Have any of you heard of this? I did a search on the net and didn't find much info. I had a friend call me today asking if I could help her get rid of it. I had never even heard of it. It appears she got it when she downloaded some software from (www.Ibackups.net) The BBB has a ton of complaints on that site by the way. Long story short it took over her whole system (from what she describes). She is very computer literate but, not having any luck getting a cure for this one.

Is it new? Must be since I have never heard of it until today.

I think she might just have to re-laod and start from scratch. What sucks is she just bought this new system.

From what I have heard it's a trojan or spyware not a virus. Look and see if you can find anything strange in add and remove (ctrl panel) and remove it. Also try ad aware or other spyware removal tools. What little can be found using google isn't much help, a bunch of smart azz kids on a forum talkin trash...

That's the same results I got too. No fixes that I can find anywhere! :eek:
It's a trojan and can be found by Ad-Aware and SpyBot, but it never seems to go away.
Symantecs site doesn't even list it.

Sounds like you guys found about as much info as I did. She is in Colorado so I won't be looking at the PC anytime soon. From what she told me, Ada-ware would not remove it and Norton didn't block or detect it. This is why I was assuming it has to be some what of a new "virus".

She said there were a bunch of process running when I had her look at task manager (there were pages). Not much I can do when I can't touch the machine I was just trying to find a script or file that would remove the "bug".

She is going to take the hard drive to a "computer" guy and he is going to fix it up for her.

I don't know why these people think it's fun to write this type of code. I will never understand. I know some of them get paid to do it or after they do it. Just silly to me.

Originally posted by camaroman7d:
It appears she got it when she downloaded some software from (www.Ibackups.net) The BBB has a ton of complaints on that site by the way.It doesn't seem to be a new trojan. It's just the transport. Her antivirus may have caught the worm or virus that it brought, but the trojan carrier is still there trying to do damage. It'll probably never go away. She should try using a trojan remover other than Ad-Aware or SpyBot. It'll save her some money.

Check out this site.

www.spywareinfo.com (http://www.spywareinfo.com)

They were very helpful when I picked up a browser hijacker on one of my computers.

She could try "Hijack This", but it is easy to cheese your system if you delete the wrong registry entries. The reason Adaware and other programs cannot get rid of the trojan is that it is running during the scans and the affected files cannot be accessed. Finding the registry entry and removing it will kill the trojan long enough to remove it- but don't reboot until removal is complete.

Boot to safe mode, kill the appropriate registry entries with hijack this, then scan the computer (also in safe mode) with adaware or Norton, or both. Spybot Search and Destroy is another good program she could try. No spyware software is ever 100% successful on every threat, usually you'll have to use several to defeat all the problems.

Of course the easiest (and best) solution is to remove the drive partition, re-partition then format and re-install the OS. I often recommend this procedure to customers with multiple virus/ trojan infections since the labor is normally less than a full system disinfection and clean up.