Diasfora

General Category => General Discussion => Topic started by: 8ullfrog on January 23, 2014, 03:03:51 AM

Title: Possible redirect?
Post by: 8ullfrog on January 23, 2014, 03:03:51 AM: Just tried to load the site up a minute ago and it tried to redirect me to some stupid uk pop star thing. I stopped it and reloaded the page, but that still pissed me off.

I remember a few years back some joker icelandic metal band tried to hijack demonoid, maybe this is something like that?
Title: Re: Possible redirect?
Post by: tarascon on January 23, 2014, 06:41:23 AM: There's a rootkit virus that causes redirects. I had it about a month ago. It hijacks malware and virus killer programs to make it difficult to find... I use (the free) AVG and Malwarebytes, and also Spybot, and Spywareblaster. Took me over 10 hours to figure out how to locate it and destroy it. I ended up installing Avast antivirus which was the only one that worked.
Also, check to see if you have ScorpianSaver on your system. It's a hidden, secret install that can do this as well. I finally found it under Tools in Ccleaner.

http://malwaretips.com/blogs/remove-browser-redirect-virus/ (http://malwaretips.com/blogs/remove-browser-redirect-virus/)
http://forums.pcworld.com/index.php?/topic/104909-google-redirect-virus/ (http://forums.pcworld.com/index.php?/topic/104909-google-redirect-virus/)
Title: Re: Possible redirect?
Post by: goldshirt*9 on January 30, 2014, 01:29:15 PM: could have been worse though
Spoiler (hover to show)
Justin Beibers home page
Title: Re: Possible redirect?
Post by: 8ullfrog on January 30, 2014, 07:51:16 PM: It only happened once, so I'm guessing my ISP bent up.
Title: Re: Possible redirect?
Post by: brickbatz on January 31, 2014, 09:35:14 AM: Quote from: tarascon on January 23, 2014, 06:41:23 AM
I use (the free) AVG and Malwarebytes, and also Spybot, and Spywareblaster. Took me over

Too many false positives with AVG. I once got banned from Demonoid because someone using AVG reported my upload of Hiren's BootCD as containing malware. He/she didn't know what they were downloading.

I was able to contact baileyd and she gave the .torrent file to dandrummerman. He downloaded it, scanned it with VirusTotal and found it to be clean. He was able to contact a main site mod and get me reinstated.
Title: Re: Possible redirect?
Post by: smokester on January 31, 2014, 11:25:11 AM: I can't see any recently modified files in our site. Has anyone else encountered a redirect?

I ask as one of the more brutal hacks we endured, left virtually every page with a redirect script hidden in the code. I was pretty sure I'd cleaned out all of it.
Title: Re: Possible redirect?
Post by: goldshirt*9 on January 31, 2014, 01:03:12 PM: no probs for me
Title: Re: Possible redirect?
Post by: brickbatz on January 31, 2014, 02:48:40 PM: No, works as it should.
Title: Re: Possible redirect?
Post by: tarascon on February 01, 2014, 05:13:58 AM: Quote from: brickbatz on January 31, 2014, 09:35:14 AM
Too many false positives with AVG.

This is true... the overly heuristic vigilance is something I've gotten used to. I use it because it's free (for now). AVG has gotten more problematic and aggressive as greed sets in--like the whole internet thing. I also use freeware Avast for virus scan.

Quote from: smokester on January 31, 2014, 11:25:11 AM
I can't see any recently modified files in our site. Has anyone else encountered a redirect?

Nothing to report. :)
Title: Re: Possible redirect?
Post by: brickbatz on February 01, 2014, 05:38:46 AM: I just use Microsoft Security Essentials with Malwarebytes and SUPERAntiSpyware for scans, all free.
Title: Re: Possible redirect?
Post by: tarascon on February 01, 2014, 05:43:26 AM: A new thing I noticed with AVG (free)--it'll notify me about issues but the Remove option doesn't do a thing. Like someone said on another post "Newer doesn't mean better." Vis Norton. And, as these free versions purport to be more efficient they also become less user friendly.
SUPERAntiSpyware... ain't heard of that one. I'll check it out. Thanks.
I'm using Spybot, and Spywareblaster (I know I'm repeating myself :D); would Superanti replace those? I'm going to load a second browser and read about it now.

> Update to the above: CNET says that it's a "comprehensive program that can scan and delete spyware and a variety of other types of malware. Although the program cannot deal with true viruses..."
Should I keep my other 2 spyware if I keep SUPER?
Title: Re: Possible redirect?
Post by: goldshirt*9 on February 01, 2014, 06:45:03 AM: Quote from: brickbatz on February 01, 2014, 05:38:46 AM
I just use Microsoft Security Essentials with Malwarebytes and SUPERAntiSpyware for scans, all free.
me too
Title: Re: Possible redirect?
Post by: tarascon on February 01, 2014, 06:58:11 AM: Any feedback to my post above?
Tried finding answers to the bold question, but found nothing.

Actually, I just saw these: http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/ccn-you-use-spywareblaster-and-other-anti-spyware/152e05ff-b284-404a-8629-dec8b4bb2352 (http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/ccn-you-use-spywareblaster-and-other-anti-spyware/152e05ff-b284-404a-8629-dec8b4bb2352)

http://www.bleepingcomputer.com/forums/t/272512/spyware-blaster-or-super-anti-spyware/ (http://www.bleepingcomputer.com/forums/t/272512/spyware-blaster-or-super-anti-spyware/)
Title: Re: Possible redirect?
Post by: brickbatz on February 01, 2014, 10:40:00 AM: I gave up Spybot and Spywareblaster when I started using MBAM and SAS.

I also stopped MBAM and SAS from starting with Windows.

If you're using Firefox you may want to check out BetterPrivacy.

https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/
Title: Re: Possible redirect?
Post by: tarascon on February 01, 2014, 12:45:40 PM: Quote from: brickbatz on February 01, 2014, 10:40:00 AM
I gave up Spybot and Spywareblaster when I started using MBAM and SAS.

I did. Sent you a PM with details. Thanks. :)

Quote from: brickbatz on February 01, 2014, 10:40:00 AM
If you're using Firefox you may want to check out BetterPrivacy.

Yep, I've had that LSO killer as an add-on for quite a while.
Title: Re: Possible redirect?
Post by: brickbatz on February 01, 2014, 02:53:34 PM: Can't remember exactly but iirc Spybot always wanted my attention. SAS just sits there until I open it.

You can always sandbox your browser with Sandboxie (http://www.sandboxie.com/) for those Asian pr0n sites. ;D
Title: Re: Possible redirect?
Post by: goldshirt*9 on February 02, 2014, 05:11:42 AM: Quote from: brickbatz on February 01, 2014, 02:53:34 PM
Can't remember exactly but iirc Spybot always wanted my attention. SAS just sits there until I open it.

You can always sandbox your browser with Sandboxie (http://www.sandboxie.com/) for those Asian pr0n sites. ;D

pray tell sir it that for the correct "prOn"unciation of the asian language ;D ;D
Title: Re: Possible redirect?
Post by: tarascon on February 02, 2014, 06:12:26 AM: I suggest getting AdwCleaner for things like scorpiansaver. It tends to pop back up even if you go into regedit.

http://www.bleepingcomputer.com/download/adwcleaner/ (http://www.bleepingcomputer.com/download/adwcleaner/)