virus? [Archive] - Glock Talk

PDA

View Full Version : virus?


Another Miller
06-24-2010, 15:37
The other day, we had a outage here locally with roadrunner. My internet hasnt worked till just now.Anyhow, id click on internet and would get an error message that the proxy is refusing connections.

using firefox and malware bytes and super antispyware eliminator and avg.windows xp.

Anyhow after 4 calls with time warner, they said the settings were changed somehow.I switched them back but the tech said it will only be temporary as I have a virus.I can connect now but its sssslllloooowww.

I ran everything and came up with no infections.my computer is possessed, can anyone help?

kc8ykd
06-24-2010, 16:16
The way to check to see if FFX is configured to use a proxy is as follows:

click on the Tools menu
click on Options
click on the tab labeled Advanced
click on the Settings button

if the option for Manual Proxy Configurations is checked, you probably do have/had a virus

make sure the option No Proxy is selected
hit OK until you're back to the main window

if AVG/Malware Bytes and other's aren't picking up anything, you might try downloading Avast (http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html?part=dl-85737&subj=dl&tag=button)

To see if a proxy is setup for windows in general:
open the Control Panel
double click on Internet Options
click on the tab Connections
click on the button LAN settings
ensure that none of the boxes are checked
hit OK until back to the control panel

If a proxy was configured, again, you probably have/had a virus

Another Miller
06-24-2010, 17:48
proxy was,I went through and did as you instructed.internet still works.

by the way, what is a proxy?


update;did the avast and it found nothing but during the scan, avg popped up and said it detected a tracking cookie on opening.

I also upgraded my firewalls and firefox as well.It seems to be running better now.thanks.

kc8ykd
06-24-2010, 20:53
a proxy is just that, another computer where your data is sent through before it gets to it's final destination.

Unless that proxy was set as something you setup, it's probably remnants of a virus, or some other software package. If you didn't setup the proxy, I'd consider everything you've sent via that proxy to be compromised.

A proxy is a great way to steal passwords and other personal information, as well as a good point to launch man in the middle attacks (where the proxy modifies the data passing through it).


tracking cookies aren't a big deal, well, any cookies aren't, they can't do anything to your system.

stolivar
06-25-2010, 15:27
Did you run Malwarebytes in safe mode or regular windows.

You need to run it in safe mode with internet. then run it in thorough mode


steve

Pierre!
06-25-2010, 16:15
Did you run Malwarebytes in safe mode or regular windows.

You need to run it in safe mode with internet. then run it in thorough mode

steve

Stolivar / Steve WINS THE PRIZE!

Scanning for a virus when you are NOT in SAFE MODE is just wasting time... Use the F8 key while booting the computer system to enter safe mode... If you see the "moving bars" you have failed and will need to restart your system and press F8 faster during the boot up sequence. I do pretty well at 1/2 sec intervals.

Hope that helps!

Another Miller
06-26-2010, 06:18
Something wierd, I was in glocktalk and this #$% box popped up and it went to another website.Something about localnews or something and started to load a movie.I got out of it and now it keeps going there.Its switching websites and Im not even doing it.

Ill try the safe mode now and reboot.

Tried the safe mode,nothig found except avg wouldnt scan a few things,locked file

documents and settings/network service/local settings/application data/microsoft/windows/UsrClass.dat locked file not tested.

Pierre!
06-26-2010, 07:39
Hey there Another Miller,

Couple of tips for you:
First - *ALWAYS* use the key combo of < ALT > + < F4 > to close pop-ups, especially when surfing! Understand that the "White X in the Red Box" that everyone normally uses to close windows and applications is in reality a Programable Object - which means that as a hacker I can tell the box to quietly download and install my package when you hit the "White X in the Red Box Button" on the pop-up I just sent you... Using the key combo removes the opportunity to install my payload or re-direct your browsing session...

Second - Get Malwarebytes installed and updated, then run a scan in SAFE MODE and see what you get... You may have something hiding, and Malwarebytes has been my 'Silver Bullet' for the past couple of years. It's free and you download it from http://malwarebytes.org

Hope that helps you out!!!

PS - time to drop XP - I *>played<* with a virus for 45 minutes not too long ago - Because of the User Access Control ((UAC) that everyone gripes about) the virus could not install... Windows 7 is much better when you are able to move on!