Page 1 of 2 12 LastLast
Results 1 to 25 of 29
  1. #1
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    Exclamation Is Pandora OK? Need HELP!
    There is a free service at Pandora.com that allows you to easily get internet radio. Is this bundled with adware?

    My Father-in-law's computer needs an exorcist as he gets popup ads that have basically disabled his internet. It all started shortly after he downloaded Pandora. Anybody know about this service?

    Otherwise, this might be a drive-by download.

    Any advice on how to clean this up? Ad-aware is not working. Tried Windows Defender but that is also not working. His Norton AV does not detect this either.

    He gets popups advertising lot's of mainstream type merchants. I noticed a reference to DoubleClick on one ad.
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  2. #2
    Analytics Dude Kevin's Avatar
    Join Date
    January 18th, 2005
    Location
    Rochester, NY
    Posts
    5,904
    I would doubt Pandora is at fault, but hey, tough to tell these days.
    Kevin Webster
    twitter: levelanalytics

    Kayak Fishing
    Web Analytics and Affiliate Marketing

  3. #3
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    I don't think it's Pandora, is there even a download? It's been awhile since I've been there, used the recover password feature, logged in and am listening to music. Looking around I don't see any download, unless I'm missing it.

  4. #4
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    Right. I don't think this was Pandora. All my Father-in-law had on his desktop was a shortcut that was probably just an internet shortcut now that I think about it. He said he downloaded something but probably he did not.

    So this is probably some drive-by type download. Unfortunately, I don't know what type it is.
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  5. #5
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    I don't know, if you could somehow see what's on the popups or the url string if you click on them to see what you might have picked up, then could figure out how to remove it. You can try downloading some other adware removers, see if they pick up anything like a Spybot. Ad-Aware not working meaning you can't get it to work (because of the possible adware) or it's not picking up anything when you run a scan?

    Also might try some free online virus scans to see if anything gets picked up, just to cover the bases.

  6. #6
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    go to pctools.com and use their free spyware doctor to find out what it is, then you can find a remedy for it.

  7. #7
    OPM and Moderator Chuck Hamrick's Avatar
    Join Date
    April 5th, 2005
    Location
    Park City Utah
    Posts
    16,646
    I use Pandora extensively at home and haven't had any issues. I scan monthly and run ZoneAlarm.

  8. #8
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    There is a new "SIMBAR" making the rounds, two of my customers had it showing in their headers. I had never seen it before and had two orders this week come in with it. If you know specifically what the program is there are tools for removal.

  9. #9
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    He downloaded spyware-doctor at pctools.com. Spyware-Doctor tool found a bunch of infections, but would only remove them if he purchased it. So he purchased and the tool removed the infections. The trojan Virtumonde was found. Now he can access the internet but can not use search like google or yahoo. The trojan apparently piggybacked on these popular searches. He can, however access other pages just fine.

    Do you think a simple solution would be the installation of a FireFox browser? Currently, my Father-in-Law only uses IE. I am suspecting the IE browser has been messed up.

    Thanks for all your help!

    As a side note: His Norton Antivirus did not detect this trojan!
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  10. #10
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    England
    Posts
    4,327
    Try re-installing ad-aware from Lavasoft if it won't work now. Same with any other software that won't work after an attack.

    Don't bother with those free downloads that just tell you what the problems are

  11. #11
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    "The trojan Virtumonde was found."

    Ah, that's a nasty one. That one did my computer in, posted about it here:

    http://forum.abestweb.com/showthread.php?t=89835

    which led to

    http://forum.abestweb.com/showthread...ght=Virtumonde

    Forced me to get a new computer sooner than I wanted. It was an XP but one of those that had problems getting new updates. I tried everything and it was the only time I couldn't get rid of something. Think Ron caught the same one and had problems getting rid of it too, don't remember if he ever did.

  12. #12
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    The reason I suggest to use the free download of PCTools is to identify the culprit. There are free solutions available via Google to remove them once you know what they are. http://www.auditmypc.com/virtumonde-remove.asp for example. Good reading there, it tells you that Virtumonde is a keystroke logger that "phones home". It also says that Virtumonde has the feature of recreating itself once removed. PCTools Spyware Doctor is not a bad program to remove them, it's top rated for decades and cheap too, but you don't need to buy it to get a fix. Lavasoft's Adaware is a handy program but no match for trojans.

  13. #13
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    What happened when we scanned with the download is that it only indicated how many threats there were, but not the identity of the threats. We had to purchase in order to find the identity and remove. All is well except google.com and yahoo.com can not be opened - the computer hangs up. All other functions of the internet seem to work. So there still must be some files associated with this trojan.
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  14. #14
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Nunya, Business
    Posts
    23,684
    Things not opening up were the same problems I had. Some stuff would work, others wouldn't open up. I couldn't open up my music players I had, Musicmatch or Windows Media Player and a few other programs. Sounds exactly what I went through. Not sure if you can save what you need to save and just wipe the drive clean and start fresh if nothing else works and gets rid of it.

