Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
MattESP767:
Check this page from the Symantec library:
http://securityresponse.symantec.com/avcenter/venc/data/trojan.sinkin.html
It's related to realphx.com
Solarian
0 
Download and run this small program, should take care of it. MrC
RealPhx Cleaner (c) 2003 Randy Shepard & Associates Inc
0
www.realphx.com is not a virus it's adware and it's not that hard to remove. Just go to the site and go down to the very bottom of the site and there will be removal directions. This works i got it off of one of many computers this way and nothing goes wrong after removing it.
0
RealPHX appears at first not to be a virus. But be warned, it is. Although it only appears to edit ur search engines and ur AOL profile, it ALSO installs the Trojan.Sinkin virus. This can be tricky to remove, and even if u go to the bottom of the page, and remove it the way realphx.com suggests, it will remain on ur hard drive, and continue to infect ur files. The web link above, given by Solarian is the best way to remove the virus. But, u also need to fix ur search engines. Without following those directions carefully, the av.exe file will remain in the C:\ drive, again, follow those directions carefully.
0
I am a 13 year old kid who likes to chat with his freinds online but now this realphx.com thing is screwing up my profile. Also the website realphx.com is down so i cant go to it. I dont know much about computers, so when i tried solarians link i couldnt figure it out. And i downloaded the cleaner thing but it didnt work. What should I do???
0
I have tried everything to get rid of my profile link!!!!! IT WON"T WORK! Can someone please help me!!
0
Follow the instuctions on this page: http://resnet.bgsu.edu/Resources/ResNetPages/FixMessageTrojans.htm
It has an automated tool to remove the Aplore and Realphx virueses which attack AIM.
0
restart your computer in safe mode, then delete the b.exe file in my computer\C:\windows
if you don't know how to start up in safe mode go to Start\programs\accessories\system tools\system information.... then at the top click the "tools" and find "system configuration utility" click Diagnostic setup, and reboot, it will give you a safe mode option. there might be an easier way to do that, but thats what i was told.
0
Ok, so i restarted in safe mode and deleted b.exe- and the thing in my profile is gone. Thanks a lot. But, is all that trojan nonsense off my computer too? Am I totally clean of the virus or is my profile just fixed? Anyones help on this would be appreciated.
0
I've found it's easier for people to just do a few simple steps to rid themselves of the realphx virus. Go to task manager and end the b.exe process, then go to msconfig and under your startup tab, change the b.exe to not startup on window's boot up, then go to C: windows and delete b.exe, retart and it should be all good, after I did this, the aim profile has not come back, I've done a computer search for both av.exe and b.exe, both couldn't be found, and I checked my registry, there was nothing suspicious in it either. Just some help for anyone who needs it but doesn't wanna hassle with tryin to start up in safe mode.
0
i have this virus in my info and it goes to www.talkstocks.net and i think its a real phx virus but i have no idea how to get rid of it and that ad aware software that my friend put on my computer DOES NOT WORK it brought a lot of SPAM! :-( i just want to get my computer back to normal...!
0
I have tried so many different things to get rid of the realphx.com virus and nothing has worked. I have tried just about everything on this website and either they didnt work or i dont know enough about computers to follow the instructions. i spent several hours trying to fix this thing and i'm just really frustrated. I would really appreciate it if someone could help me! thanks so much
0
Try this.
http://www.rsaisp.com/software.asp
Click on the binary link.
I hope it helps!!
- Dave
0
Hey, thanks a million ddaeschl!!! this thing appears to have worked. the link is gone from my profile, but is there anything else that i can or should do to make sure that there are no viruses/trojans or anything else that could harm my computer still on there? if you could let me know, i would really appreciate it. thanks again!
0
I'd suggest using a virus scanning program (mcaffee, symantec, trend, etc..) for at least the next month to make sure all traces of the crap are removed from your system. The month will allow anti-virus companies to catch up with the newest versions of this bug as it seems like they have been being relased daily.
The definite thing to not do is run their fix on their page, they used to have a fix that my company wrote up there, but since they have updated it with what looks to be a far worse virus then the original .hta exploit as it does something with your hosts file, your ie start page, your search page, your toolbars. It literally messes with everything!
Be careful.
- Dave
0
Yeah, good advice, but unfortunately, the first thing i tried was using the fix on their page and now my computer is really messed up...it freezes constantly, it keeps resetting my homepage, and i'm finding porn and crap all over the place...i really dont know what to do...someone said i should probably just format my computer (i.e. backup everything i want to keep on CDs and erase the hard drive) and i'm beginning to think thats my only option...any other advice u might have would be welcome... thanks again for all your help.
0
Can anyone give me an email address for someone from RealPHX? I have tried everything previously posted here and nothing is working. My computer says that the av system is gone, but my homepage keeps resetting itself to av. My profile still contains the link no matter how many times I delete it, and whenever I go on the internet, fifteen pop ups saying "install adware" attack my computer screen. AHHHH
0
I think a lot of the people still having problems downloaded the "fix" on realphx.com. At the time of writing this our software doesn't remove all the spyware that their "fix" installs. If I get some free time I will see what I can do about that.
Wingnut, do you know how to navigate the registry editor? If so go to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
and
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
..and tell me what you see in there. If you see an ld.exe entry, I know that is part of their spyware crap and you can safely delete it. I may be able to help you with a manual fix and then once I know exactly what their "fix" is doing I could make the removal of their "fix" part of the current phxfix program.
0
hey dave, i searched through my registry editor like u said, but i didnt see that particular file....you told me to tell you what i saw, i really couldn't tell you, i dont know what that stuff is, on the first one, there were only a few things, and on the second one, there was a long list...so i dont know if u want me to list everything or what...maybe u could just tell me about other suspicious entries that i could look for...in any case, again, i just want to say thanks for all your help...i really appreciate all of your effort
0
Wingnut, tonight if I get time I will write a fix for the adware that the "fix" on their page installs. However, existing products may already be able to remove the toolbars/popups/etc from your computer. Try downloading a program like spybot (http://security.kolla.de) or adaware (http://www.lavasoftusa.com/) and see if it clears up the effects.
0
dave,
i already have spybot and everytime i run it, it seems, it finds new things...i just downloaded ad-aware, and it found a bunch of things associated with the porn links i have been finding on my computer, as well as a bunch of other stuff...i deleted the porn stuff and a bunch of other stuff it said was hijacking or causing pop-ups, but i'm not sure what to do about the rest...i thought i would just list some of the ones i wasn't sure about and get your opinion on whether or not i should delete them...there were a bunch under the name "huntbar" and there was no description available...there were some called "istbar" with no description, several called "lycos sidesearch" with no description, and there was one called "virtual bouncer" with no description... any idea what those are? anyway, yeah, if u have time, i would love to try out any fix you could make...thank you once again for all your help...i really appreciate it
0
hey dave, good news! after i deleted a bunch of that stuff that i found in ad-aware, i restarted my computer and it appears all the porn stuff that was on there is now gone...so that's good...so i just need to see if everything is back to normal or if i find anything else that i know shouldn't be there...talk to you later
0
If everything appears to be fixed I would just keep up with regular virus and spyware scans to make sure you computer is clensed and also to keep yourself from retaining anything in the future. I'm glad to hear you're back to normal though :)
0
hey ddaeschl...i too am a victim of annoying porn pop-ups b\c i tried to use the 'fix' on realphx...i don't know how to access my registry and delete the files you told wingnut to do...if you can help me i would appreciate it...thank you!!!
0
I tried using the link http://www.rsaisp.com/software.asp
but when I hit the download button, I get a quicktime thing that doesn't do anything. The same thing happened when I tried to download adaware and spybot. Do you know why this is. Please help I am desperate to get this thing off my computer.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
