Virus

Pompeyfan
5th February 2008, 12:18
I am currently having problems with a virus called JS/PSYME.NR. I have good spyware and AVG(paid version)but none detect this thing.

I have just spent all morning trying to get rid of it and possible others. Eventualy 26 critical objects were found, 2 registry keys, 6 registry values and 6 files identified, and it stopped AVG from working.

If I do not repond to this it is because I have problems again. Computer man coming on Friday to check it over and find something to stop this thing in future.

David

benjidog
5th February 2008, 13:39
David,

If you can get access to your computer you should be able to contact your AV software provider with details and they should be able to advise you what to do. This is what you are paying your licence fee for. Usually the AV software is running and accessible via a little icon in the system tray (bottom right of screen). You may need to poke around in its menu system to find out how to get help.

Good luck!

Regards,

Brian

Pompeyfan
5th February 2008, 18:05
Thanks Brian, I have already done that with no success. When this thing hits, it sends a message that turns AVG off.

So far the thing has not come back, but a chap is coming on Friday. He has a new virus programme called Kaspersky which he reckons is better than anything else available. Do you know anything about it?.

David

benjidog
5th February 2008, 22:35
Thanks Brian, I have already done that with no success. When this thing hits, it sends a message that turns AVG off.

So far the thing has not come back, but a chap is coming on Friday. He has a new virus programme called Kaspersky which he reckons is better than anything else available. Do you know anything about it?.

David

Heard mention of it when I did a search on the virus you mentioned David. No personal experience though. I use the Computer Associates Security Centre product myself and have never had any problems. But I also use a router and firewall which probably helps.

I hope you get rid of it OK.

A pox on the houses of those that create these damn viruses.

Brian

treeve
5th February 2008, 23:29
If you pop ........... psyme removal ....... into google you get a fair response.
and I see that the kaspersky is well established, again pop ....... kaspersky anti-virus ..... into google.

Suggestion here
http://www.avira.ro/en/threats/section/vdfhistory/vdf_no/7.00.01.236/7.00.01.236.html

Riptide
6th February 2008, 00:05
We still have Philistines in this day & age.For every step forward,they want us to take two steps back.It is easier to destroy than to create.But these people think they are so clever.Having said that,is it the little "nurd" that creates these virus or the companys that provide the protection,there by making £millions.Kenny.(Cloud)

treeve
6th February 2008, 01:23
A cynical view, but point taken ... why do so many give their software away and keep it updated for free? Personally I feel quite sorry for the people that create this mayhem and destruction, that one day they will be in a hospital bed, waiting for the final call, and their sum total of their sad lives to reflect upon is that they have not done anything that could be said to have helped anyone, or to have made life better or to be able to say, "I have a lot of people that love me" .... all on their own in an empty world that hates them for their pathetic and boring minds. What a waste of a human being. What a waste of a Life.

Derbyroy
6th February 2008, 01:32
I agree with Riptide..we have amongst us a plethoera of idiots /nerds . who think it is fun to destroy other peoples enjoyment of the internet, the sooner these people can be identified an stopped the safer we will all be on-line.

Riptide
6th February 2008, 02:34
A cynical view, but point taken ... why do so many give their software away and keep it updated for free? Personally I feel quite sorry for the people that create this mayhem and destruction, that one day they will be in a hospital bed, waiting for the final call, and their sum total of their sad lives to reflect upon is that they have not done anything that could be said to have helped anyone, or to have made life better or to be able to say, "I have a lot of people that love me" .... all on their own in an empty world that hates them for their pathetic and boring minds. What a waste of a human being. What a waste of a Life.
(Applause) (Applause) (Applause) Great men think alike,lesser men don't think,unless it is about their own self importance.
Kenny.

kwg
6th February 2008, 09:49
I had the same problem with AVG a few months ago...The odd virus not being detected, also Norton, System Mechanic and Windows One-care didn't flag up a particular virus.

Loaded a trial version of 'BitDefender' and had a clean machine within 30 minutes, bought it and had no problems for 9 months.

Hillview
6th February 2008, 12:23
I use Kaspersky Version 7.0 it seems to be very good.
When enquiring about Internet Security I found that most of the hackers try and corrupt most popular companies i.e. Norton,etc. and not smaller companies.
I also use Uniblue registry Booster and PC Tools Spyware Doctor.

Pompeyfan
6th February 2008, 22:44
Many thanks to all of you for your information. I did go onto Google and downloaded a programme to get rid of Psyme, but it did not work well not opening its own page when resgistering so I am waiting until computer man comes before trying it again. I did not know the programme so took no chances.

I also use Spyware Doctor as well as Adaware. Both found lots of little nasties which is why at present everything seems clear. If Spyware misses something Adaware dont, but it was AVG that first found Psyme.

An SN sister site advises to change to firefox.

The computer man coming on Friday swears by Kaspersky saying it is the best anti virus of them all.

David

billyboy
7th February 2008, 05:11
Firefox is great David. for me its much faster than internet explorer and safer too from all accounts. I very much like the tabbed browsing feature too. means i can have several sites open at the same time and simply click between them.

