martymas Posted January 2, 2005 Report Share Posted January 2, 2005 hi team for several years ive used majorgeeks to down load software.but over the holidays .i used the search bar and when majorgeeks.sit came up i clicked on what i thought was a genuine site .and my page went haywire .i was getting an error and cant find the server page.and all of a sudden i have a trojon on my sys .i wouldnt like to point the finger at MG.so i think the virus came from a site posing as MG.at the time i was in the process of installing avast .and my siren went off warning me .luckly avast arrested the virus.and put it in the vault .the reason im posting this before xmas my next door neighbor said she had got a virus from MG .but i dismiised it.it is easy to blame any one.but now i think she was right .has any one else experienced this.im not really comfy posting this.as MG has been a trusted site for me for some time. marty Quote Link to post Share on other sites
thesidekickcat Posted January 2, 2005 Report Share Posted January 2, 2005 (edited) Thanks for the warning.It is getting hard to know who or what to trust on the internet, especially since there are spoofer/phisher sites around.I am glad your Avast was able to protect you.Have a Happy, Safe, Healthy New Year.God bless everyone. Edited January 2, 2005 by thesidekickcat Quote Link to post Share on other sites
MajorGeek Posted January 4, 2005 Report Share Posted January 4, 2005 Hi, I would like the opportunity to look into this. If someone is copying our website to pass off spyware or viruses I would like to track it down and have them shut down. Perhaps you could let me know what search engine and what you typed so I can look into it. MajorGeeks.com continues to test ALL software before posting for quality, viruses and spyware. We started out this way and will go down this way. Companies use clone websites and even spyware removal tools to infect people, so anything is possible here. Thanks for your time. We can always easily be contacted through our website for any questions. I will gladly look into this and let you know with more details. Quote Link to post Share on other sites
MajorGeek Posted January 4, 2005 Report Share Posted January 4, 2005 I also would appreciate your contacting a "trusted site" before you go making multiple posts on the internet accusing us of infecting you. I am continuing to look into it, and can only promise you you did not get it from us.http://forum.worldstart.com/showthread.php...7109#post467109 Quote Link to post Share on other sites
MajorGeek Posted January 4, 2005 Report Share Posted January 4, 2005 So far found one website that looks like ours, but nothing newer then May for updates, hopefully it does not fool anyone. Since it is in China, not much we can do, it also does not appear to be doing any harm. This is from still searching Google, have not even begun searching MSN yet. Let me know what you typed it please so I can accurately reproduce your problem if possible.ehomenet.onlinedown.net/down/ Quote Link to post Share on other sites
MajorGeek Posted January 4, 2005 Report Share Posted January 4, 2005 I scream uncle. I searched majorgeek and majorgeeks and got nothing but valid links to us for the first 5-7 pages on both Google and MSN search. Let me know if I can help more or you can offer more information. Quote Link to post Share on other sites
cowsgonemadd3 Posted January 4, 2005 Report Share Posted January 4, 2005 Wow Look we got somebody from major geek here!Just to say your site is good...... Quote Link to post Share on other sites
Kat Posted January 4, 2005 Report Share Posted January 4, 2005 Thanks so much for the work you have done regarding this, MajorGeek! Don't be a stranger to our forums! Quote Link to post Share on other sites
MajorGeek Posted January 4, 2005 Report Share Posted January 4, 2005 My pleasure, we are lucky that on our forums our moderators and readers tipped me off to this thread and some searching found another thread written exactly the same by almost the exact same username, but felt it was worth a look. Again, I am here if the original poster wants to give out some more information but otherwise can only say he or she was probably hijacked by one of the thousands of websites out there people create to run ads or install spyware because some poor person made a typo. This is a good reason and time to remind people to bookmark their favorite websites, especially sites you have banking or credit information at and never click a link in email or manually type in a website again if you visit or have financial information stored at.And thanks for the kind words guys, we appreciate your friendship and visits to our website! Quote Link to post Share on other sites
Darrenkook Posted January 4, 2005 Report Share Posted January 4, 2005 Marty, In the other thread that Majorgeek linked to was a reference to spoofstick. This an excellent program and shows you what site you are on just in case you go to a site that routes you to another site...It's free and definately worth having!!! If you decide to use it...don't freak when the fonts come up huge..You can change that.....Thanks majorgeek for checking this out also!! I know many many people use that site to download... Quote Link to post Share on other sites
