hacker.org

Hi i put this on here bcoz it worked for me and hopefully helps others

I did some looking on google and so on and found that most of these MSN viruses and others inject .sys files into the ("C:\Windows\system32\drivers") directory and the registry so wen u delete they just come back (A REAL BITCH) anyway u need to know the name of this file or folder in order to perform this procedure:

Go to ("C:\Windows\system32\drivers") and delete all .sys files that start with the letter z which are usually some algerian or russian guys creations but i say Z bcoz its the only kind i have had myself this is not for vista so please perform at own risk.

Moving on now that you have deleted the source assuming u have copied the name of the virus go to the registry which u can do by going to Start > Run > RegEdit(in the textbox)
now u have to do a registry search for that virus name or search .sys and look for it in the list.

When u have found the host file for all this chaos delete it from the registry and make sure u deleted the file out of recycle bin "PERMANENTLY".

Now u need to go to start up manager Start > Run > msonfig and go to the start up tab and look for unusual names similar or the same as the file u deleted.

oh and fianlly delete this filenames prefetch entry!("C:\Windows\Prefetch")

please be prompt that this did infact work for me on WinXP SP2 i have no knowledge of other OS versions or Sp's.

Use at own risk

This procedure i have been informed can also be used to remove viruses like braviax.exe and Virut.exe i cannot confirm this as i was told by another person that tried this.

Thank you please rate whether its good info or not to you.

88EighT88 wrote:Hi i put this on here bcoz it worked for me and hopefully helps others

I did some looking on google and so on and found that most of these MSN viruses and others inject .sys files into the ("C:\Windows\system32\drivers") directory and the registry so wen u delete they just come back (A REAL BITCH) anyway u need to know the name of this file or folder in order to perform this procedure:

Go to ("C:\Windows\system32\drivers") and delete all .sys files that start with the letter z which are usually some algerian or russian guys creations but i say Z bcoz its the only kind i have had myself this is not for vista so please perform at own risk.

Moving on now that you have deleted the source assuming u have copied the name of the virus go to the registry which u can do by going to Start > Run > RegEdit(in the textbox)
now u have to do a registry search for that virus name or search .sys and look for it in the list.

When u have found the host file for all this chaos delete it from the registry and make sure u deleted the file out of recycle bin "PERMANENTLY".

Now u need to go to start up manager Start > Run > msonfig and go to the start up tab and look for unusual names similar or the same as the file u deleted.

oh and fianlly delete this filenames prefetch entry!("C:\Windows\Prefetch")

please be prompt that this did infact work for me on WinXP SP2 i have no knowledge of other OS versions or Sp's.

Use at own risk

This procedure i have been informed can also be used to remove viruses like braviax.exe and Virut.exe i cannot confirm this as i was told by another person that tried this.

Thank you please rate whether its good info or not to you.

Well, tbh i think i have the most virus free computer in the whole world, still i got: ZDPSp50.sys and ZDPSp50a64.sys. I am taking my own word before yours and therefore i believe you are trying to trick people into destroying there computer.

I think the trick is to not walk into these things, i.e. downloading that exe for free smileys or that thing that was on the website that someone said they saw a picture of you on via MSN ect. and get yourself NOD32 and let that keep an eye out for you. Also malware disguises itself in otherwise legitimate places, makes it stick out a bit less, so your ZDPSp50.sys could be a harmless driver to let you print or an 'orrible trojan that's turned your box into a zombie and so removing it could be a bad or good thing. To be honest unless you're really well informed on what good and what's not (valid file sizes/hashes) then you shouldn't be messing around with these things and should leave it to a good anti-virus package like NOD32, or if you want a completely free one you could get AVG.

Liidian wrote:

88EighT88 wrote:Hi i put this on here bcoz it worked for me and hopefully helps others

I did some looking on google and so on and found that most of these MSN viruses and others inject .sys files into the ("C:\Windows\system32\drivers") directory and the registry so wen u delete they just come back (A REAL BITCH) anyway u need to know the name of this file or folder in order to perform this procedure:

Go to ("C:\Windows\system32\drivers") and delete all .sys files that start with the letter z which are usually some algerian or russian guys creations but i say Z bcoz its the only kind i have had myself this is not for vista so please perform at own risk.

