Exploit-Blacole.gq | Could our PC be infected (Still)


  1. mrirondream
    Posts : 47
    windows 7 home premium
       New #1

    Exploit-Blacole.gq | Could our PC be infected (Still)


    Hey

    I'm looking for anyone who knows a bit more about viruses - specifically a Trojan identified as something like JS/Exploit-Blacole.gq

    I was doing a standard virus scan yesterday and my software (Bt Netprotect +) picked up 1 threat, named above.

    Some websearches suggested this may be a recent virus, of more than average threat to a PC - so I'm wondering how secure my PC is now? My main question is:

    What is the likelyhood that some other elements slipped past my defences?

    Since the infection time (not know specifically but thought to be within the past 2 days) I have run
    1 x Full scan with Bt Netprotect + [Eliminated a single instance]
    1 x Full scan with windows Defendor [Found no further threats]
    Several x Quick scans with Bt Netprotect + at varying times [Found no further instances]
    This would suggest that my PC is secure, but if the virus is recent and sophisitcated (as reports suggest) how likely is it that something was not detected?

    Anyone who knows more about this virus might be able to tell me if it's likely the 1 detected file was all that was downloaded. I'm hoping that the answer is yes: initially you pickup the 1 file, which later goes on to download further malicious files - and that Bt Netprotect effectively killed the horse before it let the army in.




    Any further information is appreciated
    With Thanks

    MID
      My Computer
    Quote Quote

  3. marsmimar
    Posts : 10,994
    Win 7 Pro 64-bit
       New #2

    I'm not a malware expert, but there are two generally accepted truths.
    1. Once a machine gets infected, you can never be 100% sure that 100% of the malware has been found and removed because:
    2. No anti-malware product is 100% effective 100% of the time. (If there was such a product we'd all be using it.)

    Having said that, it would be a good idea to scan your computer with some additional free tools. The more tools you use and the more scans that come back with "no malware found", the closer to 100% you'll be. Here are some recommendations.

    Windows Defender Offline (the media must be created on a malware free machine and the machine must be the same architecture as the infected machine - 32 bit or 64 bit)

    Malwarebytes

    ESET Online Scanner

    HitmanPro (unlimited free scanning but only 30 day license for malware removal)

    SuperAntispyware
      My Computer
    Quote Quote

  4. Borg 386
    Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       New #3

    Encyclopedia entry: Exploit:JS/Blacole.GQ - Learn more about malware - Microsoft Malware Protection Center

    More details are available in the Family description of JS/Blacole

    JS/Blacole is a detection for a component of the Blackhole exploit kit - a kit used by attackers to distribute malware. Attackers install the kit onto a server, and then when you visit the compromised server, the kit attempts to exploit various, multiple vulnerabilities on your computer in order to install malware. For example, if you browsed a compromised website containing the exploit pack using a vulnerable computer, malware could be downloaded and installed onto your computer.

    Typically, the Blackhole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.

    For more information on this exploit kit, and steps you can take to avoid being compromised, please see the detailed Blacole description, elsewhere in our encyclopedia.
    It would definitely be a good idea to run the tools marsmimar has suggested. Viruses have a nasty habit of bringing in more viruses once a system is compromised. And as marsmimar stated, the only way to be 100% sure you have a clean machine is to do a clean install.
      My Computer
    Quote Quote

  6. mrirondream
    Posts : 47
    windows 7 home premium
    Thread Starter
       New #4

    How do I go about a clean install?

    And How can I transfer personal files without compromising any harddrive I connect to my laptop?
      My Computer
    Quote Quote

  7. Borg 386
    Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       New #5

    Transferring files from a infected PC always carries the risk of inadvertently bringing a virus over. The first thing you should do is run the above mentioned tools as well as TDSSKiller to insure your machine is as clean as possible.

    Then transfer the files to a CDR or USB drive. When you have finished reinstalling windows, make sure that autoplay is disabled on the clean PC, insert the USB/Disk & scan it with the AV you have on your system, as well as the tools marsmimar has recommended.

    It's also a good idea to run your files through VirusTotal. This is a site that has multiple AV engines to scan files. (32MB File size limit)

    Here is a tutorial on doing a clean install.

    Clean Install Windows 7

    In the future you may wish to make a system image & the next time you are hit by something, you can just restore your PC to the state it was in when the system image was made.

    Backup Complete Computer - Create an Image Backup
      My Computer
    Quote Quote

  8. mrirondream
    Posts : 47
    windows 7 home premium
    Thread Starter
       New #6

    I'd like to say thanks for the advice.
    We've got a new system now and haven't noticed any problems thus far

    fingers crossed!
    MID
      My Computer
    Quote Quote

 

  Related Discussions
I E Exploit
in Browsers & Mail

Has anyone seen anything about I E 6, 7 ,8, 9. NOT IE 10. I just had a note from Community Feedback where it's posted now. Thanks for any info. I'm home for lunch now... will check back after work.
Another week, another flash exploit.
in Music, Pictures & Video

Another week, another Adobe Flash vulnerability. It seems like every few days there's another one. Hackers exploiting Flash Player XSS vulnerability | ZDNet I think it has become abundantly clear that Flash is never going to be safe. Perhaps Adobe doesn't have the brainpower to fix it, or...
Twice whilst playing CS:S I have had the following message pop up. I have scanned with both Malwarebytes and AVG and nothing has been detected. What should I do? http://i702.photobucket.com/albums/ww28/tommyd123tom/Untitled.png I was on the same server both times. I have looked through my...
For those of us that still use or have XP loaded... Hackers exploit Windows XP zero-day, Microsoft confirms Source Hackers exploit Windows XP zero-day, Microsoft confirms - Computerworld Tool/fix provided - Microsoft Fix It
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 07:41.
Find Us