MajorGeek Posted January 4, 2005 Report Share Posted January 4, 2005 Good call, we also have that for download, of course: http://www.majorgeeks.com/download4453.html Quote Link to post Share on other sites
cowsgonemadd3 Posted January 5, 2005 Report Share Posted January 5, 2005 Well I hope the user will help you! I have never had the problem I was linked there by other download site......Again Good job everyone over there from Cowsgonemadd3! Quote Link to post Share on other sites
MajorGeek Posted January 5, 2005 Report Share Posted January 5, 2005 Thanks again! I dont know what else to do, I am a bit bothered as the day goes by (I think I responded about 13 hours ago) that we were accused on multiple forums (by marty as known in quite a few forums) , without a response back explaining the situation in more detail. I dont see what was to be gained here, other then to take a shot at us since most would directly email a trusted website, but instead this was posted on multiple forums. Oh well, in case I dont get back anytime soon Marty, I am tim, my partner is jim and you can email tim or jim at majorgeeks.com if we can be of further assistance. Quote Link to post Share on other sites
martymas Posted January 5, 2005 Author Report Share Posted January 5, 2005 hi sorry i havent been back to the thread for some time holidays and all that.im glad some one from the site has posted.as i said in my post i wasnt comfy .as ive used the majorgeek site for some years.anf for software it is one o fhte best on the internet.i havent had a trojon in all the time ive used a comptso i was a bit chaffed.tho didnt directly blame the site.i know a site like this is vulnerable to statements like mine so i would like to assure posters .the trojon probably came form the other sources.it is any help for the MG repi was in the MG site installing avast .when my page went hay wire first i got an error page .then a cant find the server page .by that time avast was installed.at first i thought my urlmon dll file needed to be refreshed.but once i restarted my compt avast let off a siren and a voice said beware .yuo are in danger of getting a trojon.well i paniced and i didnt even to think of reading the name of the trojon.all i remember was it was in c:windows file.it deleted easily enough.so deleted it from the vault .to assure my self it wasnt the site i went straight back into MG SITE .TO GET Adaware and all was ok.the one thing i remember was in the address bar was this address www.udg.some numbers.majorgeeks.comso right there and then i thought my sys had been highjacked .but since then my sys has been ok ive scanned with avast.avg. and house call.and they all come up clean.if you read my original post you will see my neighbor had the same problem .i said to her rubbish.MG wouldnt exist if this happened.so to all who use MG keep using the site.im sure it was some one posing as MGi hope this post has helped.i still use MGand i hope all others will also marty Quote Link to post Share on other sites
MajorGeek Posted January 5, 2005 Report Share Posted January 5, 2005 Marty, What you describe sounds like a browser Hijack. If you visit our forums, I will look at your Hijack This log, which you probably need to run regardless at this point. I would also consider using the Mozilla Firefox browser. While not 100% secure, it eliminates many of the Internet Explorer vulnerabilities that are taken advantage of by these scumbags. Good luck to you Quote Link to post Share on other sites
Nerelda Posted January 5, 2005 Report Share Posted January 5, 2005 I only go to www.majorgeeks.com for ALL my downloads if possible. I've found the site to be most trustworthy and having the fastest download times. Thanks for your continued excellent service. Quote Link to post Share on other sites
martymas Posted January 6, 2005 Author Report Share Posted January 6, 2005 hi thanks i will visit the site i didnt mean to cause any inconveince to your site ive used it for years.i relly wanted to see if any one had got the same problem as i did .when ever ive installed ive got Adaware.regclean. avg .avast.from MGfor some years now .and i will continue to use it .you may be right i may have been highjacked.this is an area im not familiar with.so i will probably need help.so thanks for your post marty Quote Link to post Share on other sites
martymas Posted January 6, 2005 Author Report Share Posted January 6, 2005 ok team for the last hour i cant get the majorgeeks site .i tried several times .i typed majorgeeks in to the msn search bar.and clicked on several site applis but the only one i can get into is one called alexa.now im not sure what is happening here.when i click one the majorgeeks free ware it just sits there nothin happensthis is what happened when i got the trojon.so some one is spoofing the site.i cant seem to get in no how.EDIThi team all morning i havent been able to get on to MG.i posted the above at about 3.30it is now 10.30.and aT LAst im in .so disregard the post above.cannot tell you reason .i suppose it is one of those quirks of computing.hoW ever im on .ive in stalled HJT.as you suggested .but if you dont ind i would like some one from this board to read it instead of going to MG forums .ive been a menber of this board for some time.and i respect the posters from here.some of them i used to comunicate with at techtv.so if some one would allow me to post my hjt log and read it for me .thanks marty Quote Link to post Share on other sites
