Discussion in 'Forum Help & Suggestions' started by a/c man, Sep 18, 2010.

    I couldn't access any text all day today on the forum.
    Got all the side bar ads, page header, no text.
    I see only a few new posts.
    Anybody else have trouble or am I as crazy as I thought I am?
    Was going through forum withdraw but now I seem ok

    This is what my browser showed
    It seems to work now

    Firefox 3. 6. 10 suse linux.
    a/cman..yes same thing here..since I am a computer caveman..I couldn't figure it out..seems to be ok now
    Good question. We'll have to wait on Tom for an answer.
    I think the board got hacked.

    I noticed it was dumping a file named azzhole.pdf (except with ss where the zz is) and that is a common filename used for a PDF exploit (trojan).

    if your computer opened that file it may be infected.
    That Trojan is effective against Mickey$oft Windodz , so I am good to go .
    Micro$oft free for Ten years.

    I do not open strange pdf's , email's ,or flash movie's.
    my avast would'nt let me open lastnight it gave me that azzhole.pdf was a trojan on this site
    Same thing going on over at motorbicycling.com.
    My AVG virus protection is blocking something.
    I'm afraid to open stuff.
    I could only bring up the adds here yesterday. My Avast anti virus said it had blocked a Trojan when I log on at the other site also. Malwarebytes found 6 problems when I ran it.
    Glad to see things working again, I thought it was my computer was having the problem at first.
    I frequent both sites. Perhaps I have gotten lucky with running Firefox with no-script and ad-aware add ons. It is also set up to virus scan any and all downloads if I choose to download anything. Anything .pdf, .exe, etcetera is thoroughly screened before it is opened.
    I am still learning about computer jargon and everything Firefox does and does not do.
    So far it is leaps and bounds better than Windows IE.
    Last two cumputers got eaten up by virus whatyamacallets..have puter expert son in law and Norton internet security program now...good enuff?..hope so
    It seems that I'm the only unlucky one so far. Tonight I managed to end up with a piece of malware called 'My Security Shield', after starting a Google search of this site.
    It appears to be a part of Windows security, but installs antivirus software that disables AVGfree AND the task manager, so it can't be stopped. Also installs a heap of dud virus files so it can 'find' them during a scan.
    An online search of the malware makes no mention of the Task Manager being disabled.
    Tried uninstalling then reinstalling AVG, but it won't re-install without uninstalling 'My Security Shield'.
    What a PITA. No antivirus for now. I partly disabled this thing, but can't uninstall it.
    Don't know how to make the Task Manager work again, either. Re-booting does nothing and neither does an attempt at a system restore to yesterday. Windoze says nothing has changed.

    For now, I'm running a 'Windows Live' scan to see if it can sort it out.

    Update: After the scan and a lot of file and registry entry deletions, the Task Manager works again and I managed to re-install AVGfree, but it won't run. It, (AVG), no longer starts automatically and if I try to start it manually I get the following, (attached). Any ideas anyone? (I'm logged on as 'Administrator'):-

    I too had the same problem with carp on this site. I opened the site and instantly got a message from Micro$oft Window$ Essential$ saying my PC's infected. I quickly got off the site and ran a full PC scan. I found that 2 things were downloaded, a TrojanInstaller and the other was an extremly dangerous ExploitJava virus (it removed it like 5 times). It downloads and looks like Java but it will cripple your PC. It happened to me before (not on this site) and I couldn't do anything on my desktop. I had to use a system restore. I dont have a backup so it can get pretty scary. I'm happy it's all back to normal.
    Try booting in safe mode to get rid of My Security Shield if you can. From what I have read that piece of malware is a real pain to totally get rid of. The people at this site are very good at helping but you must follow the steps they lay out to the letter.

    AussieSteve, and others,
    I just recovered from this thing too. An antivirus 'fake' software that wanted my cc info. Disabled, Windows system restore, AVG, and took over my desktop. In addition there were pop-ups, and sound bites of laughter in the background. WEIRD! My resident antivirus software found it but was in- effective to remove it. Turns out it's worse than just registry problems. It installs a rootkit that MAY only be FULLY removed by running your antivirus software during boot (if yours has that capability). Long and short is I ended up wiping the HDD and reinstalling the operating system and all that goes with it. Fortunately, I'm anal about backups and such but still took a week to get everything back to normal.
    Please report this to the Admin. here AND your antivirus provider.
    For what it's worth-

    I am using Firefox (with NO default helper programs, so it asks me what to use to open any file it downloads)

    for antivirus I am running the Microsoft Security Essentials free one. As soon as the azzhole.pdf would download, it would just disappear and the "download file" dialog from Firefox would close as well.


    I gave up trying to "save" my Windows OS installs from infections a few years back though.

    It would take me 3-5 hours to hunt down all the malware, and one day I realized that it only took me about 1.5 hours to reinstall everything. I always put a second hard drive in my computers and store all my account and personal files on that, so reformatting the main hard drive doesn't lose me anything.
    Thanks Jim. Safe Mode is no go - there's nothing left to delete.
    All of the files are gone and all that's left is a setting somewhere that stops AVG running, 'by name'.
    All AVG files execute automatically except avgtray.exe. (None will start up manually.) I found that by renaming avgtray.exe to Xavgtray.exe I can execute it, so I renamed it and changed the registry entry that starts it in 'HKLM/Software/Microsoft/Windows/Current Version/Run' so that it matches the new name.
    For now, everything is good and AVG starts on bootup. I still need to find a permanent fix, but my work-around is OK for now.
    Your link to dslreports.com/forum/cleanup helped heaps. That's how I figured out the first bit of the renaming trick.
    I'll go through their procedures later on and see if I can clean up this last remnant.
    For anyone else, the 'My Security Shield' window looks like a part of Windows security, but clicking on 'Clean Now' results in installation of this malware.

    If anyone needs help in removing this piece of s__t, I kept a copy of all of the registry entries and other deletions needed. I'm currently tracking down the fix for this last remnant.

    The window that installs it looks like this. (Don't click on 'Clean Now' This is NOT a part of Windows security.):-

    I found the (15) registry entries stopping AVG from running, under a key in HKCU called (imaginatively) 'DisallowRun'. Deleted those entries and everything is working fine again.
    Phew - first experience like this in 12 years using the internet.
    I have a stoopid question? Can a cell phone get infected? That's my only computer for now my big pc was virused up in aug of last year! Just wondering... Hope all gets fixed from the top.. Good luck all