Keltic Star
7th February 2008, 06:36
Have used Firefox, AVG and Incredimail for the past three years without a hitch. Would never go back to IE, Norton or Outlook.

K urgess
7th February 2008, 14:18
Each to his own.
When Firefox started telling me I didn't have the Java add-on and then refused to install it because I already had it, it got binned.
Use Outlook because it is capable of archiving and ties in very well to a great address book.
Use IE because I can have as many tabs as I like open and as long as I keep it updated don't have any problems.
BTW I've been in computers as a professional since 1980 and I've never lost a computer to a virus.
The only one I've ever seen was one that resided in a modified Word standard template.

Pompeyfan
8th February 2008, 11:16
I must say I prefer IE having had both in the past.

Unfortunately, the computer man could not come today, he has gone down with a bug. I wanted him about a virus now he has bloody got one?!!.

Touch wood I have not had this virus back yet, but I have kept off one site that links to others with sport reports. I have a feeling this Psyme could be in one of them as reading the description about it the thing seems to work that way.

David

K urgess
8th February 2008, 11:50
I've found the phishing filter on IE quite good.
It can be a bit hit and miss but it checks the site certificate when you try to access it and asks you if you want to continue if it doesn't have one.
At least it reminds you that you might be doing something a bit dodgy.
Obviously it's not foolproof but any port in a storm.(LOL)

I hope you get sorted out soon David

Cheers
Kris

Pompeyfan
8th February 2008, 18:37
Thanks Kris

David

Pompeyfan
10th March 2008, 19:58
Some of you may have noticed that I have been off line for a week. I had a computer crash last Tuesday. The hard drive packed up.

I have now got Firefox, and Kaspersky Security. I had both before the crash, and found that infections that was getting through IE does not get through Firefox. And although AVG missed JS/PSYME. NR, Kapersky picked it up. I found it was in a particular website.

David

benjidog
10th March 2008, 20:38
Hi David,

Glad to see you back! I was wondering what had happened to you as you log on even when on cruises.

You'd better stay away from those dodgy websites from now on! :)

Regards,

Brian

PAULD
10th March 2008, 20:46
McAfee have a free down load program that colour codes sites, its quite usfull, not fool proof but gives a good indication, as to safe site's, and DODGIE SITES

Neil Mant
10th March 2008, 20:58
A removal tool found here
http://www.adwarealert.com/glossary_details.php?ID=133486
Neil

Neil Mant
10th March 2008, 21:04
What is Psyme? (Description):





90% of the computers connected to the Web are infected.

Psyme is a notoriously cunning downloader. The distributors of Psyme are known to actually insert links to the Trojan in other, legitimate websites and to propagate popups that also link to the Trojan. Clicking on the link or popup will initiate an automatic download of the Psyme Trojan that will then make contact with the Internet connection of the infected computer. From that point, it downloads other Malware, usually in the form of spying utilities like keyloggers.

Psyme abuses a vulnerability in older versions of Internet Explorer. By exploiting the way Explorer receives ADODB stream objects, the Trojan can download and install without being checked. ADOdb is a database abstraction written for certain programming languages; it allows Explorer to interpret information from various types of databases, regardless of which language they are written in.

Psyme has two popular variants; one is written in Visual Basic Script (VBS) and one in Java (JS). They have the same objectives. Additionally, there are another Trojan Downloaders called Psymedo and Trunlow that have characteristics so similar to Psyme that some authorities list them as the same program.
What is a Downloader?
As its name implies a Downloader is the part of a malicious program that actually downloads and installs software onto your computer. Downloaders can be found on any type of malware, but they're most commonly associated with Trojans because these programs' objective is to download material without the user being aware of it.


The Downloader is usually responsible for executing the programs it has loaded. It may do this as soon as the downloading process is complete, or it may register the execute command with the local system requirements. This way the the malicious software will autorun at a specified time or after a specified action. The names of the downloaded files and the locations may be either encoded in the Downloader itself or sent via an unseen website.

K urgess
10th March 2008, 21:22
It must have started spreading again.
Here's (http://www.symantec.com/security_response/writeup.jsp?docid=2004-040112-5204-99) Symantec's take on it.

Pompeyfan
11th March 2008, 00:47
The dodgy website was a bloody Pompey site Brian?!!.

Kapersky finds Psyme. In fact it is said to find more viruses than all the other ant-virus programmes.

David

calvin
12th March 2008, 18:38
kaspersky and f.secure are very good virus and spyware detectors i also use opera and commodo fire wall comodo is very good as it ask you if you want to allow internet access or not

ddraigmor
12th March 2008, 18:52
I use this regularly for a check up: http://housecall.trendmicro.com/uk/

Then AVG it, Spybot it, Windows defender it and then clean the system out with Sweepi followed by a defrag followed by Eraser.

A bit OTT but it has helped me stay clean!

Jonty

Pompeyfan
13th March 2008, 21:26
Hi Calvin. Yes, Kapersky asks about any site or other things you may be doing like setting up something asking if you want it to go to the trusted zone or whatever.


AVG did not detect Psyme Jonty, but Kaspersky did. Thanks for the link Jonty.

David