New malware redirects all major search engine results to Gala search

If you are being redirected to galasearch every time you search for something it may be because this shitworm planted few manual hosts on the hosts file.

First thing it does is hide the host file, so by going to C:WINDOWSSYSTEM32DRIVERSETC you will not see hosts at all. To show hosts, click on Tools from any open folder, and then go to Folder Options, switch to View tab and check “show hiden files and folders” and also uncheck “hide extension…” and ” hide protected operating system files”. Continue reading “New malware redirects all major search engine results to Gala search”

How did I get infected with Advanced Virus Remover?

As you may have heard by now there is a lot of malware around acting as antivirus.  A client emailed me and told me that she was infected with “Advanced Virus Remover” and she noticed that when she was using store locator page at acmoore.com, which is an Arts and Crafts store. First I didn’t think that was possible. Usually you get infected from a site that is not known or popular. I had to check it myself, and what do you know, she was right!

Continue reading “How did I get infected with Advanced Virus Remover?”