It is a PICTURE (or movie) possibly with a dir command on your C: drive (in YOUR browser) so it looks like they see your drive and do an online scan !!! (it is part of the scaM to make you believe they did an online scaN)

more along the lines of a listing of where the malware infects your computer and how to remove and some apps to diagnose that its gone (and could detect a significant amount of other malware at the same time!)

knowing how to do that would give you a great start on how to combat most malware your self anyway and not need such a brutal security regieme

sure use a good firewall, anti virus and anti spyware have sandbox apps, and blaclist apps if you were real parinoid run in a virtual enviroment and have a firewall box as well

good security should not reduce your computer to a crawl and should be able to disable at will for gaming simply installing 7 of them is just counter productive and recomening it to people who dont have the skill to reconise the pros and cons and workarouns is realy doing more harm than good

@131
avast is good :D
glad they finaly picked it up
but i would doubble check on the registry key is set right

in:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

edit:
Shell = “%AppData%\IQManager\iqmanager.exe”

to:
Shell = “c:\windows\explorer.exe”

just because the message is gone dosent mean it is.

that bit is far more dangerous than the run entry

and of course if you know how to interpret, or want to, to insure your computer is clean read up for the link to the forums where all the tools and components of the files are hiding

if you have any troubles let me know you have done well so far :)

Would not surprise me for a moment if it transpires they are.

As i’ve mentioned quite a few times recently, a few years back a group called “Media Defender” had one of their main operatives Gmail account hacked and the whole contents of the account were floated on torrent, still available on TPB.
http://thepiratebay.org/torrent/3806944/MediaDefender.Mail.200612.200709-MDD

Instructions of how to browse the emails given in comments on page.

These show how many shenanigans they were involved in, thanks again to Media Defender defenders for making these available.

It shows anti-piracy agents are involved in criminal activities against us, such as hacking, illegal privacy invasions using fake sites, honey traps etc.

The amount of criminal activities they were involved in is unbelievable, they should have served time for their activities, where we are simply civil infractors, they are criminals with no respect for criminal law never mind our civil infractions.

So it wouldn’t surprise me one bit, if some anti-piracy outfit is actually behind this, they seem to think acting criminally towards us is perfectly justified and actually find it funny, sick sociopaths the fracking lot of them.

Take a look at the emails, as i’ve said, too much time and money was spent to simply abandon their plans, they just waited until it all died down and we are indeed seeing their plans resurface and indeed, as time goes on their plans become more complex and improved but those emails give an idea of what these oiks are prepared to do.

Governments and law enforcement agencies want to concentrate on what anti-piracy groups are doing more, again, file sharing is a civil matter, what these anti-piracy agents working on behalf of copyright holders are doing is often criminal and they break criminal laws and they seem to be completely ignored and shouldn’t be!

As in the emails, they even think completely ignoring criminal laws and acting criminally towards file sharers is funny, utter contempt for criminal law, laws which are present in most nations, anti-piracy think criminal laws do not apply to them.

Some idiot mentioned about Federal Taskforces in another thread, well they aren’t interested in file sharing, but were they to bother, they’d find a lot of financial irregularities in the accounts of these people, copyright holding companies and anti-piracy group;s both, as much as a plethora of other criminal offences perpetrated by these corporate oiks.

Again, perhaps governments and law enforcement of nations should look at those before focusing on file sharers because both of those groups, copyright holders and anti-piracy agents, deem themselves above the law and act criminally as a norm, not a rarity but commonly, if the FBI did look into them, they’d find enough criminality to recoup millions of Dollars and Euro’s to keep courts busy for years.

Peace. : )

You mean, internal messages with links to files which people download and run on purpose?

Just curious, what is the content of the messages if it’s the case?

An exe is an Executable, a programme file which can run independently as opposed to a complex application which requires drivers and multivarious scripts to function, an exe runs as a stand alone.

- – -

Don’t know if anybody has noticed, but for a few weeks, until last week is when it last happened with me….

