I've done those steps twice in the past myself. The nice thing is that you aren't actually adding anything, just deleting a single record which has a pretty obvious name. This almost entirely eliminates any worry about messing anything up, unless you sneeze in the middle of the process and wildly mash at the keyboard as you do. Then. Well, then there might be some problems. 
You are not logged in. Please login or register.
2024 Note on Registrations
the old system to register for an account is back with a few security improvements. Please tell your friends to click the register link and, once a password is confirmed via email, visit the sticky topic in the "Introduce Yourself to Gain Access" room.
how to get infected! (Page 2 of 2)
AudioGames.net Forum → Off-topic room → how to get infected!
Posts: 26 to 50 of 50
#26 2011-10-18 17:48:22
- Aprone
- Papa Sangre's plaything
- Offline
#27 2011-10-18 19:54:38
Well I went to see if I could find the key, and I did, it did indeed have a very obvious name and now the task manager is back hurrah!
Thanks Aprone, I'm deffinately glad that one is fixed.
With our dreaming and singing, Ceaseless and sorrowless we! The glory about us clinging Of the glorious futures we see,
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
#28 2011-10-18 20:10:27
- Aprone
- Papa Sangre's plaything
- Offline
Glad to hear it worked for you Dark. I seem to remember you talking about the disabled task manager a long time ago, and I don't know why I didn't give you this link back then. I must have been distracted at the time and then it completely slipped my mind. I'll consider it a lesson in the importance of answering people right away, before I have time to forget.
#29 2011-10-18 23:04:50
Hello.
I know this is offtopic, but i was lookng in the registry and found my q9 registration info. At least i think it was q9. I went into regedit, found the current user thing, went to software and found blastbay studios. In there, i found bgt and q9 action game. I wonder if it would remove my registration information if i deleted q9 and revert to demo mode. Anyway, when you delete keys, do they go to the recycle bin? I'm pretty sure this is q9 and not some random key so nothing serious should happen to my system but still i wonder. And, wow Aerin, that was awesome.
Grab my Adventure at C: stages Right here.
#30 2011-10-19 09:42:54
Yes, this is the registration for Q9, so deleting it is a bad idea.
Deleted keys do not go into the recycle bin, they are just deleted and unless you backup the registry first you can get into trouble. That's why I use something like pc tuneup to keep the registry in working order sinse problems with the registry can be extremely serious.
With our dreaming and singing, Ceaseless and sorrowless we! The glory about us clinging Of the glorious futures we see,
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
#31 2011-10-19 10:24:31
Okay, this is not exactly an infection but it deals with your computer in a pretty interesting way as well. This is what actually happened to a friend the previous morning and me and another friend spent like 4 or 5 hours trying to fix it, so here goes.
1. Attempt to shut your computer down by just pressing the power button. Nothing too bad about that, right?
2. Wait for a while for it to shut down.
3. When nothing seems to happen (she probably doesn't count the sound of the hard drive working as a reliable indication of any importance), press the button again, and this time keep holding it down.
4. Suddenly, you hear the XP shutting down sound followed by the sound that is played when an error dialogue pops up. Still, however, keep holding the dam button down.
5. Done, the thing is turned off. for good.
6. When you try to turn it on again, wait for it to start up and nothing hapens, ask your colleague to read the contents of the screen for you. Yes, the girl is blind as well and it happened in class.
7. The screen reads: "The file 'c:\windows\system32\config\system' is corrupted. The system can't be run.' Pressing whatever key restarts the computer.
You don't panic, however. You get back to the hostel after the lecture and call your most skilled technical friend who just happens to be visiting another friend that you two have in common. What a coincidence.
7. Don't give them any recovery or installation CD of any sort for one simple reason, you just don't have any around.
Okay, I had alive CD of Vinux 3.01 here so we tried that thing. Neither of us knows enough about Linux, however, so we had to Skype a friend from my computer, only for him to tell us that there is nothing like the Windows Scandisk or Checkdisk in Vinux, or probably Linux in general. We ran Ntfsfix on the hard drive (which is not even split into two or more partitions) but that didn't help.
Okay, so let's reformat my USB stick to make it bootable and put Hirens Boot CD on it. Having read the instructions on how to do it all, downloaded all the software and seemingly done it properly, we called the girl's sighted neighbor only to find out that the flash just doesn't boot, even after we successfully managed to change the priority of devices to boot from in the Bios. We tried twice more, with slightly different settings when installing the MBR on the flash, but still no result.
Okay, get your lazy bottom up and walk to a nearby department store, which is the only relevant shop that's still open at this late hour, where we could hope to get empty CD's, and burn the thing on one instead of hopelessly wasting your time with the flash disk.
Okay, now it boots. We ran Scandisk and Checkdisk on it and they fixed some mistakes but that particular file was still corupted. Having already wasted a lot of time, being tired and not wanting to delay the sighted girl any further because she was about to go out for a concert, the other guy tried to just directly copy the file over from his own computer. Probably not a good idea, now I'm in fact glad that it didn¨t work. Even when he managed to unlock the file and copy it on the flash disk, we couldn't locate the drive from within Hirens Boot CD.
Don't ask what we had to do in the end. We asked another sighted guy to come over and were fortunate enough as to find out that he had to fix a similar problem just a few days ago on his own computer. The file was apparently a corrupted part of the registry and he found direct step by step instructions somewhere on the Microsoft's website on how to find a backup copy of the current registry that is always created on system startup and replace all the current registry files with it. It was like 5 files in the system32/config folder, the one called just System being one of them. Fortunately and miraculously enough, it worked, it just worked after that, finally! so when I was already at it, I went for a fast beer with the guy whom I was helping to celebrate the success, and then I spent most of the night running a system restory on it from a point that was fortunately just two weeks old, wiping the hard drive and cleaning the registry, defragmenting, disabling some unneeded programs on system startup, updating and configuring a lot of the installed softwareetc.
Talk about fun. :-D
Lukas
I won't be using this account any more or participating in the forum activity through other childish means like creating an alternate account. I've asked for the account to be removed but I'm not sure if that's actually technically possible here. Just writing this for people to know that I won't be replying, posting new topics or checking private messages until the account is potentially removed.
#32 2011-10-19 10:43:29
Wow Lucas that was crazy!
Ironically my laptop did a similar thing in August, but in that case it was just a matter of taking it down to my very nice local computer shop who happened to have an xp install disk, which ran and fixed the issue in seconds, sadly I don't have pc tuneup running on that laptop which does have registry backup facilities, though luckily the windows boot disk fixed the issue.
With our dreaming and singing, Ceaseless and sorrowless we! The glory about us clinging Of the glorious futures we see,
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
#33 2011-10-19 17:46:54
hi,
strange, I installed xp with no service packs on a vm
no viruses
even though I wasn't running an av on the vmoh and btw what catagorie do the attacks that happened to me when I ran xp with no service pack fall under
I mean they aren't drive-by, autorun, web site attack etc
the viruses kept turning up in the c:\windows\system32\config\systemprofile folder
A learning experience is one of those things that say, "You know that thing you just did? Don't do that."
#34 2011-10-19 19:05:22
Right, Dark. If we had an XP installation or recovery disk, we could have been done with it in half an hour or less. You don't want to know the vocabulary we began using to address the computer when we were like half way through the madness all the way till the end. :-D
Now at least I know that the system itself creates a backup copy of the registry on startup. The trick is to know where it's located and where the actual original registry which is loaded and processed resides so that you can just manually copy the backup over the working files and then, just to make sure no programs stop working or other oddities like that, run a system restore on the thing. I was really happy she had the thing enabled and had a restore point from two weeks ago.
Lukas
I won't be using this account any more or participating in the forum activity through other childish means like creating an alternate account. I've asked for the account to be removed but I'm not sure if that's actually technically possible here. Just writing this for people to know that I won't be replying, posting new topics or checking private messages until the account is potentially removed.
#35 2011-10-19 23:56:45
Hello.
Well, the only thing i can think would happen as a result of removing the blastbay entry is the next time i ran q9, it would prompt me for registration info.
