jobseekertool.exe/ntos.exe virus/phisher

Discussion in 'Computer Support' started by Muse Gruppes, Jan 11, 2007.

  1. Muse Gruppes

    Muse Gruppes Guest

    I fell for it... damn, well, had gotten an email from (what I thought was)
    Monster.com and told me I needed to download the jobseekertool.exe to
    continue doing searches on Monster. I thought I was intelligent enough to
    catch something that obvious. My anti-virus *finally* picked it up, although
    when I clicked to get info on it, the CA info center... didn't have any,
    odd, since they gave it a name but offered no info on it. "Win32/Kollah.F"

    Does anyone know anything about this? I'm afraid that it might have messed
    up my registry somehow. after reading this:

    http://forums.techguy.org/security/526023-i-opened-program-virus.html

    I think I'm ok since my AV found and deleted ntos.exe and jobseekertool.exe

    but...
     
    Muse Gruppes, Jan 11, 2007
    #1
    1. Advertising

  2. Muse Gruppes

    Muse Gruppes Guest

    Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    Just a few minutes ago the real time scanner got : A0034496.exe several
    times :(
    I'm running adaware right now and will do a virus scan afterwards. I think
    this might be a good time to CLEAN out the system. After all I'm thinking of
    going to Win2000 Professional...

    If I decide to go that route, How do I install 2000 if I have XP installed
    allready?

    -C

    Muse Gruppes wrote:
    > I fell for it... damn, well, had gotten an email from (what I thought
    > was) Monster.com and told me I needed to download the
    > jobseekertool.exe to continue doing searches on Monster. I thought I
    > was intelligent enough to catch something that obvious. My anti-virus
    > *finally* picked it up, although when I clicked to get info on it,
    > the CA info center... didn't have any, odd, since they gave it a name
    > but offered no info on it. "Win32/Kollah.F"
    > Does anyone know anything about this? I'm afraid that it might have
    > messed up my registry somehow. after reading this:
    >
    > http://forums.techguy.org/security/526023-i-opened-program-virus.html
    >
    > I think I'm ok since my AV found and deleted ntos.exe and
    > jobseekertool.exe
    > but...
     
    Muse Gruppes, Jan 12, 2007
    #2
    1. Advertising

  3. Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    Muse Gruppes wrote:

    > Just a few minutes ago the real time scanner got : A0034496.exe
    > several times :(
    > I'm running adaware right now and will do a virus scan afterwards. I
    > think this might be a good time to CLEAN out the system. After all
    > I'm thinking of going to Win2000 Professional...
    >
    > If I decide to go that route, How do I install 2000 if I have XP
    > installed allready?


    You will have to reformat the drive. You can't "update/repair" with an
    earlier version of Windows.

    > Muse Gruppes wrote:
    >> I fell for it... damn, well, had gotten an email from (what I thought
    >> was) Monster.com and told me I needed to download the
    >> jobseekertool.exe to continue doing searches on Monster. I thought I
    >> was intelligent enough to catch something that obvious.


    Ahem. The rules of Safe Hex say you always scan anything you download
    before executing it.

    --
    -bts
    -Motorcycles defy gravity; cars just suck
     
    Beauregard T. Shagnasty, Jan 12, 2007
    #3
  4. Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    Muse Gruppes wrote:

    > Just a few minutes ago the real time scanner got : A0034496.exe several
    > times :(
    > I'm running adaware right now and will do a virus scan afterwards. I think
    > this might be a good time to CLEAN out the system. After all I'm thinking
    > of going to Win2000 Professional...
    >

    If you have another pc with a good virus scanner, attach your harddrive to
    that one and scan it from there. Or use a liveCD (latest hirens root&boot,
    or knoppicillin with internet updates).
    At least, get the free kaspersky version at www.activevirusshield.com (do
    not let it install the "aol security toolbar"), update it and then scan in
    safe mode.
    Get spyware s&d as well, or/and another one. Update and scan.
    Remember to keep the xp firewall on, or use a NAT router.

    > If I decide to go that route, How do I install 2000 if I have XP installed
    > allready?
    >

    You cannot install it on the same partition unless you wipe that one
    first, "downgrades" are not supported.
    Most probably, for home use, XP is the better choice for halfways recent pc
    hardware. You may get into trouble finding all the drivers for recent
    mainboards, sata chips and so on, for win2k. It doesn't have a "firewall"
    or other protection as you install it, and will catch any malware as soon
    as you connect to the internet, when not behind a nat router or firewall.
    If you want to go a different, safe route, try out linux. A recent linux
    distribution includes openoffice, a configurable iptables firewall, lots of
    useful programs, browsers and more. It will recognize recent mainboards and
    standard hardware as well, without your hunting for drivers. And your pc
    will not catch a cold the first time on the net :)

    --
    vista policy violation: Microsoft optical mouse found penguin patterns
    on mousepad. Partition scan in progress to remove offending
    incompatible products. Reactivate MS software.
    Linux 2.6.17-mm1,Xorg7.1/nvidia [LinuxCounter#295241,ICQ#4918962]
     
    Walter Mautner, Jan 12, 2007
    #4
  5. Muse Gruppes

    Muse Gruppes Guest

    Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    How is it that malware can install minutes (or seconds?) after connecting by
    high speed? Are there programs out there constantly scanning unprotected
    IPs/Computers and by automation they slip in and it's all over?

