Erollisi Marr - The Nameless

Go Back   Erollisi Marr - The Nameless > NON EQ Stuff (Real life, other games, etc.) > Technical Related


Reply
 
Add/Share Add/Share Thread Tools Display Modes
Old 09-17-2008, 10:09 PM   #26
WsaberMT
Registered User
 
Join Date: May 2005
Posts: 214
I found that on accident and remembered seeing this post wasnt sure if it'd help or not.
__________________
~RETIRED~
WsaberMT is offline   Reply With Quote
Old 09-17-2008, 10:17 PM   #27
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
Solicia: Yes I did I've read the mail (got it, pardon me)

Iceweasel: Went into XP removed and re-installed MBAM, restarted. same error. Here's what happens: removing MBAM error pops up (same one) click it off, removal continues and reports success. Installing MBAM the error pops up (same one), click it off and Install continues and reports success. Start MBAM the error pops up, click it off MBAM does not launch.

Full text:
"Runtime error '372'
Failed to load control 'vbalGrid' from vbalgrid6.ocx. Your version of vbalsgrid6.ocx may be outdated. Make sure you are using the version of the control that was provided with your application."

I assume this is Visual Basic at work?

Note: I have a unmounted, d/c'd 10Gb IDE ATA drive (Gentoo linux, configured for dual boot) all my Gentoo settings are backed up on /boot (its own partition natch) so that's plan B, good thinking Ice Weasel. I can wipe the root partition (sobs) and go apeshit with that space at last resort. Make sure you're getting your sleep and stuff. If ya's give the signal I shall begin that. I see no need to keep this situation continuing for any length of time.
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)

Last edited by Misty; 09-17-2008 at 10:39 PM.
Misty is offline   Reply With Quote
Old 09-17-2008, 10:56 PM   #28
Ice Weasel X
Banned User
 
Ice Weasel X's Avatar
 
Join Date: Nov 2002
Posts: 3,799
Send a message via AIM to Ice Weasel X
Download HijackThis (safe location on a former EM player's server... well-known sites have been redirected by this thing in the past), put it in its own folder, and run it. Just save a log for now and post it or PM me with the info. The startup processes probably need to get weeded.
__________________
SMS Text Responder - Convenience and Safety for any Android phone, ad-free.
If you have any questions that aren't answered by the app description, feel free to ask. I have no financial stake in it, but I am the primary tester.
Ice Weasel X is offline   Reply With Quote
Old 09-18-2008, 10:54 AM   #29
AylluesaMT
Registered User
 
Join Date: May 2005
Posts: 31
Dod you do the msconfig stuff? The link posted by Wsaber is essentially what I said (it just tells you more specifically what to disable).

I still recommend disabling all and doing a diagnostic startup (not booting in 'safemode').

++ for using hijack this, 99% of time it will identify the culprit (assuming you can interpret the log >< ).


Just a tip for dual booting linux (if you use IDE drives atleast). Make 1 disk a windows disk, and another on channel 2. Reboot, goto BIOS, change the order of the drives, install linux let it use its own bootloader on its own MBR.

Then you don't fiddle with MBRs, just toggle the BIOS drive setting to boot to Linux or Windows. Not as convienent, but makes managing the drives much less of a headache IMO.
AylluesaMT is offline   Reply With Quote
Old 09-18-2008, 01:52 PM   #30
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
One of the first things I did was disable some auto-created entries in msconfig -> 'startup' and then their corresponding registry keys. I can't remember the names but I am quite familiar with what I let run at startup. These weren't any of the 5 that I ok it was tricky but I did spot that ;p.

I disconnect the linux installation drive when re-installing or formatting the Windows XP installation. With the Hardy Heron LiveCD (burnt it meself /flex) I can get inside its linux environment and work the setup on my linux partitions. I heartily recommend the exercise as a rewarding way to spend some spare time. For me there are 3 hard disks plus 1 spare inactive inside the box: 1 IDE uata5/6 and x2 SATA 320Gb with 16Mb cache revving at either 10k rpm or was it 7.2k rpm, the inactive disk is 5.4k rpm and slipping towards 'legacy' status. At some future point I will get water cooling, and a clear-sided case with pretty fairy lights.

On teh wish list: a small discotheque mirror globe wit laser light show, strobes, searchlight, and hologram shit of little dudes running around performing tasks and such... (u wouldn't believe some of the nerdy stuff out there just for tricking out the rig). Alright, I'm kidding. A Faberge egg coated in diamond dust for the mirror ball ..mmm

What I rly need to know is can I shrink my linux /root partition and 'grow' the /home partition with that space. Using the linux partition manager. There's like 180Gb of unused space in /root. While at the same time the home partition is eating rather well. Home space is smaller than /root.
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)
Misty is offline   Reply With Quote
Old 09-18-2008, 07:05 PM   #31
AylluesaMT
Registered User
 
Join Date: May 2005
Posts: 31
What filesystem is the partition on? LVM isn't that bad, if they are plain ext3, resizing is pretty flakey (this is a decent guide for it http://www.howtoforge.com/linux_resi...t3_partitions). Just to note resizing ext3 disks was a real pain, part of it was the onboard raid controller (I work with rack systems 99% of the time) + driver issues. Turns out we had to replace the sata driver on our boot CD (which was a joy). The annoying thing was we didn't even use the onboard raid features, but Intel in their genius have the BIOS create a RAID stripe (even if you don't use it), and it presents this to Linux as the raw disk, which Linux then turns around and thinks it is raid (which it is but isn't)
AylluesaMT is offline   Reply With Quote
Old 09-19-2008, 02:11 AM   #32
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
There's a few, ext3 reiserfs fat32 and ntfs. Linux is on ext3 and reiserfs and laid down the fat32 partition keel.
Misty is offline   Reply With Quote
Old 09-19-2008, 07:35 PM   #33
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
Well, I think this bug installed itself as a service. I ran Hijack this and removed some stuff. Not much changed after that.

