Virus Alert!

[mechBgon]

Originally posted by: earthling30

Originally posted by: mechBgonI thought I'd add that while logged in as a Restricted User, you can still do Admin tasks. Hold down the Shift key while right-clicking on something that requires Admin powers, such as Defragmenter, and you can Run As the system's Administrator. Also, use a reasonably strong password for all Administrator-class accounts to defy the efforts of share-hopping worms.

Cool, I never knew that. If it works it will sure beat changing the account to an admin. just to get things done then resetting the account to a restricted account. Thanks for the FYI.

Sure thing It works on Control Panel applets too (Power Options, Add/Remove Programs, etc).

 

[SickBeast]

Originally posted by: Snoop
I have Kazaa Lite and do not have alexa? Also, I have been using KL for some time and have never had a virus nor have I had any spyware which has come from using Kazaa Lite. Maybe I am just lucky

Run ad-aware 6 and it should detect Alexa, unless they somehow removed it from the newer builds of Kazaa Lite. I used to run it and I always had a few spyware apps because of it. I only found out about it a long time later when I ran ad-aware. If you remove Alexa, then KLite stops working completely. DC++ is much better in many ways, trust me.

 

[Snoop]

Originally posted by: SickBeast

Originally posted by: Snoop
I have Kazaa Lite and do not have alexa? Also, I have been using KL for some time and have never had a virus nor have I had any spyware which has come from using Kazaa Lite. Maybe I am just lucky

Run ad-aware 6 and it should detect Alexa, unless they somehow removed it from the newer builds of Kazaa Lite. I used to run it and I always had a few spyware apps because of it. I only found out about it a long time later when I ran ad-aware. If you remove Alexa, then KLite stops working completely. DC++ is much better in many ways, trust me.

I have Adaware. The version of Kazaa Lite that I am using is over a year old, so possibly I got it before they started including the alexa spyware??

 

[SickBeast]

Strange...maybe I'm mistaken. I was using it about a year ago and it had Alexa.

 

[Buz2b]

Originally posted by: mechBgon
I think the subtitle might need to be changed to "good chance you do not have it," but whatever If you don't want your Porsche stolen, it helps if you don't leave the keys in the ignition, people. :evil: We see all these fixes and removers and stuff, how about some prevention?

LOL! Excellent points but the problem is that the Porche is already at the chop shop with these folks; removal is what is needed now.
Hopefully they can do so and learn from your suggestion to avoid future "invasions". Another bottom line type suggestion is to ditch IE for something like Firefox, etc. That would be another prevention tool of sorts (and has been mentioned here).

 

[Bucksnort]

Like I said: A law suit is coming to a town near you. Not only are you stupid for risking viruses and spyware, you will be sued sooner or later. Wake up.
482 More punks get sued 6-22-04

 

[ja83]

Thanks alot for this. I am going to try it out before I format my HDD. That's what it was coming too anyway. For the record, I don't have ANY p2p file sharing programs and I had this "virus". Don't flame the guy for sharing this information.

Thanks

 

[n0cmonkey]

Originally posted by: Bucksnort
dont be a fgt flaming homo

kazaa lite = spyware free
You talk like you know alot. If you or anyone else is dumb enough to use a program like lite or any other peer to peer program you deserve what you get.

Ooooh derogatory terms! Go away.

Right, heaven forbid a ILLEGAL file sharing program had anything to do with your virus infested computer. A law suit is coming to a town near you.

There is nothing illegal about kazaa or other p2p file sharing programs. Some people decide to commit illegal acts with these technologies though, which is entirely different. Go away.

Like I said: A law suit is coming to a town near you. Not only are you stupid for risking viruses and spyware, you will be sued sooner or later. Wake up.
482 More punks get sued 6-22-04

If they sue you and are drummed out of court (which should happen if you have done nothing wrong), they might get in a butt load of trouble. Go away.

