LinkBack URL
About LinkBacksI got this about ten days ago. Theres another thread where I reviewed it. Its an OK tool. It's debatable whether its worth $79 but for a novice it would pay for itself.
BUT.... Over the last three days I have had a major virus on my PC - and Not a funny one.
This thing is a subset of Tulu (msconfig32.exe is embedded in a file). The virus is in fact a Trojan - and a serious one. In operation:
1] After a few days your cable line will begin to struggle and your pc will often lock up
2] AVG antivirus software flags a problem under the "Heuristic" - Unfortunately AVG knows its there but can't shift it.
3] It seems to using an IRC channel to access your passwords and stuff...
This is not very nice. What makes it worse is that this virus has been mutated by a programmer (that's why AVG cant't kill it its not out in the broader domain). You need a pro-level virus remover to get shot of it (I eventually got a trial version of some software that did the job [I hope] - I'll post it when I get back home). I know more or less what I'm doing on PC's and it took three days to kill it AND I couldn't play poker because the thing locks the pc after ten minutes.
The software I used nailed the source of the virus as Unisnt.000 as supplied by SngPowertools.
Now I don't know what's happened here.. SnGpowertoools is ok but if you have it. Do a virus scan with AVG and set the heuristic running. Leave you machine for 20 minutes. If a virus warning with "MSconfig32" comes up and you can't heal it then come back here to find the software I used to remove it. (I'll post later). I would advise against leaving your PC on and connected to the net if you find its there...
Welcome to PokerForums.org
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.
Results 1 to 10 of 14
Thread: SNGPowerTools WARNING: URGENT.
-
03-14-2006 #1Poker Professional
- Join Date
- Aug 2004
- Location
- UK
- Posts
- 1,837
SNGPowerTools WARNING: URGENT.
See me playing $10/$20NL like it was play money
http://video.google.co.uk/videoplay?...405&q=xxdemexx
Doberman: "but Sarge, isn't poker gambling and just luck?"
Sgt. Bilko:" not the way I play it"
-
03-14-2006 #2PokerForums God
- Join Date
- Oct 2004
- Location
- Cleveland
- Posts
- 9,757
www.kaspersky.com has an free online scanner that doesnt requrie a client to use. They also have a free one month trial client version too, it killed a few bugs that norton couldn't even touch. Highly recommended.
Marm is back, maybe. Been off for 3 years. Rusty as Hell.
Luck is a Residue of Design.
-
03-14-2006 #3Banned
- Join Date
- Sep 2005
- Location
- North Adams, MA
- Posts
- 1,453
Well I know what program I'm not getting anytime soon.
-
03-14-2006 #4PokerForums God
- Join Date
- Sep 2004
- Posts
- 8,204
Bob,
Are you running a firewall?
-
03-14-2006 #5Stu Ungar
- Join Date
- Jan 2006
- Location
- Toronto, Ontario
- Posts
- 2,403
Do you know the folder that this file was located in?
Originally Posted by xxdemexx
-
03-14-2006 #6Poker Professional
- Join Date
- Aug 2004
- Location
- UK
- Posts
- 1,837
Firewall..: I just got cable - we live in a rural area... and I networked through a router with a built in fiewall (but its not that great). Zonealarm doesnt work (unless you pay) with networks.
The software that I think/hope killed it is found here
http://www.prevx.com/
it is a 60 day free trial.There may be others that kill it. AVG doesn't.
Just deleting this file:
\sngpt\sng pokertools\unins000.exe
I'm not sure will work - the bloody thing will just respawn. BUT if you have the above file then do something about it....See me playing $10/$20NL like it was play money
http://video.google.co.uk/videoplay?...405&q=xxdemexx
Doberman: "but Sarge, isn't poker gambling and just luck?"
Sgt. Bilko:" not the way I play it"
-
03-14-2006 #7Stu Ungar
- Join Date
- Jan 2006
- Location
- Toronto, Ontario
- Posts
- 2,403
The reason why I ask is because unins000.exe is a farily common file and could be found in numerous directories on your PC, not just SNGPowertools. Did you download SNG from their website or from somewhere else (torrents, perhaps?)
I know you're not necessarily saying this but I doubt SNGPowertools is allowing people to download an infected version of their software from their website as it would be pretty bad for business. The infected file in question could have come from a number of different places. Don't get me wrong, it's definitely a good idea to check your system for viruses if you've downloaded this program but I wouldn't be too worried to download it myself if I was interested.
-
03-14-2006 #8PokerForums God
- Join Date
- Sep 2004
- Posts
- 8,204
I never had any problems running free ZA through a router.
Built in firewalls won't stop stuff from connecting from your competer. ZA would let you isolate the file so I could not connect to the net. If the free version doesnt work for, buy somthing. It is better than having to reinstall Windows.
I was able to run my system fine with a couple of worms and trojans I couldn't get rid of by isolating them with the firewall. That is until I turned it off and connected to the net one day. I lasted about 15sec.
-
03-14-2006 #9Mike McDermott
- Join Date
- Jan 2006
- Location
- Michigan
- Posts
- 3,439
i have sng pwr tools. no virus here.
-
03-14-2006 #10Poker Professional
- Join Date
- May 2005
- Location
- Toronto, Canada
- Posts
- 1,656
deme,
I think it would be alot safer if u reformatted ur comp instead. The last thing u would want is to think the virus is gone, then login to ur poker account only to get it hacked a few days later and lose all ur money. Back up ur comp, and reformat it would be alot better.
Reply With QuoteThread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
