Outlaw Audio home shop products hideout news support about
Page 1 of 4 1 2 3 4 >
Topic Options
#10858 - 01/22/03 07:41 PM Way off topic: Computer Help!
Smart Little Lena Offline
Desperado

Registered: 01/09/02
Posts: 1019
Loc: Dallas
Hi guys I’ve wasted half my day, trying to sort my computer out. And was wondering if any here have run into episodes of some porn site stuff, which has, loaded into my computer changing my default browser to
Revolution.da.ru. several times in the last couple of weeks. Today, it really knocked me out of commission.

All day I had “google” (my default browser) and several web sites unavailable. I could load Outlaw, and another site I have to do business on. But could not load ‘google’ AVS or HTF. . I thought I had two separate issues going on. That issue of google and the web sites not available stumped SWB when I spent over an hour ½ on the phone with Southwestern Bell DSL tech support today, they never could diagnose why Googol would not load, and we hung up without resolution. Late this afternoon I got it all back when cleaning the ‘porn’ cookies and files out again. So I’m assuming that probably my browser/web site ‘PAGE NOT AVAILABLE” glitch all day is connected to the porn trash taking over my computer.
My problem is I think the ‘porn’ takeover is leaving a kernel of something somewhere I cannot trace and keeps reloading and I can’t figure out what sets it off cueing it to reload. (I have never had to ‘pay’ to get my computer worked on in all these years although I am basically computer illiterate. I just somehow muck around until I get everything running again, without knowing what I have done to ‘fix’ it. This one is stumping me and getting worse. Anyone run into this one? When it takes over, It changes the entire favorites list to all porn sites. Loads about 3 desktop icons for Porn site. Changes default browser to the Revolution address. And now evidently somehow locks me out of Google and many web sites.

This particular virus? Spam? Whatever seems to be slowly gaining a wider foothold in my system. Anyone out there dealt with this particular set of circumstances and can direct me to the ‘root’ cookies, files etc to weed out?

PS. What’s a cabinet file? I have 2 loaded checking new files for todays date, I am itching to delete since I think they might be connected to the porn takeover, but I cannot verify what they are and am concerned (I have done it in the past)…I’ll crash the whole system if I delete these.

Any computer gurus had this ‘problem’.

Thanks!

Top
#10859 - 01/22/03 08:14 PM Re: Way off topic: Computer Help!
soundhound Offline
Desperado

Registered: 04/10/02
Posts: 1857
Loc: Gusev Crater, Mars
Solution: Buy a Macintosh

Top
#10860 - 01/22/03 09:31 PM Re: Way off topic: Computer Help!
psklenar Offline
Desperado

Registered: 03/01/01
Posts: 479
Loc: Southern New England, USA
SLL,

You are running an antivirus program, right? Have you made sure that it's updated?

Cabinet files are a type of archive (like a .ZIP or .RAR file) that's particular to Microsoft. If you look on your OS install CD, you'll see that most of the directories are .CAB files. You say that you have two with todays date? What are their names?

As for the cookies, if you're running IE and unless you've customized your set up, they are usually in a directory called

"C:\Documents and Settings\{user name}\Cookies"

You can delete all of them if you wish, but you'll loose most any auto-logon's and passwords and stuff like that that you may have set up for web sites that you regularly visit. The only down side to this is that you'll have to manually key in your ID & password the next time you visit a site that you had previously saved. Annoying, but far from being the end of the world.

Another thing you might want to try, go to http://www.lavasoftusa.com/ and download, install and run Ad-Aware. It'll ferret out any spyware applications or applets that have been installed (usually without your knowledge) on your system and give you the chance to remove them.

Good luck!

------------------
pat----

email: pat@sklenar.info ---===--- home page: Grumpy's Lair
_________________________
pat----

Top
#10861 - 01/23/03 12:21 AM Re: Way off topic: Computer Help!
charlie Offline
Desperado

Registered: 01/14/02
Posts: 1176
Hey -

At last one I can really help with! I'm a professional software engineer working in anti-virus and security technology for a while now, so while my info isn't definitive, it's at least well informed.

Try these places to scan for viruses:

http://www.pandasoftware.com/activescan/com/activescan_principal.htm
http://housecall.antivirus.com/housecall/start_corp.asp

both of these are kept current with up to the minute updates of the signature files - I like the Panda one, I think it's a bit more complete but the Trend one is a bit faster. Both are excellent scanners and both have good AV researchers.

If you are infected there are several current viruses out there that disable installed AV software, so once you get out of date and are infected with one of these guys updating at that point won't typically restore your AV to running condition.

