Saturday, September 13, 2008

Go.Google - Trojan - Malwarebytes - link replacement

There seems to be a new malware player that hasn't been very well documented yet. This Trojan replaces hyperlinks in Internet Explorer so that when you click on a link you are redirected to a site of their choosing (or an error page). I think the links contain a code that gives the creator of the Trojan a pay-per-click reward. At least this one has a motive.By the time I got the PC with this Trojan, it had been infected with hundreds of spyware items and the AVG antivirus was compromised. After a couple of passes with SuperAntiSpyware, SpyBot and AdAware the PC was behaving normally except for the redirected links. I manually removed or renamed dozens of suspicious files in the System32 directory, removed all suspicious files with HijackThis, checked the Hosts file and monitored activity with Process Explorer and still couldn't get rid of the Trojan. I also installed Bit Defender after reading some articles stating that they had discovered such a Trojan a few months ago. It turns out...

...see complete post with comments

Things to Do
John's business web site
Google RSS and Gadget

Visit or Join Blog Catalog
Things to Buy

Nice tool to speed up your PC

Look for Pocket Controller Pro
Things to Read
Mezzanine View
Politics - Environment - Technology
Bridging the Gap...
to better writing
Autorotate's Flying Circus
Politics with humor - enjoy
Things to Buy

Best for Windows on Mac

Great backup software - low price
'Who sent you' top 10
Shameless Plugs
VBS Reachout Adventures
Vacation Bible School Program
Keep'n' Safe
Good deals on gun safes
Screw Outfitters
Complete line of Faspac fasteners
Tom Haseltine Photography
Note cards and more
East Point Seafood
Order canned seafood from cannery