TPB had a bogus virus scanner activating when navigating the site which was the usual malware BS, immediately stating “Your Computer Is Infected” and running an online scan.

I didn’t let it get any farther and disconnected immediately, rebooted and added the URL from browser history to prohibited sites in Internet Options, whoever the tw@ts who were doing this were, they changed the URLs, i counted 8 different sites with the same virus.

Don’t know about any other sites but maybe others can say if any other torrent sites were targeted.

They didn’t get very far with me, but same as other sites all over the net where these bogus virus scans are used, they do two things, they scan everything so a list of drive contents becomes available for later hacking of your ‘puter and 2, malware is dropped allowing backdoor access and others like automated transmission of personal details etc, various malicious uses.

Like i say, it didn’t get more than a couple of seconds every time it occurred with me, but it’d be interesting to see if somebody getting one of these fake copyright notices also had experiences of bogus online virus scans while navigating torrent sites.

I’ve spyware 7 AV scanners anyway, only a fool hasn’t, so even if it got far enough and dropped something it’d no doubt be quarantined anyway.

But there may be a connection here, don’t know.

I do know there’s a lot of naive people who go to Warez sites and get malwares dropped on their PC’s, since i was member to XWT forum i have noticed so many people suffering from infections after going to porn sites and Warez sites without proper protection, these days even media portals like online newspapers and shopping sites and alsorts are hacked and users navigating get infected.

bottom line is be aware at all times, the Internet is not a fluffy and safe environment and all too many feel being online is as safe as being at home in their nice safe house, you are at home, wherever, so feel secure, sites are nice and tidy and people are lulled into a false sense of security.

but it’s actually better to consider yourself driving through a Crack Cocaine and Meth ridden ghetto, ergo, always be on guard.

there’s as many deviants in the cyber world as there are in society, online doesn’t mean safe, only your own vigilance means you stay safe.

As mentioned, anything happens, research it, don’t take a fracking thing on face value.

scam’s are usually flagged by people who realise they have been targeted, do a few searches and you’ll find the sites which alert people to what scams are happeneing, plenty of those alert sites around and they can save you a lot of grief so use them if anything suss occurs, don’t ignore things however benign they may seem, there’s a lot of dodgy frackers out there committing cyber crimes so don’t be a victim.

Peace. : )

And how does someone clueless of all (like flash drive) know how to comment with a nickname (called “deleted”). Next, it doesn’t make sense telling someone how to put all important stuff in one folder and burn on CD/DVD if they don’t know how to use the computer.

Finally, never send anyone to just any computer repair place if data is to be saved. Almost all of them will just say the data is lost and format the harddrive anyway (to avoid working or clueless themselves). Its better to first search for a computer repair place that will actually do a real attempt to rescue data for sure. So i suggest to add a warning about this when giving that advice.

(yes, i know, wrong forum)

but id still want a look at gmer/autoruns/hyjack this logs it is a basic rootkit after all there could be secondary infections.

http://download.cnet.com/CCleaner/3000-2144_4-10547048.html

even if sent in a pm.

Remove iqmanager.exe instruction:

1.Temporarily Disable System Restore;2.Reboot computer in SafeMode;3.delte iqmanager.exe virus files and kill iqmanager.exe file task process(if have);4.Delete/Modify any values added to the registry by iqmanager.exe ;5.delete IE temp files,restart the computer and run a whole scan with BitDefender. iqmanager.exe virus files as following:

Yeah, YOUR lucky someone taught you english real GOOD over THEIR. Retard, indeed.

http://www.p2pfreak.com/forum/bar/4011-iccp-foundation-mal-ware-removal.html

for startes never run 2 antivirus at the same time. or they will each scan what the other opens and scans and in short will sit there and munch away and acieve nothing that is unles you keep one disabled

also why would you install such an ugly recorce hungry pig as nortons
sure there are alot of people out there that like it, but facts speak for them selves, look at the profensional testers comparisons if need be. its usless, it always leaves behind tendrils if it can remove anything at all

sure once upon a time nortans WAS good but that was a long long time ago and pre xp

so now you have your old scool fan boys and now the rather large bribes they place to get the prodouct pre installed and the good buisness deals. just becaue its cheaper dosent mean its any good.

