| View previous topic :: View next topic |
| Author |
Message |
Karagin
Imperial Karagin Army
Imperial General
Joined: 04-Feb-2002 00:00
Posts: 4120
Location: United States
|
 Posted: 30-Aug-2009 01:40 Post subject: Computer question |
  |
|
Okay, I have noticed on my computer that I have a file called eRIc.exe and no matter what I do to remove it, no anti-virus, malware, anti-keylogger...etc...seems to be able to delete it either. And now my wife found a similar file with her first name as the name of it.
Has anyone else seen these kinds of files or know how to remove them?
I think it is a virus or spyware, given that I have only found it since I got back from Iraq, like last week, and I have all of the programs to scan and protect my lap top and desktop up to date and scanned three times a week, I am not sure HOW this thing got on the computer. I scan all USB drives BEFORE I even open them, so I am running out of ideas on how I got this what it is on the computer.
_________________
Karagin
Only the dead have seen the end of war. - Plato
"Wasted trip Man. Nobody said nuthin' about lockin' horns with no tigers." Oddball
|
|
| Back to top |
  
|
Kraken
Federated Suns
Marshal
Joined: 04-Feb-2002 00:00
Posts: 2755
Location: United States
|
| Posted: 30-Aug-2009 09:14 Post subject: Computer question |
|
|
What anti-virals / anti-spywares do you have? Some are better than others.
Also, if nothing else you can try a Google search to see if there's a listing somewhere for that item.
_________________
"I wish I could write as mysterious as a cat." -Edgar Allen Poe"I knew there was something special about you, but I never realized you were really a cat." Wolfwood to a random cat (Trigun)
|
|
| Back to top |
|
Karagin
Imperial Karagin Army
Imperial General
Joined: 04-Feb-2002 00:00
Posts: 4120
Location: United States
|
| Posted: 30-Aug-2009 10:31 Post subject: Computer question |
|
|
Google hasn't been any help. I type in the name of the file and I get a bunch crap back. I try using the What is this type of question in Google or How do you remove eRIc.exe and get nothing but pages with eric.exe as part of someone's handle or other BS which don't offer anything to remove it.
I have the full blown Norton AV program, updated every two days, I have Sypbot, I have PC Tools Spyware Doctor, Registry Mechanic and Malwarebytes Anti-Malware Program.
I use FireFox 3.5.1 as my browser.
_________________
Karagin
Only the dead have seen the end of war. - Plato
"Wasted trip Man. Nobody said nuthin' about lockin' horns with no tigers." Oddball
|
|
| Back to top |
|
ralgith
Blighted Sun Battalion
1st Company
"Ralgith's Renegades"
Colonel
Joined: 18-Aug-2003 00:00
Posts: 2021
Location: United States
|
| Posted: 30-Aug-2009 19:04 Post subject: Re: Computer question |
|
|
| Karagin wrote: | Google hasn't been any help. I type in the name of the file and I get a bunch crap back. I try using the What is this type of question in Google or How do you remove eRIc.exe and get nothing but pages with eric.exe as part of someone's handle or other BS which don't offer anything to remove it.
I have the full blown Norton AV program, updated every two days, I have Sypbot, I have PC Tools Spyware Doctor, Registry Mechanic and Malwarebytes Anti-Malware Program.
I use FireFox 3.5.1 as my browser. |
Ok, I'll takes these points one by one. Eric or some form of it, must be either your username or the username of another user on the PC. What you have is a virus that names itself after users on the PC. And if it isn't a username on the PC, then it is something else stored on it and a slightly different virus. And this actually isn't a virus, but a trojan horse. The difference being that a virus, by definition, replicates. This usually does not, it does however download virii, making it maleware just the same.
You're not likely to get anything from Google because of the type of selfnaming convention used.
All of those programs, well, they aren't likely to do jack because most likely it has installed itself as a system service. You can sometimes get around this by making your scanner softwares scan the system on the next startup. Not always though. Plus, that is quite annoying.
Solution: Download Mandriva One (or another Live linux distro. Live means it runs from the CD without anything being installed on your PC) and use it to boot your PC. You might have to go into your BIOS and change your boot device priority to make it either Floppy, CD, HDD, or CD, Floppy, HDD or some variation that brings the CD before the HDD. Once you have booted into the Linux desktop (speaking of, I would recommend the GNOME desktop version instead of the KDE version, though either works) run the Clam antivirus software. You'll have to explore the menus to find it, since I don't know its location offhand.
If you have troubles, let me know.
