SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 Virus problem: "Antispyware Soft" - sorted

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Wed May 05, 2010 11:05 pm Reply with quoteBack to top

I got an email from someone saying that the President of Nigeria died a short while ago. I went on Google to try to verify it but The Sun and Thisday didn't have anything. I searched for 'Nigeria news' and clicked on a link. My computer was instantly compromised..... Mad

I'm getting constant popups telling me that the computer is infected and telling me to 'click here' to activate my antivirus software. Guess what? It takes me to a site to pay for a purported antivirus. Yeah, right.... But the damn computer is infected. The virus has shut down my access to real antivirus, spyware, and other applications. It's also preventing me from accessing any system tools -- like system restore.

HELP! What can I do to get rid of this thing? I'm getting popups every 20 seconds!

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip

Last edited by Juan Freizwidatt on Thu May 06, 2010 1:03 am; edited 1 time in total
View user's profileSend private message
JumpinJayJay
The One-Eyed Ogre


Joined: 25 May 2007
Posts: 1761
Location: 'Straya


PostPosted: Wed May 05, 2010 11:19 pm Reply with quoteBack to top

can you reboot in safe mode and get rid of it somehow? (I have no idea if that will work)

_________________
Site Killing forum.
United States Spain Ivory Coast United Kingdom x24 Nigeria x3 Malaysia x2 Canada Closed lad accounts x30
Safari Lover Boy Joe - Accra to Cotonou
Click here to support 419Eater.com pony pony
Mortar x5 Nurse Nastys Audi TT
View user's profileSend private message
doc holliday
Squirrels Hate Me


Joined: 06 Feb 2008
Posts: 2459
Location: Behind the Oriental,taking potshots at hitlads.


PostPosted: Wed May 05, 2010 11:30 pm Reply with quoteBack to top

I agree-reboot in safe mode,and do a system restore to a previous date.I got the same thing-antivirus shut down,no access to restore etc.Rebooting in safe mode allowed access to the system restore,and all has been well since then.I know the virus is still on the drive somewhere,but this at least got me back in business.

_________________
Fuck off, and wait for your death, you fucking dog's eater, I will see this to the end, already, you are a fucking negativity to this world, go to hell after two puuuuuuuuuuuuuuu
Jack N0delay,hitlad

You have given me enough stress through the shit you sent to me
Jack the hitlad

What you sent to me is not real, don't you fucking understand simple english, that is not real slip from money gram, I have been using money gram before now, FUCK YOU. IDIOT. PLAY YOUR GAME WELL. MASTER OF ALL PLAYERS
Jack,the hitlad who keeps giving me fresh sig lines

Closed lad accounts x35 x2 Easter Egg 2012
View user's profileSend private message
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Wed May 05, 2010 11:43 pm Reply with quoteBack to top

Thanks for the suggestion. I did some Googling with my laptop and found a ton of detail on this specific scam. I've got the desktop in safe mode and am running scans. Fingers are crossed. This is a very nasty virus according to the stuff I've read. Just by clicking on one site! I wonder why my spyware/firewall setup didn't stop it before it could infect the registry?

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip
View user's profileSend private message
Tastysnack
Elite Baiter


Joined: 16 Jul 2008
Posts: 1407


PostPosted: Wed May 05, 2010 11:54 pm Reply with quoteBack to top

I got the very same thing at work. Completely bricked my machine.

It's a very sophisticated virus/malware that is in 2 parts. The .exe is something like AVN.exe and you can see it if you pull up your task manager.

There is another SECOND part of the bug that constantly looks to see if that part is 'running'. If you've shut it down it simply re-installs it.

It will have also disabled your anti-virus and most likely will affect your browser as well (if not now...it will shortly).

I installed malwarebytes and have not had a problem since. It will intterupt the bug before it can gain a foothold again. (If you can clean it out).

http://www.malwarebytes.org/

Good luck.

_________________
"I DO NOT THINK WE CAN DO THIS TOGETHER. YOU HAVE BROUGHT MORE PAINS TO ME THAN GOOD." Mr. Wang Yan- After I attempted to rebait with same name as last time. 2-4-09

"you are the must fool i have ever seen fuck you like the 12.5 million idoit dont write me again" Radebe Gumede 7-16-09 after his bank transfer failed.


