Ding Blang Trojan... need one minute of time please!

P

pc_tek

Guest
i got a bling dang trojan virus crap shit..bling blang ole son of a $%@#$%#%....hehehe

Ok, i just nee a flavor real quick. I need someone that know how to manipulate the registry and export 2 paths for me and attach them to the next thread. Here are the paths.... thanks!

these are incorrect...


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Default web browser]
"StubPath"="C:\\WINDOWS\\System32\\iexpIore.exe ASC"

and ..

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Default web browser"="C:\\WINDOWS\\System32\\iexpIore.exe"

Sorry I know its the wrong forum category, but this one gets most read. After I get the info Ill have moderator delete thread.. thanks again!

PC-TEK
 
i dont have either of those in my registry.. i use xp pro..
 
funny....me too... maybe they are safe to delete...hehehe

Im still doing alittle more research... its that ding dang ole MINI OBLIVIAN trojan crap..

Thanks!
 
I need exactly the paths that are shown. I know what I posted is incorrect because they point to the virus file =)

Thanks lonman!
 
Originally posted by pc_tek
I need exactly the paths that are shown. I know what I posted is incorrect because they point to the virus file =)

Thanks lonman!
Well buddy... I AIN'T puttin' that trojan on here just to export those keys, lol. ;) :p
 
my mistake... i thought you said you had those paths.. do you or dont you?
 
lets say this.... errrr


I need to know what to replace the incorrect wording with. I need the correct paths!
 
Originally posted by pc_tek
my mistake... i thought you said you had those paths.. do you or dont you?
No, I don't have those paths, sorry.

I need to know what to replace the incorrect wording with. I need the correct paths!
My guess is they're safe to delete???
 
and this children is why we all should have an antivirus program installed :)
 
on my xp home i don't have those keys either, the Default web browser bits
 
I may (or may not) have found what you want

Only thing is, its one level deeper

Anyway, I have attached a reg file to see if that helps. I've had to give a .bmp extension so just change it to reg.
 
Originally posted by Qumahlin
and this children is why we all should have an antivirus program installed :)

ehhhhhhhh.... no need for antivirus software! They are just reactionary for people that dont know any better. I caught this within an hour of install. You cant fix a virus until after one has been made. Its not like they find em before they are released :D


This is my second trojan in 3 years. This one happened to be attached to a port sniffer. Anyways, I deleted those keys... trojan is all clear! It was the mini oblivian trojan.

Just search it out in registry and delete any keys it contains except for the SHELL key, just remove the "iexiore.exe" at the end.

Then delete the iexpiore.exe in the system32 dir.

Thats it! No harm.

And NO i still will never run an antivirus program! :D Besides.. most AV software wont catch trojans:D
 
OK... now that i got rid of it and verified I got rid of it by rebooting. Im the curious type I wanted to know exactly where I got it from.


It was a file I downloaded from Kazaa. A program called "SuperScan Port Scanner.exe". So with that said, stay away from this port program.

Hope this helps!
 
I'm curious, if you don't have AV software running, how did you know you had a trojan?
 
Originally posted by Lonman
I'm curious, if you don't have AV software running, how did you know you had a trojan?

Im good...LOL Actually I go through my msconfig startup a couple of times a day because I do a ton of installing and removing and ensure everything is cleared out. I saw a couple IE files in my startup group that didnt look right. Then I got curious, I had my firweall turned of, so I saw what ports were opened and I saw 6668 port opened with a program called something wierd like "lkdyrvh.exe" so that caught my attention. So I looked at my processes and saw this running... so i killed it immediately. Then started searching it out with www.google.com.

Turns out because I verified from which program it came from It was only active for less than a half hour. YAH!

Im a proven fact that just alittle bit of knowledge helps out alot.:D
 
had you had norton or most other anti viruses up to date...it would be caught before you ever installed the program...and yes anti virus programs do catch viruses before they are updated, they have built in heuristics to see common virus behaviors

and also they do catch trojans too, so far anti vir has never let me down...If you really don't like anti virus programs do what I do...disable the auto protect...just let it scan programs you run for the first time and downloads, that way there is no slow down from it scanning everything and your always safe :)
 
Originally posted by Qumahlin
had you had norton or most other anti viruses up to date...it would be caught before you ever installed the program...and yes anti virus programs do catch viruses before they are updated, they have built in heuristics to see common virus behaviors

and also they do catch trojans too, so far anti vir has never let me down...If you really don't like anti virus programs do what I do...disable the auto protect...just let it scan programs you run for the first time and downloads, that way there is no slow down from it scanning everything and your always safe :)

NAAAAAAWWWWW!!! LOL still dont want it! hehehe
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back