If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
and oh so many others I could name;;;; all people whose advice I read
daily in this n/g. I'm bustin' my breachces at the moment due to having a broadband modem delivered here yesterday;; the account is already set up and will be active the instant I instal the modem etc...... I CANT WAIT.. But, I seem to have picked up a 'bug' (vcodec.emedia--more detail in other post) and I dont want to instal anything at all while I have a trojan active/ resident/ALIVE.........grrrr. If any can put themselves in my place and would like to help me get the trojan off, then I would be very grateful.... If only you knew how excited (& frustrated) I am at the moment. I have just put up with two months of a dial-up that boots me off at least ten times a day. Not to mention the lack of ability to see posts or replies to posts in this group. And now, I am so close to having broadband, yet a 'spanner' has been thrown into the works. What I am asking, is, could you guys take a look at my post titled, "Two Bugs within days". I really really really do want to hook up the whole broadband thing, and its frustratin' knowing whether or whether not to do it while a gremlin resides within, and what mr. gremlins purpose is.! Many thanks to all who help... (damn its hard, the new modem is sitting in a box right behind me.) Gekko |
#2
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
DAMN, my last post musta sounded lame.
I just want to know if it would be a SMART thing to do if I use add/rem knowing full well I am 'removing' a trojan? (seems to easy) Most trojans I've heard of, like to have this process done as it executes the virus itself....... erring on the side of caution. cant type anymore,,,,,, to whichever country that has trade-winds or whatever, stop sending the flu here every damn winter. Ge _ACHOO_kko "Gekko" wrote in message ... and oh so many others I could name;;;; all people whose advice I read daily in this n/g. I'm bustin' my breachces at the moment due to having a broadband modem delivered here yesterday;; the account is already set up and will be active the instant I instal the modem etc...... I CANT WAIT.. But, I seem to have picked up a 'bug' (vcodec.emedia--more detail in other post) and I dont want to instal anything at all while I have a trojan active/ resident/ALIVE.........grrrr. If any can put themselves in my place and would like to help me get the trojan off, then I would be very grateful.... If only you knew how excited (& frustrated) I am at the moment. I have just put up with two months of a dial-up that boots me off at least ten times a day. Not to mention the lack of ability to see posts or replies to posts in this group. And now, I am so close to having broadband, yet a 'spanner' has been thrown into the works. What I am asking, is, could you guys take a look at my post titled, "Two Bugs within days". I really really really do want to hook up the whole broadband thing, and its frustratin' knowing whether or whether not to do it while a gremlin resides within, and what mr. gremlins purpose is.! Many thanks to all who help... (damn its hard, the new modem is sitting in a box right behind me.) Gekko |
#3
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://aumha.net/viewtopic.php?t=5878 http://wiki.castlecops.com/Malware_R...:_Introduction http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/data/prevention.htm http://inetexplorer.mvps.org/tshoot.html http://www.mvps.org/sramesh2k/Malware_Defence.htm http://defendingyourmachine.blogspot.com/ http://www.elephantboycomputers.com/...moving_Malware When all else fails, HijackThis v1.99.1 (http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your log to http://aumha.net/viewforum.php?f=30, http://castlecops.com/forum67.html, http://forums.subratam.org/index.php?showforum=7, or other appropriate forums for expert analysis, not here.** Protect Your PC http://www.microsoft.com/athome/security/protect/ -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org Gekko wrote: and oh so many others I could name;;;; all people whose advice I read daily in this n/g. I'm bustin' my breachces at the moment due to having a broadband modem delivered here yesterday;; the account is already set up and will be active the instant I instal the modem etc...... I CANT WAIT.. But, I seem to have picked up a 'bug' (vcodec.emedia--more detail in other post) and I dont want to instal anything at all while I have a trojan active/ resident/ALIVE.........grrrr. If any can put themselves in my place and would like to help me get the trojan off, then I would be very grateful.... If only you knew how excited (& frustrated) I am at the moment. I have just put up with two months of a dial-up that boots me off at least ten times a day. Not to mention the lack of ability to see posts or replies to posts in this group. And now, I am so close to having broadband, yet a 'spanner' has been thrown into the works. What I am asking, is, could you guys take a look at my post titled, "Two Bugs within days". I really really really do want to hook up the whole broadband thing, and its frustratin' knowing whether or whether not to do it while a gremlin resides within, and what mr. gremlins purpose is.! Many thanks to all who help... (damn its hard, the new modem is sitting in a box right behind me.) Gekko |