"Sorry we do not know Mr. Gomer. Send that email fromthe so called gomer to us for scrutiny."- Devati Mooleedhar

SON OF A DOG GO EAT SHIT AND DRINK WATER!!!!!!!!!!!!!!!!!!!!!!!!!!!!! LOSERRRRRRRRR.GET A LIFE--Bakar Saud (After Mr. Gomer chopped his dolla')

YOU ATE OUR MONEY AND YOU START MOCKING US--Bishop Anthony

Fake Checks Received= $63,487 US
View user's profileSend private message
A Skinner
Texas Lad-Saw Massacre


Joined: 16 Nov 2003
Posts: 3680
Location: Texas, USA


PostPosted: Thu May 06, 2010 12:16 am Reply with quoteBack to top

I'll bet Malwarebytes would solve the problem. If not, this is new from AVG. A Rescue Disk:

http://www.avg.com/us-en/avg-rescue-cd

_________________
Safari Safari Safari Mortar x 25
Closed lad accounts X ? Nurse Nastys Audi TT x3 Purple Flower
Sand Timer x2 Easter Egg 2012 Nigeria Benin United Kingdom Ghana
SINCE YOU MADE ME TO GIVE MY CAR AWAY AND ALL THE DISAPOINTMENTS YOU GAVE TO ME,WHICH MADE ME TO STOP CONTACTING YOU. PLEASE DO NOT INVOLVE ME WITH ANYTHING YOU ARE DOING WITH ANYBODY, PLEASE DONT INVOLVE ME.I DONT WANT ANYTHING THAT WILL JEOPARDIZE MY IMAGE IN THIS COUNTRY.I AM A HUMANITARIAN LAWYER.

infact am getting tired with all this speculation in this transaction, honestly if i had known that this is the kind of person you are i would not have contacted for an assistance

Urgent??? Impotent massage

* Help Keep Eater Running - Click here to donate
View user's profileSend private messageSkype Name
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Thu May 06, 2010 1:02 am Reply with quoteBack to top

Thanks, all. Very Happy I'm back up again.

This is a NASTY bugger. There's a boatload of stuff about it online: "Antispyware Soft." A pure scam. This helpful site gives very concise and helpful instructions on removing it, in case anyone else runs into it. And yes, the solution was malwarebytes. Good call, Tastysnack. Thumbs up

Ironically I had run a spyware scan in safe mode that took over an hour and didn't catch any of it. Then I downloaded and ran malwarebytes in safe mode and it cleaned it out completely in 5 minutes.

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip
View user's profileSend private message
Tastysnack
Elite Baiter


Joined: 16 Jul 2008
Posts: 1407


PostPosted: Thu May 06, 2010 1:05 am Reply with quoteBack to top

Glad to help. My IT guy at work was pretty amazed at the technical aspects of the bug. It's a bad one.

I was glad to help. I actually purchased malwarebytes and now it runs full time in the background. It's stopped LOTS of attacks of similar nature.

The really bad thing is that whoever is writing that bug has figured out how to attach it to normal sites in advertisements. People have gotten it off facebook and other 'regular' sites.

Take care.

_________________
"I DO NOT THINK WE CAN DO THIS TOGETHER. YOU HAVE BROUGHT MORE PAINS TO ME THAN GOOD." Mr. Wang Yan- After I attempted to rebait with same name as last time. 2-4-09

"you are the must fool i have ever seen fuck you like the 12.5 million idoit dont write me again" Radebe Gumede 7-16-09 after his bank transfer failed.


"Sorry we do not know Mr. Gomer. Send that email fromthe so called gomer to us for scrutiny."- Devati Mooleedhar

SON OF A DOG GO EAT SHIT AND DRINK WATER!!!!!!!!!!!!!!!!!!!!!!!!!!!!! LOSERRRRRRRRR.GET A LIFE--Bakar Saud (After Mr. Gomer chopped his dolla')

YOU ATE OUR MONEY AND YOU START MOCKING US--Bishop Anthony

Fake Checks Received= $63,487 US
View user's profileSend private message
Corona
Eater's sweetheart


Joined: 21 Sep 2006
Posts: 8633
Location: On ya left!


