Browsers and Users are under attack...

Discuss whatever you like here! ( ...that's not spam!)

Moderators: Support Staff², Support Staff, AvantGuard, Developer

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Browsers and Users are under attack...

Post by josephrot » Sat Apr 21, 2007 11:20 am

A Warning Regarding Avant / Other Browsers

and a short reason how it relates to Avant...

As of this writing (Friday 20 April 2007) there is and are a great number of malware, trojans, possible virus, and spyware that is "tearing through" most all defenses. The major anti-virus and anti-spyware programs and safeguards are either currently totally ignoring the threats, or detecting their "residue" after the fact, that is, after they are in the computer system.

Many of these protective softwares insist that the danger is detected and cleaned out, but such is not the case, as the infections are still there or return soon thereafter.

New products, some working very well, and then some just as dangerous as the infections noted above, are coming out, as the "major" products like SpySweeper, Spyware Doctor, AVG, McAfee, and even to some extent Kaspersky, are overall totally useless at this time. They either do not protect, do not detect or do not successfully clean out the problems. Some tools even do none of these three vital needs.

Yes, these great and noble protection products will catch up with the problems, and updates will be issued, but in most cases, up to two weeks too late. The protection product producers are all of a sudden tight-lipped, so they are hopefully working on these problems.

A short reason how it relates to Avant...

Many of these infections are now making problems for Avant (and other browsers too), in terms of speed problems, dragging users to spyware-sites, foreign web-sites as well, and a new series of memory-related problems are cropping up.

Not meant to scare people, but this problem is real, has been around for as long as two weeks...perhaps more, and is hopefully going to be resolved very soon.

Just beware.

( Admin, this should be posted here and another place on the Forum that can be easily SEEN ?? Perhaps in only-Moderators-Can-Post areas ? )
Last edited by josephrot on Tue Apr 24, 2007 6:49 pm, edited 2 times in total.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

abfan123
Avantus Maximus
Avantus Maximus
Posts: 5624
Joined: Wed Jan 26, 2005 4:24 pm
Windows Version: Vista Ultimate x64 SP2
Avant Version: 11.7 build 43
IE Version: 8
Contact:

Post by abfan123 » Sat Apr 21, 2007 11:52 am

Unsure about other software,But I have just 1 security software running:
Trend Micro Pc-Cillin Internet Security 2007 with all the protections enabled.
I'm always downloading all the latest updates from WindowsUpdate.
So far,I've never received any viruses or other type of malware.
I know that not only by the scan results,But also because my system is running fine without any problems/weird tray icons/unwanted toolbars or popups/decreased performance/weird homepages or unknown processes in the task manager/startup programs.
I haven't reinstalled Windows on that system for almost a year.

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Post by josephrot » Sat Apr 21, 2007 12:03 pm

abfan123 wrote:Unsure about other software,But I have just 1 security software running:
Trend Micro Pc-Cillin Internet Security 2007 with all the protections enabled.
I'm always downloading all the latest updates from WindowsUpdate.
So far,I've never received any viruses or other type of malware.
I know that not only by the scan results,But also because my system is running fine without any problems/weird tray icons/unwanted toolbars or popups/decreased performance/weird homepages or unknown processes in the task manager/startup programs.
I haven't reinstalled Windows on that system for almost a year.
Definitely a good situation. A good position to be in.

We see it more here due to the testing we have to do too, and of course an average of 45 more or less users who travel to all points on the information highway. :shock:

But the problems shall pass. For example, there's one excellent security application that will not install on a few XP 32bit systems, Prevx...and Previx appears to be working where the other protection applications are currently not.

We all suspect that it's due to already-in-place infections, but Previx too are working to solve that problem, so their protection software can be more widely used.

It is indeed a real problem. Almost enough to make a grown computer user want to :cry:
Last edited by josephrot on Sat Apr 21, 2007 1:09 pm, edited 1 time in total.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
hornakapopolis
AvantGuard
AvantGuard
Posts: 11321
Joined: Thu Jul 31, 2003 2:09 pm
Windows Version: Windows 10 Pro 64
Avant Version: 2015
Default engine: Chrome
IE Version: 11
Skin: Stickers
Location: Ohio, USA
Contact:

Re: Browsers and User are under attack...

Post by hornakapopolis » Sat Apr 21, 2007 1:03 pm

josephrot wrote:( Admin, this should be posted here and another place on the Forum that can be easily SEEN ?? Perhaps in only-Moderators-Can-Post areas ? )
It's great and very informative that you post these, but more than an acceptable amount of of your threads are being double-posted and then having to be moved by our staff... usually because they either don't relate at all or because, as is the case here, it only vaguely relates and the relation is given more as info and after the fact, so please post these on their own in their appropriate forum.

We definitely appreciate the info, but this has been brought up before, so this will be the last discussion we have about the posting. Thanks

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Post by MysteryFCM » Sat Apr 21, 2007 2:08 pm

One thing Denny did not mention, but VERY important if posting things such as the above .... VERIFIABLE SOURCES!

If you do not have source that can verify such claims, DO NOT post them please as it goes more toward scare mongering than actually helping.

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Re: Browsers and User are under attack...

Post by josephrot » Sat Apr 21, 2007 2:51 pm

hornakapopolis wrote:
josephrot wrote:( Admin, this should be posted here and another place on the Forum that can be easily SEEN ?? Perhaps in only-Moderators-Can-Post areas ? )
It's great and very informative that you post these, but more than an acceptable amount of of your threads are being double-posted and then having to be

moved by our staff... usually because they either [bThanks
It was supposed to be a response to a user problem, but I realized the impact of the reply, so better to get it seen by as many as possible.

Thanks for moving it, as I didn't remember that I had caused it to stick in the Forum twice.

I usually only post twice if there's a short reply to a specific problem, then if there's a need for a "news item" which are usually longer, or better explained, I should post THAT longer one to the Avant Browser Discussion ??

Sometimes, the responses might seem similar, but not really intending to directly duplicate.
Last edited by josephrot on Sat Apr 21, 2007 11:58 pm, edited 1 time in total.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
ReleaseRoderick
Avant Fanatic
Avant Fanatic
Posts: 345
Joined: Mon Dec 25, 2006 1:38 pm
Windows Version: WinXP Pro
Avant Version: AV11.7build46forever
IE Version: IE.8
Location: 4000 holes in Blackburn,Lancashire

Post by ReleaseRoderick » Sat Apr 21, 2007 6:46 pm

It ain`t wot u do, it`s the way that yer do it....
If we could read your mind, well...what a tale your thoughts could tell...
I`m just sitting here watching the wheels go round and round,
i really love to watch them roll...
Love,Light and Peace
ian

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Post by josephrot » Sat Apr 21, 2007 11:56 pm

MysteryFCM wrote:One thing Denny did not mention, but VERY important if posting things such as the above .... VERIFIABLE SOURCES!

If you do not have source that can verify such claims, DO NOT post them please as it goes more toward scare mongering than actually helping.
1000% agreed here.

So far, am awaiting feedback, likely Monday when their offices are open, from Prevx1's maker, Kaspersky and Webroot (Spy Sweeper) regarding these "new" threats, and how they are literally slicing through even combined defenses.

I and other system techs have already been in contact with the above-noted protection makers, and others as well.

For example:

On one unit, I run AVG anti-virus with firewall, Webroot Spy Sweeper and at times, even PCTools Spyware Doctor, all at one time, and also separately.

One or two VERY hard to remove spyware / adware "nasties" came right on in, totally undetected, and so far these nasties are impossible to delete totally, even though they are being detected.

What IS even more worrisome... if these spyware / adwares are coming in and slicing through defenses.... can we imagine what a REALLY bad virus or data-stealing bug could do?

I will be happy to share what information I receive.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
PatG
Semi-Fan
Semi-Fan
Posts: 99
Joined: Sat May 24, 2003 10:00 pm
Windows Version: Windows
Avant Version:
Location: Deep South Alabama

Re: Browsers and User are under attack...

Post by PatG » Sun Apr 22, 2007 12:44 am

What a very interesting thread! Had the bejesus scared out of me TWICE this week w/a trojan (VBS/tivso.gen trojan) TRIED to ride in on Avant to my machine. But NOD32 threw up this HUGE red & white "Threat Alert" before it got on. Sent the alert to the good folks at Eset and there was no infection. When I asked 'em HOW they said that it tried to use Avant as a carrier to get into my machine. Folks, this is the very first time anything like this has happened to me and believe me, I've been computing since the early 90's. I am behind a firewall and a router w/security enabled, but if I hadn't had this very excellent AV on my machine, there is no way to tell how much trouble/damage it would have done. Please, pay attention to the OP!
AB 11.0 build 46 (to stay for a while) on XP Pro SP2

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Re: Browsers and User are under attack...

Post by josephrot » Sun Apr 22, 2007 12:19 pm

PatG wrote:What a very interesting thread! Had the bejesus scared out of me TWICE this week w/a trojan (VBS/tivso.gen trojan) TRIED to ride in on Avant to my machine. But NOD32 threw up this HUGE red & white "Threat Alert" before it got on. Sent the alert to the good folks at Eset and there was no infection. When I asked 'em HOW they said that it tried to use Avant as a carrier to get into my machine. <snip to save space > Please, pay attention to the OP!
That's somewhat similar to what happened here...but with a negative twist for now:

In my case, newest Grisoft AVG with firewall AND newest PCTools Spyware Doctor BOTH threw up the dreaded warning at what appears to be a common web-site that I hit. Newest Webroot Spy Sweeper ignored or detected nothing at all. (by newest, I mean totally up-to-date updates, too)

"OK", I thought, I will make SURE that I select the "block" command so that nothing happens -- at least I have been warned and the quality anti-virus / spyware products will protect -- and so I selected the "block this bad boy" command in BOTH protection dialogs that popped up.

Well, suffice to say, that was absolutely worthless(!)

The nasty spyware / trojan / virus was STILL loaded in by the browser, and it's that particular one that can be detected, but it's so far impossible to remove or even stop it from running.

Manually locating the things in the Registry, in the system drives, and in MSCONFIG lists, then careful manual deletion, seems to work -- yet on next boot, it's all back in there again, so in reality, manual effort is worthless too.

Saturday 21 April Update: Current version Prevx1 scans, detects and notifies of the same problems. Prevx1 appears to sequester the bad guys, then asks me to re-boot to totally fix things. After reboot, though, ALL the bad guys are still there, absolutely nothing has been fixed at all(!)

Doesn't matter if one is running XP SP1, SP2 or who knows what.

Every so often, the web browser insists that it MUST go off and visit a URL location in the Bahama's, but the firewall is totally preventing that. Not 100% sure if data is being fed from the local PC to some bad guys somewhere, but I currently suspect not, as the packet sniffer and firewall say nothing is going out.

For now, it's cost me four+ days lost work, as I don't DARE trust anything I am doing on that machine -- at least until ALL of the potential spyware / virus / malware / trojans are COMPLETELY gone.

If anything scares me, it's the above situation. .. :shock:
Last edited by josephrot on Sun Apr 22, 2007 2:46 pm, edited 2 times in total.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Re: Browsers and User are under attack...

Post by josephrot » Sun Apr 22, 2007 2:40 pm

Reading the above "report" may help...

Sunday 22 April Update: A quick Email reply from Previx HQ says that the main infection it's finding on my system is related to or is SpywareQuake, or at least what Previx terms SpywareQuake.

( One trouble with anti-spyware is that most makers insist on attaching THEIR preferred names to most all spyware and other nasties... which may be done to keep users with THEIR products, IMHO. )

In any event, Previx says that the actual problem may be already stopped by their software.

However, users are finding that even after re-boot, the infection .DLL's are still not being deleted from the system drive -- in this case from /windows/system32 directory -- no matter what Previx says it is doing -- that to me is NOT a total solution to the problem.

So far, Previx, and any other anti-spyware tools that detect the problems, keep on reporting that the spyware or problem has been detected, some products say "OK, re-boot to finish solving the problem", but nothing is really being done.

More later, as at least Previx promises a more complete reply to my new objections soon. :roll:
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Post by MysteryFCM » Sun Apr 22, 2007 3:51 pm

RougeRemover from MalwareBytes (http://www.malwarebytes.org) will get shot of SpywareQuake and it's ilk.

As to your system(s) getting infected, perhaps your security protocols, programs/defences and preferences need reviewed?

Additionally, NOT having ActiveX/Scripts enabled will help PREVENT the vast majority of infections as these are the most commonly used vectors (yes I know they are required for some site's, but it's a click of a button to re-enable such for those site's)

/edit

As an addendum, the best (IMHO) security app's I've come accross and used are;

AV: NOD32 - http://www.eset.com
AM/S: AVG AntiSpyware - http://www.ewido.net
AR: GMER - http://www.gmer.net
FW*: Tiny Personal Firewall (LFV)

*Router (HW) based should always be used in ADDITION to a software based FW

SysMon: WinPatrol - http://www.winpatrol.com
Last edited by MysteryFCM on Sun Apr 22, 2007 3:58 pm, edited 1 time in total.

User avatar
PatG
Semi-Fan
Semi-Fan
Posts: 99
Joined: Sat May 24, 2003 10:00 pm
Windows Version: Windows
Avant Version:
Location: Deep South Alabama

Re: Browsers and User are under attack...

Post by PatG » Sun Apr 22, 2007 3:57 pm

Sorry to hear the problems you're having, josephrot. One thing I forgot to state in my last post concerning this problem: It is ALWAYS safe to have an image of your HD "just in case". I image about every 3/4 days, so even if my AV had not caught that badboy, a simple 15 minute restore of an earlier image would have solved the problem. I'm not talking about XP's Restore, but a 3rd party program, ie: TrueImage, DriveImage, etc. IMO, it WELL worth the money to forego all the time, headaches, and trouble involved to get your hd back to normal. :D
AB 11.0 build 46 (to stay for a while) on XP Pro SP2

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Re: Browsers and User are under attack...

Post by MysteryFCM » Sun Apr 22, 2007 3:59 pm

PatG wrote:It is ALWAYS safe to have an image of your HD "just in case". I image about every 3/4 days, so even if my AV had not caught that badboy, a simple 15 minute restore of an earlier image would have solved the problem. I'm not talking about XP's Restore, but a 3rd party program, ie: TrueImage, DriveImage, etc.
VERY well put! (and agree completely)

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Post by josephrot » Sun Apr 22, 2007 5:02 pm

MysteryFCM wrote:RougeRemover from MalwareBytes (http://www.malwarebytes.org) will get shot of SpywareQuake and it's ilk.

As to your system(s) getting infected, perhaps your security protocols, programs/defences and preferences need reviewed?

Additionally, NOT having ActiveX/Scripts enabled will help PREVENT the vast majority of infections as these are the most commonly used vectors (yes I know they are required for some site's, but it's a click of a button to re-enable such for those site's)

/edit

As an addendum, the best (IMHO) security app's I've come accross and used are;

AV: NOD32 - http://www.eset.com
AM/S: AVG AntiSpyware - http://www.ewido.net
AR: GMER - http://www.gmer.net
FW*: Tiny Personal Firewall (LFV)

*Router (HW) based should always be used in ADDITION to a software based FW

SysMon: WinPatrol - http://www.winpatrol.com
Many thanks for the information and ideas....

1. So far, the defenses SHOULD be "OK" overall, as I suspect that this new batch of spyware and trouble-makers may have just caught the protection industry with their digital pants down, and things will quickly get better.

2. And yes, I have finally taken steps to by default, disable the use of ActiveX and sadly also Scripts, even though most web sites correctly use them of course.

However, until things get better and pigs fly, I suspect that it's far better for now that I and our users know when to enable as needed, but otherwise leave them disabled.

Luckily, Avant, Firefox and a few other tabbed browsers make this disable / enable activity fast and easy to accomplish.

3. I will proceed and give RougeRemover from MalwareBytes (http://www.malwarebytes.org) a shot at SpywareQuake and whatever ilk happens to be around. Appreciate the heads-up on that one.

4. Agreed here on AVG. I have always trusted and used, and recommended, Grisoft's AVG products, so I am hopeful they will stay at the protective forefront.

As for firewall, software wise... as far as our experiences go, AVG + Firewall seems the best overall "single source combo" of anti-spyware / anti-virus / firewall...but I also champion to many the use of Webroot's Firewall...as it seems to do very well.

The worst problem with the situation beign described in this topic?

It may well be that the defenses are being easily penetrated, even AFTER the offenders are being detected. The defender software were supposed to totally detect, warn and then allow easy bypass of anything getting IN -- but it seems that the defenders were or are not doing their job -- at least not yet.

5. And yes, our broadband, both cable and DSL is in use around here.... we usually enable and use the hardware firewalls to add a "second brick wall" around us. Likee the software ones, hardware firewalls are not perfect, but they are a good additive defense.

Thanks again for the heads up and RougeRemover thoughts.

Hopefully, this whole Avant topic area will be of great benefit to us all, neophyte and experienced users alike.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Re: Browsers and User are under attack...

Post by josephrot » Sun Apr 22, 2007 8:20 pm

PatG wrote:Sorry to hear the problems you're having, josephrot. One thing I forgot to state in my last post concerning this problem: It is ALWAYS safe to have an image of your HD "just in case". :D
As noted, well stated and always a good idea, and thank you for making sure we all see it, lest we forget a very sensible idea.

And yes, we image the critical core + critical data off of the HD's to twin 500GB HD's we use as a "sort of like a RAID system".

The image we use is carefully "tuned" so that we can plug it in, run it, and the critical system + data only is placed back. We used to do this every 7 days or so, but now do it every 3 days for the three main "gotta have them right!" computers among the seven we have in offices.

One thing we are careful of is to make real sure that the image's are totally free of any nasty codes, spyware, etc. Takes a little longer to do that, but it pays off well.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Re: Browsers and User are under attack...

Post by josephrot » Mon Apr 23, 2007 10:07 am

UPDATE: Monday 23 April

Well, it appears that after eight different products have been tried, we wind up with four major spyware's being detected, all but one or two seem capable to be detected and eliminated...and kept away.

The last menace that is resisting all eight anti-virus / spyware deletion attempts is one that is notorious indeed, that being Vundo, otherwise known as a small variety of names:

Trojan.Vundo
Trojan.Vundo.B

aka: WinFixer

and other names as well -- most of those name composed of nasty or worse swear names. I sometimes prefer a three-letter acronym that starts with s and ends with b, but I will call it Vundo for now.

Nothing is totally deleting this attacker, not Symantec, Nortons, Webroot, AVG, Prevx, RogueRemover (or Pro), Spyware Doctor, Kaspersky...etc.

Although all of these fine tools KNOW it's there, they detect and identify it, however, even totally disconnected from the Internet, no matter if your system is in Normal or Safe mode or you un-block the systems backup hidden/restore files, they can't do a thing about it, otherwise.

The browsers are supposedly protected as well, from changes that Vundo attempts on them, yet Vundo still succeeds in changing them as well when it wants to.

It's staying power is so well known, that many tens of thousands of computer users live with Vundo in their systems for weeks at a time, as not much of anything can delete it, or keep it away.

Vundo and any variants are well known for ignoring most all of a computers defenses, be they anti-spyware scripts, software or hardware firewalls, Heuristic engines, etc. In fact, Vundo will even "ask" to enter your system, be detected by the above, and when you say "No!", it comes in anyway.

Time to Toss It

So, I am of the position that either it leaves or I will junk the computer totally, and start fresh.

And in a friendly way, I am of the position that I dare anyone to provide an answer for this.

Why? Because as of this writing, none of the above eight tools are anything but helpless and powerless to do anything. In fact, MANY of the above eight state clearly, in exact words "We will try to remove the infection." Note the emphasis on the word "try"...

This situation of course may change.

Is this situation of potential concern to Avant and other browser and system users ? Absolutely. That is, it's not only "my" concern" but also many others, as I am advised that this situation is happening a lot.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Post by MysteryFCM » Mon Apr 23, 2007 4:39 pm

If you've got Vundo you need SiRi's SmitFraudFix;

http://siri.geekstogo.com/SmitfraudFix.php

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Post by josephrot » Mon Apr 23, 2007 11:48 pm

MysteryFCM wrote:If you've got Vundo you need SiRi's SmitFraudFix;

http://siri.geekstogo.com/SmitfraudFix.php
Yep.... will add it in above, but I also located and ran the newest current SmitFraudFix three times at the minimum. No change, as it FOUND something, said it would need to boot to take care of its activity...but nothing changed in the end run.

Forgot to add that in the above earlier message...as that would be repair tool number 9 that was tried.

Quick Update: Monday 23 April - Spyware Doctor (PCTools) AND Spy Sweeper (Webroot) both updated a little while ago... shall see if anything positive was accomplished.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Post by MysteryFCM » Mon Apr 23, 2007 11:57 pm

OOI, are you running these in normal, or safe mode?

.... and can you post the SFF report?

If nothings getting rid of it, chances are you also have a rootkit .... so might also want to run GMER (http://www.gmer.net) to track it down.

Post Reply