Possible virus attack on my laptop?!

Hi all,

I have run into a weird issue with my laptop and I think I may have contracted a virus. I keep getting a flashing rectangular sign in the icon tray which tells me that I have some kind of a worm on my machine. If I click on this triangle sign in the icon tray it gets me connected to the web and straight to a site for "The Spy Guard" – I am not posting a link to this site as I suspect it to be a worm / virus. I had Norton check it out for me and it doesn't detect anything!

Also, I have found that I have a new folder in my c:\programs Files under the name (IntCodec), and in this folder are four applications under the names: -

Isamini
Isamonitor
Pmmon
Pmsngr

I have been unable to delete any of these applications and they don't appear in the Install / Remove applications from the Control Pannel.

Does anyone know what this is, and how to remove all this stuff off my machine?

Thanks in advance for any suggestions / help.

 

it seems like a spyware... use google to find for more information e.g. type in isamini... anyway, u need spyware removal program. do u have anti spyware program? might be a good idea to get anti virus program too.

here are some good security software, recommend u install all the free one:

free:
lavasoft ad-aware (spyware removal)
spybot search and destroy (spyware removal, prevention + lots of tools)
spyware blaster (spyware prevention)

not free:
zonealarm security suite (a security suite)
u can get other security suite of ur preference, just make sure u got them.

 

It sounds like a piece of spyware to me. What you need to do is get rid of it, and there are several ways to do it.

First - I'd suggest an Anti-Spyware program - Ad-Aware SE is a respected program.
http://majorgeeks.com/Ad-Aware_SE_Personal_d506.html
Be sure to update it after you install it - there will be an option to "Check for Updates Now" in the program.

If you don't have an Anti-Virus program already installed, you're going to want one of those too. I use Avast! 4.6 on three of my machines. It is one of many free anti-virus programs available.
http://majorgeeks.com/download.php?det=1968
Your computer will need to be restarted after you install that. Once restarted, it should update itself automatically.

Now that part is done. Restart the laptop - I recommend booting into Safe Mode to get rid of everything. It's essentially a very primitive form of Windows where only essential services and processes are running - that Spyware app won't be. Press [F8] multiple times when you start up until you get to a black screen, use the arrow keys and select [Safe Mode]. Hit [Enter], and let it go.

Once it is completely booted up per se, open Ad-Aware and do a Full System Scan. When it completes, check all the little check boxes (which represent categories of stuff it found) and hit Next, and it will get rid of them for you.

Exit out of Ad-Aware, and open Avast! Hit the Folder icon on the bottom right of your screen, and select your hard drive(s). Hit [OK] and then the Play button on the left hand side. Let it go, check it occasionally to see if it found anything. It should guide you through the rest.

Let us know how that works out.

 

He said he had Norton installed, so yeah, it looks like he needs an antivirus too

If you want to combine antispyware and antivirus in one, then I can fully recommend the BitDefender Inet Security and Pro Plus suites.

More importantly, perhaps, is the question of how the spyware was installed. Antiviruses, firewalls, and antispyware tools are a great layer of protection, but there will always be something brand new out there that they can't find (some more than others). It's important that when you find your security has been infiltrated that, in addition to finding if another tool would have caught it, you determine which of your actions allowed the threat to gain a foothold. Is it an insecure web browser or email client? Are your activex controls set too low? (this would imply the former) Did you install something that looked useful without sufficient research? Were you surfing the wrong porn sites again?

 

Yeah, it confuzzles me to no end how people get nasty stuff on their system...
Are you clicking every flashing advertisement and downloading every executable that's presented to you in Internet Explorer?

I use:

Kerio Personal Firewall
AVG Free Antivirus
Spybot: Search and Destroy
Adaware (Chaz has full name above)
CCleaner
RegSupreme

Hope your system will be well.

 

Definately recommend Spybot S&D. Safemode is your friend. Press F8 during windows startup(right before windows boot logo) and you will get a menu giving you that option to enter safe mode.

 

Really, the only way to absolutely KNOW that you have gotten rid of spyware is to format and reinstall. It sucks, but the anti-spyware tools just aren't good enough to get rid of it. Really, the idea of any security is to not get infected. Most security products can't do a very good job of trying to clean out the mess. It is up to you, but I would see this as an excellent time to update your backups and get a nice fresh install of Windows.

