|
-
March 26th, 2001, 08:52 AM
#1
 Black hole virus
Customer has win 98, on the weekend recieved the blackhole virus, you know the one where it is a big hole in the middle of the screen. Any advice about a solution to her problem
-
March 26th, 2001, 08:57 AM
#2
Registered User
Sorry if it seems obvious, but is an up to date antivirus software installed? If you run it, it should be able to remove it. 
-
March 26th, 2001, 09:03 AM
#3
it's a new computer, she has at least a newer version on norton or mcafee
-
March 26th, 2001, 09:17 AM
#4
Registered User
Did you try to scan the drives with the antivirus? Does it detect it? Does it tell you that it cannot remove it?
-
March 26th, 2001, 02:44 PM
#5
Originally posted by nathanmorris:
it's a new computer, she has at least a newer version on norton or mcafee
Newer version or not does not matter if the virus patterns are not up to date.
-
March 28th, 2001, 02:55 PM
#6
Flabooble!
Yeah, go to the website of the antivirus maker and download and run the DAT files to update the antivirus scanner. After that you are up to date.
-
March 28th, 2001, 05:54 PM
#7
Any chance it's the Hybris plugin? If so, look in the win.ini file in sysedit, it would be in the [windows] section at the run= line. If the file name consists of an eight letter file name ending in .exe, delete the file name up to the run= line. Worth a shot.
-
April 2nd, 2001, 08:58 AM
#8
Registered User
If she is on a network you can remote scan her pc and kill it off that way. Otherwise boot up with the McAfee restore disk. You can also(on another machine) download AVG from www.grisoft.com, make a restore disk and boot up with it. I have killed many a virus this way.
"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
- Albert Einstein
-
April 2nd, 2001, 09:15 AM
#9
Also from another machine go to the virus encyclopedia on mcafee or symantec's web site and look up the virus you are infected with - it will give you instructions on how to repair it.
Death is lighter than a feather - duty heavier than a mountian.
The answer to your question is: 00110100 00110010
-
April 3rd, 2001, 11:08 AM
#10
You just can't have a AV software "clean" out a virus, at least the new ones! What are you people thinking? Ever had a AV software "clean" PrettyPark, Emmanuel, MTX, or Hybris (which this one sounds like it is, btw)? Did it run right afterwards? NO! Why? Cuz you need to edit the registry and INI files first, and in the case of MTX and Hybris, replace your wsock32.dll. If you THINK you have a virus, SCAN not CLEAN with an AV that actually works....that leaves NAV and VSCAN out.... and find out WHAT it is you have. THEN, go to www.fsecure.com or www.virus.com and find out JUST WHAT THE HELL YOU ARE YOU ARE DEALING WITH. READ IT. LEARN IT. LIVE IT.
For example, if you are infected with Hybris and you run NAV or VSCAN in it's default mode, you have just moved or deleted most if not all of your Windows .dlls and exes. Yeh, it will run reallllll good after that. First, scan the system and confirm the infection (and make sure that is the only one you have) with AVP or ESET. Edit the registry to remove the virus entries there. Now, boot to DOS and delete WSOCK32.DLL and replace it with a clean copy. Boot back to Windows and run good AV (AVP, FSecure, or ESET)in DISINFECT MODE. That will clean all but the email database and plugins. Now re run the AV to DELETE what is left. Now you just have to go in and kill the inbox.mdx and any other email databases that may have the infected email in it (trash, outbox, etc). Reboot. 9 times out of 10, it is fixed. Unfortunately some plugins screw up the whole TCP\IP stack and the only solution is an F&F.
Phew. 
Dopey Is My Hero, the king of idiots, the mentors of morons.
-
April 10th, 2001, 07:46 AM
#11
Avatar Goes Here
Originally posted by dopey, the stupid:
You just can't have a AV software "clean" out a virus, at least the new ones! What are you people thinking? Ever had a AV software "clean" PrettyPark, Emmanuel, MTX, or Hybris (which this one sounds like it is, btw)? Did it run right afterwards? NO! Why? Cuz you need to edit the registry and INI files first, and in the case of MTX and Hybris, replace your wsock32.dll. If you THINK you have a virus, SCAN not CLEAN with an AV that actually works....that leaves NAV and VSCAN out.... and find out WHAT it is you have. THEN, go to www.fsecure.com or www.virus.com and find out JUST WHAT THE HELL YOU ARE YOU ARE DEALING WITH. READ IT. LEARN IT. LIVE IT.
For example, if you are infected with Hybris and you run NAV or VSCAN in it's default mode, you have just moved or deleted most if not all of your Windows .dlls and exes. Yeh, it will run reallllll good after that. First, scan the system and confirm the infection (and make sure that is the only one you have) with AVP or ESET. Edit the registry to remove the virus entries there. Now, boot to DOS and delete WSOCK32.DLL and replace it with a clean copy. Boot back to Windows and run good AV (AVP, FSecure, or ESET)in DISINFECT MODE. That will clean all but the email database and plugins. Now re run the AV to DELETE what is left. Now you just have to go in and kill the inbox.mdx and any other email databases that may have the infected email in it (trash, outbox, etc). Reboot. 9 times out of 10, it is fixed. Unfortunately some plugins screw up the whole TCP\IP stack and the only solution is an F&F.
Phew.
No need to flame them.
:::Asus A8N-Sli Premium:::AMD 3500+ @ 2.4ghz:::2x80GB 8mb cache RAID0 Array:::GeForce 7800GTX OC:::2GB Corsair XMS Memory:::500 Watt Enermax Liberty PSU:::16x Lite-on DVDRW:::
Counter Strike Source Forum and Server @ http://www.nvpclan.com -=Ninjas Vs. Pirates=-
-
January 24th, 2008, 05:21 PM
#12
blackhole
hey does anyone happen to know how to get this blackhole ip virus i have had so many people have my accounts and i wanted to set one up so if they try it again they won't be able to get into my accounts
-
January 24th, 2008, 05:41 PM
#13
Driver Terrier
Welcome to Windrivers Ghost...
I don't think that will solve your problem. If other people have your account information, you should change your account information. What sort of accounts are you trying to protect.
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
January 24th, 2008, 09:11 PM
#14
Registered User
Well if you want to know how to acquire a virus you can always contact the virus scan companies. There are also companies that collect virii to distribute to programming companies to use in testing. All you need to get the virii files is a license in computer forensics, and fill out paper work proving your good intentions not to use them for malicious reasons. You may also have to prove that you are affiliated with the correct departments in law enforcement to acquire said files. However if you have plans to use the virii for ways to damage a persons system be aware that they will have a record of when you got the code, and what your said intentions were. Also keep in mind they will also execute any laws against you if you use the coding maliciously. I researched securities against malicious software for 6 months. there are lots of ways to get these files just you have to be authorized under extreme scrutiny to acquire them.
P.S.
We're here to help people fix computers I doubt you're going to get a straight answer on how to ruin someones computer regardless of how mean and evil you portray the victim to be. If you are worried about people accessing your documents and passwords I suggest using stronger passwords, firewalls, a good virus scan and also locking up your network.
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
Bookmarks