Curse

Lyynyyrd · Sep 26, 2008, 11:24 PM // 23:24

Quote:

Originally Posted by tarun

well i'm not going to leave you waiting for days.

i removed your screenshot of the nod result because that did show the link to malware. I'm going to drop it into a vm and see how it reacts.

score: 1 for the amateur!

Tarun · Sep 27, 2008, 02:20 AM // 02:20

tinyproxy.exe is one of the processes that gets installed if the exe is allowed to run. Avast found and deleted it.

KZaske · Sep 27, 2008, 07:15 AM // 07:15

Quote:

Originally Posted by Tarun

Sir Seifus Halbred:
It looks like your NOD32 took care of the problem. It also looks like a website tried to pose as YouTube and wanted you to download some "codecs" that are actually malware.

What site are you encountering this issue on?

I managed to have malware installed from youtube just that way. But it was multi-part and the "codec" was a downloader that had a short field day. Both avast and Sypbot S&D missed it until I had another AV doing a scan.

Tarun, if you want the details I can provide most of them to you.

xRustyx · Sep 27, 2008, 09:06 AM // 09:06

NOD32 is straight up G and I use it cuz it keeps the five-o off the block.

Tarun · Sep 27, 2008, 04:06 PM // 16:06

Quote:

Originally Posted by KZaske

I managed to have malware installed from youtube just that way. But it was multi-part and the "codec" was a downloader that had a short field day. Both avast and Sypbot S&D missed it until I had another AV doing a scan.

Tarun, if you want the details I can provide most of them to you.

Please do.

The only scanner that found anything was avast; SAS, MBAM, and Spybot did not find anything.

Sir Seifus Halbred · Sep 28, 2008, 04:54 PM // 16:54

Update: Got Ad Aware 2008 to open, did a FULL scan last night, it found the same thing NOD 32 found and removed it. Haven't seen the pop up message from NOD 32. I think it's solved.

Tarun · Sep 28, 2008, 05:42 PM // 17:42

Could you post the log from Ad-Aware 2008 please? Be sure to wrap it in a codebox.

Sir Seifus Halbred · Sep 28, 2008, 10:21 PM // 22:21

I would If I knew how. Care to explain, please?

Tarun · Sep 29, 2008, 12:19 AM // 00:19

I just had to install it into a VM and I must say wow is it ever garbage. Even after cleaning out tracking cookies, I can't see a log through the program. Instead, you have to navigate to...

If installed for All Users:

Code:

C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\logs\

If installed for just your account:

Code:

C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-Aware\logs\

On Vista it will be slightly different.

My log was named: Ad-Aware 20080928 20-12-21.log.xml

You can copy it to the desktop, zip it and host it with a file sharing service like Rapidshare or Mediafire.