What i've also noticed is with those 3 or 15 day trials of games is that they expire and no matter of uninstalling and reinstalling them will get me trials back. I am thinking these are held in the registry and if i could somehow find and remove these keys, i can have new 15 day trials of the demos.
The only problem is i don't see many of those game titles or developers in the list of software in regedit.
Grab my Adventure at C: stages Right here.
#36 2011-10-20 01:01:02
Well, I suppose technically that would be cracking, so I'd be careful when looking for those.
Not that I don't abuse the heck out of Armadillo Army's fifteen minutes restarting every time you close the game, assuming you didn't use it all.
看過來!
"If you want utopia but reality gives you Lovecraft, you don't give up, you carve your utopia out of the corpses of dead gods."
MaxAngor wrote:
George... Don't do that.
"If you want utopia but reality gives you Lovecraft, you don't give up, you carve your utopia out of the corpses of dead gods."
MaxAngor wrote:
George... Don't do that.
#37 2011-10-20 01:38:06
Hmm
Well, the main reason i want to get trials is to play the demos again.
I really think those trials are unfair.
I don't mind the level restrictions on a game, but i think time limits, trials, internet activated trials and the like are a bit unfair.
And i don't think it's really cracking, i'm not looking for the full version, i just wonder if doing that would get me demos back that i can play
Grab my Adventure at C: stages Right here.
#38 2011-10-20 09:23:19
Well Chris, while I agree that the shareware limited version thing is probably better than the limited time games, I'm afraid there's not too much that can be done about it other than installing them on another machine, sinse usually it takes more than just deleting the registry entries to fix things, this is why people like Vip gameszone use an online demo activation (obviously developers who offer limited trials don't particularly want people playing them endlessly, particularly when the game itself is arcade style like esp pinball).
With our dreaming and singing, Ceaseless and sorrowless we! The glory about us clinging Of the glorious futures we see,
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
#39 2011-10-20 11:28:13
Some of the trials give you full functionality, however, like the Vipgameszone games, and those games that have timed demos don't usually contain too much more in the full version. So even though it might be unfair, it's the whole point of the trials. I understand your feeling but it would still be very close to cracking.
Lukas
I won't be using this account any more or participating in the forum activity through other childish means like creating an alternate account. I've asked for the account to be removed but I'm not sure if that's actually technically possible here. Just writing this for people to know that I won't be replying, posting new topics or checking private messages until the account is potentially removed.
#40 2011-10-20 15:55:52
Well Lucas that's true of some games. I have never bought the vip gameszone sports games for that reason, in that when I demoed them I found them far too easy and indeed in super football could pretty much murder the computer on super difficulty within the 2nd day.
In other cases though, the time limit didn't factor in my decision so much as the ability to see more of the game, for instance I didn't mind the fact that esp pinball xtreme was limited to 15 days of use, I bought it primarily because I wanted to see what the other pinball tables were like, in fact in most games i've bought that's been my principle reason, rather than just wanting to go on playing the bits of the game I already played. One thing which I am less keen on is time limiting an already limited demo. For instance allowing you to play the first level of a game for 10 minutes, then having the demo completely expire after a few days.
there have been cases (especially with complex games), when I've actually found my initial impression that they were too complex and not much fun, to be wrong, indeed Lone wolf and trek 2000 (which was commercial when i bought it), I initially didn't buy and deleted from my machine, and had to go and try them again before I could tackle them enough to be interested in the games and want to see more of them.
Ultimately though, this is one case where it's at the developers' discression. Some demos I've seen are pretty dire, such as the x hour demo which lets you play five minutes of the first level and expires after 3 days, but unfortunately we don't have any choice but to put up with it, and if the developer sells fewer games because of a too limited demo, well that's what happens.
That is in fact why I recorded a review of x hour in the first place, because I felt the demo really didn't show enough of the game.
With our dreaming and singing, Ceaseless and sorrowless we! The glory about us clinging Of the glorious futures we see,
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
Our souls with high music ringing; O men! It must ever be
That we dwell in our dreaming and singing, A little apart from ye. (Arthur O'Shaughnessy 1873.)
