Skip to comments.
OMG100an0.exe trojan downloader--how do I kill it
Girlfriend's Son's computer ^
| 12/2/12
| Rebelbase
Posted on 12/02/2012 10:10:04 AM PST by Rebelbase
Girlfriend's son's computer has picked up a Trojan named OMG1000.exe. Windows firwall picks up the request to allow this program to access so it can be stopped there.
I've run malware bytes and Avira scans, no luck in killing it.
Hijack This doesn't find it.
I've done all the scans and virus software updates from Safe Mode.
Google doesn't offer much help.
Anyone have knowledge on how to kill this one?
TOPICS: Computers/Internet
KEYWORDS: computervirus; getamac; malware
Navigation: use the links below to view more comments.
first 1-20, 21-37 next last
Any help is appreciated!
1
posted on
12/02/2012 10:10:07 AM PST
by
Rebelbase
To: Rebelbase
Don’t know how the title got hosed. Correct file name for this trojan is OMG1000.exe.
2
posted on
12/02/2012 10:11:13 AM PST
by
Rebelbase
To: Rebelbase
Go to http://avg.com and download the free version, it seems to clean just about everything.
3
posted on
12/02/2012 10:14:11 AM PST
by
Free America52
(The White guys are getting pissed off. We beat Hitler Hirohito and Krushchev. Obama will be easy.)
To: Rebelbase
To: Rebelbase
5
posted on
12/02/2012 10:15:21 AM PST
by
E. Pluribus Unum
(Labor unions are the Communist Party of the USA.)
To: Rebelbase
6
posted on
12/02/2012 10:18:56 AM PST
by
Bikkuri
(Hope for Conservative push in the next 2-4 years..........)
To: Rebelbase
To: Rebelbase
Down losd Avast and do a boot scan.
8
posted on
12/02/2012 10:20:26 AM PST
by
RetSignman
("A Republic if you can keep it"....)
To: Rebelbase
From a site that purports to offer solutions to virus infections (Dr. Web Anti-Virus): Trojan.DownLoader7.24299 ------------------------- Malicious functions: Creates and executes the following: %TEMP%\omg1000.exe %TEMP%\omg1000.exe (downloaded from the Internet) Executes the following: \ping.exe -n 3 -w 250 127.0.0.1 \cmd.exe /c %TEMP%\afgstyw.bat Modifies file system : Creates the following files: %TEMP%\omg1000.exe %TEMP%\afgstyw.bat %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].2387591943 %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].0357167227 %TEMP%\~ip.tmp Deletes the following files: %TEMP%\~ip.tmp Deletes itself. Network activity: Connects to: 'fr######eaming.zapto.org':80 'fr######eaming.hopto.org':80 'ch####p.dyndns.org':80 'www.wh###smyip.com':80 TCP: HTTP GET requests: fr######eaming.zapto.org/videos/sky3/skydl.php?ci############################################################# fr######eaming.hopto.org/videos/sky2/skydl.php?ci########################################################### ch####p.dyndns.org/?rn######################################### www.wh###smyip.com/?rn######################################### UDP: DNS ASK fr######eaming.zapto.org DNS ASK fr######eaming.hopto.org DNS ASK ch####p.dyndns.org DNS ASK www.wh###smyip.com
9
posted on
12/02/2012 10:21:10 AM PST
by
RitchieAprile
(the obsteperous gentleman..)
To: RetSignman
10
posted on
12/02/2012 10:22:46 AM PST
by
RetSignman
("A Republic if you can keep it"....)
To: Rebelbase
11
posted on
12/02/2012 10:26:29 AM PST
by
eyedigress
((zOld storm chaser from the west)/?)
To: sauropod
12
posted on
12/02/2012 10:27:42 AM PST
by
sauropod
(I will not comply)
To: Rebelbase
First, spank your girlfriend’s son for watching porno, then download one of the free programs suggested, or others which are available and reviewed on cnet.com, run it (them) and install an anti-virus on the machine to run permanently.
13
posted on
12/02/2012 10:32:20 AM PST
by
Revolting cat!
(Bad things are wrong! Ice cream is delicious!)
To: Rebelbase
Assuming the computer is running vista or later, with another computer download windows defender offline. create a boot dvd or thumb drive and boot from it. Let it scan. It picks up everything including root kits. Surest way to disinfect.
If the computer has XP, but is vista or 7 compatible your good.
To: Rebelbase
The virus probably makes a restore worthless.
Backup personal Office, photos, music and videos. Load a restore disk to wipe everything,and reinstall Windows. If you don’t have a restore disk and you can’t make one now (likely), contact the computer manufacturer.
The last option is something I’ve done sucessfully in the past. The manufacturer burned a disk for my discontinued machine and mailed it to me.
15
posted on
12/02/2012 10:36:51 AM PST
by
cicero2k
To: Rebelbase
Run
TDSSkiller, then restart. Then download and run
Malwarebytes anti-malware utility. Restart again.
Those two should wipe out most anything.
To: Rebelbase
17
posted on
12/02/2012 10:58:05 AM PST
by
skinkinthegrass
(Anger a Conservative by telling a lie; Anger a Liberal by telling the truth....RWR 8-)
To: TonyInOhio; Rebelbase
You beat me to it - - I also recommend Malwarebytes. That service got rid of some very nasty crap on my computer so I went and bought a subscription. Well worth it.
To: Rebelbase
SuperAntiSpyware has provided good results for me when trying to remove difficult malware.
http://www.superantispyware.com/
The free version is fully capable for detecting and removing.
If you run a complete scan and find more than cookies, delete the quarantine and run it again until clean. Might take 3 times.
19
posted on
12/02/2012 11:02:02 AM PST
by
GOPBiker
(Thank a veteran, with a smile, every chance you get. You do more good than you can know.)
To: Rebelbase
Do what reply 15 says. I gave up on Windows because my machines were rendered useless after 2 years.
20
posted on
12/02/2012 11:03:08 AM PST
by
Havisham
Navigation: use the links below to view more comments.
first 1-20, 21-37 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson