Jump to content
phoenix

7.7.7.0 browser redirect malware

Recommended Posts

Hi I'm just wondering if SAS has been updated for the 7.7.7.0 browser redirect malware?

If you have samples we don't detected, please pass them along to samples AT superantispyware.com

Share this post


Link to post
Share on other sites

I just posted my first post "Help..."..

...but after reading this...I think this is what I have because when I google search, I see the 7.7.7. thing in the bottom of the page as it searches....

How do I do the sample thing?

Share this post


Link to post
Share on other sites

Ok. I found the file in C:\Windows\System32\wdmaud.sys and I renamed it wdmaud.imavirus and all works again in my search engine world. It's no longer redirecting to 7.7.7.0 causing me to pull up add sites.

Should I email the file? How and to who? I'd have to name it back to .sys before mailing it right?

Share this post


Link to post
Share on other sites

I helped a customer remove the 7.7.7.0 redirect virus from her computer today. It was a major P.I.T.A to find and remove!

So I would like to know also if there has been any progress in adding the detection (&removal) capability to SaS for this nasty hijack?

(btw: the fix was to disable JavaScript in Adobe Acrobat and delete wdmaud.sys)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×