#41 2011-10-20 16:57:20
oh.oh, this is turning out now for a crack and regedit thing...
ok, some more tips (I am thinking of these, not done these):
open your cpu cover and remove all chips from your motherboard and restart your computer.
I think it can't even restart lol lol.
This is not a signature.
#42 2011-10-20 17:16:19
You made a good point here, Dark. I think a game demo should only be limited in one area - functionality or time. Well, it's not easy to generalize here either but in principle you're right that time-limiting a demo which already has limited functionality in itself is a pain.
Lukas
I won't be using this account any more or participating in the forum activity through other childish means like creating an alternate account. I've asked for the account to be removed but I'm not sure if that's actually technically possible here. Just writing this for people to know that I won't be replying, posting new topics or checking private messages until the account is potentially removed.
#43 2011-10-20 19:07:15
more ways to get infected
1. Look for cracks, subdivided in illegal software and .....
2. well .... the other kind..... Browse the web for free porn!
3. Look for software that adds smileys to your posts, mail etc.
4. Look for kewl skins, screensavers, song lyrics, etc.
5. Look for spyware removers, concentrate on the kind that makes you pay before it removes anything
6. Install a P2P program and repeat all of the above
7. Look for pokergames, slotmachines and other gambling outfits
8. Look for ringtones and other stuff to bling your phone
9. Do NOT pay for anything, the internet is a place where you can steal anything from everyone without even saying as much as thank you
10. Click on those unexpected links and attachments in email, because you're the curious type...
A learning experience is one of those things that say, "You know that thing you just did? Don't do that."
#44 2011-10-20 20:00:04
Whenever the internet tells you you can make enough money to quit your job and go on a cruise, give it a try! What could possibly go wrong?
看過來!
"If you want utopia but reality gives you Lovecraft, you don't give up, you carve your utopia out of the corpses of dead gods."
MaxAngor wrote:
George... Don't do that.
"If you want utopia but reality gives you Lovecraft, you don't give up, you carve your utopia out of the corpses of dead gods."
MaxAngor wrote:
George... Don't do that.
#45 2011-10-20 23:42:24
Hello
If you are a programmer, attempt to create a very nasty virus that consumes your system rapidly deleting and currupting important system files. Don't forget to put this virus on your own machine. Then, you'll have a lot of fun.
As for the xhour demo, it isn't limited in the 3 day thing as well as super tennis. I bought the super sport pack mainly because i liked those games more than vipgameszone's other stuff but i still want to play online with someone.
Hmm, what other virus or infecting stuff?
Well, let me see here.
unplug your pc or laptop from a hard drive or anything while transfering files.
Delete the windows folder in c and restart your computer.
Look for a file in your windows folder called shutdown or something like that. Make a shortcut for it, and suprise your friends when they click on the file and have to reboot there systems.
I will think of more
Grab my Adventure at C: stages Right here.
#46 2011-10-21 10:36:33
,HelloI have another suggestion about crashing the computer.
If you're using a laptop, do not hesitate to go and smash the screen with your foot. Then, punch your keyboard as fast as you can, and smash it. It will probably be a good suggestion.
I post sounds I record to freesound. Click here to visit my freesound page
I usually post game recordings to anyaudio. Click here to visit my anyaudio page
I usually post game recordings to anyaudio. Click here to visit my anyaudio page
#47 2011-10-21 21:02:21
Here is another suggestion for phisichal damage. If you have a desktop computer, then go and take your hammer, and hit it to the screen. Don't you think it will be fun?
I post sounds I record to freesound. Click here to visit my freesound page
I usually post game recordings to anyaudio. Click here to visit my anyaudio page
I usually post game recordings to anyaudio. Click here to visit my anyaudio page
#48 2011-10-21 21:10:11
ok so heres how this pc got infected
my sister downloaded some virus or another
this bundled a couple rootkits and patched the pc's boot sector
I downloaded microsoft system sweeper and ran a complete scan
it detected like 5 severe threats and quarantined them
all my settings got hacked also
the rootkit broke my internet connection
and all my files got a hidden atribute
after I ran system sweeper I inserted my boot dvd
and ran bootrec.exe and used the bootfix command
then my pc booted up
and I ran a complete scan with malwarebytes
it cleaned 4 hijacked items
then I used unhide.exe to restore some of my shortcuts
then I used super antispyware and reset url prefixes and repaired the winsok lsp chain
that fixed my net connection
I probably have some more hacked settings
heres the log to give you an idea of the severity of the infection
--------------------------------------------------------------------------------
Standalone System Sweeper Log, (c) 2006
Started On Fri Oct 21 2011 18:28:54
************************************************************
Product Version: 2.0.213.0
Engine Version: 1.1.2803.0
AS Signature Version: 1.0.0.0
AV Signature Version: 1.0.0.0
************************************************************
Signature updated on Fri Oct 21 2011 18:29:10
Product Version: 2.0.213.0
Engine Version: 1.1.7801.0
AS Signature Version: 1.115.281.0
AV Signature Version: 1.115.281.0
************************************************************
!WARNING
Expensive file
File Name:D:\Downloads\WinLite.iso
File Size:554827776
Time:171117
Container:Yes
Metric:CPU
CRC4:3736805603
CRC8:2598183062
CRC16:323269802
CRCHeader:954466286
CRCFooter:2149522328
!WARNING
Expensive file
File Name:D:\Users\enes\Downloads\Window XP - Professional .iso
File Size:512649216
Time:167529
Container:Yes
Metric:CPU
CRC4:3736805603
CRC8:2598183062
CRC16:323269802
CRCHeader:954466286
CRCFooter:954466286
Begin Full Scan
Scan ID:{7A223DD3-1895-4AB2-91F8-2CC7F4934C0B}
Scan Source:1
Start Time:Fri Oct 21 2011 18:29:33
End Time:Fri Oct 21 2011 20:09:05
Result Count:5
Threat Name:Trojan:Win32/FakeSysdef
ID:2147639286
Severity:5
Number of Resources:6
Resource Schema:regkey
Resource Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Extended Info:0
Resource Schema:runkey
Resource Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Extended Info:0
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp->(UPX)
Extended Info:210288499706296
Resource Schema:file
Resource Path:D:\ProgramData\KlfaHgChhuFCKdH.exe->(UPX)
Extended Info:210288499706296
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\ProgramData\KlfaHgChhuFCKdH.exe
Extended Info:0
Threat Name:Trojan:DOS/Alureon.C
ID:2147647384
Severity:5
Number of Resources:1
Resource Schema:boot
Resource Path:\\.\PHYSICALDRIVE0\(MBR)
Extended Info:36577697385332
Threat Name:Trojan:JS/Redirector.GQ
ID:2147644837
Severity:5
Number of Resources:10
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm
Extended Info:0
Threat Name:Trojan:Win32/Alureon.FE
ID:2147648217
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\temp\F344.tmp
Extended Info:143453744824274
Threat Name:TrojanDropper:Win32/Sirefef.B
ID:2147628107
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:D:\Users\enes\Downloads\ic.exe
Extended Info:197328390010608
End Scan
************************************************************
Begin Resource Scan
Scan ID:{E6A7D5F1-0B99-4BC9-ABEB-DE978CD173E3}
Scan Source:1
Start Time:Fri Oct 21 2011 20:12:46
End Time:Fri Oct 21 2011 20:13:00
Explicit resource to scan
Resource Schema:boot
Resource Path:\\.\PHYSICALDRIVE0\(MBR)
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\ProgramData\KlfaHgChhuFCKdH.exe
Explicit resource to scan
Resource Schema:file
Resource Path:D:\ProgramData\KlfaHgChhuFCKdH.exe->(UPX)
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm->(SCRIPT0000)
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm->(SCRIPT0000)
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm->(SCRIPT0000)
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm->(SCRIPT0000)
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm->(SCRIPT0000)
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\temp\F344.tmp
Explicit resource to scan
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp->(UPX)
Explicit resource to scan
Resource Schema:file
Resource Path:D:\Users\enes\Downloads\ic.exe
Explicit resource to scan
Resource Schema:regkey
Resource Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Explicit resource to scan
Resource Schema:runkey
Resource Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Result Count:5
Threat Name:Trojan:DOS/Alureon.C
ID:2147647384
Severity:5
Number of Resources:1
Resource Schema:boot
Resource Path:\\.\PHYSICALDRIVE0\(MBR)\(MBR)
Extended Info:36577697385332
Threat Name:Trojan:Win32/FakeSysdef
ID:2147639286
Severity:5
Number of Resources:6
Resource Schema:regkey
Resource Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Extended Info:0
Resource Schema:runkey
Resource Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Extended Info:0
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp->(UPX)
Extended Info:210288499706296
Resource Schema:file
Resource Path:D:\ProgramData\KlfaHgChhuFCKdH.exe->(UPX)
Extended Info:210288499706296
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\ProgramData\KlfaHgChhuFCKdH.exe
Extended Info:0
Threat Name:Trojan:JS/Redirector.GQ
ID:2147644837
Severity:5
Number of Resources:10
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm->(SCRIPT0000)
Extended Info:317938633491427
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm
Extended Info:0
Resource Schema:containerfile
Resource Path:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm
Extended Info:0
Threat Name:Trojan:Win32/Alureon.FE
ID:2147648217
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:D:\Users\enes\AppData\Local\temp\F344.tmp
Extended Info:143453744824274
Threat Name:TrojanDropper:Win32/Sirefef.B
ID:2147628107
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:D:\Users\enes\Downloads\ic.exe
Extended Info:197328390010608
End Scan
************************************************************
Beginning threat actions
Start time:Fri Oct 21 2011 20:13:00
Threat Name:Trojan:DOS/Alureon.C
Threat ID:2147647384
Action:remove
Threat Name:Trojan:Win32/FakeSysdef
Threat ID:2147639286
Action:remove
Threat Name:Trojan:JS/Redirector.GQ
Threat ID:2147644837
Action:remove
Threat Name:Trojan:Win32/Alureon.FE
Threat ID:2147648217
Action:remove
Threat Name:TrojanDropper:Win32/Sirefef.B
Threat ID:2147628107
Action:remove
Registry value to be removed:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Type:1
Value:C:\ProgramData\KlfaHgChhuFCKdH.exe
Action remove successful on regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Resource action complete:Removal
Schema:regkey
Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Threat ID:2147639286
Resource refcount:1
Result:0
Resource action complete:Removal
Schema:runkey
Path:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\KlfaHgChhuFCKdH.exe
Threat ID:2147639286
Resource refcount:1
Result:0
Action clean successful on boot sector:\\.\PHYSICALDRIVE0\(MBR)\(MBR)
Resource action complete:Removal
Schema:boot
Path:\\.\PHYSICALDRIVE0\(MBR)\(MBR)
Threat ID:2147647384
Resource refcount:1
Result:0
File to act on SHA1:5BCB7A4D5B2D5454A9AEC87550C834FD27058E33
File cleaned/removed successfully
File Name:D:\Users\enes\Downloads\ic.exe
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\Downloads\ic.exe
Threat ID:2147628107
Resource refcount:1
Result:0
File to act on SHA1:75B7CE4ADA47E82AE1C6BF5FDA7E9B4F3E363D92
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp->(UPX)
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\temp\P5tM1QBI6DSS92.exe.tmp->(UPX)
Threat ID:2147639286
Resource refcount:1
Result:0
File to act on SHA1:51901B6EF5A83231677F9BDADFBCF584CB566E05
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\temp\F344.tmp
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\temp\F344.tmp
Threat ID:2147648217
Resource refcount:1
Result:0
File to act on SHA1:C7AC12A9DD1BD564E7FC5619A3585D719DB1302D
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm->(SCRIPT0000)
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VNT3J35M\in[1].htm->(SCRIPT0000)
Threat ID:2147644837
Resource refcount:1
Result:0
File to act on SHA1:C7AC12A9DD1BD564E7FC5619A3585D719DB1302D
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm->(SCRIPT0000)
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PF14TIST\in[2].htm->(SCRIPT0000)
Threat ID:2147644837