PostPosted: Thu May 06, 2010 1:16 am Reply with quoteBack to top

Good going Juan! Thumbs up

I hate that kinda stuff. Mad

_________________
Pretty Rose Pretty Rose Pretty Rose pony pony pony Nurse Nastys Audi TT Nurse Nastys Audi TT Nurse Nastys Audi TT GoatGoatGoatEaster EggEaster 2015Mc Fry Mc Fry
Mortarx? Closed lad accountsx? Pith Helmet
Free Pastor Frank
An Eater's Sweetheart Safari
View user's profileSend private message
Merry Widow
Master of Master Baiters


Joined: 05 Mar 2009
Posts: 581


PostPosted: Thu May 06, 2010 2:44 am Reply with quoteBack to top

I caught what sounds like that same 'bug' last month. I rolled over an infected picture at 'People of Walmart' dot com. Rolled, didn't even click. I ended up taking mine into Best Buy Geek squad, it was under warranty so they did the geeky stuff and cleaned it out for me. Am saving that site in case I run into it again, which, with my luck with computers is quite possible.

_________________
Closed lad accounts x 85
Goat Golden Goat Golden Goat
Flying Monkey Easter 2015 pony
View user's profileSend private message
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Thu May 06, 2010 3:44 am Reply with quoteBack to top

In talking with some friends I'm finding this particular scareware scam to be extremely prevalent and super-nasty. I'm starting to feel lucky I was able to clear it out so quickly. It apparently expands and takes over your browser if it isn't removed soon enough. I can't believe it bypasses all the usual virus protection.

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip
View user's profileSend private message
Dorothy
Baiting Guru


Joined: 09 Jul 2008
Posts: 3114
Location: somewhere over the rainbow


PostPosted: Thu May 06, 2010 4:12 am Reply with quoteBack to top

Last summer, my animal shelter web hosting provider was attacked by a variant of that scam. They phished or hacked somebody's site (not ours--at that point every single computer of ours was clean), then were able to use an exploit to attack all the sites on the same server, including ours. They changed our htaccess file so that if users tried to reach us through the 5 top search engines, they were redirected to one of their fake software sites. If the user entered our address directly, they reached our site with no issues. This effectively delays discovery of the issue, because chances are the people involved in maintaining the site will always directly enter the site.

Thanks to a user who did casually mention that something strange had happened when she googled us, the problem was caught relatively quickly, and I knew what happened and had found the cause before my host's help desk had a clue! By the time our host understood the problem (I can't tell you how much time I spent trying to explain it to the people they call tech support, even sending them relevant links to malwarebytes and other comp forums), nearly 20,000 sites had been compromised, and every one of them was inadvertently part of the malware distribution.

The good news is that malwarebytes seems to do a great job of staying on top of the many variants, and when staff members have managed to infect shelter computers with fake antivirus/anti-spyware viruses, (3 times in the past 2 years) , malwarebytes has cleaned up the mess in minutes.

_________________
Purple FlowerEaster Egg"I've a feeling we're not in Kansas any more..."
View user's profileSend private message
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Thu May 06, 2010 4:49 am Reply with quoteBack to top

Wow. Shocked This just gets bigger. It really is a virulent and nasty scam. I went ahead and paid for malwarebytes registered version to get the real-time protection. I don't want to deal with this again, but from the sound of things it's so prevalent that I'm sure to cross paths before long.

Live and learn, I've always considered myself a very, very cautious and savvy person when it comes to the Internet. I'm humbled, and frightened.

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip
View user's profileSend private message
Dya Reyarunen-Downmeleg
Baiting Guru


Joined: 10 Aug 2009
Posts: 4129
Location: At the toilet door yelling are you almost done in there? Oops, too late...


PostPosted: Thu May 06, 2010 5:52 am Reply with quoteBack to top

Is it true that Macs are safe from viruses?

_________________
^ You are my favorite Canadian on Earth. Very Happy Pastor Frank



Closed lad accounts x163 Easter Egg 2011 Easter Egg Easter Egg 2013 Goat Goat Goat Golden Goat Mc Fry Purple Flower Mortar Elite Ninja Team Member

so as to enable the conclusion of this transaction on your behalf since you are not dead because if you are dead you would not have write me because I know that never will a dead
write to living...
I could receive the document official which you want to forward me for adhesion with [email protected]
I am captivated, impressed and hypnotised with your sincerity
This you’re [email protected] has it existed some how somewhere before?
Your ASSCODE is: 999-035-2655



"I Am Not a Justin Beiber Fan" innocent.being


Steward, WTF?