  15. #15
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    My Father-in-law took the computer to Best Buy Geek Squad - about $300 - OUCH! I knew he was taking it in but didn't realize they were going to rip him off like this until he got home tonight. We could not download any type of fix for this problem but I would have tried to download on my computer and load it onto a CD. Didn't have time last night and he wanted to take it in right away this morning.

    Turns out he still had the virtumonde trojan on the machine when the checked, even though his Spyware-Doctor indicated that it had been removed.

    What Spyware protection would guard against this type of trojan???
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  16. #16
    ABW Ambassador simcat's Avatar
    Join Date
    January 18th, 2005
    Location
    Denver
    Posts
    1,786
    about $300
    You can buy a new computer for not much more.

    They probably spent a half hour on it. Damn!, how do these places justify their prices? Many car mechanics only charge about $70/hr (and that requires an actual skill, lol)

  17. #17
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    Update
    Get this: All they did was a complete restore! So his computer is now at its same state as when he bought it.

    Anyone could do this, provided they had the backup disks created (and the manual), which my Father-in-law did not. Although I think he could have purchased the back up disks. We were unable to restore back to a previous date.

    I would have bought a new computer. His computer is 4 years old.
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  18. #18
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    Another Update
    I just found out last night that Best Buy also replaced some memory. I don't believe any memory was bad so apparently this was needed to completely rid the computer of the trojan?

    So, I guess my Father-in-law got about $50 of value with this in addition to the restore.

    Still would have been better to buy a new machine in my opinion.
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  19. #19
    Member nyfamily5's Avatar
    Join Date
    May 25th, 2008
    Location
    Apex, NC
    Posts
    154
    Best Buy....not my favorite subject. Had a big tado over my dryer and my warranty, took about 2 weeks to get it straightened out. I had purchased a computer for my son and it started having problems, had a friend look at it, who would not break the seal since it was still under warranty, but thought it was a bad driver...YIKES back to Best Buy, reluctantly!!! They told me they thought it was a bad driver when I brought it in, kind of knew this. They called me last week and told me it was full of virus' and that it would cost me a minimum of $249 to remove the virus'. The computer is now at a friends house who is going to do the work for about a third of that and he not doing a restore. HMMM They tend to get you whenever they can.
    1stopshopping4moms.com
    Tired of browsing the net for what you are looking for?
    Hundreds of stores in one place with the best prices

  20. #20
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    What anti-spyware and anti-virus combined product will protect against this virtumonde trojan? Clearly, Norton AV does not.
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  21. #21
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    Take a look at ESET
    I have it on all 3 of mine and I love it. Free 30 day fully functional trial.

    NOTE: you would need to go to Norton and get their removal tool to use ESET, there really isn't any other way to get Norton off your machine completely.

  22. #22
    More Cheesier Than Ever Cheesehead's Avatar
    Join Date
    January 18th, 2005
    Location
    Land of The NFL Champs!
    Posts
    2,942
    Quote Originally Posted by 2busy
    Take a look at ESET
    I have it on all 3 of mine and I love it. Free 30 day fully functional trial.

    NOTE: you would need to go to Norton and get their removal tool to use ESET, there really isn't any other way to get Norton off your machine completely.
    Thanks for the recommendation! Do you use the Smart Security or the Antivirus product?
    This World is Not My Home
    We're gonna go inside, we're gonna go outside, inside and outside. . . And then we're gonna go go go and we're not gonna stop til we get across that goalline! Quotes from the movie Rudy, 1993

  23. #23
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    I have the AV product. All 3 licenses cost less than one Norton. It works seamlessly, invisibly and doesn't hog resources. Startup and shutdown is no longer a waiting game.

  24. #24
    ABW Ambassador 2busy's Avatar
    Join Date
    January 17th, 2005
    Location
    Tropical Mountaintop
    Posts
    5,636
    BTW - I am not an affiliate of ESET but I believe they have a program on CJ. I don't work with CJ or I would push this product.

  25. #25
    Life is Supposed to be Fun! Rexanne's Avatar
    Join Date
    January 18th, 2005
    Location
    Los Angeles
    Posts
    12,360
    Quote Originally Posted by 2busy
    BTW - I am not an affiliate of ESET but I believe they have a program on CJ. I don't work with CJ or I would push this product.
    They have a program on SAS and Eset is great. I use it, too - never any problems.
    Peace,

    Rexanne

    Rexanne.com
    Loving Everyone's Child Creates Magic


+ Reply to Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Pandora Holiday Music
    By loxly in forum Virtual Family and Off-Topic
    Replies: 2
    Last Post: December 26th, 2006, 12:23 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •