Folder AVG Forums » Other topics » Virus Removal, Tools for Removing » Exploit Rogue Scanner (Type 1007)
Page 1 of 11 1234››
February 7, 2010 16:28 Exploit Rogue Scanner (Type 1007) #62661
Reply with Quote | Quick Reply | Top
Green Xenon

Avatar

Novice
Join Date: 24.11.2009
Posts: 3
Hi:

I was trying to visit a site for Mitusbishi TVs -- http: //www.redsol.cn/mitsubishi-tv-troubleshoot-repair.html

I was then redirected to http: //www1.scanforcuremypc.in/?p=p52dcWtlcV%2FCj8bYbnx9d3le0KCfZ1bVoKDb2YmHWJjOxaCbkYmnn6ajr6eHodjSbpVeZ2Ztml%2BWaGeaU9bYxKWspXOL0qBfpp2toJ1xXp%2FKmcmjV6aWmal1ipbSbWmeW5SZl19qaWSXlZdfpJmfcaCorKmbXJPMoKKioWCh0pHbkV7JnNCT1pmmqarN08ialmKpnKhzrHaSY5mZaGZTqKV1lV%2BYZWWbZpycllerpWiikpVvZ2lubXFsa1%2FEkKG7hA%3D%3D

I then received a message of a threat detected by AVG -- "Exploit Rogue scanner (type 1007)".

What is "Exploit Rogue scanner (type 1007)"?


Thanks a bunch,

Green Xenon
February 7, 2010 18:58 Re: Exploit Rogue Scanner (Type 1007) #62679
Reply with Quote | Quick Reply | Top
BIG AL 43

Avatar

Moderator
Join Date: 18.6.2009
Posts: 23807
Have a look @ this link http://www.avg.com/ww-en/page-rating-report.


AVG Free Volunteer ModeratorAVG Free Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan

February 9, 2010 00:00 Re: Exploit Rogue Scanner (Type 1007) #62955
Reply with Quote | Quick Reply | Top
lovenewfs

Avatar

Novice
Join Date: 23.9.2009
Posts: 4
I Cannot Delete The Exploit Rogue Spyware (Type 648)..

AVG blocked the website, but it downloaded to my computer and I cannot remove from my Program Files folder "Internet Security 2010" as it says it is being used.
It appears in my bottom-right hand menu.
It messed up my desktop as well where I cannot change it.
I did full computer scans and it comes up clean.
PLEASE... What can I do to get right of this?
I already reported it to AVG as a website threat.
thank you very much!
February 9, 2010 00:09 Re: Exploit Rogue Scanner (Type 1007) #62959
Reply with Quote | Quick Reply | Top
BIG AL 43

Avatar

Moderator
Join Date: 18.6.2009
Posts: 23807
@ lovenewfs

Internet Security 2010.... Have a look @ this link http://www.bleepingcomputer.com/virus-removal/remove-internet-security-2010.


AVG Free Volunteer ModeratorAVG Free Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan

April 16, 2010 00:55 Re: Exploit Rogue Scanner (Type 1007) #82179
Reply with Quote | Quick Reply | Top
Big Pappi

Avatar

Novice
Join Date: 16.4.2010
Posts: 1
Exploit Rogue Security Threat Analysis Type ( 1007)..

I was googling why my arm randomly twitches and i clicked on a webpage. I always watch whats being loaded and the first thing I saw was " the best search engine on the page. So i thought to myself this isn't good . Sure enough, One second later avg popped up with AVG block threat Exploit Rogue Security Threat Analysis Type (1007). I do remember it was somewhere in my Program Files. What is this virus? does it go any deeper than trying to access my computer? did AVG stop it completely or should I try to find damage it has done?
April 16, 2010 06:39 Re: Exploit Rogue Scanner (Type 1007) #82199
Reply with Quote | Quick Reply | Top
ondraploteny

Avatar

Administrator
Join Date: 27.3.2009
Posts: 6996
Hi Big Pappi,

this detection was probably related with infection in source code opened by your internet browser, which is stored in C:\Program files..., so the process name was showed.

Is this situation reappearing? Is possible to share with us the used link?

Thank you
***************AVG Team
May 3, 2010 21:26 Re: Exploit Rogue Scanner (Type 1007) #85805
Reply with Quote | Quick Reply | Top
4njsj

Avatar

Novice
Join Date: 3.5.2010
Posts: 8
Threat type 1007..

I have been running AVG (free version) for a couple months. Starting last weekend I've been getting this 'Exploit Rogue Security Threat Analysis (type 1007)' messages as well.

Basically every other hour when I have an internet browser opened a new tab will automatically be opened which directs me to various websites, often trying to get me to install rogue security systems. Last weekend somehow Malware Doctor actually managed to install itself on my system throwing up a bunch of (fake) threat messages. This was using Chrome browser.

I've been able to remove the Malware Doctor problem. Did several full scans which found no threats/problems yet I'm still getting these threat 1007 when using Firefox now (Chrome has ceased to work for me entirely, even after complete uninstall and removing and reinstalling).

Attached is a screenshot from the last time it happened ~1 hour ago.
Threat 1007.JPG
May 4, 2010 06:39 Re: Exploit Rogue Scanner (Type 1007) #85843
Reply with Quote | Quick Reply | Top
ondraploteny

Avatar

Administrator
Join Date: 27.3.2009
Posts: 6996
Hi 4njsj,

please check at first used add ons in your Mozilla Firefox browser and deactivate any unknown for you.

Could you please provide us with Gmer outputs?

You could also check for some remains of Malware Doctor.

Thank you
***************AVG Team
May 4, 2010 20:57 Re: Exploit Rogue Scanner (Type 1007) #86031
Reply with Quote | Quick Reply | Top
4njsj

Avatar

Novice
Join Date: 3.5.2010
Posts: 8
Results..

Hi,

Thanks for your reply.

I started with looking at the add-ons that were enable in firefox. I can't remember ever installing/enabling them but I guess they can they do that by themselves. Disabled quite a few of them now (see attachment).

I downloaded the Gmer program, did the quick scan (see attached). Renamed program and ran the full scan as well, this took quite long ~40 minutes, both times however when I tried to save the log file my computer froze.

The link to BleepingComputer for Malware Doctor removal is the same site and program I used to get rid of it.

Hope any of this helps.
May 5, 2010 10:18 Re: Exploit Rogue Scanner (Type 1007) #86131
Reply with Quote | Quick Reply | Top
jirka82

Avatar

Administrator
Join Date: 19.6.2009
Posts: 3892
Hi 4njsj,

the provided output showed that the AVG Firewall and Identity Protection services are installed. This indicates either that AVG commercial version is installed or it is a remnant of the previously installed AVG Trial version. Please contact AVG technical support if you have commercial version of AVG. They have more tools to help you with this situation.

Or, if the trial version has been installed before (the commercial version is not used), please remove its remnants and install AVG free again as indicated here (using avgremover).
Please provide us with the GMER anti-rootkit full scan using older version of the GMER tool (1.0.14) then. It should not freeze the computer this time. The respective how-to document has been updated.

Thanks.

***************AVG Team
Page 1 of 11 1234››