Malware Domain List

Malware Related => Compromised Servers => Topic started by: Rtiger on September 16, 2008, 05:38:52 pm

Title: Observesecure.com
Post by: Rtiger on September 16, 2008, 05:38:52 pm
I keep getting a pop up telling me my system is infected with latest version of Spyware.Cyberlog-X
It then brings up a web page from secureobserve.com to upload anti-spyware scanner.
Can anyone please tell me how to get rid of this crap. ???
Title: Re: Observesecure.com
Post by: sowhat-x on September 16, 2008, 05:55:53 pm
Hi Rtiger

At first,download and run Microsoft's Malicious Removal tool:
http://www.microsoft.com/security/malwareremove/default.mspx
This will make sure no widely spread and well-known rootkits and bots are present there.

Then check this thread out for a list of possible forums,
where people can provide you with exact disinfection instructions:
http://www.malwaredomainlist.com/forums/index.php?topic=40.0

As a personal suggestion,I would recommend asking for assistance over at MalwareBytes' forum,
as they're specializing exactly in the removal of infections caused by rogue software etc.
http://www.malwarebytes.org/forums/

For a variety of reasons,we don't "officially" provide disinfection advises for pc end-users,
only for servers that got hacked etc...
But if nothing from the above solves the problem,then please,
do not hesitate to ask back here again for help:
someone will take over your case specifically and help you remove the nasties from there.
Title: Re: Observesecure.com
Post by: SysAdMini on September 16, 2008, 05:57:09 pm
I can recommend MBAM from

http://www.malwarebytes.org/mbam.php (http://www.malwarebytes.org/mbam.php)

for removal of fake antivirus software. Today I've cleaned some machines using this tool.
In one case it was necessary to run additionaly Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)

Title: Re: Observesecure.com
Post by: Rtiger on September 16, 2008, 06:24:33 pm
Thank you very much for the advise. I appreciate it.
Title: Re: Observesecure.com
Post by: MysteryFCM on September 16, 2008, 09:21:25 pm
secureobserve.com doesn't seem to be resolving? A WhoIs query is also returning;

Quote
No match for "SECUREOBSERVE.COM".
>>> Last update of whois database: Tue, 16 Sep 2008 17:19:41 EDT <<<