When I browsed YouTube I got re-directed to a Porn site.
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)

Last edited by Misty; 09-19-2008 at 09:45 PM.
Misty is offline   Reply With Quote
Old 09-19-2008, 09:43 PM   #34
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
sry, dbl post
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)
Misty is offline   Reply With Quote
Old 09-20-2008, 04:23 AM   #35
solicia
Registered User
 
Join Date: Apr 2005
Posts: 910
If you got your data off the drive, it would probably be a good time to format and reload. If anything just to be safe. From what you have described, they have got a lot more creative with this one.
solicia is offline   Reply With Quote
Old 09-20-2008, 05:16 AM   #36
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
There's some threads around torrent site community forums about some of the more recent movies being nothing but bunches of inflated cgi's (all the way up to 700Mb filesize), and some code to pop an error like: "Player can't run this file format, go to site x". There's a coupla different one's, like one ya need a password for the unpacked file (and the txt file downloaded with the movie sends you to a site). Or you need a codec and there's a text file in the movie folder, similar story up to pay subscription for their site to retrieve password.

If you download torrent movies, don't grab files on movies that are new or not yet released (Harry's pottery and teh Half-Pint Puttz isn't out till July'ish 2009, hello). I don't know if it's worth exporting my Mozilla bookmarks to the backup partition (it's really more an archive of device drivers, installation packs and personal records). But I should be okay getting rid of c:\> and re-installing Windows.
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)
Misty is offline   Reply With Quote
Old 09-20-2008, 08:41 PM   #37
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
Sry- for run on post, here's something:

Clamtk (linux AV app) scanned Windows XP /system32 and quarantined 2 Trojans (virus names Vundo-2197 and Fraudload-1386) where I deleted them. The virus filenames were qoMFuRIC.dll and tdssserf.dll. A 3rd file was removed simultaneously with one of the above Trojans as it was the same virus.

I have to manually load my AV apps 'saved' scan preferences every time it is launched. Tedious. The user-friendly side is a little bit unpolished and I can't tell for certain what the hell it is doing. But so far Clamtk antivirus for Linux shares a podium place with windows anti-malware "Hijack This" for the trophy.

I haven't unpacked data recovery software yet. I wanted to get rid of the virus first. I'll email Sol.
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)
Misty is offline   Reply With Quote
Old 09-21-2008, 12:21 AM   #38
Ice Weasel X
Banned User
 
Ice Weasel X's Avatar
 
Join Date: Nov 2002
Posts: 3,799
Send a message via AIM to Ice Weasel X
Did you get the date/timestamp from any of the files that were created on the day you were infected? If you get that, you can delete any files created at the same time. While cleaning B's PC, we had to do that prior to running MBAM because they were loading transparently.
__________________
SMS Text Responder - Convenience and Safety for any Android phone, ad-free.
If you have any questions that aren't answered by the app description, feel free to ask. I have no financial stake in it, but I am the primary tester.
Ice Weasel X is offline   Reply With Quote
Old 09-21-2008, 01:02 AM   #39
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
Oh hehe sry Ice, yes I did. Sorry I forgot to keep you updated on that detail ;p
The date was 16th September (AEST=+10GMT) I was downloading movies, I still have the account creation email and stuff when I got the virus attack. I didn't much on my comp that day.
Misty is offline   Reply With Quote
Old 09-28-2008, 07:06 AM   #40
Misty
Do Not Disturb
 
Misty's Avatar
 
Join Date: Nov 2002
Location: Melbourne, Australia
Posts: 2,070
Ok, I decided to stop pussying around and formatted the C:\> with all my system config and board/card driver installation files archived on another partition. This helped confirm the trojans are transported by codec update and the torrent .avi's of newer movies. Vundo Trojan was found in the avi downloaded movie that was moved to another drive it installed x4 dll's which were deleted by Ad-Aware and MalwareByte.

Media Player pops a message requesting that a codec be downloaded as the file is not recognised. That gets redirected to a DRM (Digital Rights Management or similar sounding) update, this is when you get the virus.
__________________
Originally Posted by Drysdale
"Fair enough. I don't agree with anyone all the time."
Originally Posted by Davek
"*blink* *blink* *blink*
*bliiiink* *bliiiink* *bliiiink*
*blink* *blink* *blink*
[fixt]

Mistyglen 68 Half Elf StormWarden (retired)
ex-Mystic Blue, ex-Sundered Heart, ex-Heart of Fenris
Redback's stuff
Redback 72 WoodElf Ranger (Lucid Devotion)
Misty is offline   Reply With Quote
Old 09-30-2008, 09:34 PM   #41
Ice Weasel X
Banned User
 
Ice Weasel X's Avatar
 
Join Date: Nov 2002
Posts: 3,799
Send a message via AIM to Ice Weasel X
Hey, sorry I sorta disappeared for a few days. Had to leave town in a hurry to get some things from Houston. Got back and found out I don't have 2 tests this week... I have three.

Anyway, glad you're clean, but it sucks that you had to just wipe out your OS.
__________________
SMS Text Responder - Convenience and Safety for any Android phone, ad-free.
If you have any questions that aren't answered by the app description, feel free to ask. I have no financial stake in it, but I am the primary tester.
Ice Weasel X is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 04:56 AM.


Powered by: vBulletin. Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.