Moving on now that you have deleted the source assuming u have copied the name of the virus go to the registry which u can do by going to Start > Run > RegEdit(in the textbox)
now u have to do a registry search for that virus name or search .sys and look for it in the list.

When u have found the host file for all this chaos delete it from the registry and make sure u deleted the file out of recycle bin "PERMANENTLY".

Now u need to go to start up manager Start > Run > msonfig and go to the start up tab and look for unusual names similar or the same as the file u deleted.

oh and fianlly delete this filenames prefetch entry!("C:\Windows\Prefetch")

please be prompt that this did infact work for me on WinXP SP2 i have no knowledge of other OS versions or Sp's.

Use at own risk

This procedure i have been informed can also be used to remove viruses like braviax.exe and Virut.exe i cannot confirm this as i was told by another person that tried this.

Thank you please rate whether its good info or not to you.

Well, tbh i think i have the most virus free computer in the whole world, still i got: ZDPSp50.sys and ZDPSp50a64.sys. I am taking my own word before yours and therefore i believe you are trying to trick people into destroying there computer.

Hi as much as i appreciate ur guys input but if u have an anti virus that removes these things i was simply just trying to help people there is no foul play here and i stand by wat i said bcoz the fact remains it did work for me.I respect that people work hard for money to mod and buy computers having been bombed before to an extent that my processor was destroyed i would never ever in my life do that to someone else bcoz things like that are just jealousy and hate and i dont even know any of these guys they have done nothing to me but i understand ur arguement bcoz there are people that do these things but fortunately i am proudly not one of them.

CodeX where did u say there was a picture of me im quite interested considering the fact i have noy used a webcam in 4 years.How do you know its me?

No hostility

Regards

Thank you.

Meh, I still love my combination of remembering everything that should be on my computer, using hijackthis to check for discrepancies, and regedit.

Combofix is a nice last resort. Fixes shit up good :3

When I said about the picture thing I meant that is a common way for MSN worms to get about, saying "Ohh look at this interesting thing" in some form or another then getting you to go to www.your_email.somerandomhost.com and since the link has your email in it "surely its real" thinks the innocent MSN user leading them to do something which gets them the trojan worm.

With anti-virus software being available for free (AVG) everyone should have something to protect their system, and if they don't and end up finding your description of a fix they might try it and end up in a spot of bother, so when it comes to describing cures for things you should be able to (and do) describe the exact problem, exactly what's causing it and exactly how to fix it so that people will only try it when they know that this exact problem is happening on their computer, have found evidence that this is the same problem (such as with file hashes) and can then execute a precise fix that won't jeopardise anything else. Seeing as how few people are really going follow along and be able to do all of that it is best to inform the users that they should get something like AVG or even shell out for some protection such as NOD32 so that that software can do all of that for you.

The reason I'm saying this is because although your post is done with good intention it not specific (such as a list of MSN worms, how to diagnose each one and then how to remove each individually and whatever patching needs to be done afterwards)

*rant*

CodeX wrote:When I said about the picture thing I meant that is a common way for MSN worms to get about, saying "Ohh look at this interesting thing" in some form or another then getting you to go to www.your_email.somerandomhost.com and since the link has your email in it "surely its real" thinks the innocent MSN user leading them to do something which gets them the trojan worm.

With anti-virus software being available for free (AVG) everyone should have something to protect their system, and if they don't and end up finding your description of a fix they might try it and end up in a spot of bother, so when it comes to describing cures for things you should be able to (and do) describe the exact problem, exactly what's causing it and exactly how to fix it so that people will only try it when they know that this exact problem is happening on their computer, have found evidence that this is the same problem (such as with file hashes) and can then execute a precise fix that won't jeopardise anything else. Seeing as how few people are really going follow along and be able to do all of that it is best to inform the users that they should get something like AVG or even shell out for some protection such as NOD32 so that that software can do all of that for you.

