Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Exploit-Blacole.gq | Could our PC be infected (Still)


23 Dec 2012   #1

windows 7 home premium
 
 
Exploit-Blacole.gq | Could our PC be infected (Still)

Hey

I'm looking for anyone who knows a bit more about viruses - specifically a Trojan identified as something like JS/Exploit-Blacole.gq

I was doing a standard virus scan yesterday and my software (Bt Netprotect +) picked up 1 threat, named above.

Some websearches suggested this may be a recent virus, of more than average threat to a PC - so I'm wondering how secure my PC is now? My main question is:

What is the likelyhood that some other elements slipped past my defences?

Since the infection time (not know specifically but thought to be within the past 2 days) I have run
1 x Full scan with Bt Netprotect + [Eliminated a single instance]
1 x Full scan with windows Defendor [Found no further threats]
Several x Quick scans with Bt Netprotect + at varying times [Found no further instances]
This would suggest that my PC is secure, but if the virus is recent and sophisitcated (as reports suggest) how likely is it that something was not detected?

Anyone who knows more about this virus might be able to tell me if it's likely the 1 detected file was all that was downloaded. I'm hoping that the answer is yes: initially you pickup the 1 file, which later goes on to download further malicious files - and that Bt Netprotect effectively killed the horse before it let the army in.




Any further information is appreciated
With Thanks

MID


My System SpecsSystem Spec
.

23 Dec 2012   #2

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit
 
 

I'm not a malware expert, but there are two generally accepted truths.
1. Once a machine gets infected, you can never be 100% sure that 100% of the malware has been found and removed because:
2. No anti-malware product is 100% effective 100% of the time. (If there was such a product we'd all be using it.)

Having said that, it would be a good idea to scan your computer with some additional free tools. The more tools you use and the more scans that come back with "no malware found", the closer to 100% you'll be. Here are some recommendations.

Windows Defender Offline (the media must be created on a malware free machine and the machine must be the same architecture as the infected machine - 32 bit or 64 bit)

Malwarebytes

ESET Online Scanner

HitmanPro (unlimited free scanning but only 30 day license for malware removal)

SuperAntispyware
My System SpecsSystem Spec
23 Dec 2012   #3

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

Encyclopedia entry: Exploit:JS/Blacole.GQ - Learn more about malware - Microsoft Malware Protection Center

Quote:
More details are available in the Family description of JS/Blacole

JS/Blacole is a detection for a component of the Blackhole exploit kit - a kit used by attackers to distribute malware. Attackers install the kit onto a server, and then when you visit the compromised server, the kit attempts to exploit various, multiple vulnerabilities on your computer in order to install malware. For example, if you browsed a compromised website containing the exploit pack using a vulnerable computer, malware could be downloaded and installed onto your computer.

Typically, the Blackhole exploit kit attempts to exploit vulnerabilities in applications such as Oracle Java, Sun Java, Adobe Acrobat and Adobe Reader.

For more information on this exploit kit, and steps you can take to avoid being compromised, please see the detailed Blacole description, elsewhere in our encyclopedia.
It would definitely be a good idea to run the tools marsmimar has suggested. Viruses have a nasty habit of bringing in more viruses once a system is compromised. And as marsmimar stated, the only way to be 100% sure you have a clean machine is to do a clean install.
My System SpecsSystem Spec
.


23 Dec 2012   #4

windows 7 home premium
 
 

How do I go about a clean install?

And How can I transfer personal files without compromising any harddrive I connect to my laptop?
My System SpecsSystem Spec
23 Dec 2012   #5

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

Transferring files from a infected PC always carries the risk of inadvertently bringing a virus over. The first thing you should do is run the above mentioned tools as well as TDSSKiller to insure your machine is as clean as possible.

Then transfer the files to a CDR or USB drive. When you have finished reinstalling windows, make sure that autoplay is disabled on the clean PC, insert the USB/Disk & scan it with the AV you have on your system, as well as the tools marsmimar has recommended.

It's also a good idea to run your files through VirusTotal. This is a site that has multiple AV engines to scan files. (32MB File size limit)

Here is a tutorial on doing a clean install.

Clean Install Windows 7

In the future you may wish to make a system image & the next time you are hit by something, you can just restore your PC to the state it was in when the system image was made.

Backup Complete Computer - Create an Image Backup
My System SpecsSystem Spec
03 Nov 2013   #6

windows 7 home premium
 
 

I'd like to say thanks for the advice.
We've got a new system now and haven't noticed any problems thus far

fingers crossed!
MID
My System SpecsSystem Spec
Reply

 Exploit-Blacole.gq | Could our PC be infected (Still)




Thread Tools



Similar help and support threads for2: Exploit-Blacole.gq | Could our PC be infected (Still)
Thread Forum
JAVA Exploit Remedy? System Security
Yet another Java exploit thread. System Security
I E Exploit Browsers & Mail
Exploit Eleonore Exploit Kit (type 1194) help! System Security
LNK Exploit Protection Tool News
Microsoft confirms XP zero-day exploit. News
New IE exploit warning from Microsoft. News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:26 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33