slipstream666 Posted December 9, 2008 Share Posted December 9, 2008 Well Downloads.com finally screwed up. I was instructing a family on how to d load winrar and wouldn't you know it it had a virus piggybacking and laughing it's ass off. It is listed as INTERVALHEHEHE. I have been researching the soulution since avast has not worked either and I have seen some long HKEy solutions but none other. I was hoping someone here had an easier method??? If so please drop the info! Im off and dumb as a box of rocks tonight. Thanks Quote Link to comment Share on other sites More sharing options...
Sparda Posted December 9, 2008 Share Posted December 9, 2008 Did that make sense? I'd reinstall Windows if the problem be you has a virus. Quote Link to comment Share on other sites More sharing options...
Ingo Posted December 9, 2008 Share Posted December 9, 2008 You were instructing on how to download WinRAR? Ermm.... www.rarlab.com maybe? Quote Link to comment Share on other sites More sharing options...
Sparda Posted December 9, 2008 Share Posted December 9, 2008 I also noticed you said downloads.com, I would have thought you meant download.com which is actually pretty reputable. For me downloads.com f awards to download.com but this may be because I am using OpenDNS. Quote Link to comment Share on other sites More sharing options...
gEEEk Posted December 9, 2008 Share Posted December 9, 2008 Well Downloads.com finally screwed up. I was instructing a family on how to d load winrar and wouldn't you know it it had a virus piggybacking and laughing it's ass off. It is listed as INTERVALHEHEHE. I have been researching the soulution since avast has not worked either and I have seen some long HKEy solutions but none other. I was hoping someone here had an easier method??? If so please drop the info! Im off and dumb as a box of rocks tonight. Thanks Sorry what? You were instructing a family on how to download WinRar from Downloads.com and it had a virus called piggybacking? And, the virus was laughing its ass off? (msgbox?!?!) Just download a virus scanner or use a boot CD or something.. Quote Link to comment Share on other sites More sharing options...
Hellmark Posted December 9, 2008 Share Posted December 9, 2008 Downloads.com is owned by Cnet, and redirects to Download.com Still, I'd say, most likely case is that the OP didn't have the address right (since he is so incoherent, and didn't have the addy right in the post), and pointed them to the wrong place, or that they misunderstood him and went to the wrong place. Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted December 9, 2008 Share Posted December 9, 2008 Well Downloads.com finally screwed up. I was instructing a family on how to d load winrar and wouldn't you know it it had a virus piggybacking and laughing it's ass off. It is listed as INTERVALHEHEHE. I have been researching the soulution since avast has not worked either and I have seen some long HKEy solutions but none other. I was hoping someone here had an easier method??? If so please drop the info! Im off and dumb as a box of rocks tonight. Thanks from what i gather, this guy has no clue what he is talking about. I think he means that whichever download he got of Winrar was infected with a virus made by some script kiddie using some "au70 p\/\/nR" program? Sound correct? Quote Link to comment Share on other sites More sharing options...
slipstream666 Posted December 9, 2008 Author Share Posted December 9, 2008 Sorry everyone for the manner I worded my original question. Late night and everything. OK I hope this makes it a bit easier to understand me. I went to http://www.cnet.com and then of course to DOWNLOAD.COM to reinstall winrar 3.80. When the download completed and I began the install it was written in Chinese. Since I had never had a problem with any program I acquired from download.com prior I foolishly installed the program assuming I would just need to change the language to English. ( I was also walking someone though the install over the phone and needed to hurry.. I know stupid) Well after the program installed and I ran it as normal a small message box (it actually shows up in the task manager as an explorer.exe process) began popping up about ever 3-5 minutes. the name on the active task bar of the message box is INTERVALHEHEHE.inside of the message box it has the same message repeated four times followed by four exclamaition points. So it reads INTERVALHEHEHE INTERVALHEHEHE INTERVALHEHEHE INTERVALHEHEHE!!!! I run avast on my comp. and it did not catch it on install or later when I ran a deep scan. Likewise adaware, and XoftspySE did not help. I will use a boot disk as recommended and let everyone know what happens. Please any other ideas or actually tested fixes are very appreciated. Thanks again. Quote Link to comment Share on other sites More sharing options...
Sparda Posted December 9, 2008 Share Posted December 9, 2008 You got owned. Reinstall Windows. Factory reset your router as well. Some thing more is afoot than the simple 'I downloaded a virus'. That would be 'apparently my legitimate download was replaced by a virus'. Quote Link to comment Share on other sites More sharing options...
Hellmark Posted December 9, 2008 Share Posted December 9, 2008 Still, if shit starts popping up in languages other than your own, it is NEVER wise to keep running it. Even if just for the reason, it would be difficult to use. Use your noggin. Quote Link to comment Share on other sites More sharing options...
digip Posted December 10, 2008 Share Posted December 10, 2008 Use your noggin.QFE!! Funny. Others seem to have been hit with the same thing...By the way, 7zip is open source, free, and can open rar files. Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted December 10, 2008 Share Posted December 10, 2008 I've found that Malwarebytes' Anti-Malware picksup many infections that other AVs don't. Might wanna give that a try Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted December 17, 2008 Share Posted December 17, 2008 Sounds familiar http://blogs.zdnet.com/security/?p=2320 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.