 

True, the only way to be absolutely sure is a fresh Windows install, but that should generally be done once a year anyway.

But you can do a pretty good job with the right tools and a good technique. I recently worked on one of the worst infected computers I've ever seen. It had about 11 different security and registry cleaning apps installed, at least half of which were themselves malware. Then there were a lot of other applications installed which I knew carried malware along with them.

I've found that the key is to boot into safe mode and remove these applications you know cause problems, clear out temp folders and cookies, and if necessary boot into a Linux live CD like System Rescue CD to remove really persistent stuff. After that I installed BitDefender IS9 which still found well over 100 viruses, trojans, and spyware threats. All of them were removed successfully at that point.

A machine which could hardly boot was running like a fresh Windows install. This woman has something like 7 daughters, though, so I'm sure I'll be seeing it back in a few months after they disable the antivirus for some unknown reason, and just permanently ignore every firewall popup. But hey, Microsoft's security disaster is my financial stability, and it's not like I use that trash myself.

 

First off, thank you all for the great suggestions. I will try first to use an anti spy-ware to see if that can remove it, should that fail then I will look into re-installing Windows but I am not all too keen on this method.

For the records, yes, I do have an anti-virus installed (Norton). And yes, I do format my machine and do a fresh install once a year (as a matter of fact it is something I do to all my house-hold machines on an annual basis and am very religious about it, and the anti virus).

As for how I got this spy-ware, well, to be frank I did venture into prohibited sites (use your imagination here) and yes I did click on something I was at odds about. And yes, I was wrong to do that.

Moral of this story, don't venture into forbidden sites, don’t click on anything "bad" and most important of all always have a good updated anti-virus and anti-spy-ware handy.

So, once again, thank you all for all the suggestions, thoughts, and steps that you've mentioned.

 

Keep us posted on how/if you're able to get it removed.

Good luck!

 

That's why I carry my Knoppix disk with me everywhere I go. Comes in handy for some repair jobs.


A fresh install helps, but it really isn't necessary unless the problem is so sever that it would take multiple hours to fix. Of course, nothing is easier or more efficient than a clean install. I would do it more like every 6-8 months, depending on the use of the computer.

I'm all too familiar with that one.

Same thing goes for me.

 

If your still having issues go to this site http://www.spywarewarrior.com The site has a wealth of information as well as forumns that users can post to get help with specific problems.

Good Luck!

 

The reason I say do a fresh install is because I can garauntee you don't have just one piece of spyware. You only have one that you know about. Usually these things install themselves and open holes that allow others to get in. Not to mention there is a good possibility you have a malicious root-kit now on your system which you nor Windows can see.

Also, those suggestions everyone gave are great and will go a long way to ensuring you are clean, but you will spend more time trying to figure out which files are bad and which are good than it takes to just reinstall Windows. Not to mention that in the process of cleaning up there is a good chance you will delete the wrong things a screw your install anyway. All of that work and you won't be 100% certain you are clean. I stickby my reinstall method. If you already have a good backup it should take you less time than jumping through all those hoops trying to clean yourself.

 

did u say "an" anti-spyware? one anti-spyware sometimes wouldn't do it; but if u only want to install one, then get the lavasoft ad-aware, then (this is necessary) SpywareBlaster; to prevent the spyware in the first place.

good luck!

 

Spybot S&D's Tea Timer is very helpful. It will block all attempts to change your registry. Of course, you will get instant notification, and the option to allow changes as necessary(say you are installing or uninstalling something).

 

To summarize what I have done thus far. I used my anti-virus to locate the culprit (and Norton was not bad with this but it didn't remove all the spy-ware). Norton informed me of the spy-ware name and gave me a link to their web site that gave a step by step method as to how to remove all issues from the Registry (not something I was too keen on).

As it stands, it seems that my machine is "clean" now. But I do agree that there must be other weird stuff on my system that merits a whole reinstall of my Windows. The problem is that my machine is a sub-notebook and doesn't have a built in drive, also, I am not home at the moment (I am out of country, as a matter of fact) and hence I don't have access to my CDs and applications. But for sure, a re-install is something I will be looking into once I am back home.

