virus/ malware help needed.

Discussion in 'Hardware - PCs, Consoles, Gadgets' started by sirbhp, Oct 12, 2012.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. sirbhp

    sirbhp LE Book Reviewer

    First off let me say that i think that it all down to ILIVID. which I cleared off a few weeks ago .

    Apart from my nearly new pc running as slow thing I get the following . About every 6 to 10 clicks on firefox I get a tab come up that if i click it takes me to a fake survey and click here to put my name down for a free TV, I POD etc etc.
    I get the same when on BBC i PLAYER.

    Also I go into some sites , like Arrse and sometimes some of the words are in blue and underlined, again if i click them they go to advertising sites .

    I use AVG, Ccleaner, Megabytes Malaware. Comodo Firewall. Does any one out there know how I CAN FIND AND KILL THIS PESKY BEAST PLEASE ?

    I wish that I could blame this typing on the bugger but unfortunately it's my banana fingers .
     
  2. Stick the exact wording of responses etc.in Google. If it's a widespread piece of malware, someone will know about it and you'll very often get a fix.

    Edit: Ad-Aware and Spybot may also be worth running.

    Consider also a system restore to a point prior to you loading the suspected software.
     
    • Like Like x 1
  3. I use ilivid and never had a problem with it. Sounds like malware, you picked up somewhere. I would look at what programs are running, delete, history and temp files, maybe take a look at using hijack this (google free download)
     
    • Like Like x 1
    • Like Like x 2
  4. sirbhp

    sirbhp LE Book Reviewer

    thanks troops ran the ms saftey scanner and found two dodgey files in Java , cleared one but not the other . So now will go google to see how to kill it . I also deleted old Java files .
    thanks again will let you know how i get on .

    Right I have Java/ cve-2012-057.d!dr.
    ms has killed one installation of this file but say detected not removed the other . I killed all old Java files as informed and rebooted pc. Put the file string into goggle and it appears to say that i am ok AFTER Java Update 7 which i have .


    went to bbc news wesbite , still got the blue text underlined that takes you to adverts . doh
    running crapcleaner again see if that helps .
     
    • Like Like x 1
  5. Someone correct me if I'm wrong, but isn't that normal? Words that somehow automatically become links. Bear with me, I'll try a few...

    London, Paris,


    Yup. Unless I'm also infected... ..though these aren't underlined.
     
  6. sirbhp

    sirbhp LE Book Reviewer

    nah mr putty , those lincs take you to other web sites following the story . My blue links take me to adverts .

    Any way since we last met my AVG12 got knocked out somehow . It was the devils own job to install AVG12 and i think that after 30 days I might have to buy it . Anyway finally got it loaded ( after crap cleaner etc run) and now all seems well fingers crossed. I will avg scan the hard disk later on when i go to my pit .

    thanks for all the help troops we got there eventually .
     
  7. The "London, Paris" auto links in my previous post take you to Laterooms, i.e. they're adverts.


    added:

    also the auto links in this post
     
  8. That's supposed to happen

    In these cases, I normally have the drive out, create an image(not copy) of it on another PC, scan and clean the drive, put it back in the original machine and then bung decent AV on it - ideally Kaspersky, never Norton - then let it scan/clean/fix itself.
     
  9. What's this "image" that people keep writing about? What's it for? I'm sure that it's not just for the fun of it.

    Is that what I've done when I've created back-ups onto a mobille hard drive - only to find that I can't copy individual files that I know should be on there?
     
  10. I use MSE and have never had a problem. I occasionally run a scan of malwaebytes in safe mode to be sure.

    AVG and Avast are shit and slow your computer right down. Kaspersky was a pain in the arse and Norton IS a ******* virus (try getting rid of it!)

    Run malwarebytes in safemode. Download MSE then clean all the other shite off your system.
     
  11. I've had these pop-ups from mobirewards.org for a couple of days now using Safari, mostly on an ipod running iOS6. I've googled it and there seems to be quite a lot on a similarly named 'mobrewards'. Apparently it's worldwide, on all manner of operating systems, browsers and devices. The good news is, it seems I'm a hot favourite to win an iPhone 5.Edited to add: I've turned off Java Script and that seems to have got rid.
     
  12. I can only spot me mentioning image, but this is the second night of no sleep, so I may be missing something. An image is file created by a programme that is effectively a single file that is a snapshot of the contents of the disk, created by something like Truimage or Ghost. It means there is a complete copy of the original contents if something shits itself.

    If you've created a backup, you essentially done the same thing, and you won't see individual files without using a backup explorer that usually comes with the backup programme.

    You use an image file rather than copying to make it easier to handle - it will usually be compressed, but also to avoid problems with infected files in the original - they are still there in the image but the way that imaging software usually works is that they are read without being read and potentially compromising the clean machine
     
  13. Thanks for that. By multiple uses of the term, I meant in other threads. I've just plucked up courage to stick my hand up.