Generally one of the above will detect and may be able to clean but if not the best bet is to carefully copy data and reinstall the OS. Once that is done install an up to date AV and then scan each backed up file before restoring it.

What is the URL you're being directed to? Add spaces or something to keep someone from accidentally linking to it....
_________________________
Charlie

Top
#10862 - 01/23/03 12:33 AM Re: Way off topic: Computer Help!
Paul J. Stiles Offline
Gunslinger

Registered: 05/24/02
Posts: 279
Loc: Mountain View, CA, USofA
Dear, dear Lena,

Porn cookies? I never would have imagined that you would frequent such sites. Do you earn or spend $4.98/minute? My favorite porn cookie is XXXchocolate chip with the milk of bovine kindness.

If you don't already, I would install a software firewall.

ZoneAlarm standard version is free at:

http://download.com.com/3000-2092-10039884.html?part=zonealarm&subj=dlpage&tag=button

Look at www.zonelabs.com

for info about other versions of zone alarm that have some more features but cost money.


Unlike other software firewalls, zone alarm block files that are on your computer from sending out info onto the web from your computer. You can allow specific programs to send info. Zone alarm prompts you to allow/disallow. It's a good program and it's free.

And don't go to those naughty sites. If you do, there will be NO MORE spankings for you, you little vixen!!!

Paul
_________________________
the 1derful1

Top
#10863 - 01/23/03 12:38 AM Re: Way off topic: Computer Help!
Smart Little Lena Offline
Desperado

Registered: 01/09/02
Posts: 1019
Loc: Dallas
He’s running tubes AND a Mac, now I’m really going to be sick.

Pat, yes but (blush) my auto update has expired. Thanks for the explaination on cabinet files. These two are:
Rb003 c:\\windows\sys.. 1,774kb 1-22-03
Rb002 same 1,775kb 1-21-03

Turns out they are not todays date. Yet this latest eposide with a larger ‘takeover’ each incident has gone on 3 times in the last few days. When I cleaned out a couple of days ago ….thought I had got it all,,,,obvously NOT.

I’ll check the cookie directory location out to see if anything can 'hide'? I clean out temp internet files and cookies constantly from the internet options box -(just live with retyping my passwords)…with DSL and heavy surfing it gets too full and clogs even with a fairly low harddrive allocation set, I find things get less glitchy if I clean these regulary and I usually do.
I think I’ve heard of Ad aware…I may have even seen them mentioned in the past when I was ridding my computer of things like Gator…right now I know I’m ‘infected’ with the company who loves to make money off my surf habits ‘webhancer’ but won’t try to rid myself of this one till I am ready to upgrade my harddrive. (when I researched removal, - many have had to re-load their OS trying to clean that one). Thanks for the reminder of some spots to look for help. I can’t tell you how tired I am of (today) loosing half my brouse capiblity, and naked women popping up all over the place…..(its never men ….what a sexist porn site ).

It even took over my 'start' button the other day, when I went to reboot because I couldn't get into the internet to shut it off. My computer is set to boot without the internet loading which is a good way to live during this. When I clicked 'start' ...well...lets just say that the shutdown/reboot box is NOT what was popping up...had to pull the plug.
Thanks again (I’ll need the luck) I never know what I’m going to (destroy) when I have to start muddling through these issues. So If I disapear for days in the next weeks…(or at any time…) you can pretty much assume I knocked myself right out of my computer and it takes me days to sort myself out when I do. The husbands no help, - he will upgrade hardware and has rebuilt our computer many times but has no patience level for software conflicts. The only thing he’ll ever do is get my mouse back for me. His version of a fix is wipe it all and reload, some of our programs have so many ‘patches’ and downloaded upgrades, - to wipe the system isn’t as palatable a method any more.


Edit: Must have been same time typing as two of you!. Arent we all up late!. Yes I have two young guys in the house (and their friends) who love my DSL. YOU THINK!!!...I"LL KILL THEM.

actually the first occurance any one had was me...I had just cleaned all the spam off my free hotmail address (there's always alot of trash when I open that one)..I alway DELETE without opening...and did that as usual...but the second I backed out of Hotmail and into the broswer it hit me (the first time) So maybe it was me (blushes).


[This message has been edited by Smart Little Lena (edited January 23, 2003).]

