Membership is FREE, giving all registered users unlimited access to every Acorn Domains feature, resource, and tool! Optional membership upgrades unlock exclusive benefits like profile signatures with links, banner placements, appearances in the weekly newsletter, and much more - customized to your membership level!

"beware"latest winrar

Status
Not open for further replies.
retired_member32

retired_member32

Joined
Jul 17, 2007
Posts
2,118
Reaction score
20
anybody wanting to download the latest winrar from download.com do not bother i have now got the nastiest virus availiable,no anti virus will touch it and i cannot use google because it is now in chinese,there is a pop-up every ten seconds saying intervalhehehe and every time i try using a search engine for help it redirects to a virus cleaner,i managed to go to the review and there are loads of people with this virus,if anybody has any ideas i would appreciate it.

mark
 
  • Like
Reactions: rob
Nasty...

Sounds more like spyware from your description. To stop the redirects search for your 'hosts' file... Seems it has added a load of bogus entries to this. It can be found here:

C:\Windows\System32\drivers\etc

Open the file 'hosts' in notepad and remove any IP maps below 127.0.0.1 / localhost

I would then suggest getting hold of a copy of Webroot Spysweeper to flush out the nastyness!

Hope this helps!

Rich :cool:
 
Last edited:
Here a fix from a forum discussing the same thing.
Cnet WinRAR download trojan virus trenderdia - CNET Computer help Forums


Fix for my Problem with WINRAR
by sg1ks - 10/17/08 4:26 AM In reply to: Cnet WinRAR download trojan virus trenderdia by mustangkat

I found what I thought was the most uptodate version on CNET and as people are finding out it causes an annoying popup and redirects to well known web sites.

Fix by ADD/REMOVE programs running unistall WINRAR
then remove file explorer.exe in the c:\windows\system32\
directory, note by hovering over this file it identifies itself as winrar, thats the end of the popup.

Go to c:\windows\system32\drivers\etc\hosts and edit in notepad, you will see all the sites you cannot access with a fixed IP Address, replace this with hosts.sav if there is one or any backup copy made yourself else get a copy from a friend.

You should now be able to connect to the internet.

In internet explorer on the menu bar select tools/internet options and on the general tab press button delete files, removing any cache version.

Run regedt32
Navigate to :-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Remove entry pointing at c:\windows\system32\explorer.exe
Reboot and you should be in the same state as me, freeas a bird.

.
 
I had a very complicated virus much like this a few days ago, in the end had to format my computer :mad:

That was probably the only virus I have not been able to remove.

It disabled the task manager, all scanners and updates, as above all the search engine links redirected to malware and spyware links. Even when I managed to get rid of most of it, it managed to download itself again. :mad:

System restore wouldnt work and safemode didnt help either.

Check in your device manager the hidden items under Non-plug and play drivers. This is where I found one of the main parts of the virus I had.

Good luck!
 
I had a bad bit of spyware a day or too ago, which redirected any searches I did. Also stopped me booting up everytime and even in safe mode. It would let me click the next button on system restore and wouldn;t let me launch certain .exes. Hijack this didnt pick up anything either. nor did windows defender, startup inspector, avast and others. Finally got rid of using malware bytes.
It seems each spyware/virus now requires a specific bit of software. probably the trojans are written by the removal software writers!
 
thank for your help guys,i have had a torrid time all day,i think it has gone but who knows i used a kind of hijack this type software to remove things,i will probably find out when i reboot,i found loads of files in the registry that shouldn't have been there,and also found trojan-prova,i could only use google ireland which was a strange one,every other url i tried redirected to a fake microsoft page or "chinese google" which i am not hot on cantanese,i am also not happy with my avg that really does slow down my p.c and detected nothing,i ran a spyware scan for two hours and it picked up nothing,i ran webroot spyware like rich said and that picked up a trojan which i couldn't delete because i couldn't access there website to get the full version(dohhh!!),i was running norton for the three month trial when you purchase a new pc and everything was peachy and since i switched to avg i have had a nightmare it thinks acorn is "very high risk" and i have to switch it off to access the site(dohh!!),anyway the contamination was explore.exe files,sistrai.exe files also fingers crossed i can reboot it now else i am stuffed.

sorry to pugyrob i cut yuo off form messenger has i was trying to spend very little time online so i didn't get hacked,and thanks for that thing you was doing for me.cheers mate

mark
 
I would stay clear of the Norton and Mcafee, they seem very resource heavy for my liking.

Always used NOD32 and it's caught just about everything and touch wood never had a problem.

Should have a trial period as well.
 
invincible said:
I like NOD32 and use it because it isn't very resource heavy.
Click to expand...

I used to find Norton and Mcafee worse than having the virus,

As for nod32 not using resources, I was douting for 3 weeks that it was actually on, then out of the blue it picked something up a few more weeks in. I was told about it by some pro web designers who swore by it, must admit they were right.
 
invincible said:
There is still some debate about which of these two products is the best! NOD32 seems to have received many more passes than Kaspersky on Virus Bulletin (you need a login to see this).
Click to expand...

Are you saying that these are the best Anti-Virus products at the moment, it's just that I've been using Avast 4.7 (it's free) for the last couple of years together with ZoneAlarm Firewall without any problems what so ever, and again you would hardly noticed it's running at all.
 
Avast often alerts for trojans if downloading torrents so Im happy it's working. Spyware is a different ballgame though.
 
Status
Not open for further replies.

Similar threads

Whois-Search
Reform of the UKRAC
Replies
2
Views
750
Whois-Search
Whois-Search
it.com
it.com Hans Niemann Sets New Record at Web Summit for Largest Online Simultaneous Chess Match, Defeats Global Opponents
Replies
0
Views
193
it.com
it.com
it.com
it.com How to Use Reddit to Grow Your Online Presence in 2024
Replies
1
Views
271
Deep Joshi
Deep Joshi
it.com
it.com Black Friday 2024: Promotion Ideas For Small Business To Boost Sales
Replies
0
Views
164
it.com
it.com
Acorn Newsbot
Nominet Micro:bit throughout history: Paving the way for a digital future
Replies
0
Views
1K
Acorn Newsbot
Acorn Newsbot

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

Members online

Total: 463 (members: 14, guests: 449)
IT.com

Premium Members

Sedo
Aucdom Auctions
dot Hiphop

Latest Comments

Upcoming events

New Threads

Other domain forums

Other domain forums.
Global
Asia
Europe
North America
Oceania & Australia

Our Mods' Businesses

DomainUI Mod
*the exceptional businesses of our esteemed moderators
DDCamp Alsace Domain name conference - March 21, 2025 - Strasbourg (France)
General chit-chat
Help Users
  • No one is chatting at the moment.
  • D AcornBot:
    Darren has left the room.
      D AcornBot: Darren has left the room.
      Top Bottom