|
If you got hit with this exploit I suggest you run a FULL virus scan and not the quick scan.
Malwarebytes will remove the main problem but might not get everything. Avast found 3 other files that none of my other programs caught that appear to be connected to this exploit. |
Got hit by this too.
|
I managed to remove the main elelements of the exploit' but there seem to be still some issues when I try different anti malware and anti virus apps. MalwareBytes removed some files in safe mode and Spybot Search & Destroy removed others. I changed my proxy settings in my browsers. MS Malicious Software removal tool found another backdoor. Those steps removed the pop up fake anti virus app. And now I am running a full AVG scan to remove any detritus.
|
rrrrrr double post
|
http://i43.tinypic.com/1y3evr.jpg
avira catch it today, but it was just placed on hd, and avira stoped the shit |
Nice, fake anti-virus crap and one of the pages it'll open... adult.com.
|
Avast blocked it yesterday but now it seems gone. I love my FREE Avast, will never understand those paying for crap like Kaspersky or Norton that usually got hit without even noticing it. And the paid version for 50 bucks or so ain't too shabby either
|
....................................
|
haha I made a thread about it this morning too..
https://gfy.com/showthread.php?t=967847 http://a.imagehost.org/0530/wtf_9.jpg |
It works fine on my browser.
|
Quote:
That's the same thing i was getting, it would sometimes go to porno .com or porno .org. After visiting gfy this morning my computer went crazy for the second time and it took me half the day to remove this fake Antispyware. This site helped me remove it-->http://www.windowvistarepair.com/Vis...t-removal-516/ along with norton and spyware doctor. Norton and Spyware doctor did not remove the software the first time around. I also install Adblock plus for FF. |
Im a freaking noob with virii/trojans/malware, and the same goes with detecting and removing it.
Whats the best process to check/remove on a windows vista, with firefox, machine? |
Quote:
|
So, after 4 pages.. any indication who was responsible?
|
Quote:
Startup in safe mode, the goto run and startup regedit, then goto HKEY_CURRENT_USER_\Software\avsoft there will be another folder next to this one with a similar name i also removed that, then run the exefix_vista and restart normally it should of fixed the situation. Im no expert so if anyone else can help further then cool. There also maybe something at C:\Users\(your user)\AppData\Local asam.exe and syssvc.exe remove these as well |
Quote:
|
I smell ZANGO!!
|
IE7 here - seen nothing.
Internet Settings: Medium-High (default) Also: Give (hardly) no site Trusted status. Personally I like F-Prot for a mere $29.95 a year. (for use on up to 5 boxes I think) Out of Finland. Top notch. Better than Kaspersky imo. They won't stop hijackers if you are too loose on your browser settings but they will stop all virus and trojans as well as anyone. It updates everyday and I don't even notice its on. http://www.f-prot.com I used to give lots of sites Trusted status. Got a hijacker and eventually had to reformat. Since then I run ultra tight settings on IE7 and (knock on wood) no problems. Trusted status is hardly never needed. Medium-High "Internet" settings eliminates most of Active-X stuff. It disables alot of other stuff too and yet I get around fine. |
Thats why I no longer browse GFY on my work/sites administration computer... I can't afford to let some shit sneak to my system and then infect my servers and websites.
|
Quote:
|
Quote:
|
Quote:
|
I use Chrome and Win XP 2010 Black Edition... no popups/trojans/etc here... as far as I know anyway :uhoh
|
Shit. Ever since this crap FF is the only one of my browsers that can browse the internet. Trying to fix it now.
|
Quote:
|
Is it safe now????/
|
god dammit. my w7 is totally hosed now, cant even fire up ad-aware. copying work files to a pen drive and gonna nuke this hard drive and reformat.
|
I ran mallwarebytes once more this morning and came up with one infected file.
Could this thing be re installing some on me? I am semi new to getting rid of this stuff as I rarely pick up something like this, so any help would be appreciated ;) |
Quote:
The virus basically installs a rootkit so hacker can control or do pretty much anything he/she wants to target or from targets computer. It doesn't stock install a keylogger but right away it opens up a secret backdoor and proceeds to install whatever it wants at runtime or at a later date and that may include keyloggers or pretty much anything. p.s. most of the server it runs on are out of russia or russian connected , but that doesnt say much hackers often route thru russia/china so as to make tracking them harder and lawsuits seem unobtainable. |
It opened a browser on its own to adult.com
|
Quote:
Firefox + adblock plus + noscript FTW :2 cents: |
Quote:
|
I didn't, was busy trying to get rid of the crap.
|
| All times are GMT -7. The time now is 03:34 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123