.61.238.93:7777

gopostal
Posts: 1396
Joined: Tue Nov 18, 2008 9:32 am

Re: Demand your FTP!

Post by gopostal » Sat Oct 30, 2010 5:27 pm

Go back to my last post and do the combofix on it. You'll be glad you did.

User avatar
Hermskii
Site Admin
Posts: 8500
Joined: Sun Jul 10, 2005 9:56 pm
What is the middle number? (one, TWO, three): 2
ExtraAntiSpam: Blue
extraextraantispam: Yes
NoMoreSpam: Silver
Location: Houston, Texas
Contact:

Re: Demand your FTP!

Post by Hermskii » Sun Oct 31, 2010 11:00 am

Yep, and if you fail to get it to install or run call me when you're in front of it. I'll get you past the .exe running issue and then you can run anything you need to in order to clean up her PC. I do this ALL OF THE TIME. I am a master at this.
~Peace~

Hermskii

User avatar
Hook
Posts: 3444
Joined: Fri Feb 16, 2007 9:41 am
What is the middle number? (one, TWO, three): 3
extraextraantispam: No
NoMoreSpam: Silver
Location: Minnesota USA (Just West of MPLS - by a pond beneath a tree - Dead & Buried)
Contact:

Re: Demand your FTP!

Post by Hook » Mon Nov 01, 2010 8:39 am

Thanks! - And, "will do" gang! :wink:
=Hook= of Hook's UT Place - Hopelessly Addicted to UT99!
Forum: https://hooksutplace.freeforums.net
CROSSBONES Missile Madness {CMM} (GT Top 50)
PRO-Redeemer | PRO-SNIPER-Redeemer | SEEKER-Redeemer
Birth Place of ALL Seeker/Scoped Deemers!
IP: NEW IP to come!
CROSSBONES Monster Hunt {CMH} (Special Edition MH by mars007)
IP: 108.61.238.93:7777

User avatar
DARKMATTER
Posts: 227
Joined: Thu Jul 14, 2005 5:37 am
What is the middle number? (one, TWO, three): 3
extraextraantispam: No
NoMoreSpam: Silver
Location: Space it's a big place

Re: Demand your FTP!

Post by DARKMATTER » Tue Nov 02, 2010 11:03 am

I would add spyware blaster to the mix too, stops you getting to a lot of the nasty sites in the first place. Takes no resources and only runs when a browser is opened, all you have to do is update it regularly....

Post Reply