Nerelda Posted January 6, 2005 Report Share Posted January 6, 2005 I haven't been having any trouble getting to their site at all. Have you just tried typing in "www.majorgeeks.com" into the address bar? Not using search? Quote Link to post Share on other sites
Chachazz Posted January 6, 2005 Report Share Posted January 6, 2005 No problems here... Quote Link to post Share on other sites
tg1911 Posted January 6, 2005 Report Share Posted January 6, 2005 Marty,I'm sure somebody here can help you out.Download the latest version of HijackThis (HJT), from this link.Put HijackThis in a Permanent folder:Click My Computer / C: / File / New / Folder / name the folder; HijackThisPut HijackThis.exe, in this folder.This is a mandatory step, for the backup and restore functions, of HijackThis, to be able to work.Read the pinned post in the Security forum, hereThen, run a log, and post it in the HJT forum, at this link. Do NOT, fix anything, yet.A member, of the HJT Team, will help you out. Quote Link to post Share on other sites
thesidekickcat Posted January 7, 2005 Report Share Posted January 7, 2005 Hi Marty,When you do the HJT log, wait for the HJT experts come along. They have the title Hijack This experts listed under their avatar pictures I think.Also regarding your saying that something called Alexa was displayed, well I remembered seeing something somewhere (Spybot S and D?) about it. So I Goolged it, found a Symantec entry. It is spyware, installs a toolbar and/or icon in your existing toolbars etc.Here is the Symantec article for anyone interested.Symantec article about Alexa spywareGood luck in solving your computer problems. I am sure you will be well taken care of by the experts.God bless everyone. Quote Link to post Share on other sites
martymas Posted January 7, 2005 Author Report Share Posted January 7, 2005 hi team well i followed tg1911 to the letter.and here is my log file i cant find any thing suspicious.so i need to rely on the hjt experts thanks Logfile of HijackThis v1.99.0Scan saved at 6:07:19 p.m., on 7/01/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exe----------------------------------------------------------------------------------------------hey team i wonder how many software and hardware companys monitor these boards.techtv used to monitor the message boards. ------------------------------------------------------------------------------------------------C:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\Mixer.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\WINDOWS\system32\cidaemon.exeC:\Documents and Settings\martym\Local Settings\Temporary Internet Files\Content.IE5\IR9KO4SY\HijackThis[1].exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startupO9 - Extra button: TREND MICRO HouseCall - {2B5EA4F8-620A-4A8B-B003-4C8C5EBEA826} - http://uk.trendmicro-europe.com/enterprise...usecall_pre.php (file missing)O9 - Extra button: Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.htaO9 - Extra 'Tools' menuitem: &Toolbar Wallpaper - {c23dd370-cb79-11d2-898a-00c04f80a47f} - C:\Program Files\Internet Explorer\Toolbar\toolbar.htaO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cabO16 - DPF: {7ED7005B-4AF6-4CFF-9AE0-F243C4B8260F} (HouseCallButton.setup) - http://de.trendmicro-europe.com/file_downl...eCallButton.CABO17 - HKLM\System\CCS\Services\Tcpip\..\{9DA5EFFC-DDDA-4278-A647-689CA5F07C9C}: NameServer = 202.37.101.1 202.37.101.2O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe marty Quote Link to post Share on other sites
tictoc5150 Posted January 7, 2005 Report Share Posted January 7, 2005 hi team well i followed tg1911 to the letter.Marty, this is incorrect.tg1911 said:Put HijackThis in a Permanent folder:Click My Computer / C: / File / New / Folder / name the folder; HijackThisPut HijackThis.exe, in this folder.This is a mandatory step, for the backup and restore functions, of HijackThis, to be able to work.Read the pinned post in the Security forum, hereThen, run a log, and post it in the HJT forum, at this link. Do NOT, fix anything, yet.A member, of the HJT Team, will help you out.You left HJT in a temp folder and it's very important that you put it in a permanent folder for the reasons tg1911 stated...and also to post the log in the HJT section of the boards, HERE.I'm not trying to be a jerk, just pointing out the things that'll get you helped in a more timely mannergood luck, T. Quote Link to post Share on other sites
bar5 Posted January 7, 2005 Report Share Posted January 7, 2005 Hi:I use MajorGeeks for just about ALL my downloads. Never had a problem. Will continue to use it. It is a very trustworthy site. It is the first site I go to if I'm looking for a particular type of software etc.Good luck Marty, hope you get your computer up and running clean.Barb Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.