Jump to content


  • Posts

  • Joined

  • Last visited

  • Speed Test

    My Results

Posts posted by grift3r74

  1. Was gonna post, but not sure what to put it in.  :sad:

    <a href="http://bbspot.com/News/2003/01/os_quiz.php"><img

    src="http://www.bbspot.com/Images/News_Features/2003/01/os_quiz/xp.jpg" width="300" height="90"

    border="0" alt="You are Windows XP.  Under your bright and cheerful exterior is a strong and stable personality.  You have a tendency to do more than what is asked or even desired."><br>Which OS are You?</a>

    Here it is tommie



    EDIT: (the site pic hosting is unavailable LOL.. Maybe it will apear later)

  2. This ones hard coz it keeps coming back after AV scans... It also disabled parts of my registry like the startup..

    You can access it though by deleting svohost using HijackThis.

    Gotta delete registry files to silence this one tough POS..

    Here's the link...


    Finally removed it completely..

    YEAAAHHH!!! :grin::uzi:

  3. OMG.. its a virus

    When Backdoor.Nibu.G is executed, it does the following:

    * Copies itself as:






    %System% is a variable. The Trojan locates the System folder and copies itself to that location. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).

    %Startup% is a variable. The Trojan locates the Windows startup folder and copies itself to that location. For example, this is C:WindowsStart MenuProgramsStartup (Windows 95/98/Me) or C:Documents and Settings<current user>Start MenuProgramsStartup (Windows NT/2000/XP).


    * Creates the following files:







    Note: %Windir% is a variable. The Trojan locates the Windows installation folder (by default, this is C:Windows or C:Winnt) and creates files in that location.


    * Adds the value:


    to the registry key:


    so that the Trojan runs when you start Windows.

    * Creates and loads a .dll file to capture keystrokes. Known variants have used %Windir%Prntsvr.dll as the file name.

    * May create the registry keys:



    * Modifies the value data of:


    in the registry key:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon




    "explorer.exe %System%svohost.exe"

    so that the worm runs when you start Windows NT/2000/XP.

    * Modifies the %Windir%System.ini file by changing the value:



    "Shell"="explorer.exe %System%svohost.exe"

    so that the worm runs when you start Windows 95/98/Me.

    * Looks for windows that have the following string in the title bar:

    http:/ /www.whatpornsite.com/css/logger.php

    This Trojan captures the keystrokes that are typed into these window and stores them in a log file.


    Note: Typically, such windows would be Web browser windows displaying logon screens for financial services or email accounts.


    * Captures the window title and keystrokes that are typed into open windows. The Trojan stores them in the log file, %Windir%Prntk.log. Other stolen information that may also be stored in this file include the IP address of the infected computer and system information, such as the operating system and Internet Explorer version. It may also try to steal FAR Manager and FTP Commander passwords, and protected storage data.

    * Launches a thread that monitors the clipboard, saving any data that is found to a log file. This file is named %Windir%Prntc.log.

    * Periodically checks the size of the files it uses for logging stolen information. When the files reach a certain size, the stolen information will be copied into an email-formatted file using the Trojan's built-in SMTP engine. The Trojan retrieves the details of the registered owner from the registry and uses these details in the file.

    * The email-formatted file has the following characteristics:

    From: <registered owner> <[email protected]>

    To: you

    * Writes an HTML file containing the stolen data to %Windir%TEMPfeff35a0.htm.

    * Writes a raw MIME message containing the stolen data to %Windir%TEMPfa4537ef.tmp.

    * Listens on TCP ports 1001 and 10000 for remote instructions.

    * Disables access to certain antivirus Web sites by adding the following lines to %System%Driversetchosts: avp.com ca.com customer.symantec.com dispatch.mcafee.com download.mcafee.com f-secure.com kaspersky.com liveupdate.symantec.com liveupdate.symantecliveupdate.com mast.mcafee.com mcafee.com my-etrust.com nai.com networkassociates.com rads.mcafee.com secure.nai.com securityresponse.symantec.com sophos.com symantec.com trendmicro.com update.symantec.com updates.symantec.com us.mcafee.com viruslist.com www.avp.com www.ca.com www.f-secure.com www.kaspersky.com www.mcafee.com www.my-etrust.com www.nai.com www.networkassociates.com www.sophos.com www.symantec.com www.trendmicro.com www.viruslist.com

    Is it really worth your time and money (you could lose all your money in the bank if your password is compromised) to be worrying about these things?

    It is always better to have a software that can protect your computer and you. Spywares are more dangerous than viruses, coz of the simple reason that they steal your information. Your banking account password is much more worthy to them than your computer. And thats what most of them are after.

    How to I remove this? I found a registry key.. Is it enough to remove it...

  4. And one more thing people at home (family) will get mad at me if i dump the windows pc in favor of the mac since they dont know how to use MAC OS lol :2funny: :2funny: :buck2:

    I think ill settle for a macbook. not the desktop one (and gotta work real hard for one,) :grin:

    You gotta admit it. many people doest want "change" even if its for the better.. :haha:

  5. my contract with Smart Broken is almost done and i am planning to have an another ISP.. But now i want to be sure..

    anyone can tell me which ISP has better services bayantel or pldt? (in their cheapest plan) my location is bulacan.. tell me please especially those who are also living here in bulacan..

    tell me also some IPS's that are better..

    Video streaming,Gamer = PLDT

    Bayantel = average net user (extremely bad for gaming, youll be lagging most of the time)

  6. @CB

    there is none hehe,.,by the way can i ask a question,,when i open any drive in mycomputer it is opened in a new window,.,,.,sigh some of my cousin is using my pc while im on vacation.,,.im annoyed by the new widow opening in opening any drives,.,do u know how can i get it back to the old one that if u open any drive in mycomputer it is also opened in that same window??...help plss ty

    folder options --> general view

  7. Look for a switch. Most notebooks, have switches on the notebook for wifi. They are usually on the front of the notebook.

    Its already switched on, but only the bluetooth indicator turns on.. Its like the main switch for all the wireless right?

    Ill try shugs program when I get home.. Thanks!!!

  8. First try to load defult settings

    press F10 or F1 whichever gets you in the bios as you boot up the laptop

    then read at the bottom for the key combination that loads the defults settings

    then just save and exit

    see if that works before trying it

    Also u want to perfom a bios update on a full charge and plug in to the wall

    Just FYI

    After reading mudmancs post, it scared me.. do I really need to update the bios even if it worked before the reformat?

  9. yes i know that.. but i cant uplod a 20kb picture.. i know that it will be easy to upload a file w/ that size.. every time i upload files it will result to "page cannot be displayed".. and friendster, error uploading picture.. :cry: :cry:

    Maybe a friendster error.. Try uploading in different sites. You can try to attach a file here at testmy....

  • Create New...