Recently, My Laptop's Vista partition has been hacked at by a Virus that hijacks my browsers both FireFox and Internet Explorer.
Hijacking involves something like:
* When you hit a result in Google it opens to a new advertising related website
* You can't type in and hit enter some websites
* It is hard to download as all links in the browser are redirected to some other search engine (non-genuine) or some advert web site.
This was a scary experience for me as it showed that my usual trust applications could not find let alone attack and save me from this nasty.
My usual trust apps found some problems but none found the virus that's causing this web havoc:
* Spy Bot S&D
* Avast AV
* AVG AV +SW
* Ad-Aware
* Commodo Firewall
* Vista Windows Defender
SOME WORK AROUND:
* Use Google to find a web page say for solutions to this hijacker, and then use the cached pages, for my virus i found it was scared of google
* Use Google translator and paste in the web link and then use non-English ---> English for English websites, using Google Translator seems to proxy through somewhere avoiding the redirects
* Use a different computer and download/search problem resolutions (Most effective)
SOLUTIONS (Possible)
Download an excellent software called Malwarebytes Anti-Malware
Installed it and with only a quick scan it fixed my problem, so far (Hoping it will stay this way after a reboot)
BTW the virus that got me was called "Trojan.Agent" according to the software scan results.
I got my information from:
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=310254&messageID=2868932
Please upgrade to the Pro version cause this is seriously the best detection tool, its a keeper.
Will do a review on it after i see how the reboot goes.
Example hijack redirect destinations
http://analystspecies.info/search.php? http://impactmedicine.info
http://www.ozpricehunter.com http://77.91.229.143/click.php?
http://questionnaire-guardian.info http://blow-operation.info http://ranksupplement.info
http://classroom-lot.info http://festival-gaze.info
http://stimulussock.info http://77.91.229.143/click.php?
http://revenue-classification.info http://4yousauce.info
http://banfuture.info/search.php? http://condition-draft.info
http://abuseobstacle.info http://biassickness.info
http://bomberworry.info
Some More Info, Google : "trojan.agent redirects", no "" required
Registry keys
affected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata
HKEY_LOCAL_MACHINE\SOFTWARE\tdss
The problem i found i had was i only knew the websites it was redirecting me to and had no idea about the name of virus so couldn't get rid of it. Please save some website addresses you've been redirected to and post them here for future reference to others (if you've been attacked by the same kind of virus, thansk).
No comments:
Post a Comment