Welcome to PokerForums.org

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Poker Professional xxdemexx's Avatar
    Join Date
    Aug 2004
    Location
    UK
    Posts
    1,837

    Default SNGPowerTools WARNING: URGENT.

    I got this about ten days ago. Theres another thread where I reviewed it. Its an OK tool. It's debatable whether its worth $79 but for a novice it would pay for itself.

    BUT.... Over the last three days I have had a major virus on my PC - and Not a funny one.

    This thing is a subset of Tulu (msconfig32.exe is embedded in a file). The virus is in fact a Trojan - and a serious one. In operation:

    1] After a few days your cable line will begin to struggle and your pc will often lock up

    2] AVG antivirus software flags a problem under the "Heuristic" - Unfortunately AVG knows its there but can't shift it.

    3] It seems to using an IRC channel to access your passwords and stuff...

    This is not very nice. What makes it worse is that this virus has been mutated by a programmer (that's why AVG cant't kill it its not out in the broader domain). You need a pro-level virus remover to get shot of it (I eventually got a trial version of some software that did the job [I hope] - I'll post it when I get back home). I know more or less what I'm doing on PC's and it took three days to kill it AND I couldn't play poker because the thing locks the pc after ten minutes.


    The software I used nailed the source of the virus as Unisnt.000 as supplied by SngPowertools.

    Now I don't know what's happened here.. SnGpowertoools is ok but if you have it. Do a virus scan with AVG and set the heuristic running. Leave you machine for 20 minutes. If a virus warning with "MSconfig32" comes up and you can't heal it then come back here to find the software I used to remove it. (I'll post later). I would advise against leaving your PC on and connected to the net if you find its there...
    See me playing $10/$20NL like it was play money

    http://video.google.co.uk/videoplay?...405&q=xxdemexx

    Doberman: "but Sarge, isn't poker gambling and just luck?"
    Sgt. Bilko:" not the way I play it"

  2. #2
    PokerForums God Marm's Avatar
    Join Date
    Oct 2004
    Location
    Cleveland
    Posts
    9,757

    Default

    www.kaspersky.com has an free online scanner that doesnt requrie a client to use. They also have a free one month trial client version too, it killed a few bugs that norton couldn't even touch. Highly recommended.
    Marm is back, maybe. Been off for 3 years. Rusty as Hell.

    Luck is a Residue of Design.

  3. #3
    Banned PowerfulRog's Avatar
    Join Date
    Sep 2005
    Location
    North Adams, MA
    Posts
    1,453

    Default

    Well I know what program I'm not getting anytime soon.

  4. #4
    PokerForums God
    Join Date
    Sep 2004
    Posts
    8,204

    Default

    Bob,

    Are you running a firewall?

  5. #5
    Stu Ungar Mr.McJ's Avatar
    Join Date
    Jan 2006
    Location
    Toronto, Ontario
    Posts
    2,403

    Default

    Quote Originally Posted by xxdemexx
    The software I used nailed the source of the virus as Unisnt.000 as supplied by SngPowertools.
    Do you know the folder that this file was located in?

  6. #6
    Poker Professional xxdemexx's Avatar
    Join Date
    Aug 2004
    Location
    UK
    Posts
    1,837

    Default

    Firewall..: I just got cable - we live in a rural area... and I networked through a router with a built in fiewall (but its not that great). Zonealarm doesnt work (unless you pay) with networks.

    The software that I think/hope killed it is found here

    http://www.prevx.com/

    it is a 60 day free trial.There may be others that kill it. AVG doesn't.

    Just deleting this file:

    \sngpt\sng pokertools\unins000.exe

    I'm not sure will work - the bloody thing will just respawn. BUT if you have the above file then do something about it....
    See me playing $10/$20NL like it was play money

    http://video.google.co.uk/videoplay?...405&q=xxdemexx

    Doberman: "but Sarge, isn't poker gambling and just luck?"
    Sgt. Bilko:" not the way I play it"

  7. #7
    Stu Ungar Mr.McJ's Avatar
    Join Date
    Jan 2006
    Location
    Toronto, Ontario
    Posts
    2,403

    Default

    The reason why I ask is because unins000.exe is a farily common file and could be found in numerous directories on your PC, not just SNGPowertools. Did you download SNG from their website or from somewhere else (torrents, perhaps?)

    I know you're not necessarily saying this but I doubt SNGPowertools is allowing people to download an infected version of their software from their website as it would be pretty bad for business. The infected file in question could have come from a number of different places. Don't get me wrong, it's definitely a good idea to check your system for viruses if you've downloaded this program but I wouldn't be too worried to download it myself if I was interested.

  8. #8
    PokerForums God
    Join Date
    Sep 2004
    Posts
    8,204

    Default

    I never had any problems running free ZA through a router.

    Built in firewalls won't stop stuff from connecting from your competer. ZA would let you isolate the file so I could not connect to the net. If the free version doesnt work for, buy somthing. It is better than having to reinstall Windows.

    I was able to run my system fine with a couple of worms and trojans I couldn't get rid of by isolating them with the firewall. That is until I turned it off and connected to the net one day. I lasted about 15sec.

  9. #9
    Mike McDermott tightagressive's Avatar
    Join Date
    Jan 2006
    Location
    Michigan
    Posts
    3,439

    Default

    i have sng pwr tools. no virus here.

  10. #10
    Poker Professional Eclipse86's Avatar
    Join Date
    May 2005
    Location
    Toronto, Canada
    Posts
    1,656

    Default

    deme,

    I think it would be alot safer if u reformatted ur comp instead. The last thing u would want is to think the virus is gone, then login to ur poker account only to get it hacked a few days later and lose all ur money. Back up ur comp, and reformat it would be alot better.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •