Horrible horrible trojan/virus

rebeltf · Aug 14, 2005

Just a heads up to you folks.
I just had one hell of a time with a trojan , it had more than one name , popup.exe , poper.exe , intermon.exe.. I cant remember them all....
Anyway it started out changing my desktop pic to a spyware alert , then got inside my browser and messed that all up , then got into my system tray then it was kind enough to delete every media file I had on my C drive , music , pictures , movie clips , all gone !
Needless to say I was..... Quite angry.
So I spent the better part of a day and a half getting rid of it , I got it from a website although I dont know which one.
For the record I use I.E. (i know , i know , mozilla.....) I use spybot S&D , ad-aware , Norton corporate anti virus , peer guardian , sygate firewall , all of this and I STILL got that bugger !
I had to use various utilities and regedit to get it outta my comp , what a PITA.
I used an undelete program and got some of what was deleted back but not all of it.
Anyways just a heads up , the wankers are out there so be careful.

RyanMalpiede · Aug 14, 2005

My father got this virus on his computer ... I'll point ya in the right direction if it returns.

Gollnick · Aug 14, 2005

You know, I've gotten to the point where I just won't visit unfamiliar websites. Given that the majority of websites are somehow commercial, I think that makes these programs an interference with interstate commerce. I think it's time for the FBI to start tracking these guys down and prosecuting them.

Caress of Steel · Aug 15, 2005

Saying it again...Use Mozilla or Firefox!

I can surf around with IE and trash a machine in about ten minutes...some of the same symptoms you are describing. If I get a pc to work on that needs a reformat and clean install, I will purposely use IE and search for software cracks just to see how long it takes this junk to invade the machine...by visiting those sites the search returned, those same symptoms appear in no time.

John

gordonk · Aug 15, 2005

Yup - hear you on that one!!! Got the word this a.m. in our test center we had install a bunch of security patches on our test system to ensure our software works with the new patches. Haven't seen it on my home PC, but I did get an update notice this weekend and ran the patch install. I have Win2K at home. Have run AVG, Ad-Aware and Spybot - so far, so good. Agree with Gollnick - it's reaching a point where you can only go to trusted sites, and even then........

Research is part of my life at work, it is a PITA. Despite the security setup at the office, we still get stuff that gets thru.

- gord

Daniel Moore · Aug 15, 2005

My computer is getting bogged down by the nimda worm that seems to have infected it. It seems to have corrupted my RICHED20.dll so I can't send e-mail or use anti-spyware programs

It's also not being detected by Command anti-virus

Still trying to get rid of the little fella. That trojan sounds nasty

Rat Finkenstein · Aug 15, 2005

try this antivirus, 1 year free trial offer.
This is the best- I have it (ezArmor), and I havent had even one problem since I installed- If Norton is like a big, slow, useless, blind cow, this is like a stealth panther with night vision goggles.
E-trust Antivirus

RyanMalpiede · Aug 15, 2005

http://www.majorgeeks.com/downloads31.html

All the hots ones are good to go.

for the life of me I can't find the forum that helped me though. I was something like IamNotAtech.com or something like that ... i'll keep looking.

Robbie Roberson · Aug 15, 2005

I just had a battle with Spyware Dr., whats the deal with this thing ?

I installed it and started a scan, it ran ok and then locked up for about 5 minutes. Tried to click "stop" to start over and it would not respond at all, like an overload or something.

I then shut computer off, restarted it and tried a custom scan, same deal, it ran a couple minutes and locked up, I again tried to click STOP SCAN and it just sat there with no response.

I had to restart computer again and then I tried one more time, same deal so I ended up uninstalling it. These things drive me nuts when I can't get a response by clicking STOP. I also remembered I tried this thing a few months ago and it did the same exact thing, I uninstalled it then too.

Oh well, guess it just don't want to play right.

I know my machine is clean too, I run Spy bot all the time, all it ever finds is the basic stuff...........

Sorry for the off topic, just thought someone might know what is wrong.

Robbie Roberson

Gollnick · Aug 15, 2005

Well, within minutes of booting my PC (which was running fine last night and which passed its regular Sunday afternoon Spybot scan) this morning, it started to just bog down. When I was able to get task manager up finally, I found a process called "CashBack" which seemed like an odd name to me. There were several others that I didn't recognize. Cashback was taking up a huge amount of memory. I terminated it and that helped a bit, but I was clearly having a problem. So, I ran good-old Spybot S&D. I updated the rules and ran the scan and it found spyware called PC Ad Tools. Spybot "removed" it successfully. But, by this time, the computer was clearly balled up. So, I rebooted. I checked the task manager and CashBack was back. I re-ran Spybot and it found PC Ad Tools again.

