Do you want to open loadus from loadus.exelator, the fuck?

manwiththemachinegun

So I've been seeing this file pop up on several sites I visit, mostly S.A. and Okcupid.

I sure as fuck don't want to open this thing, and I've hit my PC twice with AVG free and MalwareBytes. One pass removed some Trojans. I still see this download pop up on occasion, but repeat scans show diddly squat. Am I in the clear?

I've heard a lot of contradictory stuff on this, some say it's a legit ad script, others that it's malware. I don't have million dollar anti-virus, nor the time to hunt this shit down. It really seems to be centered on forums. I've had no brower hijacks, slow downs, instability or massed pop-ups so I'm hoping it's not too bad.

Draygo

you could have a rootkit installed, AVG free and malwarebytes are both not very good at finding/removing them.

Try running TDSSKiller and combofix (search for them).

manwiththemachinegun

Those are pretty invasive programs, is there another method? AVG has already flagged Combofix as a threat (even though I've used it a year or so ago).

JaysonFour

AVG used to flag Malwarebytes as a threat. I switched to MSE for an antivirus and haven't had any problems since.

If you don't get a result with TDSSKiller or Combofix, it's time to warm up the orbital lasers and take it down to bedrock. You'll have to be VERY thorough with the nuke, I've heard of rootkits hanging on in the most irritating places.

Honestly, I'd just nuke it, myself. Only way to be sure.

manwiththemachinegun

I don't have the time unfortunately to do a hard nuke on my HD everytime some ad pops up (and I don't think most people do). To be clear, I haven't gotten a single redirect or even seen an exe. go for a fraction of a second. I haven't even had a lockup or crash. I have windows 7 set so any program has to get my okay before installing. All I saw was the option to download this file and to that I said, 'hell no', restarted, cleared my IE cache and virus scanned.

AVG is free, but it hates Combofix like nothing else. I only use it as a last resort. Like I said, it was flagged as malware but I know it's not.

I don't want to frag everything for a problem I may not have. My question was more if Loadus.exelator was some sort of legit ad script or not. I've seen conflicting information through google. Some say it's harmless, some say it's not.

Figgy

I doesn't sound like you have a rootkit. It sounds like you had a popup that was trying to install something like that, and that's not uncommon.

And from my own experience, it takes less time to reformat than it does it remove some rootkits. My wife's computer had one a week ago, and after several tries with various programs, I gave up and formatted.

Nothing found it, and a system restore did nothing. She would get redirects every other site she tried, resets, etc. The system even shut itself down twice while I was burning all her photos to a DVD before the format. Nasty buggers.

manwiththemachinegun

Sounds like a ducked a bullet which is always nice. Yeah, I did have to do a format for a rootkit before and it was the suck. Should be a special spot in hell for those pricks.

Draygo

Despite the warnings it is relatively safe to run those scans (yes there are instances where it can force you to do a reinstall or system restore). And its practically the easist method to get rid of a rootkit. If the 20 minutes it takes to run the both of them gets rid if it it can save you hours of work reinstalling everything. Disable AVG while you are doing it. Because you are using avg free I would uninstall AVG during the process, reinstall after. If it doesnt work your best option is a reinstall. Personally I just hunt the bugger myself because I find it slightly entertaining though.