What happened here today?

Discussion in 'Forum Help & Suggestions' started by a/c man, Sep 18, 2010.

  1. a/c man

    a/c man Member

    I couldn't access any text all day today on the forum.
    Got all the side bar ads, page header, no text.
    I see only a few new posts.
    Anybody else have trouble or am I as crazy as I thought I am?
    Was going through forum withdraw but now I seem ok
     

  2. spad4me

    spad4me Member

    This is what my browser showed
    <!-- to use an additional block uncomment the next section and


    It seems to work now

    Firefox 3. 6. 10 suse linux.
     
  3. Turtle Tedd

    Turtle Tedd Member

    a/cman..yes same thing here..since I am a computer caveman..I couldn't figure it out..seems to be ok now
     
  4. srdavo

    srdavo Active Member

    Good question. We'll have to wait on Tom for an answer.
     
  5. DougC

    DougC Guest

    I think the board got hacked.

    I noticed it was dumping a file named azzhole.pdf (except with ss where the zz is) and that is a common filename used for a PDF exploit (trojan).

    if your computer opened that file it may be infected.
    ~
     
  6. spad4me

    spad4me Member



    That Trojan is effective against Mickey$oft Windodz , so I am good to go .
    Micro$oft free for Ten years.


    I do not open strange pdf's , email's ,or flash movie's.
     
  7. beentryin

    beentryin Member

    my avast would'nt let me open lastnight it gave me that azzhole.pdf was a trojan on this site
     
  8. a/c man

    a/c man Member

    Same thing going on over at motorbicycling.com.
    My AVG virus protection is blocking something.
    I'm afraid to open stuff.
     
  9. reb1

    reb1 Member

    I could only bring up the adds here yesterday. My Avast anti virus said it had blocked a Trojan when I log on at the other site also. Malwarebytes found 6 problems when I ran it.
     
  10. fm2200

    fm2200 Member

    Glad to see things working again, I thought it was my computer was having the problem at first.
     
  11. GearNut

    GearNut Active Member

    I frequent both sites. Perhaps I have gotten lucky with running Firefox with no-script and ad-aware add ons. It is also set up to virus scan any and all downloads if I choose to download anything. Anything .pdf, .exe, etcetera is thoroughly screened before it is opened.
    I am still learning about computer jargon and everything Firefox does and does not do.
    So far it is leaps and bounds better than Windows IE.
     
  12. Turtle Tedd

    Turtle Tedd Member

    Last two cumputers got eaten up by virus whatyamacallets..have puter expert son in law and Norton internet security program now...good enuff?..hope so
     
  13. AussieSteve

    AussieSteve Active Member

    It seems that I'm the only unlucky one so far. Tonight I managed to end up with a piece of malware called 'My Security Shield', after starting a Google search of this site.
    It appears to be a part of Windows security, but installs antivirus software that disables AVGfree AND the task manager, so it can't be stopped. Also installs a heap of dud virus files so it can 'find' them during a scan.
    An online search of the malware makes no mention of the Task Manager being disabled.
    Tried uninstalling then reinstalling AVG, but it won't re-install without uninstalling 'My Security Shield'.
    What a PITA. No antivirus for now. I partly disabled this thing, but can't uninstall it.
    Don't know how to make the Task Manager work again, either. Re-booting does nothing and neither does an attempt at a system restore to yesterday. Windoze says nothing has changed.

    For now, I'm running a 'Windows Live' scan to see if it can sort it out.

    Update: After the scan and a lot of file and registry entry deletions, the Task Manager works again and I managed to re-install AVGfree, but it won't run. It, (AVG), no longer starts automatically and if I try to start it manually I get the following, (attached). Any ideas anyone? (I'm logged on as 'Administrator'):-
     

    Attached Files:

    Last edited: Sep 21, 2010
  14. Vistaman73

    Vistaman73 Member

    I too had the same problem with carp on this site. I opened the site and instantly got a message from Micro$oft Window$ Essential$ saying my PC's infected. I quickly got off the site and ran a full PC scan. I found that 2 things were downloaded, a TrojanInstaller and the other was an extremly dangerous ExploitJava virus (it removed it like 5 times). It downloads and looks like Java but it will cripple your PC. It happened to me before (not on this site) and I couldn't do anything on my desktop. I had to use a system restore. I dont have a backup so it can get pretty scary. I'm happy it's all back to normal.
     
