Autopia.org bad for you?

Setec Astronomy said:
That would be a good theory--except Autopia dropped their ads a couple months back. They seem to have been having continuous problems since they went to their new server, first the DOS attacks, now this. Although someone seems out to get them, they do seem a little slow on the uptake when these problems crop up. You would think this makes the hosting company look bad and presumably they have larger resources to deal with this sort of thing, but the Google analysis still shows the site as malicious today.

Well, all the more reason to spend time here at AutogeekOnline!
Click to expand...

DoS attacks too? What host are they using now? Sounds like time to dump the chumps....
 
Shiny Lil Detlr said:
DoS attacks too? What host are they using now? Sounds like time to dump the chumps....
Click to expand...

It was initially GoDaddy...I guess they went there when they upgraded the forum software, but it was really, really slow, and they muddled around for about a month upgrading to faster servers until they realized it was a DoS...then they went to Media Temple, and that took a couple weeks for them to get that all straight--then things seemed fine for a couple weeks, until people started reporting malware.

I don't really know nuttin' 'bout web hosting, but it's hard for me to believe that the hosting companies aren't more on top of these kind of things, it's gotta hurt their rep when sites they host are either DoS'd or are spewing malware :confused:
 
The bug is bad. Took over my work computer this morning with malware. It was instantaneous. I would stay away. This went right through any anti-virus and spyware security systems on a pretty sophisticated network.

Hope I can get my computer to work soon.

The malware I received poses as an anti-virus software program prompting you to click to delete viruses. It loads and a couple of icons show up on the task bar disguised as anti-virus software. Don't click.
 
It got me last week . The anti-virus site that popped up was "Security tool" and it wouldn't let you go any further unless you signed up for their program. Had the system cleaned . My guy who cleaned it said it came from China.
 
JohnnyC said:
It got me last week . The anti-virus site that popped up was "Security tool" and it wouldn't let you go any further unless you signed up for their program. Had the system cleaned . My guy who cleaned it said it came from China.
Click to expand...


Yes, that is the one that got me.
 
Does anyone have any instructions on how to remove this? I can not get into msconfig or task manager to stop it. I have located the exe file, but since it is running, I am unable to delete. Any tips as to how to stop this from running and delete the program?
 
Well, I answered my question about "isn't the web hosting company concerned about their reputation?", and I guess the answer is no:

Safe Browsing
Diagnostic page for AS31815 (MEDIATEMPLE)
What happened when Google visited sites hosted on this network?

Of the 63968 site(s) we tested on this network over the past 90 days, 11579 site(s), including, for example, estrelato.com/, ecletticamente.eu/, larecord.com/, served content that resulted in malicious software being downloaded and installed without user consent.

The last time Google tested a site on this network was on 2010-09-02, and the last time suspicious content was found was on 2010-09-02.

Has this network hosted sites acting as intermediaries for further malware distribution?

Over the past 90 days, we found 291 site(s) on this network, including, for example, tinypic.info/, bolsademulher.com/, blogstandmedia.com/, that appeared to function as intermediaries for the infection of 896 other site(s) including, for example, sitedosfamosos.com.br/, stumbleupon.com/, ganja2music43.com/.

Has this network hosted sites that have distributed malware?

Yes, this network has hosted sites that have distributed malicious software in the past 90 days. We found 30 site(s), including, for example, tinypic.info/, floridabeachcottages.com/, viison.com.au/, that infected 620 other site(s), including, for example, console.ir/, ganja2music43.com/, farskids32.com/.

So, almost 20% of the sites that Media Temple hosts spew malware--I'd say that was probably a poor choice for webhosting...
 
rjom said:
Does anyone have any instructions on how to remove this? I can not get into msconfig or task manager to stop it. I have located the exe file, but since it is running, I am unable to delete. Any tips as to how to stop this from running and delete the program?
Click to expand...

If you boot in safe mode the virus will not load, Norton has removal instructions: SecurityToolFraud Removal - Removing Help | Symantec

I couldn't do it that way and wound up having to pay Norton to do a remote cleanup http://www.symantec.com/norton/nortonlive/spyware-virus-removal.jsp They were quick and efficient and installed a 30-day trial of Norton Internet Security as part of the cost.

Some others have said that they were able to delete the .exe in safe mode, but you really need to run some current antivirus or antispyware/malware cleaners after to make sure you got everything. My computer had at least 3 different file/registry components that had to be deleted (and then I got more after I went back!).
 
Thanks. Sounds like I may have to wipe it clean and build from scratch again.

I would advise everyone to stay away from Autopia for now. This is a pain.
 
rjom said:
Thanks. Sounds like I may have to wipe it clean and build from scratch again.
Click to expand...

Now that I think of it, someone said (maybe in this thread) they were able to boot in safe mode and roll back to a restore point and that worked.
 
Setec Astronomy said:
I don't really know nuttin' 'bout web hosting, but it's hard for me to believe that the hosting companies aren't more on top of these kind of things, it's gotta hurt their rep when sites they host are either DoS'd or are spewing malware :confused:
Click to expand...

I think you'd be surprised at just how bad some hosting companies can be when it comes to keeping on top of that stuff. Some of the things I saw/heard about while working in that industry were rather astounding.
 
rjom said:
Does anyone have any instructions on how to remove this? I can not get into msconfig or task manager to stop it. I have located the exe file, but since it is running, I am unable to delete. Any tips as to how to stop this from running and delete the program?
Click to expand...
What operating system are you using (name and version)?

OK, you said you located the EXE file - write down the exact path to the file and the file name. If you don't know how to find the path, just ask and we'll help.

Download and burn the Lucid Puppy 5.1 Linux ISO to a CD or DVD. This is a live OS - set your BIOS to boot from CD/DVD first.

Boot up Puppy Linux. Mount you hard drive. Using the file manager navigate to the EXE file then delete it. If this doesn't make sense, just ask and we'll help (it is very easy to do).

Remove the Puppy Linux CD and reboot. The EXE is gone so it can't run.

Try to get into Task Manager and see if anything is there. Run your AV checks. If necessary you can try a previous restore point (if you have a recent one).

Regards,
GEWB
 
What exactly is the virus doing? I have visited autopia and I don't think I got anything but...
 
gewb said:
What operating system are you using (name and version)?

OK, you said you located the EXE file - write down the exact path to the file and the file name. If you don't know how to find the path, just ask and we'll help.

Download and burn the Lucid Puppy 5.1 Linux ISO to a CD or DVD. This is a live OS - set your BIOS to boot from CD/DVD first.

Boot up Puppy Linux. Mount you hard drive. Using the file manager navigate to the EXE file then delete it. If this doesn't make sense, just ask and we'll help (it is very easy to do).

Remove the Puppy Linux CD and reboot. The EXE is gone so it can't run.

Try to get into Task Manager and see if anything is there. Run your AV checks. If necessary you can try a previous restore point (if you have a recent one).

Regards,
GEWB
Click to expand...

Thank you. I am running XP.

Do you have a link to the Lucid Puppy 5.1 Linux ISO. I will also attempt a search. I have the location of the file.

What do you mean when you say "Mount the hard drive?"
 
You must log in or register to reply here.
Back
Top