Dylan
_________________
Colonel Ralgith t'Mayasara
Blighted Sun Battalion
1st Company 'Ralgith's Renegades'
|
|
| Back to top |
|
Karagin
Imperial Karagin Army
Imperial General
Joined: 04-Feb-2002 00:00
Posts: 4120
Location: United States
|
| Posted: 31-Aug-2009 13:12 Post subject: Computer question |
|
|
Using Clam AV I found this:
C:\Documents and Settings\Eric\Eric.exe: Trojan.VB-7173 FOUND
Great! BUT...when I go to that file there is no file there named Eric.exe...I made sure hidden files were turn on to be seen and didn't find anything. So it is there, how to do I go about getting rid of it?
That is all I want to do, remove it and then make sure it doesn't come back at all.
_________________
Karagin
Only the dead have seen the end of war. - Plato
"Wasted trip Man. Nobody said nuthin' about lockin' horns with no tigers." Oddball
|
|
| Back to top |
|
ralgith
Blighted Sun Battalion
1st Company
"Ralgith's Renegades"
Colonel
Joined: 18-Aug-2003 00:00
Posts: 2021
Location: United States
|
| Posted: 31-Aug-2009 13:29 Post subject: Re: Computer question |
|
|
| Karagin wrote: | Using Clam AV I found this:
C:\Documents and Settings\Eric\Eric.exe: Trojan.VB-7173 FOUND
Great! BUT...when I go to that file there is no file there named Eric.exe...I made sure hidden files were turn on to be seen and didn't find anything. So it is there, how to do I go about getting rid of it?
That is all I want to do, remove it and then make sure it doesn't come back at all. |
You should have had Clam AV remove it 
Just to make sure, you did use the Clam AV via a Live CD instead of installing the Windows version (ClamWin) right? If so, you should be able to remove it.
Also, once you get everything kosher again, you'll be able to install ClamWin safely and thus protect your computer far better than that Piece Of Sh** Norton. I hate Symantec and everything they make. Same with AOhelL.
Let me know the results once you get through that
_________________
Colonel Ralgith t'Mayasara
Blighted Sun Battalion
1st Company 'Ralgith's Renegades'
|
|
| Back to top |
|
Karagin
Imperial Karagin Army
Imperial General
Joined: 04-Feb-2002 00:00
Posts: 4120
Location: United States
|
| Posted: 31-Aug-2009 18:08 Post subject: Computer question |
|
|
I installed Clam AV, not sure if it is the Windows version or not. There was not feature to remove anything.
I am still trying to figure this out. I am unsure about the Linux style commands and such so I am a little leery of using it.
_________________
Karagin
Only the dead have seen the end of war. - Plato
"Wasted trip Man. Nobody said nuthin' about lockin' horns with no tigers." Oddball
|
|
| Back to top |
|
ralgith
Blighted Sun Battalion
1st Company
"Ralgith's Renegades"
Colonel
Joined: 18-Aug-2003 00:00
Posts: 2021
Location: United States
|
| Posted: 31-Aug-2009 20:33 Post subject: Re: Computer question |
|
|
| Karagin wrote: | I installed Clam AV, not sure if it is the Windows version or not. There was not feature to remove anything.
I am still trying to figure this out. I am unsure about the Linux style commands and such so I am a little leery of using it. |
The Linux desktop (all you'd be using) is very similar to Windbloze. You wont be able to use the windows version of Clam that you have installed to remove the virus for the same reason those other softwares wont work. You can't be running windows when you do the scan.
Here is a direct link to the Mandriva GNOME Desktop Live CD USA & Europe version
And here is to the download list page in case you'd prefer a different version
Once you have it in your CD drive and running you should be able to access the net, and you can usually reach me via Instant Messnger (Yahoo) using the Yahoo ID ralgith. You'll want a program called Pidgin for instant messaging. That way you can contact me live if you need any help.
_________________
Colonel Ralgith t'Mayasara
Blighted Sun Battalion
1st Company 'Ralgith's Renegades'
|
|
| Back to top |
|
Karagin
Imperial Karagin Army
Imperial General
Joined: 04-Feb-2002 00:00
Posts: 4120
Location: United States
|
| Posted: 31-Aug-2009 23:23 Post subject: Computer question |
|
|
Okay, I will give it a go this coming Thursday...right now work is keeping me a bit busier then we were first told it would be. Seems they want to re-set things sooner rather then later.
