Heart Attack Aggessive Malware on Fred's Computer

Discussion in 'The Barracks' started by Fred Wilson, Mar 5, 2015.

Page 1 of 2
  1. Fred Wilson

    Fred Wilson Member

    ===> BEGIN CAUTION <===
    3. Please note in posts on this thread. You will see individual words that are now live links.
    I can pretty much guarantee you these are malware links.

    ===> END CAUTION <===


    For the past day or so I have been plagued by a series of aggressive ads on ww2talk.com only.

    1. Youtube ads repeatedly appear in the bottom right corner.
    They do not allow you to close it or stop it.
    When it is over and you click on the close button, it pops up again and again, up to 4 times an makes you watch it again and again.

    2. While entering a post like this, formatting a word like repeadedly above, as soon as you hit bold or whatever, severall Ad screens open up in your browser.

    3."Ads by run around" repeatedly appear in the bottom left corner.
    When you click on the close button, it opens a new page (in whatever browser you are using, Firefox, Chrome and Safari here) which is the real meal ad.
    Again and again, again up to 4 or 5 times in succession.

    4. .3vbskzn.com creates several copies of very aggressive browser pages that try to force you to install Video Setup.exe

    5. Several times I have quit the ad, only to find that PC Mechanic has been installed on my PC laptop.
    This has a HUGE splash screen that you can not close. Covers everthing nearly..
    I have to force shut down the laptop, restart and uninstall the program, only to have it installed again. And again. And again.

    EDIT
    PS:
    6. When I do manage to restart or shut down, I have to force shut down a background program call Talk Host Window now.

    7. It replaced my google.ca home page for startup with trojen: http:// www .trovi. com/ ?gd=&ctid=CT3322288&octid =EB_ORIGINAL_CTID&ISID=M18A4EED5-A692-4833-9521 -CD482BD194E7&SearchSource =55&CUI=&UM=8&UP=SPBC1CA519 -A846-4D79-9E64-8A67658186F2&SSPV=


    Anyone know a fix for this? Adblock is installed on my browsers.

    Or is the only solution funding this website so it runs ad free?

    HELP Please!!!!
    I am having to repeatedly crash my computer, pull the power plug or whatever to use this com puker at all.
     
    Fred Wilson, Mar 5, 2015
    #1
  2. CL1

    CL1 116th LAA and 92nd (Loyals) LAA,Royal Artillery Patron

    Fred
    not sure about your last comment but
    have you got adblock in place
    have you run anti virus software to check out your system

    regards
    Clive
     
    CL1, Mar 5, 2015
    #2
  3. Swiper

    Swiper Resident Sospan

    Sounds like you have some very nasty viruses already lurking on your computer, I recommend adblock, running an AV programme and if necessary something like Malwarebytes.
     
    Swiper, Mar 5, 2015
    #3
  4. dbf

    dbf Moderatrix MOD

    I've disabled link in point 4 of your post. I'm certainly not clicking it and if it's bad as you say, it's not clever to leave it live for others to be caught out.


    I'm also tempted to change your thread title. Talk about heart attack.
     
    dbf, Mar 5, 2015
    #4
  5. CL1

    CL1 116th LAA and 92nd (Loyals) LAA,Royal Artillery Patron

    Fred take out the links for safety sake on your post
     
    CL1, Mar 5, 2015
    #5
    dbf likes this.
  6. CL1

    CL1 116th LAA and 92nd (Loyals) LAA,Royal Artillery Patron

    CL1, Mar 5, 2015
    #6
  7. Fred Wilson

    Fred Wilson Member

    Full Scan completed on 32905 items.

    No threats were detected on your PC during this scan. (Microsoft Security Essentials)

    I will try Malware Bytes now. Tnx! FriedEd. <===<-)
    (A Smiley that has Tied One On!)
     
    Fred Wilson, Mar 5, 2015
    #7
  8. Fred Wilson

    Fred Wilson Member

    (Moved over to my Mac here, broke the trojan link..)

    Then shattered the trojan url. (Tnx 4 da tipster K?)