    Last edited: Sep 21, 2010
  15. RdKryton

    RdKryton Active Member

    Try booting in safe mode to get rid of My Security Shield if you can. From what I have read that piece of malware is a real pain to totally get rid of. The people at this site are very good at helping but you must follow the steps they lay out to the letter.
    http://www.dslreports.com/forum/cleanup

    Jim
     
  16. Nuttsy

    Nuttsy Member

    AussieSteve, and others,
    I just recovered from this thing too. An antivirus 'fake' software that wanted my cc info. Disabled, Windows system restore, AVG, and took over my desktop. In addition there were pop-ups, and sound bites of laughter in the background. WEIRD! My resident antivirus software found it but was in- effective to remove it. Turns out it's worse than just registry problems. It installs a rootkit that MAY only be FULLY removed by running your antivirus software during boot (if yours has that capability). Long and short is I ended up wiping the HDD and reinstalling the operating system and all that goes with it. Fortunately, I'm anal about backups and such but still took a week to get everything back to normal.
    Please report this to the Admin. here AND your antivirus provider.
     
  17. DougC

    DougC Guest

    For what it's worth-

    I am using Firefox (with NO default helper programs, so it asks me what to use to open any file it downloads)

    for antivirus I am running the Microsoft Security Essentials free one. As soon as the azzhole.pdf would download, it would just disappear and the "download file" dialog from Firefox would close as well.

    ---------

    I gave up trying to "save" my Windows OS installs from infections a few years back though.

    It would take me 3-5 hours to hunt down all the malware, and one day I realized that it only took me about 1.5 hours to reinstall everything. I always put a second hard drive in my computers and store all my account and personal files on that, so reformatting the main hard drive doesn't lose me anything.
    ~
     
  18. AussieSteve

    AussieSteve Active Member

    Thanks Jim. Safe Mode is no go - there's nothing left to delete.
    All of the files are gone and all that's left is a setting somewhere that stops AVG running, 'by name'.
    All AVG files execute automatically except avgtray.exe. (None will start up manually.) I found that by renaming avgtray.exe to Xavgtray.exe I can execute it, so I renamed it and changed the registry entry that starts it in 'HKLM/Software/Microsoft/Windows/Current Version/Run' so that it matches the new name.
    For now, everything is good and AVG starts on bootup. I still need to find a permanent fix, but my work-around is OK for now.
    Your link to dslreports.com/forum/cleanup helped heaps. That's how I figured out the first bit of the renaming trick.
    I'll go through their procedures later on and see if I can clean up this last remnant.
    For anyone else, the 'My Security Shield' window looks like a part of Windows security, but clicking on 'Clean Now' results in installation of this malware.

    If anyone needs help in removing this piece of s__t, I kept a copy of all of the registry entries and other deletions needed. I'm currently tracking down the fix for this last remnant.

    The window that installs it looks like this. (Don't click on 'Clean Now' This is NOT a part of Windows security.):-
     

    Attached Files:

    Last edited: Sep 22, 2010
  19. AussieSteve

    AussieSteve Active Member

    I found the (15) registry entries stopping AVG from running, under a key in HKCU called (imaginatively) 'DisallowRun'. Deleted those entries and everything is working fine again.
    Phew - first experience like this in 12 years using the internet.
     
  20. quay1962

    quay1962 Guest

    I have a stoopid question? Can a cell phone get infected? That's my only computer for now my big pc was virused up in aug of last year! Just wondering... Hope all gets fixed from the top.. Good luck all
     
Loading...