[Lockeyp]

OK ...? is it wrong for me to have Torrant sites.

Lockeyp

[flavallee]

Torrent sites are used to download programs that have been hacked or edited in some way so you can use them without paying for them.

A lot of those files are infected and wind up infecting a computer in the process.

----------------------------------------------------------------

[Lockeyp]

Flavallee. So are the wrong

Lockeyp.

[flavallee]

This is a list of some of the file-sharing programs that are used for illegally downloading programs, music, videos, etc..

If you google "Torrent Sites", it gives you plenty of links to read about them.

---------------------------------------------------------------

[Lockeyp]

Flavallee. Are there any Legal file-sharing site that you know of, if so who are they could you please advise me on this.

Lockeyp

[Lockeyp]

Flavallee. ? Who is to blame the person who has Illegally Uploaded the Item to the net or the person who downloads from the net. I am Neither for or against people downloading stuff from the net But I am against people profitising from it. I do believe in Free downloads ie from ( www.download.cnet.com. www.freewarefiles.com. www.filehippo.com. www.downloads.zdnet.com. , just to name a few There are loads more too. To many to name.

Thanks for the time and help that you all have given to me so far I do appreciate it

Lockeyp

[flavallee]

The sites you mentioned are well-known legitimate sites for downloading new programs and program updates.

The sites that I personally use are:

http://fileforum.betanews.com/

http://www.filehippo.com/

http://www.majorgeeks.com/

http://www.softpedia.com/

Some programs are free to the user, and other programs you have to pay for.

Programs that you have to pay for will usually offer a 15 - 30 day trial period to use and try them out. You then either keep it and buy it or you uninstall it. Most of them either stop working after the trial period or they go into reduced function.

----------------------------------------------------------------

All file-sharing sites that provide programs that are hacked in some way or contain pirated or hacked serial numbers/codes/keys so you don't have to pay for those programs are illegal.

-----------------------------------------------------------------

[Lockeyp]

FlavalIee. I have just checked out http://www.fileforum.betanews.com/ at the bottom of the page it says that there is 1 update for my computer would this be true or a hoax for me to download more trouble.

Lockeyp

[dvk01]

that is an advert at the bottom of that page & is very likely to cause you problems by following their advice & buying any scumware tune up program

you need to learn taht teh internet is a dangerous place and almost everybody is out to trick you & get money from you

[flavallee]

Ignore that link. It always says "There is 1 update for your computer". That's to entice you to do a scan and buy something that you don't need and is useless.

If you're going to browse that site, click the "New Files" link. New and updated programs are added to it continually, Monday through Friday.

----------------------------------------------------------------

[dvk01]

That gmer log shows a new TDSS rootkit

Download the attached CFScript.txt and save it to your desktop ( click on the link underneath this post & if you are using internet explorer when the "File download" pop up comes press SAVE and choose desktop in the list of selections in that window & press save)
Disable any antivirus/antimalware/firewall realtime protection or script blocking in the same way you did previously before running combofix & remember to re-enable it when it has finished
Close any open browsers
Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.







This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply together with a new HijackThis log.


Note: these instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system and will not fix your problem. If you have a similar problem start your own topic in the malware fixing forum

This will create a zip file inside C:\QooBox\quarantine named something like [38]-Submit_2008-01-17@17.50.zip

at the end it will pop up an alert & open your browser and ask you to send the zip file

please follow those instructions. We need to see the zip file before we can carry on with the fix

If there is no pop up alert or open browser then

please go to http://www.thespykiller.co.uk/index.php?board=1.0 and upload these files so I can examine them and if needed distribute them to antivirus companies.
Just press new topic, fill in the needed details and just give a link to your post here & then press the browse button and then navigate to & select the files on your computer, If there is more than 1 file then press the more attachments button for each extra file and browse and select etc and then when all the files are listed in the windows press send to upload the files ( do not post HJT logs there as they will not get dealt with)

Files to submit:
the zip file inside C:\QooBox\quarantine created by combofix named something like [38]-Submit_2008-01-17@17.50.zip

or to
http://www.bleepingcomputer.com/subm...php?channel=38

[flavallee]

Lockeyp:

We can discuss websites and browsing habits until we're blue in the face, so there's no need to batter back and forth about it any longer. Follow DVK01's instructions.

-----------------------------------------------------------------

[dvk01]

After doimng the steps in my last post & uploading the files ( if they exist) please reboot & run gmer again & post its new log

[Lockeyp]

dvk01. SORRY for the delay in answering your last message and still showing being connect, but urgent business took me away for a couple of hrs.
? Will I need to delete the comboFix that I already have on the desktop or will is it ok to reuse it for this second time.

Lockeyp

[dvk01]

delete existing cfscript.txt & download the new one

you use the same version of combofix itself, (unless it offers to instal/download a new one when it runs) but make sure you use the new cfscript.txt