_________________
Karagin
Only the dead have seen the end of war. - Plato
"Wasted trip Man. Nobody said nuthin' about lockin' horns with no tigers." Oddball
|
|
| Back to top |
|
ralgith
Blighted Sun Battalion
1st Company
"Ralgith's Renegades"
Colonel
Joined: 18-Aug-2003 00:00
Posts: 2021
Location: United States
|
| Posted: 01-Sep-2009 15:05 Post subject: Re: Computer question |
|
|
| Karagin wrote: | | Okay, I will give it a go this coming Thursday...right now work is keeping me a bit busier then we were first told it would be. Seems they want to re-set things sooner rather then later. |
Figures heh. I'm not sure if I'll be around then or not, since Thursday is the day I'm leaving and I'll possibly be without net access for an undetermined length of time.
_________________
Colonel Ralgith t'Mayasara
Blighted Sun Battalion
1st Company 'Ralgith's Renegades'
|
|
| Back to top |
|
Sleeping Dragon
Draconis Combine
Tai-i
Joined: 06-Apr-2005 00:00
Posts: 4820
Location: Czech Republic
|
| Posted: 07-Sep-2009 03:06 Post subject: Re: Computer question |
|
|
| ralgith wrote: | ...
Also, once you get everything kosher again, you'll be able to install ClamWin safely and thus protect your computer far better than that Piece Of Sh** Norton. I hate Symantec and everything they make... |
Shall I start spitting in the box when I re-pack one? lol (working on the Symantec line at the moment)
Seriously they do what they do. Let's just hope that 2010 will be better
_________________
The dragon NEVER sleeps!
|
|
| Back to top |
|
Mordel
Mordel.Net
Administrator
Joined: 03-Feb-2002 00:00
Posts: 6087
Location: United States
|
| Posted: 18-Oct-2009 12:04 Post subject: Computer question |
|
|
Hey, I have Norton and it works great for me. I've never gotten a virus since I've owned a computer. Of course, 2/3 of that time was spent without any form of protection at all.
_________________
Mordel Blacknight - Site Administrator
|
|
| Back to top |
 
|
Karagin
Imperial Karagin Army
Imperial General
Joined: 04-Feb-2002 00:00
Posts: 4120
Location: United States
|
| Posted: 18-Oct-2009 12:34 Post subject: Computer question |
|
|
Seems that the Name.exe virus/malware is a mixture of things, it opens a trojan, then allows worms in, and then brings in the adware and spyware...Norton has managed to finally notice it and get rid of it, as have some of the other programs that I have. It is a pain.
I really would like to meet some of these hackers and folks who find it exciting to destroy someone else's computer, just because they can. I would love to introduce them some discomfort of having their world destroyed or messed up and having to spend money to fix it. Then maybe they would grow up and get over this crap, but the odds of that happening at about as likely as getting struck by lighting on a clear day inside of a building at noon.
_________________
Karagin
Only the dead have seen the end of war. - Plato
"Wasted trip Man. Nobody said nuthin' about lockin' horns with no tigers." Oddball
|
|
| Back to top |
|
ralgith
Blighted Sun Battalion
1st Company
"Ralgith's Renegades"
Colonel
Joined: 18-Aug-2003 00:00
Posts: 2021
Location: United States
|
| Posted: 18-Oct-2009 15:02 Post subject: Re: Computer question |
|
|
| Mordel wrote: | | Hey, I have Norton and it works great for me. I've never gotten a virus since I've owned a computer. Of course, 2/3 of that time was spent without any form of protection at all. |
Oh sure, Norton will protect you from most virii. However, its a pain in the ass. And it bogs your system down big time. That is why I hate it. Just because we have quad core 2.6GHz machines common these days isn't an excuse for software to be resource hogs. Of course, Norton isn't the only culprit. Windows Vista and Windows 7 are pretty bad too. A lot of software is really. Quickbooks is pretty bloated. Umm, ok, I can't think of anything else off the top of my head, but theres lots.
_________________
Colonel Ralgith t'Mayasara
Blighted Sun Battalion
1st Company 'Ralgith's Renegades'
|
|
| Back to top |
|
Mordel
Mordel.Net
Administrator
Joined: 03-Feb-2002 00:00
Posts: 6087
Location: United States
|
| Posted: 18-Oct-2009 18:11 Post subject: Re: Computer question |
|
|
| ralgith wrote: |
And it bogs your system down big time. |
This is a VERY common misconception. I agree that it use to be resource intensive but the most recent versions are vastly different. Heck, even Maximum PC who has been long time Norton haters rated it one of the best now.
_________________
Mordel Blacknight - Site Administrator
|
|
| Back to top |
|
|
|
