Yahoo Re-direct Rootkit Virus - Iobit Advanced System Care

  RegScriv 21:02 20 Dec 13
Locked

I've been hit three times now by the Yahoo Re-direct Rootkit Virus, each time following the downloading of Iobit's Advanced System Care. There's no way of eradicating it other than a complete overwrite of the HD - thank God for disc imaging tools such as Acronis & Macrium Reflect. I believe it depends on which site ASC is downloaded from. I downloaded from a site which appeared to be the genuine Iobit site. Better I think to download from a CNet or Softonic site. For now, I'm leaving ASC well alone.

  lotvic 22:22 20 Dec 13

Watch out for 'extras' from download.cnet.com

"The Download.com Installer securely delivers software from Download.com's servers to your computer. During this process, the Download.com Installer may offer other free applications provided by our partners. All offers are optional: You are not required to install any additional applications to receive the software you selected. For more information, please refer to our FAQ."

  Woolwell 22:37 20 Dec 13

I would avoid cnet. There have been reports in this forum of people getting more than they bargained for eg malware.

Why do you want IOBIT's Advanced System Care? Many of these registry cleaners create more problems than they solve. I would only use ccleaner.

  michaelw 08:49 21 Dec 13

Why do you want IOBIT's Advanced System Care? Many of these registry cleaners create more problems than they solve. I would only use ccleaner.

I've been using ASC for years and it's a good bit of kit. But as always with these cleaners, my advice is to leave the reg cleaner alone.

  RegScriv 10:29 21 Dec 13

I agree that reg cleaners should not be used and had them switched off when using ASC along with other bits like the defrag.

Any advice on the safest source from which to download ASC. It seems hit & miss & I've downloaded it safely as many times as I've downloaded it & caught this virus.

  RegScriv 14:29 21 Dec 13

I used your link Jock1e to download ASC & immediately got the Yahoo virus again. Don't know what's going on but that's me finished with ASC for good. As luck would have it I had a Macrium image from yesterday so was able to restore. I wonder if there's some way of informing this site what's happening so that they can fix it.

  rdave13 14:39 21 Dec 13

RegScriv, I thinks that's wise, I tried from Softonic, just for the heck of it, and Malwarebytes blocked it and removed a load of Pups.

  RegScriv 20:54 21 Dec 13

I picked up the Yahoo virus just after I'd upgraded from Window 7 to Windows 8.1. Everything was running fine, then I downloaded ASC, along with the Yahoo Re-direct virus. Nothing would get rid of it, not even a complete re-install of Wondows 8.1. As luck would have it, one of the first things I did after upgrading was to take an image using Macrium Reflect. Thank God I did, because reinstating an image it the only way that I've been able to get rid of this awful virus. I understand that it's some form of root kit, whatever it is it gets deep into the system and you can't move it.

  rdave13 21:07 21 Dec 13

RegScriv , a new campaign by the virus yobs I think. Your AV is useless if you agree to terms and conditions to download a freebie. I don't blame IOBIT's program but I do blame their web developers in allowing what is going on, not only with Iobit, but a lot of others as well. Started with C|Net I believe.

  RegScriv 09:59 22 Dec 13

Yes, and I use NIS as my AV, supposed to be one of the best. It's not clear on the Iobit site where you're signing up to any TACs, but I guess it's implied when you press the download button.

Any idea why the virus would re-direct to Yahoo? Can't be doing Yahoo any favours.

One hard lesson; ensure you have an up-to-date disc image.

This thread is now locked and can not be replied to.

Surface Pro 5 News - release date, UK price, features, specs

Gear VR vs. Daydream: Which delivers the best VR experience?

iPad Pro 12.9 vs Surface Pro 5