    Walter Mautner wrote:
    > Muse Gruppes wrote:
    >
    >> Just a few minutes ago the real time scanner got : A0034496.exe
    >> several times :(
    >> I'm running adaware right now and will do a virus scan afterwards. I
    >> think this might be a good time to CLEAN out the system. After all
    >> I'm thinking of going to Win2000 Professional...
    >>

    > If you have another pc with a good virus scanner, attach your
    > harddrive to that one and scan it from there. Or use a liveCD (latest
    > hirens root&boot, or knoppicillin with internet updates).
    > At least, get the free kaspersky version at www.activevirusshield.com
    > (do not let it install the "aol security toolbar"), update it and
    > then scan in safe mode.
    > Get spyware s&d as well, or/and another one. Update and scan.
    > Remember to keep the xp firewall on, or use a NAT router.
    >
    >> If I decide to go that route, How do I install 2000 if I have XP
    >> installed allready?
    >>

    > You cannot install it on the same partition unless you wipe that one
    > first, "downgrades" are not supported.
    > Most probably, for home use, XP is the better choice for halfways
    > recent pc hardware. You may get into trouble finding all the drivers
    > for recent mainboards, sata chips and so on, for win2k. It doesn't
    > have a "firewall" or other protection as you install it, and will
    > catch any malware as soon as you connect to the internet, when not
    > behind a nat router or firewall. If you want to go a different, safe
    > route, try out linux. A recent linux distribution includes
    > openoffice, a configurable iptables firewall, lots of useful
    > programs, browsers and more. It will recognize recent mainboards and
    > standard hardware as well, without your hunting for drivers. And your
    > pc will not catch a cold the first time on the net :)
     
    Muse Gruppes, Jan 12, 2007
    #5
  6. Muse Gruppes

    Mara Guest

    Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    On Fri, 12 Jan 2007 18:01:32 -0500, "Muse Gruppes" <>
    wrote:

    >How is it that malware can install minutes (or seconds?) after connecting by
    >high speed? Are there programs out there constantly scanning unprotected
    >IPs/Computers and by automation they slip in and it's all over?


    Yep.

    http://en.wikipedia.org/wiki/Computer_worm

    --
    A luser is someone who returns a perfectly good hammer to the hardware
    store saying "There's something wrong with it.  I keep hitting my
    thumb." --JB, in the Monastery
     
    Mara, Jan 12, 2007
    #6
  7. Muse Gruppes

    Muse Gruppes Guest

    Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    Thanks!


    "Mara" <> wrote in message
    news:...
    > On Fri, 12 Jan 2007 18:01:32 -0500, "Muse Gruppes"
    > <>
    > wrote:
    >
    >>How is it that malware can install minutes (or seconds?) after connecting
    >>by
    >>high speed? Are there programs out there constantly scanning unprotected
    >>IPs/Computers and by automation they slip in and it's all over?

    >
    > Yep.
    >
    > http://en.wikipedia.org/wiki/Computer_worm
    >
    > --
    > A luser is someone who returns a perfectly good hammer to the hardware
    > store saying "There's something wrong with it. I keep hitting my
    > thumb." --JB, in the Monastery
     
    Muse Gruppes, Jan 13, 2007
    #7
  8. Re: jobseekertool.exe/ntos.exe virus/phisher PART 2

    Muse Gruppes wrote:

    > How is it that malware can install minutes (or seconds?) after connecting
    > by high speed? Are there programs out there constantly scanning
    > unprotected IPs/Computers and by automation they slip in and it's all
    > over?
    >

    Yeah. Especially with windows default installs (user has admin rights, "ms
    network client" installed and bound to network interface, lotta
    other "services" open to the world). There are maybe hundreds or thousands
    of already infected boxen on your hi-speed network, constantly scanning
    known ports for new victims.
    --
    vista policy violation: Microsoft optical mouse found penguin patterns
    on mousepad. Partition scan in progress to remove offending
    incompatible products. Reactivate MS software.
    Linux 2.6.17-mm1,Xorg7.1/nvidia [LinuxCounter#295241,ICQ#4918962]
     
    Walter Mautner, Jan 13, 2007
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. T. K. Storsved

    Advice on dealing with a phisher

    T. K. Storsved, Sep 19, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    429
    =?ISO-8859-1?Q?R=F4g=EAr?=
    Sep 19, 2004
  2. Travis

    NTOS.exe virus

    Travis, Jun 7, 2007, in forum: Computer Information
    Replies:
    2
    Views:
    4,121
    Neil Green
    Jun 7, 2007
  3. Shane

    Funniest phisher

    Shane, May 19, 2006, in forum: NZ Computing
    Replies:
    4
    Views:
    402
    Robert Cooze
    May 21, 2006
  4. Shane

    ANZ phisher

    Shane, Sep 18, 2006, in forum: NZ Computing
    Replies:
    5
    Views:
    425
    Anony Mouse
    Sep 19, 2006
  5. richard

    comodo is cool ... stopped a phisher

    richard, Nov 12, 2009, in forum: Computer Support
    Replies:
    12
    Views:
    568
Loading...

Share This Page