The reason I'm saying this is because although your post is done with good intention it not specific (such as a list of MSN worms, how to diagnose each one and then how to remove each individually and whatever patching needs to be done afterwards)

*rant*

Wow howd u do so many colors?
anyway i see wat ur saying and this website does it im am a msn hacker or something like bcoz then i need it checked

88EighT88 wrote:

Liidian wrote:

88EighT88 wrote:Hi i put this on here bcoz it worked for me and hopefully helps others

I did some looking on google and so on and found that most of these MSN viruses and others inject .sys files into the ("C:\Windows\system32\drivers") directory and the registry so wen u delete they just come back (A REAL BITCH) anyway u need to know the name of this file or folder in order to perform this procedure:

Go to ("C:\Windows\system32\drivers") and delete all .sys files that start with the letter z which are usually some algerian or russian guys creations but i say Z bcoz its the only kind i have had myself this is not for vista so please perform at own risk.

Moving on now that you have deleted the source assuming u have copied the name of the virus go to the registry which u can do by going to Start > Run > RegEdit(in the textbox)
now u have to do a registry search for that virus name or search .sys and look for it in the list.

When u have found the host file for all this chaos delete it from the registry and make sure u deleted the file out of recycle bin "PERMANENTLY".

Now u need to go to start up manager Start > Run > msonfig and go to the start up tab and look for unusual names similar or the same as the file u deleted.

oh and fianlly delete this filenames prefetch entry!("C:\Windows\Prefetch")

please be prompt that this did infact work for me on WinXP SP2 i have no knowledge of other OS versions or Sp's.

Use at own risk

This procedure i have been informed can also be used to remove viruses like braviax.exe and Virut.exe i cannot confirm this as i was told by another person that tried this.

Thank you please rate whether its good info or not to you.

Well, tbh i think i have the most virus free computer in the whole world, still i got: ZDPSp50.sys and ZDPSp50a64.sys. I am taking my own word before yours and therefore i believe you are trying to trick people into destroying there computer.

Hi as much as i appreciate ur guys input but if u have an anti virus that removes these things i was simply just trying to help people there is no foul play here and i stand by wat i said bcoz the fact remains it did work for me.I respect that people work hard for money to mod and buy computers having been bombed before to an extent that my processor was destroyed i would never ever in my life do that to someone else bcoz things like that are just jealousy and hate and i dont even know any of these guys they have done nothing to me but i understand ur arguement bcoz there are people that do these things but fortunately i am proudly not one of them.

CodeX where did u say there was a picture of me im quite interested considering the fact i have noy used a webcam in 4 years.How do you know its me?

No hostility

Regards

Thank you.

You might not wanna do any hostility too any1, but this thread is false, both my files was looked up, and both was created by Pcausa. i looked up this company and look what i found: http://www.pcausa.com/ So i believe you are wrong, even tho it was nice trying to help people

Liidian wrote:

88EighT88 wrote:

Liidian wrote: Well, tbh i think i have the most virus free computer in the whole world, still i got: ZDPSp50.sys and ZDPSp50a64.sys. I am taking my own word before yours and therefore i believe you are trying to trick people into destroying there computer.

Hi as much as i appreciate ur guys input but if u have an anti virus that removes these things i was simply just trying to help people there is no foul play here and i stand by wat i said bcoz the fact remains it did work for me.I respect that people work hard for money to mod and buy computers having been bombed before to an extent that my processor was destroyed i would never ever in my life do that to someone else bcoz things like that are just jealousy and hate and i dont even know any of these guys they have done nothing to me but i understand ur arguement bcoz there are people that do these things but fortunately i am proudly not one of them.

CodeX where did u say there was a picture of me im quite interested considering the fact i have noy used a webcam in 4 years.How do you know its me?

No hostility

Regards

Thank you.

You might not wanna do any hostility too any1, but this thread is false, both my files was looked up, and both was created by Pcausa. i looked up this company and look what i found: http://www.pcausa.com/ So i believe you are wrong, even tho it was nice trying to help people

Ho guys sorry Liidian cleared the air maybe just some people can do this Sorry again Thanx Liidian.