While on this issue, and having suffered the anxiety that came with this attack, I am considering moving over to Mac; and so a question I have, is it true that there are fewer viruses for Mac systems than there are for Windows? Anyone here using Mac? If so, what is your experience with virus and their remedies?

In the end, thank you to all who have posted helps and pointed me in the direction to get my machine disinfected. You folks have been wonderful.

 

Ask any mac fanboy and they'll give you that same old crap that "there are no viruses for mac". This is not true. There are viruses for mac. But since the majority of computer users run windows, it makes sense to target a windows based machine when writing viruses. So there are definately "more" viruses for windows than mac, but you can just as easily get infected on a mac as you can on a windows machine.

Rather than dropping a few thousand dollars to be "virus free" just to find in another month you have a serious virus problem, you should learn how to just avoid viruses and such in the first place. I've had 4 computers over the years, and used 6(the first two were family computers before I started building personal machiens for myself) and I've never had a virus problems or anything.

There really is no secret. I'm using Norton, just like you. Keep in mind that Norton A/V is an anti-virus, not anti-spyware. You will still need an anti-spyware program. I use spybot S&D on all my computers. I also use it to fix up computers that come in for repair. You should have a firewall to keep people from hacking into your system and putting viruses on it, and you should watch what comes in and out of your modem. Don't go to shady websites. Don't download shady programs, especially from shady websites. Only download things that you know are good, and make sure you scan the downloaded files before you install it. Then, be sure to READ THE EULA'S!!!! MANY PEOPLE SLIP VIRUSES AND SPYWARE IN WITH A LEGITIMATE PROGRAM. Then they tell you in the EULA that you are also installing their mal-ware. So when you press accept and you install the program, you are giving them permission to put malware on your system. And mal-ware often installs more malware.

Viruses, spyware, and general malware is not an issue at all on a windows computer. The only people who have problems are those stupid enough to do something that is literally asking to destroy your computer, and then stupid enough to give that thing permission to do so. With just a little care, you can keep your system safe, stable, and virus free. It's really not hard at all.

 

There are fewer viruses because nobody wants to make a virus that won't infect anything (fewer users use mac). However, you run into compatibility issues with Mac when you try to run windows programs.

Supposedly, bootcamp lets you run windows....but I've heard mixed reviews. If you don't use microsoft only applications mac will be fine after an easy learning curve.

 

Really?? Can you point me to an article for a virus/worm/spyware that is for Macs and actually in the wild? There have been 2 or 3 prrof of concepts this year, but there are zero OS X viruses in the wild. Part of that is due to security by obscurity, malware these days is about money and infecting as many computers as possible. The bigger factor however is a good security model and the fact that OS X is built on UNIX which is a true multi-user OS. Something Windows is not. So please don't say OS X can get a virus as easy as Windows. This may change one day, and Mac users should not feel invulnerable, and should practice good habits.

Having said that, a somewhat informed user can easily keep a Windows box clean. The first line as I said before, and you admitted to, is good habits. If you use common sense, you will be fine for the most part. When Sasser hit all computers were infected unless you had a firewall. Since SP2 these issues are less of a problem. So, in the end switching to Mac solely for security may not be a good idea for someone who can secure a Windows machine. There are many benefits to Mac including security, just as there are many benfits to Windows. You would need to way the pros and cons of each and see what fits you.

 

I know. I'm not defending windows. I actually prefer Linux myself. But I code under Windows because that is more popular.

http://www.macvirus.org/database
http://www.zdnet.com.au/news/security/0,2000061744,39164062,00.htm
http://news.com.com/Mac+users+face+rare+virus/2100-7349_3-5424883.html

While there may not be as many viruses for mac, there are plenty of incredibly harmful viruses out there. The majority of windows viruses are just a PITA. They annoy you a bit, and that is it. But listen. Apple charges a fortune for their products. So, therefore, if someone can afford a mac, then they therefore must have a substantial amount of money. Thus, it would be beneficial to abuse mac security holes to steal people's personal information to gain access to their excessive amounts of $$$. Very logical to me.

Oh, and I predicted it. Your avatar and sig say "mac fanboy" all over it. And you told me there are no viruses for mac. You're special. No offense to you. It's just that all the people who praise mac and spit back all the overused claims to the benefits of mac really piss me off. Every single one who sees me using a windows machine, or even running Linux or Unix gives that little speech to me. You have to understand from my point of view, it gets really anoying.