Resource refcount:1
Result:0
File to act on SHA1:C7AC12A9DD1BD564E7FC5619A3585D719DB1302D
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm->(SCRIPT0000)
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUSQ56OT\in[1].htm->(SCRIPT0000)
Threat ID:2147644837
Resource refcount:1
Result:0
File to act on SHA1:C7AC12A9DD1BD564E7FC5619A3585D719DB1302D
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm->(SCRIPT0000)
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[2].htm->(SCRIPT0000)
Threat ID:2147644837
Resource refcount:1
Result:0
File to act on SHA1:C7AC12A9DD1BD564E7FC5619A3585D719DB1302D
File cleaned/removed successfully
File Name:D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm->(SCRIPT0000)
Resource action complete:Removal
Schema:file
Path:\\?\D:\Users\enes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA87UON2\in[1].htm->(SCRIPT0000)
Threat ID:2147644837
Resource refcount:1
Result:0
File to act on SHA1:75B7CE4ADA47E82AE1C6BF5FDA7E9B4F3E363D92
File cleaned/removed successfully
File Name:D:\ProgramData\KlfaHgChhuFCKdH.exe->(UPX)
Resource action complete:Removal
Schema:file
Path:\\?\D:\ProgramData\KlfaHgChhuFCKdH.exe->(UPX)
Threat ID:2147639286
Resource refcount:1
Result:0
Finished threat ID:2147628107
Threat result:0
Threat status flags:0
Finished threat ID:2147648217
Threat result:0
Threat status flags:4
Finished threat ID:2147644837
Threat result:0
Threat status flags:0
Finished threat ID:2147639286
Threat result:0
Threat status flags:0
Finished threat ID:2147647384
Threat result:0
Threat status flags:4
Finished threat actions
End time:Fri Oct 21 2011 20:13:07
Result:0
Standalone System Sweeper Log, (c) 2006
Stopped On Fri Oct 21 2011 20:14:17 (Exit Code = 0x0)
************************************************************
A learning experience is one of those things that say, "You know that thing you just did? Don't do that."
#49 2011-10-30 15:25:40
Hi,
Just a few more helpful tips for the one who wants to smash their computer into pieces!
First, get any weapon you have. If you have a gun, load a cartridge into the thing and fire the whole round into the computer casing, okay? Then it will explode. If you have an automatic weapon, switch to burst mode and fire into the screens, keyboard and cables, blowing them all up. If you have a bow and arrow, simply light the arrow on fire, load it into the bow, then release the arrow and let it pierce through the computer keyboard, casing and all the other things. If you have an axe, slamm your axe into the casing, destroying it.
Second tip. Put on a suit of armour, so your body doesn't get harmed, then smash the computer with your fists!
Third. Get a plate of food, smear it over the whole computer.
fourth. Take your laptop to the zoo. When your in the zoo, free every single animal and let them smash the computer!
Fifth. Chuck the computer into a fire-pit and let it die!
6. Lift the computer high into the air and swing it outwards, smashing the whole construct and your window into pieces!
7. Get a bottle of water, open the casing and spill the contents into the computer. Don't forget to spill in some cola as well.
8. Kick your computer 99 times.
9. When your in an excited mood, dance on your computer and knock off the screen!
10. Pull out everything and set it on fire.
11. Let your doggy eat the screen, but make sure it doesn't die!
12. Format your computer, and while its formatting, shut your computer down and reload the thing. 13. Get rid of everything in the register editer, then format your computer and don't install anything on it!
14. You know you get those sites where it says you could look for a cheep wife? Click on the sight and let your computer be infected with viruses!
15. Give your password to everyone, put it on every single wall in the city you live in.
16. If they say, you've won a software for free and they ask for your password, just give it to them, mate! What could happen, you'll get a free copy of that software!
17. Spit on your computer and cook the computer and after you cooked it, chuck it out of the window.
18. No virus protection software.
Done!
#50 2011-10-31 09:56:20
yeah they can.
It is better to remain silent and be thought a fool, than to open your mouth and remove all doubt. -Abraham Lincoln
Posts: 26 to 50 of 50
AudioGames.net Forum → Off-topic room → how to get infected!
Generated in 0.034 seconds (47% PHP - 53% DB) with 11 queries