View Single Post
Old 09-08-2012, 06:03 PM   #11 (permalink)
Super Moderator
vabeachgirlNYC's Avatar
Join Date: May 2010
Posts: 1,065

Originally Posted by rpmcduff View Post
This is looks to be a redirect to another webpage. It looks kind of like Windows Explorer but if you look at the top you will see it actually is a URL that it has hijacked you off to.
This virus can infect your computer while you are browsing any site or forum that you trust.

As rpmcduff states this virus redirects you to another URL This malware puts a rootkit in your system then scans/changes your files. The rootkit will use an IP/TCP address that came with it. Users are usually not aware that they are browsing on a highjacked connection allowing the hackers to obtain sensitive information about you. (CC, passwords, sites you visit, etc.

This scareware is pretty sneaky. It tricks people into thinking they have a virus when they don't. When that windows warning pops up, all it takes is one click on it to allow the virus into your computer. It is a malware program that you download unknowingly through the fake pop up notice, free downloads, shareware, etc. You will continue to randomly see the warning window unless you completely remove the virus. Once it is rooted in your system it is difficult to remove but not impossible.

I dealt with this virus a few years ago. It was called the PC AntiSpyware 2010 virus a few years ago (same windows pop up that rpmcduff posted).

I am not an expert but I was able to remove the virus after 5 days of trial and error (and many headaches).

The best way to avoid getting the virus is to download software directly from the main site, instead of using pop up windows that tell you to download "blank" now. Avoid opening any shared media links/attachments(from email, family, friends, etc.) before scanning, to make sure they are not infected. Never download any software without scanning for viruses first.

The best way to avoid activating the virus is to remove the rootkey and any other files it may have added to your system is by updating your operating system and browser. Make sure your antivirus software performs regular scans and make sure it includes an anti malware feature. Check to make sure your firewall is ON. Filter and delete any spam mail.

I would also suggest checking that you have not been infected with a DNSChanger. You will have to check every computer that uses the network if it is shared. Check each system for a DNSChanger rootkey and remove the rootkey from each infected system before reconfiguring your router and changing your password.

This virus has been around for a while. It may show up as XP, Vista, Win 7, 8, 2008, 2010, 2011, 2012 (etc.) "Windows Antivirus" It does not matter what browser you use.
"Just Do It"
vabeachgirlNYC is offline   Reply With Quote