|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
11-02-2004, 11:28 AM
|
#1 |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jul 2001
Posts: 59,204
|
I hate asking it but i need help getting rid of a trojan
1: I normally dont get infected
2: Im usually the person who know how to clean other peoples computer. But im stuck with this highly annoying trojan which wont go away. AVG and Panda online scan cant get rid of it. AVG finds the infected file, heals it but it keeps coming back. Even when i manually delete the infected/healed file. Its the trojan backdoor.midrug.b. It creates a file called msrss32.dll in the windows/system32 dir every time i reboot. Ofcourse i deleted that file but it just keeps appearing. It opens something in the background which spoofs an internet explorer page when checking what programs are running. This is the part where it opens a port i guess. Anybody any clue? The problem is google shows nothing about the trojan. |
|
|
|
11-02-2004, 11:29 AM
|
#2 |
|
Confirmed User
Join Date: Jul 2004
Posts: 4,857
|
slowly roll it down off your cock, then set in gently into a garbage can
|
|
|
|
|
11-02-2004, 11:38 AM
|
#3 |
|
Confirmed User
Join Date: Mar 2002
Posts: 1,130
|
check the Prefetch dir
probably have a file there that keeps loading it into the ram
__________________
"where ever you go..there you are." |
|
|
|
|
11-02-2004, 11:38 AM
|
#4 |
|
Confirmed User
Join Date: Dec 2001
Location: Sunny Queensland - perfect one day and better the next.
Posts: 2,106
|
Download the trial version of Kaspersky - kaspersky.com - you might find that gets rid of it.
We've run AVG and Panda and they have missed a lot of stuff that Kaspersky has found and healed.
__________________
Left intentionally blank ... just like my brain |
|
|
|
|
11-02-2004, 11:40 AM
|
#5 |
|
When it rains, it pours
Industry Role:
Join Date: May 2003
Posts: 20,609
|
|
|
|
|
|
11-02-2004, 11:49 AM
|
#6 |
|
Confirmed User
Join Date: Jan 2001
Location: EU
Posts: 6,103
|
turn system restore off in windows..restart...delete the file...restart again and tunr system restore on...I hope it will work
|
|
|
|
|
11-02-2004, 11:49 AM
|
#7 |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jul 2001
Posts: 59,204
|
Thanks will check it out.
|
|
|
|
|
11-02-2004, 11:53 AM
|
#8 |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
A good tip when tracking down bad files is to view common windows directories by date and see n programs..
use the search function and search for exe files created within the last few days..
__________________
hatisblack at yahoo.com |
|
|
|
|
11-02-2004, 12:09 PM
|
#9 |
|
So Fucking Outlawed
Industry Role:
Join Date: Nov 2001
Posts: 5,114
|
Try using
Spy Sweeper |
|
|
|
|
11-02-2004, 12:15 PM
|
#10 |
|
Confirmed User
Join Date: Sep 2003
Location: Los Begas
Posts: 9,162
|
I found the backdoor.midrug.a variant listed on some foreign sites.
This Chinese site says their anti-virus shareware program will fix it. (The "a" variant that is) Hopefully the program menus aren't in Chinese though  |
|
|
|
|
11-02-2004, 12:16 PM
|
#11 |
|
WW4L
Join Date: Oct 2002
Location: over the river and through the woods
Posts: 10,581
|
I have the same thing...and nothing has worked.. it wont even let my system resotre work..so its c/format for me. I am just getting all my "stuff" on cd's and getting my programs in order.
this thing is nuts.. |
|
|
|
|
11-02-2004, 12:19 PM
|
#12 | |
|
Too lazy to set a custom title
Industry Role:
Join Date: Jan 2001
Posts: 51,692
|
I have a computer infected with that too . I gotta format it anyways it's full of crap
__________________
Quote:
|
|
|
|
|
|
11-02-2004, 12:25 PM
|
#13 |
|
Confirmed User
Join Date: Mar 2004
Location: DK
Posts: 735
|
Last edited by Lensman on 11-02-2004 at 05:40 PM
Last edited by SmokeyTheBear on 11-02-2004 at 05:51 PM  They really are the same person.
__________________
Click Here |
|
|
|
|
11-02-2004, 02:10 PM
|
#14 |
|
Confirmed User
Join Date: Dec 2002
Location: Br00klyn, NY
Posts: 245
|
the trojan is most likely loaded in memory.. drop down to safe mode and delete the dll. if that doesnt help get a program called hijack and see what else is loaded in memory.
__________________
Skype: uws.ray |
|
|
|
|
11-02-2004, 02:15 PM
|
#15 | |
|
Confirmed User
Join Date: Sep 2003
Location: Los Begas
Posts: 9,162
|
Quote:
|
|
|
|
|
|
11-02-2004, 02:24 PM
|
#16 |
|
sell me your banners
Industry Role:
Join Date: Dec 2003
Location: on the tubes
Posts: 12,931
|
maybe it changed something in your registry?
I'd recommend PestPatrol for anything spyware/backdoor/trojan it finds everything and deletes it too. dunno if spending $$$ on all that software is usefull for just this one case.
__________________
Media Buyer - Sell me your traffic! FREE to register domains... Better than 99% of the crap sold here! |
|
|
|
|
11-02-2004, 02:38 PM
|
#17 |
|
Confirmed User
Join Date: Sep 2002
Location: The Internet
Posts: 2,681
|
just format and it's all good again.
 |
|
|
|
|
11-02-2004, 02:39 PM
|
#18 |
|
Too lazy to set a custom title
Join Date: Jun 2003
Location: Jesusland
Posts: 10,017
|
Many times system restore is your enemy when you're trying to clean your computer. Always disable it first.
__________________
War National Damn Champions Eagle |
|
|
|
