to everyone this is the virus its trying to download I forgot to give the name its called pysme Discovered: April 1, 2004 Updated: February 13, 2007 12:20:34 PM Also Known As: Troj/Psyme (Sophos), VBS/Psyme (McAfee), Trojan.VBS.KillAV (KAV) Type: Trojan Horse Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
FlyingBear, may i ask what Antivirus your using please? ive noticed you have run into a few viruses recently at various places and im aware that many antivirus software will miss what another will pick up. Thanks for another warning, much appreciated.
Is there a virus at this directory? I went to it and browsed through but I didn't get any warning messages from my anti-virus software.
mine when off and showed me it was trying to download pysme, also Dawzz checked it and said ,I took out url below
I landed on a web page the week before last that tried to put this on my system. (I was on a PTC site.) Fortunately PCTools A/V (the free edition) caught it coming in and quarantined and deleted it before it could activate. I contacted the webmaster of the site who said he couldn't find a problem so he did nothing about the report until two days later I get an APB to all members about how so many people complained about it he canceled the site. I'm glad I don't have HIS computer. I was wondering jminscoe since you seem knowledgeable, what does this virus do to infected machines? Is it an Ad Tracker, key logger, e-mail pirate? You mentioned IE, I use Firefox. Does it have any way through them? Inquiring minds would love to know. That, and why so many people still don't have a clue about preventative measures for their machines despite all the information on line.
I just tested the link in ie7 with the popup blocker interupting, would it be the popup that carries the germ?
jminscoe, Thank you so very much for putting all the details you could find here to help us. The world needs more folk like you (and way less of the type FlyingBear warned us about!) I have printed out a copy of your wonderful instructions so if it ever crops up again or I find someone who's been infested, I can pass on your knowledge. Positive rep added for a positive person...Thanks
I think it would probably be thru the popup but I am unsure as my avg caught it right away as I was using ie7 at the time and I have my popup blocker on so just went into my virus vault to see the name
It never got passed my blocker so I kinda guess it was in the popup then. Thanks for the info though John. Great stuff.
I use Norton Pro version + SpySweeper + Adaware's Ad Watch. WinXP. Most of time, I use Opera as browser. Sometimes, IE. It seems these things saved me many times in the passing several years. one more thing, I turned on firewall on the route, maybe it helped too. bear
I used to use Norton and Spysweeper, so many people say Norton isn't very good but it was not bad when i used it i guess, i do now though use NOD32 and AVG, i know your not supposed to use 2 together but it works for me.