New computer Malware out and spreading fast

[bigfish1965]

A new type of malware is spreading across the internet. No one is safe...not even the Mac users. It attacks all browsers, all operating systems and even iPhones.

I have it on my laptop and so does Julie. Nothing, and I mean NOTHING gets rid of it. I have managed to install some tools to make it less annoying but I am getting help from the people at www.bleepingcomputer.com on removal process.

It started when sites would hang trying to process the google analytics code. then it would hang on surveys.cnet.com scripts. So I simply created filters for them in AdBlock. THis worked..for a few days.

I did a complete fresh install of Vista...and it came back!

So researching was necessary. THe Firefox forums are overwhelmed with complaints. Geek sites are getting pummeled and while many have been able to reomove the malware, no one has come up with a catch-all.

This thing slides right through Avast Av and my Comodo Firewall.

Now I have pop-ups and browser redirects. Windows update stopped working, MalwareBytes cannot update and every scan known to mankind comes up with a clean bill of health.

I am running diagnostic tools for the people at the site mentioned. It is a crazy and maddening bit of software and has the ability to spread undetected and can even infect your router.

So far my main PC is clean and not infected. I am keeping it off the internet for now.

Symptoms...

White Page and hang on google-analytics code.

Browser gets redirected to VideoCop or other websites when you click links or bookmarks.

Some sites show as Unable to Connect.

Browser hangs on surveys.cnet.com

Websites unreachable

Windows update stops working

MalwareBytes or anti-virus stops updating

In final stages Windows DLL files get erased which turns your computer into a dust collector.

 

If you have any of these issues, you are likely infected. No one has been able to nail down the infection delivery method or infected sites.

BleepingComputer.com can walk you through removal, but infected Macs seem to have a harder time.

 

Honestly, I have removed hundreds of viruses from peoples computers and have never seen anything that completely avoids detection like this.

There is nothing you can do to stop from getting it...because no one knows how it is being passed...

 

Things you can do..do not use WiFi hotspots in case it is spread by routers. If using Firefox, use Ghostery extension. It MAY help, but some with it are still getting infected.

if I get a fix I will post it. If you get this, back up all your important files! Turn off system restore and hope for the best.

[bulltron]

+1 for ubuntu.... i hope?!

Edited August 5, 2010 by Trevor Perkins

[asmodan]

Did you try Hitman pro 3.5, worked for me

[splashhopper]

I use Firefox and Avast( and I am NOT a geek).

 

What is Ghostery extension on Firefox and how do I use it ?

 

Thanks Rick

[Roy]

Ghostery is an add-on for Firefox. You can download it here: https://addons.mozilla.org/en-US/firefox/addon/9609/

[Jewelbee]

Thank God I Have a Geek BF !!!! LOL!!!!

[Roy]

Why thank you Julie!

[bushart]

Is the Room Spinning?

[dannyboy]

What part of Greece are you from Roy?

 

Dan

[John]

This is the response that I got from my geek......

 

Use Sophos anti-rootkit

 

And yes we did have this bug. Its very nasty.

 

It makes money from the redirects. It gathers pay

per click affiliate money from Google and other ad networks.

[DRIFTER_016]

Rick

Go here and follow the instructions and you should be able to solve your issues.

I have used this sequence in the past with very good results in ridding machines of unwated malware and viruses. My one buddies computer was severely messed up and though it took a while I managed to rid his computer of the worst bunch of crap I've ever seen. Give it a try and I think you will be ok.

[mercman]

http://www.free-av.c..._antivirus.html

 

i've been using this product for 15 years. completely free, updates automatically daily and is very lite on my computer. dont even know its there.

does this new worm have a name yet?

 

oh ya, try spybot search and destroy. i got a similar malware a few months ago. trick is to download it, update it and disconnect from the intermet before removing the bug from your computer.

Edited August 5, 2010 by mercman

[bigfish1965]

Thanks for the advice guys. After running over a dozen high level scans with several well known software applications and coming up with ZERO infections, it pointed to my router being hijacked. I went into the router configuration and indeed, it was compromised. Most of the interface was missing, the GUI was mangled enough that I could not look through to check for changes.

I upgraded the firmware and the problem seems to have gone away...at least for now. Thanks to Mozilla Firefox Support Team for suggesting it was the router. Before this week I didn't even know malware could attack a router.

I still do not know how to prevent it from happening again, but for now I can surf freely

[TC1OZ]

Root kit Trojans are almost impossible to remove, unless you created it and know how it attacks.

 

Backup your data and format.

 

As for your router being attacked, I have a good feeling you never changed the default admin password? Do that in the future to avoid that.

 

My wife got a lovely root kit trojan last week by downloading this program to play one of her facebook games for her.... After spending 3 hours using all the above mentioned removal tools/antivirus programs after doing a windows restore and booting into safemode. I realized its all a waste of time as a complete re-install takes less than 40 mins.

 

Now our network is back to full operation. Both my routers are safe as they have non-default passwords to access them.

 

Hackers are so smart these days! I can barely keep up!

[Tdel]

Could it be "Chuck Norris" causing the problem.

 

Tom.

[Jewelbee]

Why thank you Julie!

Your welcome Sweetheart!!!!!