cwatson Posted April 21, 2008 Report Posted April 21, 2008 and heres something I made earlier http://a213.ac-images.myspacecdn.com/images01/102/l_09698c6a7b3a118ca24811c69ab9d66c.jpg Quote
Pyro_Stu Posted April 21, 2008 Report Posted April 21, 2008 Honestly people it is safe, I am using a script blocker which lets me see which scripts are running on a page and the one that was causing the problem is definitely gone. Quote
Rocky77 Posted April 21, 2008 Report Posted April 21, 2008 It all seems fine to me I'm running explorer and AVG. It is as safe as anywhere i guess. That said admin have stated that they're not sure how they got in. Quote
Rocky77 Posted April 21, 2008 Report Posted April 21, 2008 Here is the latest from Al The attacks racekites is seeing is part of a mass attack to the internet, no site is completely safe from these attacks and its just a matter of time before more sites see similar issues... The attacks are coming from China and use a new SQL injection technique, microsoft are currently looking into a patch, however in the mean time, its up to the site admins to generate their own fix... Everyone should have antivirus software, which is your first line of defense... the internet is full of virus threats, racekites is not special in this case... Maybe you would like to help us in finding a solution... Cheers A Quote
Ped Posted April 22, 2008 Report Posted April 22, 2008 Well my comps still ****ed!!!! The *******ing thing keeps coming up with pop ups now wantng me to download spyware rmoval tools!!!! The annoying thing is all my AV tools find the viruses and deletes them but once i restart my comp they're back!!! Ped:mad: Quote
Afro1599968737 Posted April 22, 2008 Report Posted April 22, 2008 the virus usualy hides its files by naming them as common windows files, which the AV software wont delete Quote
Gibbson710 Posted April 22, 2008 Report Posted April 22, 2008 do you know what infections are flashing up on your AV, also what AV are you running ??? try this program its free and pretty good at shifting naties from ya PC but run it from windows safe mode http://www.superantispyware.com I think it might just need a bit of work to get sorted but most of these infections once you head in the right direction can be removed. Quote
Ped Posted April 22, 2008 Report Posted April 22, 2008 do you know what infections are flashing up on your AV, also what AV are you running ??? I'm running - AVG anti virus Zone Alarms fire Wall Spy bot S&D AdAware 2007 All with IE - I thought I was pretty well covered but looks like I got hit pretty bad:( Quote
Middleend Posted April 22, 2008 Report Posted April 22, 2008 do you know what infections are flashing up on your AV, also what AV are you running ??? try this program its free and pretty good at shifting naties from ya PC but run it from windows safe mode www.superantispyware.com I think it might just need a bit of work to get sorted but most of these infections once you head in the right direction can be removed. This is a great piece of kit, cleaned up a nasty dose I hade once and has kept me clean ever since Quote
Ped Posted April 22, 2008 Report Posted April 22, 2008 do you know what infections are flashing up on your AV, also what AV are you running ??? I'm running - AVG anti virus Zone Alarms fire Wall Spy bot S&D AdAware 2007 Also have crapcleaner and registry mechanic on there to. All with IE - I thought I was pretty well covered but looks like I got hit pretty bad:( AVG is picking up a few .dll downloader viruses (calling them Lob virus?) + Its picking up a JS downloader - The problem is that AVG wont heal them and just moves them to the virus vault where i delete them then when the comp restarts there back:mad: I think its because when I look at the details of the viruses they are stuck in the temp back files of the comp - do I just need to turn off system restore for this then run the scans again??? Spybots picking up a good few things as well - DoubleClick - 1 Entry Media Plex - 1 Entry Stat Counter - 1 Entry Virtumonde.dll - 4 Entrys Zedo - 1 Entry This is just from running the comp for an hour this morning before work - I spent all of last night going through every scan on my comp and deleting everything that came up but againthis morning when the comp turned on they were back!!!! I did a bit of google searching this morning on the viruses and a few web sites suggested going to the Kaspersky site and using there online scan to get rid of the Lob virus - I tried to do this but when I went onto the web site a box appeared on the screen saying there was a C drive run time error and I should leave the site so I ignored this and clicked on the tab to start the scan and my whole screen got filled with chinese writing!!!!! Anyways I got rid of that and managed to get onto the kaspersky web site home page and have left the scan running while I've headed to work so I'll see if it picks up anything when i get home. If I was to buy an external HD and transferred my pics and music onto that is the a chance the viruses will transfer onto that as well???? Just thinking I might have to reinstall XP:( Quote
Gibbson710 Posted April 22, 2008 Report Posted April 22, 2008 try superantispyware first and see what that clears up spybot is good but it aint the best bit of kit on the market id also look at upgrading your anti virus to a paid one avoid norton it will slow your comp down ESET is really good and about the same price as the main highstreet brands we all know. try this program it will remove virtumonde from your comp heres the link http://www.softpedia.com/get/Antivirus/VundoFix.shtml the JS downloader is related to a Java Script bug and so AVG will pick it up but cant rmove it this will hopefully remove it http://www.precisesecurity.com/tools-resources/adware-tools/smitfraudfix/ hope this is of some help let me know if not and ill see what else i can find out Quote
