2:06 Malware "permanently installed"? No, lol. It's not permanent. You can get rid of it.

ИНФОРМАЦИЮ О ДОГОВОРНЫХ МАТЧАХ КУПИТЬ МОЖНО ЗДЕСЬ dogmatch.3dn.ru/

Так умер Гуф 80 лвл.

Please translate me in Russian what the man said on the site total virus?

Hello!!!

Please Release: File Monitor Software For Home Users!!!

Thank you so much!!!

Damn. Your using Windows! O.o and then XP o.O

@WebMasterGadgets He's using an virtual machine.

@WebMasterGadgets XP ( professional ) is the best OS from microsoft.. Vista and Win 7 is just crap! ;)

I have brother mysql died from

Can't believe that root access to mysql.com was sold on russian hacker forums for just $3k which lead to this

well done dude

what am i look at?! :D

What typ of Trojan or Worm... w/e, is it exacly ?

@SMTyou It's something that locks your PC. It want 100 Euro for unlock it again

@mykill1221 Lmfao

@SMTyou Is that really funny?!

@mykill1221 Actually, yes. I never heard of that typ of trojan. Even though it's bad or not funny, you could simply reinstall your computer.

i dont get what happend 

@vorhaut23 Basically a hacker injected a javascript (HTML friendly programming language) redirect to a different website, which prompted java to run, load and save an executable file to the local computer. Therefore infecting it with a virus, trojan or whatever the byte code contained. Pretty simple.

Why does he always mention his secret account ?

Muy buena la explicación.



The Antivirus solutions that identified it are: ByteHero, ClamAV, Kaspersky, Rising, TrendMicro and TrendMicro-HouseCall. ClamAV and TrendMicro-HouseCall seem to have free versions available.

Thanks for the video.

Now stop fucking pronouncing 'sql' as 'sequel'.

@drunkennewfiemidget I had to work for years with the "sequel" speaking peoples lol. Took me a little while especially late at night to figure they wanted to DB work done lol... as noted it's SQL! higher upper-case acronym not a word itself!

@drunkennewfiemidget And why not? People rarely say, "N A S A", they say NASA as one word.  Why does this offend you so? I swear, white people problems.

@drunkennewfiemidget That's actually its intended pronunciation.

@hoboX10 No, it isn't. SQL was what it was renamed to FROM sequel.

That is why you should ALWAYS use your browser in secure sandboxed environment (I suggest sandboxie, google it up :) )

Please, let us know if you find a way how to get rid of that virus or where is it hidding...

@MatejTomcik just reformat? if not.. look in msconfig, startup directory, or scheduled tasks.

@DrSupahFly Those were the first things that came to my mind. I've scanned my PC both with Microsoft Security Essentials and Kaspersky in safe mode, they found nothing. I also scanned WIN and TEMP directory for the files which matches the MD5 hashes with those in the video, nothing. And I can't "just reformat"...

@MatejTomcik then you must have not been vulnerable to any of those exploits. sure you can just reformat. you can just keep everything in a new partition (your current installation will be moved to that) and re-install. are you sure you're even infected?

@DrSupahFly No I'm not sure, I can't find it, that doesn't meen I'm not infected. I was on dev.mysql.com that day and Google warned me about malware, but I was like "mysql . com? malware? nooo...". It seems like I have underestimated hackers and their sneaky ways... Does anyone know what does that virus do?

Good video, well done. :)

nice work, very intellectual!

不是我干的(╯▽╰)

Thanks for showing the tools in use!

nicely done