    Oh joy!

    At http://malwaretips.com/blogs/trovi-removal/

    STEP 1: Uninstall Search Protect by Client Connect LTD from Windows

    1. I tried to : Uninstall Search Protect
    - it appears to be uninstall protected. Crashed my PC running Windows 7 on Firefox.

    2. I CHANGED THE TITLE OF THE F'N THREAD.

    SIGHED OFF
    FriedEd.
    _______________________


    STEP 2: Remove Trovi Search and trovi.com from Internet Explorer, Firefox and Chrome
    STEP 3: Remove Trovi Search browser hijacker from your computer with AdwCleaner
    STEP 4: Remove Trovi Search and trovi.com with Malwarebytes Anti-Malware Free
    STEP 5: Double-check for the Trovi Search infection with HitmanPro

    Read more: http://www.hanggliding.org/viewtopic.php?p=366335#366335#ixzz3TXSTYdiz
     
    Fred Wilson, Mar 5, 2015
    #8
  9. dbf

    dbf Moderatrix MOD

    nice :rolleyes:
     
    dbf, Mar 5, 2015
    #9
  10. Fred Wilson

    Fred Wilson Member

    Admin.
    Please look for the Trojan / Virus here. K?
    I have spent most of my time here.

    PS:
    I do NOT bring email into my computer. I always use Webmail. Only Webmail. https://webmail.shaw.ca/
     
    Fred Wilson, Mar 5, 2015
    #10
  11. von Poop

    von Poop Adaministrator Admin

    Microsoft security essentials... otherwise known as 'Feel free to drive an enormous malware-shaped bus through me and do what thou wilt to my computer'.

    Fred, use Malwarebytes reasonably regularly, and get a decent free realtime AV program like AVG or Avira.
    (Aren't they stopping support for WSE? It won't be mourned by me.)

    Obviously I have to take anyone shouting 'fire' quite seriously, but in this case I can't really see the connection to here, despite the fact I'm now obliged to enquire more deeply.
    People pick up malware in a variety of ways... so so many ways. The arse-hats distributing it are clever like that - even a second on the wrong site can fill your malware boots. Email is far from the only vector these days.

    As Clive says, you've picked up a browser hijacker, mate. Potentially from anywhere, often from sneaky tick agreements on other downloads.
    Not usually the most malevolent of nasties, but certainly one of the most irritating.
    Usually quite simple to remove.
    Clive's guide makes sense to me, but if the uninstall won't work - reboot in safe mode and try it from there (or use a more powerful uninstaller than Windows' rather flimsy job - something like Revo Uninstaller, which is free here.)
    Then follow the other step by step removal.
    Then run Malwarebytes.
    Then run malwarebytes again.


    In passing, for any Mac chaps who still stick with the old 'I don't need protection, it's a Mac'. This recent survey may be of interest.:
    OS-chart.jpg
    The above-mentioned arse-hats are very interested in a community that's not protecting itself...
    Has the Mac you mentioned got protection, Fred? Access any similar sites or files from both pooters?


    So to conclude. I don't see any reason to assume we're spreading anything, and would close the site instantly to get de-loused if I had even a suspicion.
    However, in the spirit of all fire alarms being investigated, even ones I'm pretty sure about: If anyone else gets any strangeness only when visiting here, I'd be very interested to hear from you.
     
    von Poop, Mar 5, 2015
    #11
  12. von Poop

    von Poop Adaministrator Admin

    Oh, to open in safe mode: as your PC boots - keep hitting F8 until a prompt comes up asking what you want to do.
    Select 'Safe mode with networking' (no unnecessary programs, but internet on) and it usually makes killing these little snuffles more straightforward.
     
    von Poop, Mar 5, 2015
    #12
    Fred Wilson likes this.
  13. CL1

    CL1 116th LAA and 92nd (Loyals) LAA,Royal Artillery Patron

    If anyone else gets any strangeness only when visiting here, I'd be very interested to hear from you.




    vP the strangeness is with me always not just on here
     
    CL1, Mar 5, 2015
    #13
  14. von Poop

    von Poop Adaministrator Admin

    I've changed the title from
    "Trojan = Heart Attack Aggessive Ads on ww2talk.com"
    to
    "Trojan = Heart Attack Aggessive Ads on Fred's computer"

    I believe this to be reasonable.
     
    von Poop, Mar 5, 2015
    #14
    dbf and Owen like this.
  15. Owen

    Owen -- --- -.. MOD

    Thanks for blaming us when not one single other member has even mentioned it.
    Therefore it's a problem your end.
     