Top
#10864 - 01/23/03 10:30 AM Re: Way off topic: Computer Help!
TurnerF Offline
Gunslinger

Registered: 08/07/02
Posts: 66
Loc: Memphis,TN
The rb003.cab,rb002.cab files are backup files of your registry. They should be there and have a fairly recent date. There is a virus out there that messes with home pages like you describe. You might check in your registry for the contents of HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

You should be able to see your current home page. If you don't then you've got a problem. This virus lives in standard html files (asp,htm) to prevent code like this from executing in the future (big help now I know ) Microsoft has a patch for this. Info here: http://support.microsoft.com/default.aspx?scid=KB;en-us;q275609

More info on a similar virus can be found here: http://vil.mcafee.com/dispVirus.asp?virus_k=99066

I think a good Anti Virus software should find and clean, but some verbage about Windows ME users worth reading if it applies to you.

Hope that helps.

ps. if you need help seeing getting into your registry just let me know - and (nag nag nag) while using Windows always stay current with MS updates.


[This message has been edited by TurnerF (edited January 23, 2003).]

Top
#10865 - 01/23/03 02:12 PM Re: Way off topic: Computer Help!
charlie Offline
Desperado

Registered: 01/14/02
Posts: 1176
Quote:
... many have had to re-load their OS trying to clean that one ...


It's not a bad idea if a truly malicious virus has in fact infested your system. If you're looking for an excuse to upgrade the HD this could be it - just put in the new drive, install your OS (I'd recommend an NT based one, certainly if you're doing real work on it), install AV protection, install your personal productivity software, get a NAT (LinkSys and many other sell really inexpensive ones) and put between you and the DSL box, then insert the old drive into the system as a second drive. With you booting from a clean and AV protected system partition it should be safe to access/scan etc. any data you need.

The 9x family (95/98/Me) of 'operating systems' - using the term quite loosely - is pretty easy to compromise, certainly if left exposed to the internet while opened for any sort of resource sharing. The NT based family (NT/2K/XP) has an actual security model that at least gives developers the tools to try and restrict unauthorized access.

In any case I'd prefer a real NAT/firewall over a personal firewall software as a first line of defense. I use both, but that's probably overkill.

EDIT - A firewall won't save you from the sort of attack where you are inadvertently pulling the infected file into your system, like accidentally clicking a link to an infected web page. This is where the OS patches (first line of defense) and good, up to date (this is critical) AV software helps as your last line of defense.

[This message has been edited by charlie (edited January 23, 2003).]
_________________________
Charlie

Top
#10866 - 01/23/03 02:47 PM Re: Way off topic: Computer Help!
charlie Offline
Desperado

Registered: 01/14/02
Posts: 1176
Here is a safe way to see if your AV is working:

http://www.eicar.org/anti_virus_test_file.htm

Most major AV vendors will trigger on this file as a test sample. It is not dangerous.
_________________________
Charlie

Top
#10867 - 01/23/03 05:33 PM Re: Way off topic: Computer Help!
Smart Little Lena Offline
Desperado

Registered: 01/09/02
Posts: 1019
Loc: Dallas
Thanks everyone!. So far I have not messed with anything and will pursue all the helpful links (prob this weekend) to try dig out the kernel or protect from future attacks. (I don’t’ think I dug it out yet just think I beat it back into the woodwork again) Today (crosses fingers) have not had an incident, and am scared to rock the boat till I get some more work out. Besides, - I can get sidetracked and spend hours cleaning up other things in the system when I start this path of mucking in the computer.
Turner I can't remember how to get into my registry know I've been in it in the past.
Need to dig out all the old manuals and brush up.

We paid top dollar for a larger hard drive last year and W2000, (I am running W98) but ran into some conflicts with losing the DSL line until SW Bell mailed an upgrade disc for the modem. When we loaded 2000. And I lost my laser printer (an older HP) without upgrade patches. We backed out of upgrading the system till we gathered all the resources and never went back to it. With this going (porn party on my ISP), ...its time to force ourselves in the next few months its past due for a housecleaning on my box.

But you know the drill.... Life is so hectic...and if it "ain’t' broke don't try to fix it" mentality sneaks into our daily routine. What Time I have I want to muck with AV not computers!

Top
Page 1 of 4 1 2 3 4 >

Who's Online
0 registered (), 979 Guests and 1 Spider online.
Key: Admin, Global Mod, Mod
Newest Members
audio123, Dustin _69c10, Dain, REP, caffeinated
8717 Registered Users
Top Posters (30 Days)
The Wyrm 3
FAUguy 2
butchgo 2
kiwiaudio 1
Forum Stats
8,717 Registered Members
88 Forums
11,331 Topics
98,708 Posts

Most users ever online: 1,171 @ Today at 03:40 AM