Right, I now have a trojan on my work and home PC which I believe is caused by this site.

I didn't have an AV program installed and the pop-up

http://gtgjgfxes.com/cgi-bin/index.cgi?dx

which comes up when browsing this forum installed a trojan that makes another pop-up open when you use shopping sites that tries to get you to enter your credit card details.

I have been unable to remove this trojan using multiple anti-malware programs.

I have just seen the same pop-up again but I now have AVG installed which blocked it from running the trojan.

Has anyone else experienced this?

I've had the same window popup on me but I think my AV software has intercepted it and the end result is that it jst locks my browser up so I have to close it and start again.

There's definitely something going on.

Yea it got to me and i had to reset windows cause the pc was constantly processing at 100 percent - if you use firefox get http://no******.net/ it will block java ******s - and get a virus scanner - the server been hacked ?

yep me too... pops up at login. I now turn off all pop ups to enter here but it needs sorting please.

BUMP

Administrators: Are you looking into this? It is still occurring and is installing a very bad trojan on peoples PC's.

there are som free virus removers, try Ad-aware or windowns defender.

I'm getting it too.

At first I didn't even notice but this is what happens before login:

http://thumbnails6.imagebam.com/794/a29fc57938642.gif (http://www.imagebam.com/image/a29fc57938642)

Don't know if it actually plants a virus on your pc but without a good virus/adware/malware program I can understand some people will have some trouble with it.

I've tried 5 or 6 different AV products and NONE of them have identified and removed it. One says their is a rootkit installed and looking at that screenshot I think that may be what it is.

The only AV that detected it for me was Kaspersky which incidentally is in PC PRO's A List for best AV program. Had Norton but if got through undetected.

This looks like a real nasty so people be aware. Kaspersky found it as:

Trojan program 'Backdoor.Win32.Sinowal.ch'

I "think" I am still infected with it although Kaspersky has stopped any new threat. Searching the web there is as yet little reference to it other than it appears to be an information gatherer and can steal login information.

I am getting a very convincing popup when paying for certain items using my debit card. What made me suspicious is that it asked for my ATM pin which I know no legal site asks for. If you get such a box pop up closr it!!!

Other odd behaviour is my delete key does not seem to work properly and the backspace occasionally. The "Browse for File" buttons on web sites such as Rapidshare & Imagebam etc are often mostly missing but occur occasionally following an error when Internet Explorer has to close. At first, I couldn't even do a Windows Update without an error but that appears to have disappeared and now works.

Sounds like there are a few us with this. If you find a specific removal tool for this Trojan please post here. If I make any other discoveries/progress I will update this thread.

Maturefrenzy if u have a legal verson of Kaspersky u should contact the their support and describe your problem, they have a good support and they answer very fast.

I have Kaspersky 7.0 and it stopped the virus before i got infected so i know witch virus u are talking about.

What i do sometimes is to turn up to maximum protection and scan for rootkits, it takes a while but its worth it.

Good luck

Thanks for the info tupinambis.

I am currently using the 30 day full trial and based on the reviews I have read this last day of two may well puchase it.

Just by chance today's Times newspaper has an offer of half price version 7 with a free update to version 2009 which releases July 1st.

Anyone interested, use the coupon code DAILY50 at the online store. Offer ends on 30/06/08. May not work if you are not in the UK.

Thanks for the warning, fellows.

This looks like a real nasty so people be aware. Kaspersky found it as:

Trojan program 'Backdoor.Win32.Sinowal.ch'

I am getting a very convincing popup when paying for certain items using my debit card. What made me suspicious is that it asked for my ATM pin which I know no legal site asks for. If you get such a box pop up closr it!!!

Other odd behaviour is my delete key does not seem to work properly and the backspace occasionally. The "Browse for File" buttons on web sites such as Rapidshare & Imagebam etc are often mostly missing but occur occasionally following an error when Internet Explorer has to close. At first, I couldn't even do a Windows Update without an error but that appears to have disappeared and now works.

Sounds like there are a few us with this. If you find a specific removal tool for this Trojan please post here. If I make any other discoveries/progress I will update this thread.

Yep. It stops the delete key working in IE and Outlook and also Ctrl key. This seems like a cheap hack to stop you from doing a ctrl-alt-del and closing the window when it pops-up. Also causes random closing of IE on certain sites and always crashes on Hotmail.

If any malware experts know how to get rid of this please say so and will the admins of this forum at least aknowledge the problem and do something about it?

Hi
Norton 360 seems to be able to deal with it It allows it to load & then blocks it (just make sure you run your updates on a reg basis)
As for the problems with the backspace & delete keys, Ive always had problems with these working - on and off - since I joined this site, over 2 years ago
Anyway, have faith in Jerry; Im sure he's dealing with the problem right now

PS: just to let you all know, Ive contacted Jerry about this, so he's now aware of the problem All being well, it will be sorted soon

Regards,

virg_mc