Browsers and Users are under attack...

Discuss whatever you like here! ( ...that's not spam!)

Moderators: Support Staff², Support Staff, AvantGuard, Developer

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Post by josephrot » Tue Apr 24, 2007 8:54 am

MysteryFCM wrote:OOI, are you running these in normal, or safe mode?

.... and can you post the SFF report?

If nothings getting rid of it, chances are you also have a rootkit .... so might also want to run GMER (http://www.gmer.net) to track it down.
Running all the tools as they each suggest, generally run them in Standard mode to initially scan, then run them again or change to Safe mode to scan and/or correct the damage(s).

Lately, however, if I just KNOW that there's nasty materials in there, I skip Standard and go direct to Safe mode.

Hmm, yes... Rootkit is a possibility. (Hey, people, remember it took Sony to make those RootKits "famous"...)

I too had a few random bats in my belfry that whispered "root kit?" yesterday...perhaps time to see about it. Although most of the "infamous eight" protection products SAY that they can detect rootkit(s), and so far they have not reported any...

I am game to give GMER a try, at least scanning the system. Presuming that GMER itself is an otherwise safe-to-the-system product, I shall see what it says.

Thank you for the heads-up on it.

UPDATE 24 April 2007 - Webroot Spy Sweeper says that its latest update detected Vundo in the system. Unfortunately, the Full Scan that detects it takes an average 3 hours(!)...and that's on a normally fast system.

After letting it run, detect Vundo and reset the system, I again booted into Safe Mode and ran Spy Sweeper again -- another 3 hours Full Scan -- and so far so good...Vundo IS gone totally, and nothing else is detected.

I will run GMER just for the sake of completeness...then MAYBE trust my system again for a short while... :wink:
Last edited by josephrot on Tue Apr 24, 2007 7:23 pm, edited 4 times in total.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Post by MysteryFCM » Tue Apr 24, 2007 9:03 am

GMER is completely safe (I've not only used it myself, I also know the developer) and unless you ask it to, will not do a thing to the system.

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Post by josephrot » Tue Apr 24, 2007 9:07 am

MysteryFCM wrote:GMER is completely safe (I've not only used it myself, I also know the developer) and unless you ask it to, will not do a thing to the system.
OK, that makes me feel better -- actually a pizza and some wine does, but GMER's OK too.

Note my UPDATE 24 April 2007 in previous message, and I shall give GMER a try.
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
blitzmaster
Fan
Fan
Posts: 198
Joined: Wed Apr 25, 2007 12:13 pm
Windows Version: Vista Ultimate x86
Avant Version: 11.7 build 26
IE Version: IE 8
Location: Manila, Philippines

Post by blitzmaster » Thu Apr 26, 2007 2:09 am

im running vista ultimate with nod32...i feel pretty safe!

yes threats are everywhere we just need to prepare!


avant 4 life!

User avatar
PatG
Semi-Fan
Semi-Fan
Posts: 99
Joined: Sat May 24, 2003 10:00 pm
Windows Version: Windows
Avant Version:
Location: Deep South Alabama

Re: Browsers and Users are under attack...

Post by PatG » Thu Apr 26, 2007 9:33 am

Coincidently, I have just got through fighting the "trojan.startup.1", but finally got rid of it. 3 days, machine acting like it was going to crash, and I too, am running NOD32. Been running it for 3 years, but a little ole program called "Bazooka", freeware, found it. Never so happy to see something leave my house! Machine is flying again.
AB 11.0 build 46 (to stay for a while) on XP Pro SP2

josephrot
Semi-Avantic
Semi-Avantic
Posts: 582
Joined: Fri Apr 08, 2005 11:52 pm
Windows Version: XP SP1 SP2 SP3 Vista
Avant Version: 11.7 Build 19
IE Version: IE 6 and 7 Firefox
Location: USA
Contact:

Re: Browsers and Users are under attack...

Post by josephrot » Thu Apr 26, 2007 10:25 am

PatG wrote:Coincidently, I have just got through fighting the "trojan.startup.1", but finally got rid of it. 3 days, machine acting like it was going to crash, and I too, am running NOD32. Been running it for 3 years, but a little ole program called "Bazooka", freeware, found it. Never so happy to see something leave my house! Machine is flying again.
PatG and others...

Ever get the impression after all this mess...

... that the major protection software makers were asleep at the wheel for many days

... that the major makers FINALLY woke up and improved their products or updated their files...

... and that the Shareware or "independent" protection software makers came to the rescue?
Computers are perfect! Absolutely nothing can guo wonge...
Those are NOT bugs in this software - Only Undocumented Transient Features

User avatar
MysteryFCM
Administrator
Administrator
Posts: 7330
Joined: Tue Dec 09, 2003 2:34 am
Windows Version: 10, 8.0, 8.1, 7, Vista, XP
Avant Version: 13.00 Build 23
Default engine: Gecko
IE Version: 7.x, 8.x, 9.x, 10.x, 11.x
Skin: AthenX
Location: Newcastle Upon Tyne, UK
Contact:

Post by MysteryFCM » Thu Apr 26, 2007 12:25 pm

Moved to a more appropriate forum.

User avatar
REDA
Newbie
Newbie
Posts: 1
Joined: Wed May 16, 2007 4:19 pm
Windows Version: Windows
Avant Version:
Location: Egypt

Post by REDA » Wed May 16, 2007 4:50 pm

Thank you

Sergei
AvantGuard
AvantGuard
Posts: 2488
Joined: Fri Sep 19, 2003 5:09 am
Windows Version: Windows
Avant Version:
Location: Galway, Ireland
Contact:

Post by Sergei » Sun May 20, 2007 6:45 am

I gave GMER a try, and now it's made a huge log file I can't understand in the slightest... Any warning signs I should look for?
My Cartoons
:
IE7 ][ Windows XP Tablet PC Edition 2005 ][ Avast! Antivirus ][ Kerio Firewall ][ DSL

Post Reply