I decided to check for Windows updates in case of any security updates. Boy were there updates. Several of the security updates failed to install, though.

Another thing of interest I found was Microsoft's new AntiSpyware program. I downloaded it and it found four spywares on my PC, WindUpdates.MediaAccess, Trojan.Startup.NameShifter.BT, ShopAtHome, and AvenueMedia.DyFuCA. It removed all of them.

I then re-did windows updates because of the updates failed to install. All installed this time.

This required rebooting.

I then re-ran the Microsoft's new AntiSpyware program and it found a another spyware, 180Solutions.SearchAssistant which it removed.

How did another one get on?

Well, I've now got both Spybot and Microsoft AntiSpyware (and also their new Malicious Software Removal Tool and also Norton Anti-Virus) to all run without finding any problems. My PC seems to be back to normal.

This has consumed the better part of my day.

PUBLIC NOTICE: If I am ever in the same room as one of the people who write this spyware/adware software, I shall not be responsible for my actions.

Robbie Roberson · Aug 15, 2005

You Gotta be kidding !! What a bunch of crap !!

Now you got me thinkin, should I run a scan again ?

No, I won't do it, let it eat up all my stuff.........

Robbie Roberson

StuntDouble · Aug 15, 2005

I am not a geek

Ryan,

Is this the site you were talking about? I know they've been a big help to me (along with K.V.) in solving any computer issues I've had.

The people that write this kind of software are at the same level as racists and solicitors to me.

RyanMalpiede · Aug 15, 2005

Chris Mapp said:
I am not a geek

Ryan,

Is this the site you were talking about? I know they've been a big help to me (along with K.V.) in solving any computer issues I've had.

The people that write this kind of software are at the same level as racists and solicitors to me.

I don't understand ... you mean spywares?

Doug C · Aug 16, 2005

They're attacking Mac's,my buddy's Mac got the Bomb early last week.His brother is vice-president of KODAK America and he called him and still being frustrated bought a new Mac OSX 10.4,his Bombed Mac was an OSX 10.13.He is a very successful businessman.This carp is bad shtuff.

LaBella · Aug 16, 2005

PEST PATROL people.

pest patrol

works every time!

go out and get it.:thumbup:

rebeltf · Aug 16, 2005

PUBLIC NOTICE: If I am ever in the same room as one of the people who write this spyware/adware software, I shall not be responsible for my actions.

Gollnick , when it happens call me up and i'll join ya !

This works awesome for pesky spys , and its free. This basically cured my problem where everything else wouldnt.

http://www.ewido.net/en/onlinescan/

StuntDouble · Aug 16, 2005

Oops...yeah, I meant spyware Ryan.

Ryan8 · Aug 17, 2005

The problem may not have been with Internet Explorer. It could be that you downloaded something with this junk attached to it. This is a common way to get malware on your machine.

You really, really have to be careful about where you download from, even if you have all of this software to protect you. Even legitimate sites sometimes have malware uploaded to them.

Be sure it reset your Internet Explorer security settings to medium. Some things will change these settings. Alternatively, you could reset them to high and place only web sites you absolutely trust in the trusted sites zone.

Ryan8 · Aug 17, 2005

Gollnick said:
You know, I've gotten to the point where I just won't visit unfamiliar websites. Given that the majority of websites are somehow commercial, I think that makes these programs an interference with interstate commerce. I think it's time for the FBI to start tracking these guys down and prosecuting them.

The FTC went after some guy for spyware - he was a notorious spammer and had already been punished. Here's a link

The DoJ has gone after people for sharing things on peer-to-peer networks. They haven't gone after spyware distributors. Being the pessimist I am, I suspect they won't until it becomes a huge problem for big business.

averageguy · Aug 17, 2005

I picked up this worm.
This is what I had to do: Recover my computer - then go to Trend Micro for free virus scan to clean out my computer. Then went to update to pick up latest security features.

Horrible horrible trojan/virus

rebeltf

RyanMalpiede

Gollnick

Musical Director

Caress of Steel

gordonk

Daniel Moore

Rat Finkenstein

RyanMalpiede

Robbie Roberson

Gollnick

Musical Director

Robbie Roberson

StuntDouble

RyanMalpiede

Doug C

LaBella

←JerzeeDevil→

rebeltf

StuntDouble

Ryan8

Ryan8

averageguy