Solved How does this not get detected ?

derekimo · Jan 22, 2010

So I've had this thing take over my browser(IE8) a few times now, a couple on DeviantArt and earlier when I went to check my mail on Yahoo.
First it minimizes the page and I get the first window below, so I click the close button and I instantly get the second window that starts scanning so I close that one and then I get the third window which will close when I click the close button.
I'm running MSE updated almost daily, Windows Firewall, SpywareBlaster and I've Updated and Scanned with MalwareBytes Anti-Malware.
I actually did full scans with MSE, SpywareBlaster and MBAM while the third window below was still on the screen.
None of them detected anything.
So is this something I can prevent or is it already in my system and I need to do something remove it?
Also I don't know if this helps but I also have Secunia PSI and WinPatrol installed.

Thanks, Derek

P.S. UAC is also set to recommended level

AussieGuy92 · Jan 22, 2010

try a-squad free,Avira anti root kit and hitman pro 3.5
also if you can find where it is on the hard drive and use the unlock and delete function in mbam.

hope this helps.

theog · Jan 22, 2010

This a FAKE scanner.

derekimo · Jan 22, 2010

stillfreefilms said:
try a-squad free,Avira anti root kit and hitman pro 3.5
also if you can find where it is on the hard drive and use the unlock and delete function in mbam.

hope this helps.

Thanks stillfreefilms, I ran hitman and that didn't find anything but asquared found 3, I didn't try Avira yet.
I uninstalled hitman 3.5, but I was going to keep the asquared, is there any conflict with that and the rest of the stuff I mentioned above?

This a FAKE scanner

Thanks theog, I was pretty sure it was since it came out of nowhere.

mxosder16 · Jan 22, 2010

Absolutely this is a fake scanner

hackerman1 · Jan 22, 2010

hi !

glad to hear that a-squared (a2) found something, it´s very good at detecting & has recieved a lot of awards.
the fullversion of a2 with realtime-protection also uses very little memory:

http://www.sevenforums.com/system-security/56018-squared-uses-620kb-memory-realtime-protection.html

a-squared works fine together with other Antivirus-programs.
but exactly which programs (that uses realtime-protection) do you have installed other than MSE ?

Jacee · Jan 22, 2010

You might want to look at this:
MalwareURL

Malwarebyte's should take care of it:

download Malwarebytes' Anti-Malware to your desktop
|MG| Malwarebytes Anti-Malware 1.44 Download
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.

hackerman1 · Jan 22, 2010

hi !

Jacee: he has already scanned with MBAM,
in the first post: "...I've Updated and Scanned with MalwareBytes Anti-Malware...."

Jacee · Jan 22, 2010

EEPS ... I lost every thing in my post, so here goes again:

Clear your DNS cache ... You will need to run as Administrator
Open a command prompt....from the Start menu, select Run > In the box/"open field", enter cmd.exe
Copy/paste ipconfig /flushdns press 'enter'

Next,

Download the HostsXpert 4.3 - Hosts File Manager.

Unzip HostsXpert 4.3 - Hosts File Manager to a convenient folder such as C:\HostsXpert
Click HostsXpert.exe to Run HostsXpert 4.3 - Hosts File Manager from its new home
Click "Make Hosts Writable?" in the upper right corner (If available).
Click Restore Microsoft's Hosts file and then click OK.
Click the X to exit the program.
Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

You are running SpywareBlaster ... update it, then click "enable all protection".

derekimo · Jan 22, 2010

Thanks Jacee, I already have MBAM. I forgot about MBAM finding a couple things last month and I quarantined them instead of deleting them, I guess thats what asquared found. I deleted them and after scans by both they are gone.
So thanks everybody for your help.

Jacee · Jan 22, 2010

IggyAZ · Jan 23, 2010

FYI my poor brother got this on his computer and Hitman Pro was the only thing to get rid of it. He doesn't know anything about computers and had to hookup using Remote Access and correct it all. Thank goodness for Remote Access.
Glad your fake Scanner and sorts are gone.

Last night he caught InternetSecurity2010 and Malewarebytes cause and destroyed.

My Bro. keeps telling me he has no idea how and where these are coming from.
Actually I think its his wife. lol

swarfega · Jan 23, 2010

On a side note, you might be interested in this link, to help you determine if a program is legit or not.

madtownidiot · Jan 23, 2010

Those fake antivirus sites are evil.. I've had 3 dozen customers in the past week who were infected with some variation of antivirus pro. How is it even legal for something like that to be hosted on any website?

JordanJP · Jan 23, 2010

madtownidiot said:
Those fake antivirus sites are evil.. I've had 3 dozen customers in the past week who were infected with some variation of antivirus pro. How is it even legal for something like that to be hosted on any website?

good question but what confuses me is how was that malware about to pass your security defenses ?

Perhaps you are using a shittyy firewall !

Solved How does this not get detected ?

New member

Attachments

My Computer

i am Awesome

My Computer

New member

My Computer

New member

My Computer

New member

My Computer

New member

My Computer

Consumer Security

My Computer

New member

My Computer

Consumer Security

My Computer

New member

My Computer

Consumer Security

My Computer

A Sr. Senior Member

My Computer

da Cleaner

My Computer

New member

New member

My Computer

Similar threads