Pyro_Stu Posted April 22, 2008 Report Posted April 22, 2008 Well my comps still ****ed!!!! The *******ing thing keeps coming up with pop ups now wantng me to download spyware rmoval tools!!!! The annoying thing is all my AV tools find the viruses and deletes them but once i restart my comp they're back!!! Ped:mad: A possible quick fix to get rid of the pop ups is go into: Control Panel - Administrative tools - services and end and disable messenger service This is in no way linked to windows messenger or MSN and is only really used for popups and spam and so is normally best to turn off. Quote
Middleend Posted April 23, 2008 Report Posted April 23, 2008 Well my comps still ****ed!!!! The *******ing thing keeps coming up with pop ups now wantng me to download spyware rmoval tools!!!! The annoying thing is all my AV tools find the viruses and deletes them but once i restart my comp they're back!!! Ped:mad: It sounds like you've got a dose of Vundo. Got to vundofix.atribune.org and download the free software and follow the instructions. Then go and get SuperAntispyware.com and run it a few times and that should sort it out. It is a real pain in the A*** because everytime you reboot the pc restores the virus. If you are running a home network you'll need to clean up every PC as it spreads through networked computers. You will also afterards go to your temp files and clean out all the benign **** that it dumps there to soak up your virtual memory. I don't think it has anything to do with RK's troubles tho. Good luck Quote
Ped Posted April 23, 2008 Report Posted April 23, 2008 Thanks for the advice and tips folks - I've run everything suggested about 3 / 4 times now in both normal and safe mode and it looks like my comps now clean the only thing that i'm not sure about is that when I reboot the comp when it starts up I get a run time error popping up with this on it - C:\WINDOWS\system32\vpqyovlo.dll According to google its a registry problem - would that be right???? Do I just run my registry mechanic to fix this?? Cheers Ped:) (Total computer numpty) ps I also switched off system restore to delete the temp back up points stored in there is this ok?? Quote
Ped Posted April 23, 2008 Report Posted April 23, 2008 Ok I've ran registry mechanic and restarted my comp and the run time error has gone away but I'm now getting a hardware wizard popping up wanting me to follow the instructions to install new hardware???? I've not plugged anything new in? Is this just a driver needing reinstalled? Should I just bite the bullet and reformat? Ped:( ps when i think about it I downloaded a keygen for Zone alarms around about the same time as visiting racekites that didn't work so its possible thats whats killed me............ Quote
Middleend Posted April 23, 2008 Report Posted April 23, 2008 Ok I've ran registry mechanic and restarted my comp and the run time error has gone away but I'm now getting a hardware wizard popping up wanting me to follow the instructions to install new hardware???? I've not plugged anything new in? Should I just bite the bullet and reformat? Ped:( ps when i think about it I downloaded a keygen for Zone alarms around about the same time as visiting racekites so its possible thats whats killed me............ DON'T HIT REFORMAT . What is the wizard trying to install? If it's a plug in like a mic or something that you know about allow it to continue. If its an external drive run the Vundofix tool on it if you haven't already otherwise it will just come back again. Its a real b****r. I would then rerun on the hard disk if it was detected just incase. If you are confident that all is clean, and you've cleared out your temp files. Then turn your system restore back on and everything should (?!?!) be OK. The keygen is higly likely to be your culprit. Best to avoid small file sizes or ones that are grouped in the same file size, but if you do scan it before you unzip or run the file...... Quote
Ped Posted April 23, 2008 Report Posted April 23, 2008 Thats the problem it tells me that the hardware it wants to install is unknown so I've just cancelled it everytime - I've ran the Vundofix tool a few times now and it doesn't pick anything up + Superantispyware is coming back clean as well (at the most its picking up a tracking cookie after I've been online) AVG isn't picking up anything either:) My comp is running a hell of a lot faster now both on and offline so I'm thinking I've cleaned everything off it (I deleted about 60gb of **** off it at the same time:)) My only worry now is if I allow this hardware wizard to run it wil all come back.............. The guy I work with recons I should just run it - he thinks the C:\WINDOWS\system32\vpqyovlo.dll run time error that reg mechanic fixed is prob a driver for my printer / web cam? Anyways cheers for all the help so far:D Ped:D Quote
tiny_clanger Posted April 23, 2008 Report Posted April 23, 2008 Should I just bite the bullet and reformat? Yes, providing your data is backed up or stored on non-system partitions. IMO, easiest way to an infection free PC Quote
Middleend Posted April 23, 2008 Report Posted April 23, 2008 The guy I work with recons I should just run it - he thinks the C:\WINDOWS\system32\vpqyovlo.dll run time error that reg mechanic fixed is prob a driver for my printer / web cam? Like Tiny says if everything is backed up, your mate sounds confident. Vundo didn't give you a warning before it installed itself last time. You either live with it or you do something about it.... Quote
GORILLA Posted April 26, 2008 Report Posted April 26, 2008 Is it back up yet or still knackered ? Quote
BladeAddict Posted April 26, 2008 Report Posted April 26, 2008 its been back up for a couple of days now Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.