 

[n0cmonkey]

Thanks for the info. Might need this if I can stop the BSODs on my parents computer. They're getting a regular user account soon. :|

 

[Buz2b]

Just so it is not lost on the first page, I think it is wise to repost the suggestions from Mechbgon:

I think the subtitle might need to be changed to "good chance you do not have it," but whatever People who are interested in keeping this stuff at bay may wish to set themselves up with a Restricted User account as their "daily driver" account, which puts spyware installers and other software installers on a very short leash. If you have kids, they should definitely not be going around on your computer wielding Administrator powers either. If you don't want your Porsche stolen, it helps if you don't leave the keys in the ignition, people. We see all these fixes and removers and stuff, how about some prevention?
I thought I'd add that while logged in as a Restricted User, you can still do Admin tasks. Hold down the Shift key while right-clicking on something that requires Admin powers, such as Defragmenter, and you can Run As the system's Administrator. Also, use a reasonably strong password for all Administrator-class accounts to defy the efforts of share-hopping worms.

That, along with the removal assitance posted by other here and the info I provided in a similar thread:

Hello all,
There's a new worm/virus/pop-up "thingy" coming around now. It doesn't seem to do much in the way of damage but it is a really persistant pop-up annoyance. The big problem is that it replicates itself; even if you try to do a normal delete. Not only that, it also renames the file so if you do a search for the previous file name, it will not be there; however, the same pop-up will occur. Generally it starts with a "Actulice" pop-up. Clicking on it will bring something like "Funk" or another name.
Bottom line, this is just starting to be a problem and the AV sites don't have squat on how to rid yourself of it as of early this afternoon PST. Hopefully they willl soon I'm sure. The problem is that it is not really a virus, not really a worm and not really a trojan. Yes, it is a pop-up ad. However, Adaware and Spybot Search and Destroy currently do not detect it. Hijackthis can help somewhat but it is not the answer.
I am posting this to warn others. Just this afternoon I got a call from a customer about this. After some research (there is not much on Google that's worthwhile), I found some info. Actually, if you do a Google search, the best data/info on this is usually listed either first or second. The rest is horribly fragmented. I was able to find some instructions on removal. However, the instructions are inconsistant and unreliable. I did manage to get rid of her instance of this (at least it is gone for now) but it took about an hour.
The key site (so far) that has decent info on this is here. There is a lot of reading to do and there are several methods mentioned; some worked for some, other methods worked for different people. The ONE KEY piece of info I can give is do EVERYTHING in Safe Mode!! Also make sure you disable System Restore. Don't forget to take a hard look at MSCONFIG and I would also recommend you take a look at a program called Hijackthis (HJT). You can find it at this site. However, as always, be careful in using any new programs. In addition, doing a search for "pup" and "actulice" in Regedit (delete the file, not just the entries) is a good idea. Again, do all in Safe Mode.
That's about the best info I can give on this for now. If you need additional assistance, send me a PM and I'll try to help. Most of the info is on the web if you do a Google search on Actulice. There were some additional techniques I found/used that I will post here later. Good luck to all on this. BTW, one thing I found was that using Firefox pretty much eliminates the chances of getting this ah heck. Gotta love Mozilla!

The rest is up to you. I'd opt for the prevention methods posted by Mech, as long as you don't have the problem. If you do, you have all the tools posted here to rid yourselves of the problem and THEN go back to Mech's prevention post.
Good luck to all!

Buzz Out!!

 

[TheVrolok]

Originally posted by: MercenaryForHire

Originally posted by: Moonlapse
I know this doesn't really belong in this section of the forum, but since this place gets the most views/posts

Since you're new here, I'll excuse you from badmouthing Off-Topic like that.

Even though I know I don't have it, I ran AdAware for the hell of it.

OMGZ, TEH BROWSER HIJACK0R

- M4H

Yeah I've gotten that one.. when I first saw it I was amazed that my home page got hijacked .. then I realized I had done the hijacking

 

[Bucksnort]

[If they sue you and are drummed out of court (which should happen if you have done nothing wrong), they might get in a butt load of trouble. Go away.]
You didn't read the article. Does $3000.00 a person sound like nothing was done wrong? Go ahead and keep it up theif.

 

[blazer78]

pirating increases the cost of games to us buyers...
as for these spyware/viruses, u should use mozilla or even better switch to linux and u will be immune.