#4
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
"Gekko" wrote in message ... DAMN, my last post musta sounded lame. I just want to know if it would be a SMART thing to do if I use add/rem knowing full well I am 'removing' a trojan? (seems to easy) Most trojans I've heard of, like to have this process done as it executes the virus itself....... erring on the side of caution. cant type anymore,,,,,, to whichever country that has trade-winds or whatever, stop sending the flu here every damn winter. Ge _ACHOO_kko All I can say is that the only time I've met this was on an XP machine - and the uninstall worked fine..... but the machine was also infested with Spywarequake!! which had to be removed at the same time. Worth checking for? -- Noel Paton (MS-MVP 2002-2006, Windows) Nil Carborundum Illegitemi http://www.crashfixpc.com/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's |
#5
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
Gekko wrote:
I seem to have picked up a 'bug' (vcodec.emedia--) As has already been pointed out, that's ZLOB. There are web sites that are generating new varients of it every hour. A month or two ago, the only way to get it was to browse porn sites and click on a link promising some sort of porn video, but then be told you need to download a new codec to watch it. The codec was ZLOB. A few weeks ago, the same sort of automatically-generated varient was being delivered via URL in spam e-mail. If you can find the original file responsible for the infection, try submitting it to www.virustotal.com and get a better identification as to which exact varient it is. Also, google the web for "ZLOB removal" and see if you can find info about your exact varient (or close to it). You should find info about what registry entries it creates, which files it creates or re-names, etc. Then re-start in DOS mode and delete as many of the bad files as you can. In the mean time, don't connect the infected computer to the internet - you will just become infected with more stuff. It will be hard to run virus-detection tools on the infected computer, because most viruses and trojans tend to shut down AV software and prevent them from running. From time to time, when I have a PC that I suspect is infected (Windows 98 or any version of windows), I remove the hard drive and slave it to a "trusted" PC running a similar operating system and then scan the drive. Because it's a slave, it won't be running any viral software, but any malware will be there all laid out in the open for the scanning software to find. This is especially useful when the malware could be hiding in hidden directories or other places that you don't normally have access to (that's more of a problem with XP than for 98). |
#7
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
All I can say is that the only time I've met this was on an XP machine - and the uninstall worked fine..... but the machine was also infested with Spywarequake!! which had to be removed at the same time. Worth checking for? -- Noel Paton (MS-MVP 2002-2006, Windows) Yeah, it seems that it is definately attracted to XP as fodder, because while I was/am at TomCoyotes forum, 99% of the people there asking for help to get rid of this same bug, are XP users. I havent yet come across a 98 user with the bug. The XP fixes are just that, 'only' XP fixes. (even then it seems like a drama to do) Gekko |
#8
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
Am already doing all those things PA, am not leaving a stone
unturned. No replies yet have come in from anyone here on what would be the sensible thing to do regarding the fact that the gremlin is actually sitting in my add/rem. I just dont want to set off a time bomb, so to speak. The "help me I've got a bug on my computer" forums are absolutely snowed under at the moment with ppl asking for assist........... and from the ones I've perused, the eMedia piece of s**t is primary on all lists. (at the moment) Ta for time PA, Gekko Oh, I've left my HJT with forums, just waiting for a reply. (but I wanna use my new toy modem........ sniff) "PA Bear" wrote in message ... Checking for/Help with Hijackware http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://aumha.net/viewtopic.php?t=5878 http://wiki.castlecops.com/Malware_R...:_Introduction http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/data/prevention.htm http://inetexplorer.mvps.org/tshoot.html http://www.mvps.org/sramesh2k/Malware_Defence.htm http://defendingyourmachine.blogspot.com/ http://www.elephantboycomputers.com/...moving_Malware When all else fails, HijackThis v1.99.1 (http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use. It will help you to both identify and remove any hijackware/spyware. **Post your log to http://aumha.net/viewforum.php?f=30, http://castlecops.com/forum67.html, http://forums.subratam.org/index.php?showforum=7, or other appropriate forums for expert analysis, not here.** Protect Your PC http://www.microsoft.com/athome/security/protect/ -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org Gekko wrote: and oh so many others I could name;;;; all people whose advice I read daily in this n/g. I'm bustin' my breachces at the moment due to having a broadband modem delivered here yesterday;; the account is already set up and will be active the instant I instal the modem etc...... I CANT WAIT.. But, I seem to have picked up a 'bug' (vcodec.emedia--more detail in other post) and I dont want to instal anything at all while I have a trojan active/ resident/ALIVE.........grrrr. If any can put themselves in my place and would like to help me get the trojan off, then I would be very grateful.... If only you knew how excited (& frustrated) I am at the moment. I have just put up with two months of a dial-up that boots me off at least ten times a day. Not to mention the lack of ability to see posts or replies to posts in this group. And now, I am so close to having broadband, yet a 'spanner' has been thrown into the works. What I am asking, is, could you guys take a look at my post titled, "Two Bugs within days". I really really really do want to hook up the whole broadband thing, and its frustratin' knowing whether or whether not to do it while a gremlin resides within, and what mr. gremlins purpose is.! Many thanks to all who help... (damn its hard, the new modem is sitting in a box right behind me.) Gekko |
#9
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
"98 Guy" wrote in message ... Gekko wrote: I seem to have picked up a 'bug' (vcodec.emedia--) As has already been pointed out, that's ZLOB. yeah, I know that already, thats why I mentioned it in the 'other' post. There are web sites that are generating new varients of it every hour. A month or two ago, the only way to get it was to browse porn sites and click on a link promising some sort of porn video, but then be told you need to download a new codec to watch it. The codec was ZLOB. hear you loud and clear. only thing i've downloaded prior to this bug is a few of Pavlovs Dogs old songs,,,, they had some old footage of some gigs so I d/loaded 2 of those, except WMP couldnt play them and I had to go grab 'realplayer'. the bug must have come in via those channels. If you can find the original file responsible for the infection, try submitting it to www.virustotal.com and get a better identification as to which exact varient it is. as above............................... Also, google the web for "ZLOB removal" and see if you can find info about your exact varient (or close to it). You should find info about what registry entries it creates, which files it creates or re-names, etc. been checking and re-checking and googlin' and re-googlin'. Then re-start in DOS mode and delete as many of the bad files as you can. FIRST, I just wanna know if it is a smart thing to do if I go into add/rem and kill it from there first???? I dont wanna get any hidden '.exe's' executing something just cos' I tried to delete/remove the said bug using an 'obvious' solution. It will be hard to run virus-detection tools on the infected computer, because most viruses and trojans tend to shut down AV software and prevent them from running. so far, I havent had any ill effects from the bug cept for some icon associations etc. my anti's havent been affected and can still point to the fact that it is there,, i did however quarantine/chest something the first time using Avast. Cheers (& sneezesz) for feedback 98guy. Gekko |
#10
|
|||
|
|||
pcr, hugh, ron, 98guy, richard, ...
"PCR" wrote in message ... I haven't had a virus yet to get rid of that I know of. As someone asked in the other thread, why not let your virus scanner do it for a start? Then, try HiJackThis per Bear's thread, &/or some of the other good advice in this thread. already on it pcr.................. just so damn frustratin' having a new toy to play with, but not actually being able to play with it. like getting a toy from granny, but no batteries!! I took the modem out of the box yesterday, fits in the palm of my hand;;;; its the first time I seen one.(B/B) Gekko oh, should I or should I not remove it from add/rem????????? will it set off alarm bells to the bug? |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Safe Mode - Attn: Ron M or Richard H | jeff | General | 0 | September 6th 04 02:57 AM |
Attention Richard Birtchnell | LuckyStrike | Multimedia | 0 | June 18th 04 08:44 PM |