 

The first link is a very nice list of viruses for Mac, but they were all discovered betweem 1987-1998. A little bit before OS X. If you read the comments of the second article it requires physical access or Root access to the system, neither of which are very easy to accomplish. The third link is the same exact article as the second. I will say it again there are ZERO viruses in the wild for OS X.

As for Mac vs Windows, you won't pull me into that argument. As I said before to the OP, you need to weigh the pros and cons and figure out what you need/want most. Linux, OS X, Windows, they all have their place, and some fit better than others for what you are doing and looking for.

 

Dude. Those were the first three links when you google viruses + mac. Not to mention, there is no "official virus list" for anything. I could go write a virus for mac right now, and infect a couple thousand computers. It won't be on any list. That doesn't mean it isn't harming people's computers.

And why do you think there are just as many anti viruses for mac as windows? And don't give me that crap about "they just want money". Don't you think that if the only reason they sold mac anti viruses was for money, that no one would buy them because everyone thinks the mac os is invincible? What I mean is that no one would buy a mac A/V if there weren't viruses, because people already believe there are none. So obviously something changed people's minds that makes them pay for mac A/V's.

But yeah, I definately don't want to argue mac vs. windows. I hate both. And I'm Bias'ed against anything apple related. And I do agree that different OS's fit different people.

 

Here are a few more links for you I pulled in 25 seconds.

http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html
http://www.sophos.com/pressoffice/news/articles/2006/02/inqtana.html
http://www.sophos.com/pressoffice/news/articles/2006/02/macpoll.html
http://www.macintouch.com/opener.html

 

Just use spywaredoctor because it has the best detection rate of any other program. Also, kaspersky anti virus just in case.

 

The leap.A worm that was not really a worm needed ALOT of user interaction to actually work and it never spread. It was one of the proof of concepts I was referring to. The seconfd one that comes in via bluetooth was patched in mid-2005 according to the article and again never got off the ground. The third is just an article about the first link and the last one is the opener that you posted twice before. It requires someone to physically install it in person. They have to have access to your system. It's ok man. Just accept that fact that OS X currently has zero viruses in the wild, and Windows has thousands. It really is not that big a deal. You said yourself, and I agree a somewhat well-informed user can keep Windows clean. It is usually the unsophisticated user that has a problem. And as I said this may all change. At any moment someone could find a way to easily exploit OS X. It is unlikely because of the way OS X is run, but you never know.

 

I hate to say it, but you just keep proving his point. You keep posting links pointing to the same viruses, all of which were either addressed by security patches or never really spread. The bottom line is that Windows is nowhere near as secure as OS X or Linux. But that's for several reasons. First of all, Windows is not as secure a kernel as the UNIX/Linux kernel. Secondly, Windows is far more popular than the other options. Therefore, more poeple attack it. That's just simple math. Other reasons? Probably because Apple has an easier time making OS X secure given its limited uses and it's limited availability. Microsoft has a lot on their plate trying to make plug-and-play everything Windows compatible, creating an OS that will run on any computer available, and not to mention their thousands of other applications that they make. Apple only has to worry about a certain number of computers with certain type of hardware (excluding peripherals). But bottom line, an OS is only as secure as its user. If you don't go around messing with stuff, you won't get bitten. If I never plugged my computer into the Internet, my Windows install would be just as secure as a Mac technically speaking. But at least Vista is making it harder so far. We'll see when it begins to ship.

 

Yeah, I don't really care. I just pulled the first few links off google to prove that people can and do write viruses for mac.

I really don't care. I don't like mac. I don't like Windows.

We both already said more people "attack" windows.

We also agreed that an OS is only safe if the user keeps it that way through his habits.

I agree that microsoft has a whole lot more than they can handle. It seems like everytime they release something new, it is less stable, with more holes. Because it was rushed.

And windows is definately a very messy OS. It's design is absolutely flawed.

We can just leave it at that. Except... windows has hundreds of thousands of viruses, not thousands.

 

Use Spybot and Ad-aware... they catch different things.

 

both of you are missing one fundamental point.
he is not reading any of the links he throws at you. he types up "mac viruses" in google and compiles a comment containing uninformed rhetoric.

i feel bad you guys keep reading and addressing these links as if he read them too...its disrespectful really.