PDA

View Full Version : Under attack



Driftwood
20-07-2012, 10:05 AM
I do a bit of sim racing, mainly rFactor.
So I download various mods & updates from supposedly secure sites.
Lately I am getting hit with a veriety of nasties.

Just to list a few:

Trojan.PSW.Win32.launch
Hack.Toolwin32/welevate.A
Adware.win32PAV
RogueJS/FakePAV
Trojan.Agent/Gen.FakeProtector

I currently run MSSE, Superantispyware & Malwarebytes on win7 x64
MSSE has stoped some of these on the way in & Superantispyware finds the others with a scan.
Malware bytes is not up to speed atm.

Was wondering if my security is not quite good enough atm or there are thre just more nasties about.
Would nod32 offer any more protection.

Nhashon
20-07-2012, 10:15 AM
To me , yes i think your security is not good enough , for example you said some of the threats MSE has stopped it on the way. Yes however Superantispyware looks to be better than MSE though im wondering why malwarebytes is not fixing the problem .

Overall I would say try run a full scan with Malwarebytes even if it is not up to speed ,see if it detects some nasty . If it does , remove them when it open up with full results . And yes I would suggest Nod32 to you if it doesnt detected any nasty , plus that alot of people like nod 32 .

Nhashon
20-07-2012, 10:18 AM
Further I think the secured site looks to be hijacked , so i would suggest stop downloading updates & mods .

Speedy Gonzales
20-07-2012, 10:21 AM
Looks like some / or most of those are fake programs / scareware. You've installed some fake program. I would disable system restore first then scan the whole system. And get then run rkill. If you want get teamviewer. And I can have a look. You may have to boot into safe mode / networking. If whatever you've got stops it or something it uses

Also, what version/s of java are installed? There's 7 update 5 or 6 update 33. Older versions should be uninstalled. I think one of those files has something to do with javascript (the JS one)

Driftwood
20-07-2012, 01:19 PM
Have done the full system scans with restore off & found nothing else.
Also ran rkill & found nothing.
Have updated the java though, wasn't quite up to date.
I was fairly certain I had got all the nasties out but was just wondering why I was coping them all of a sudden.

Speedy Gonzales
20-07-2012, 01:39 PM
Dont forget to uninstall the old versions of Java. Use ccleaner as well, to remove the temp files. One of the sites may have been dodgy. Or something wasnt up to date. Java if you dont keep it up to date has vulnerabilities.

pctek
20-07-2012, 02:18 PM
NOD tends to warn you before you run/unpack it.

However, you are inviting it, supposedly secure or not...mods...yeah, sure were.

zqwerty
20-07-2012, 03:08 PM
Do you have any Sysinternals or Nirsoft packages of tools installed or in portable form on your computer?

Driftwood
20-07-2012, 04:04 PM
Pass, never heard of them.