|
Donations |
|
 |
|
|
|
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
|
|
|
Survey |
|
|
|
|
|
|
|
|
Translate |
|
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
Barty
Guest
|
 Posted: Sun Mar 14, 2004 6:13 pm Post subject: CASPROG |
|
|
Hi,
I have just had a system32 dialog box pop up stating the above file has been sucessfully removed.
Any Ideas? Have i been hacked? |
|
| Back to top |
|
 |
Jaden
Guest
|
| Posted: Wed Mar 17, 2004 7:53 am Post subject: |
|
|
| Same thing here...Anyone know what this means????? |
|
| Back to top |
|
|
Nick
Guest
|
| Posted: Wed Mar 17, 2004 11:24 am Post subject: |
|
|
| i dunno but i was cleaning my programs and i found it and i removed it myself, now i was searching on the web to see if i could find anything on it but no luck. oh well i dont think it was anything helpful. |
|
| Back to top |
|
|
sadsadface
Guest
|
| Posted: Wed Mar 17, 2004 8:11 pm Post subject: |
|
|
| that happened to me too anybody else.... |
|
| Back to top |
|
|
Fussen
Guest
|
| Posted: Thu Mar 18, 2004 12:42 am Post subject: Answers |
|
|
Heads up,
it's a casino program.
it's malware.
it's infectious.
delete it.
the last attempt at it staying on your computer is in a file called uninst_cp.exe located in your windows\system32 folder.
it will continue to bore itself into your registry's "run" section.
So don't choose the Uinstall option from your icons because you'll just be doing exactly what the program wants you to do.
Delete these files manually or use Ad-Aware (free) from lavasoftusa.com
I ran ad-aware and it cleaned it all up. EXCEPT for the c:\windows\system32\uninst_cp.exe
cp stands for CASINO PROGRAM.
the uninst_cp.exe has no details on a publisher, a file name, a version , or even who made it. It is a deviant program.
INSIDE the uinst_cp.exe is:
CasProg Software\Microsoft\Windows\CurrentVersion Software\Microsoft\Windows\CurrentVersion\Run Rebooting after uninstall Do not forget to reboot your computer. You must restart your computer in order to finish uninstalling %s.
If you have this file, don't run it. But you can see for yourself that it has this code simply by DRAGGING it into a blank Notepad window.
you can search for "casprog" and tada, there it is.
This casprog means Casino program, and it's intentions are to bore itself into your currentversion\run section of your registry (making it forever load on startup)
I would have never noticed it except for one tactic which I use sometimes. I scan my computer for EXE files that were modified/created within the last.. week or so . This file showed up. I never had any recolection of putting such a file there, and Uninstall programs are NOT NOT NOT suppossed to be in the system32 folder. They are suppossed to stay within the folder of the parent program.
I have no idea if anybody will ever read this post or not but if you do, hopefully this helped.
Cheers,
-Fussen |
|
| Back to top |
|
|
Guest
|
| Posted: Thu Mar 18, 2004 4:36 am Post subject: |
|
|
| If you go into your regedit you will also find a Golden Palace file |
|
| Back to top |
|
|
AndyG
Guest
|
| Posted: Thu Mar 18, 2004 10:26 am Post subject: very, very tricky |
|
|
I was at a loss for how this program came to be on my computer, but it was a nasty one to get rid of. I think it was also launching a weirdly named process, because now that problem has gone away. Did anyone else see a process: zqanyech.exe?
Either way, I hope that after removing that file and registry key it is gone for good.
Thanks! |
|
| Back to top |
|
|
rirvin
Guest
|
| Posted: Fri Mar 19, 2004 12:33 pm Post subject: yes this is very sticky, hard to get rid of |
|
|
| I cleaned this up yesterday and today it's back. I used spybot and manually. I'm working on it now again. A lot of little things get loaded; internet optimizer, play live poker, vvlqkyjv.exe (note in code say it sends you to www.flingstone.com). Somebody needs to compile all the steps for cleaning this up. |
|
| Back to top |
|
|
Barty
Guest
|
| Posted: Fri Mar 19, 2004 2:04 pm Post subject: |
|
|
Cheers boys n girls  info was much appreciated
system seems ok now |
|
| Back to top |
|
|
christine
Guest
|
| Posted: Fri Mar 19, 2004 2:43 pm Post subject: |
|
|
yeah, how do you get rid of it??
i thought ad-aware got it, but then later when i started my computer up again it said that CasProg was successfully unistalled. I think im screwed... any suggestions??
is my computer gonna get all messed up now? |
|
| Back to top |
|
|
I_Hate_Casinos
Guest
|
| Posted: Sat Mar 20, 2004 8:20 am Post subject: The Fix |
|
|
http://www.servenet.com/ipiboard/messages/7465.html
Subject: Re: Golden Palace Casino
There are three ways of removing the software, try each one in order.
1. Click the following link for instruction on how to remove the software: http://remove.monsterserve.com/remove/toolbar/index.html
2. Go to http://www.jraun.com and click the uninstall download at the
bottom.
3. In some cases, you may also have to remove the software from
your computer index directory. This is easy if you follow these steps:
1. Double click the 'My Computer'icon on your desktop to open
it.
2. Double click the 'Local Disk (C)' icon to open it.
3. Find the folder named 'Casino' then right-click ONCE on it-this will open a drop-down menu.
4. Hold down the SHIFT Key and click DELETE in the drop-down
menu simultaneously.
5. Be sure to wait for the final Delete message - you must
click YES, then the software will be deleted from your index directory.
For further assistance with the removal of the software, contact support at Golden Palace Casino toll free number 1-888-217-5648.
Call this phone number and threaten and harrass them
I am going to do this once a day, If you all do the same it will hurt thier
business, Lets take these jerks out!
Take Aim, Fire! |
|
| Back to top |
|
|
Casinos_Suck_CALL_THEM
Guest
|
| Posted: Sat Mar 20, 2004 8:23 am Post subject: |
|
|
In case you didnt notice in my last post :
For further assistance with the removal of the software, contact support at Golden Palace Casino toll free number 1-888-217-5648.
I wanted to put extra emphasis on this...
People might just procede from the top and begin fixing and not see the
most important part on the bottom |
|
| Back to top |
|
|
MrPlotz
Guest
|
| Posted: Sat Mar 20, 2004 1:44 pm Post subject: Right-o! |
|
|
| Hi, |
|
| Back to top |
|
|
MrPlotz
Guest
|
| Posted: Sat Mar 20, 2004 1:47 pm Post subject: ignore the above |
|
|
Hi,
I had a little problem posting so please ignore that earlier message heh. Anyway, just wanted to say thx for all the info! I am in the process of getting rid of Casprog and everything looks pretty good so far.
As for that casino company, I hope you all call them up and b*tch about this crap as much as you can .
Thanks again,
Plotz |
|
| Back to top |
|
|
Meese
Guest
|
| Posted: Sat Mar 20, 2004 9:52 pm Post subject: |
|
|
Thanks so much re "CasProg". It was driving me crazy!! So, yes you did help a lot Fussen!! I figured that's what it was, but there were some strange things, ie.. Adware didn't catch it!! How is that?
Plus I've got this nasty eAnthology Station garbage on my PC,
1. not downloaded
2. no uninstall AT all anywhere, AND
3. even when Adware caught it there is stuff left behind - anyone know how to get rid of ALL of it?
Thanks,
Meese |
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
Powered by phpBB 2.0.8a © 2001 phpBB Group
Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops
|
You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0.
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