    Owen, Mar 5, 2015
    #15
    dbf likes this.
  16. Fred Wilson

    Fred Wilson Member

    :icon_fork:

    Yeah, yeah yeah, but the issue did not repeat on ww2f.com or on my Hang Gliding Forum. :mad111:
    But it went crazy crazy crazy whenever I dropped in here, and with a day off, I was here lots. Cause of lots of good reads.

    (Pretty decent one on Market Garden (YET AGAIN) on ww2f.com. Man am I learning a lot there...
    - it drifted off into Monty attacks as usual, but then centered itself and has become one of my best reads yet "here.")

    Thanks von Poop for reminding me to kill the Trojan via PC in Safe Mode. (I live 99.9% on the Mac.)

    But note: My GURU Tech support guy insists run ONLY MSE then Malwarebytes.
    "Do not install any other ante-virus programs. They conflict with each other."

    So Malware Bytes still hasn't finished it's thing. (Testing it.) Then will remove manually which will HAVE to be in Safe Mode. (Chatting here on my Mac.)
    In normal startup, yup, the dang Trojan has beated Uninstall to a pulp. Grrr :cheers: :banghead:

    Tnx! Yours, FriedEd.
    :gimmebeer:

    Apple Oligies, but there are some SWEET emoticons here. Time for some fun. Won't see a repeat of this. K Guys and Gals?
     
    Fred Wilson, Mar 6, 2015
    #16
  17. Fred Wilson

    Fred Wilson Member

    Jest sews yas nose.

    My PC has a brand new hard drive. Zippo on it other than Firefox, Chrome and Skype.
    So trying to install Malwarebytes AFTER getting hit by this Trojan. Guess what? [​IMG]
    :Dragon: Four hours waiting for Malwarebytes Install to finish. Looks like the damn virus blocks Malwarebytes install to boot... :smash:

    Appropriate name for a thread title or what? [​IMG] FriedEd = Choke a goat mad...

    Yeah yeah yeah yeah. No more spam smilies from this quarter. But these made my day, otherwise a bad one. K?
     
    Fred Wilson, Mar 6, 2015
    #17
  18. Fred Wilson

    Fred Wilson Member

    Its 10:10 PM here. My PC finally booted clean. [​IMG]
    My GURU tech support has been here hard at it since 10 AM
    - less an hour mid day servicing another customer.

    THAT MANY trojan viruses and add on programs that blocked Malwarebytes from installing or booting up or cleaning up the issues. :poppy:

    Avoid this thing like the plaque it is folks. I must have got it looking at linked pictures here or on ww2f.com ... or my hang gliding fav forum.

    Sighed Fried Ed. <==<-:
    (A Smiley that is about to Tie One On!)
     
    Fred Wilson, Mar 6, 2015
    #18
  19. Smudger Jnr

    Smudger Jnr Our Man in Berlin

    Having been a member for a fair time I have no Problem with this site regarding security and malware.

    Nothing regarding Computers can be said to be 100% safe, but from experience on this site over the years, the owner has had this sites Security as his number one priority.

    Our Admin and Moderators do a fantastic Job and I cannot thank them enough for sorting problems that occur and keeping us all safe.

    Regards
    Tom
     
    Smudger Jnr, Mar 6, 2015
    #19
    4jonboy likes this.
  20. CL1

    CL1 116th LAA and 92nd (Loyals) LAA,Royal Artillery Patron

    Glad you got it sorted Fred
     
    CL1, Mar 6, 2015
    #20
Page 1 of 2

Share This Page