and mcfee thats a laugh there is an urban myth going round that the evil queen her self was sprung writing viruses and releasing them so that her scanner will pick them up fist to improve stats and sales.
i tried finding a link but apart form some very embarising stufups i gave up shortly google is to powerfull for its own good sometimes

if you want a good firewall use comodo or kaspersky
if you want a good antivirus try avast or avg being the current most popular flavors of the last few years

virus total if you have a sample or threat expert are great to upload and see whats happening or what will clean off

@115 exept that shell now no loger knows what to load. restart and it may not work (unless windows is intelegent enough to revert back to default)

thus nessary to fix up the load point of explorer.exe

in:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

edit:
Shell = “%AppData%\IQManager\iqmanager.exe”

to:
Shell = “c:\windows\explorer.exe”

and of course all the other tendrils left behind folow guide here
http://www.p2pfreak.com/forum/p2p-news/4004-malware-extorts-cash-bittorrent-users.html

Then remove the startup entry (Start – Run – msconfig) or use a tool like HiJackThis/CCleaner

I found it on a client machine and it was easy to clean.

This came up a day after my brother installed Azuereus, Mcafee, and Norton. I believe it found a back door somewhere there. Windows 7, Home edition.

and upload that as well

@109 that is suprising, and a little hard to belive, its become pretty well much standard practice for scumware to infect system restore or a system rollback that is unles you are using win7 and had a dvd image set to fall back on

i assumed the winlogon allready had explorer.exe in there rather than in there not that the iq manager replaced it

being a long time user of autoruns (well before he was headhunted by windows and now works on their kernel, and yes the same guy that dicoverd and exposed drm!)

but in that it lists the shell value in
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

have never had to go modify that registry key so never needed to go into the registry and notice the diffrence i didnt realise that it was in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

had i a sample and me instructions not worked the first thing i would of hit it with would of been autoruns and then i would of picked up on it

this knolege now raises the scumware coders skill by several dozen orders of magnatude whats done there has paved the way for a signifigant potential of mayhem unleashed upon infested systems

if done right it can counter most antivirus programs

ill put the revised instuctions on the forums here
http://www.p2pfreak.com/forum/p2p-news/4004-malware-extorts-cash-bittorrent-users.html

fist off dont play with autoruns unless with extreeme care. it dosent find whats good or bad ect like a tradional antivirus rather that its just a diagnostic tool and tells you whats there not whats good or bad, so dont ffs untick everything! same aplys to gmer, hyjackthis ice sword ect…

explorer.exe in short is everything that most people reconise as thier computer it controls among other thigs the gui (grapical user interface) so your desktop, your icons, your bacground my computer…

the fact that iqmanager uses a pre hacked one or loads beforehand and then sinks its teath into it gives it the potential if coded right to render most virus scanners impotent and usless simply by being able to hide from them it all depends on the skill and effort put into its creation

after killing files registry keys and fixing explorer.exe could someone upload a log from autoruns and gmer, and hyjackthis on the forums ill read though and check is clean if not it will let me sniff out any further signs of infection.

I’ve managed to get back to my desktop. I ran rkill to terminate iqmanager, then downloaded and ran malwarebytes, doing a full scan. I then went ran regedit and changed hkey_current_user/software/microsoft/windowsNT/currentversion/winlogon shell from iqmanager.exe back to c:\windows\explorer.exe.

I am no computer guru, but this seems to have worked for me.

It’s easy, it’s free, and it will probably work.

Also, stop hating on people looking for help. You make IT people like me look bad. We’re not all jerks. I would like to say most of us like to help, not put down end users. I’m ashamed to be associated with the acid-tongued users posting on this page.

Oh, and another thing, Linux isn’t always an option for everyone, so quit being so smug about it.

A simple misspelling does not qualify as broken English. Please refrain from pointlessly posting and further embarrassing yourself.