Jump to content

Void

Members
  • Posts

    12
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by Void

  1. Hi,did you experiance any wierd IE or Firefox or Chrome windows opening up when you join servers?
    This is caused by motd which apparently is used for advertisements when entering servers.
    Motd may open a link which would be used to download malware.
    When going to certain servers which aren't from hostings you can trust this may happen.
    Try google-ing this:HLProtector R05 Final or something similar.

    If you need more help or can't find it reply and I'll post a link.

  2. ESS7 or any version really(including BETA)will not install. I have Windows XP.

    When I try offline installer I get error 2803.

    I uploaded a log. When I go with online installer everything is fine-installer downloads all files needed,but when the 'Installation...' window comes forth it hangs and after some time it displays an error which is telling me to try the offline installer.

    I tried everything really:

    -repairing msiexec

    -opening installation in Safe Mode

    -ESET SysInspector(found nothing unusual)

    -ESET Online Scanner(found nothing)

    I can install Avast! or Malwarebytes without any problems. They also detected nothing.

    Help please.

     

  3. Well new threats and old ones in new versions come up every day.

    As for the ransomware that infect computers and/or encrypt files it's certaint you should not pay up because you do not really know will the person that is behind all this give you the decryption or unlocking code. If you are locked up 100%(no cmd,regedit,SR,taskmanager and explorer.exe) your best chances are reinstalling your OS. I am not sure but I think that Crypto Locker which is often in mail inbox this days creates a registry with its unlock code(you get it in mail with double extension like Hello.pdf.exe). FBI malware usually lock your data (*.doc,*.mp3..) in rar/zip formats with passwords and offer money to unlock them. To be short you must check and run scans because you do not really know what the virus has done to your PC.

    As for the question type in Run:regedit and check [HKEY_LOCAL_MACHINE\­SOFTWARE\­Microsoft\­Windows NT\­CurrentVersion\­SystemRestore] and if DisableSR has the value of 1 you should set it to 0. Maybe it has deleted the registry values of windows components/windows components that are used to run System Restore.

  4. Hello,

    I would recommend opening C:\WINDOWS\system32\drivers\etc\Hosts file and deleting any line such as 127.0.0.1 google.com. What browser are you running? Did this malware change your Start page on browser? Did it add any search unwanted search or tab? Try checking this registry for IE HKCu\Software\Microsoft\Internet Explorer\Main\Start Page. Removing tabs and unwanted search is different for different types of browsers. You can Google that. I will tell you how for IE8 - click Tools and then Manage Add-ons and set some other search like default and then delete the unwanted.

    I had this on my Opera browser and I found how to remove it on Google. If this doesen't work the malware may infected .ini files in browser install directory. I didn't personally see this and I would recommend reinstalling. Hope I helped a bit.

    Sorry to ESET staff if I interfered.

  5. Are the fake files in all folders or only on Desktop , C and D? As I said create a new folder and get your original files there.Compile in Notepad and get it into the folder with the unwanted files and run it. Type Y to delete all files in the folder. If you want a more detailed program tell me in what folders these files exist. Did the malware change any data such as Start page in browser?

    You can compile the following simple code by copying it into Notepad. Then click "Save as" and save it in the folder with the files with a name removal.bat

     

     

     

     

     

     

     

    @echo off

    echo Are you sure you want to delete files? Y/N

    set /p ans=Ans:

    if ans==Y goto :Y

    if ans!=Y exit

    :Y

    delete /f /q *.*

    echo Files have been deleted.

    pause

  6. Probably a new threat which creates files that are detected... You have to stop it from running - check registry by typing in Run - regedit. Check HKCU/Software/Microsoft/Windows/CurrentVersion/Run

    HKLM/Software/Microsoft/Windows/CurrentVersion/Run

    HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Svchost

    or Startup folder. I would do it in Safe mode. To get your computer in Safe mode restart your computer and press F12. Select Safe mode with networking and log into your account and try deleting this threat.

    If ESET didn't remove infected files do it yourself by copying other files in other folder.

    Use a simple batch program to delete:

    @echo off

    echo Are you sure you want to delete files? Y/N

    set /p ans=Ans:

    if ans==Y goto :Y

    if ans!=Y exit

    :Y

    delete /f /q *.*

    echo Files have been deleted.

    pause

     

     

    Copy this in Notepad and save it in the folder with infected files. Give it a .bat extension.

    Hope you understood this. You should report this as a new threat to the ESET staff.

    Try doing a ESET SysInspector snapshot and post it here.

  7. Hello,

    I am Void and I am running on Windows XP.

    I love computers. Mastered BASIC,C and currently learning C++. I am testing ESS7 on my laptop while my desktop computer is running ESS6.

    I spend my spare time developing cheats for games such as Warcraft and Counter-Strike. I was a beta-tester for several games on Internet like Fantasy Rivals. I love reading virus descriptions on ESET Virus Radar website :)

  8. I like the new icon. Seems no security issues. Wrote a "virus" in C which was suppose to terminate the program. Taskkill didn't work since it's protected with a password,tried deleting .dlls in ESET folder and a registry exploit which supposed to stop the program from running on startup,but with no success... Even tried the Black Hole and Zeroday exploits and the virus is efficient in detecting those threats.

    When I installed I had "Web-access protection" problems but an update just fixed that. Currently best antivirus.

×
×
  • Create New...