SAY NO TO SCURVY
View user's profileSend private message
foo
Elite Baiter


Joined: 12 Nov 2009
Posts: 1271
Location: Itteh Bitteh Kitteh Citteh


PostPosted: Thu May 06, 2010 6:03 am Reply with quoteBack to top

They're safe from viruses written to infect Windows computers, which is most of them. There have been a few Mac viruses though.

_________________
Closed lad accounts*15 [United StatesNigeriaDenmarkGhanaUnited KingdomThailandGermanyMalaysiaSwitzerlandFilipino flagBahamas, TheBenin]*244 Easter Egg 2011

Unopenable image file | mtcntool | IBMP

"Having acknowledge your email with the content well noted and understood,see we have had enough off this shit from you." --Lamido Sanusi
"i want to scam you ! please understand . i am scamer !" --a scamer
"shit happens. but there's always a silver lining" --Slightly
View user's profileSend private message
Craig007
Baiting Guru


Joined: 19 Apr 2007
Posts: 3124


PostPosted: Thu May 06, 2010 6:53 am Reply with quoteBack to top

I had this problem too! I just realised yesterday it had also penetrated my External (supposedly BACKUP) harddrive and I'm having a headache trying to get Windows to get it to recognise.

JF - It does takeover the browser, and re-routes anything you do to a proxy, telling you to buy the software.

_________________
CAN VISA BE GIVING IN THE PLANE? YOUR QUEEN ELIZABETH CAN NOT TAKE VISA IN THE PLANE,TALKLESS OF YOU - WILLIAM PAUL

pony pony pony Easter Egg Goat Vcamera

Mortar x7 Closed lad accounts Thailand Canada

Safari Safari Wulugu or Bust Safari- Lagos, Nigeria to Paga, Ghana and Tokwari, Ghana X2-3800mi. "I'm leaving this bullshit area"

Safari - Accra to Cotonou - 430 miles

100% RISK FREE TRANSACTION

CHERRIE MENTOR PROGRAM
View user's profileSend private message
doc holliday
Squirrels Hate Me


Joined: 06 Feb 2008
Posts: 2459
Location: Behind the Oriental,taking potshots at hitlads.


PostPosted: Thu May 06, 2010 12:46 pm Reply with quoteBack to top

It's a shame this isn't baitable.

_________________
Fuck off, and wait for your death, you fucking dog's eater, I will see this to the end, already, you are a fucking negativity to this world, go to hell after two puuuuuuuuuuuuuuu
Jack N0delay,hitlad

You have given me enough stress through the shit you sent to me
Jack the hitlad

What you sent to me is not real, don't you fucking understand simple english, that is not real slip from money gram, I have been using money gram before now, FUCK YOU. IDIOT. PLAY YOUR GAME WELL. MASTER OF ALL PLAYERS
Jack,the hitlad who keeps giving me fresh sig lines

Closed lad accounts x35 x2 Easter Egg 2012
View user's profileSend private message
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Thu May 06, 2010 2:51 pm Reply with quoteBack to top

I may not be out of the woods yet. Sad When I booted up this morning my wallpaper came up, but no icons. I shut off manually and restarted, everything came up but although the cursor moved around the screen, it wouldn't click. On the third try it worked. So far, so good. But I'm still worried. I'm also running more scans.

This is a blatant scam. It's a shame it can't be shut down. Isn't there any way to close off their ability to process credit cards? If my business got hundreds of complaints the bank would shut me off.

The "software" they sell isn't anti-virus, it's just a key to turn off the malware they installed. The program remains on your system and they can theoretically reactivate it at any time. They can also theoretically do all kinds of damage with spyware. According to some web posts they also sell the credit card numbers people use to buy their 'software'. I'm sure you could go back to your credit card provider and dispute the charge, and easily document it as a scam. But what's to stop the scammer from retaliating by remotely turning it on again?

I'm already finding more and more friends who have had this infection. This one is running wild and is way too easy to get. Better keep those clean-up instructions handy for the future!

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip
View user's profileSend private message
Tastysnack
Elite Baiter


Joined: 16 Jul 2008
Posts: 1407


PostPosted: Thu May 06, 2010 3:05 pm Reply with quoteBack to top

Yep. Just make sure your malwarebytes is running full time. It should help.

And yes, it's nasty. It's so bad that when I got it on my work machine (just happened to land on a legit website that had it) the IT guy just pulled it out, and gave me a new computer.

They 're-imaged' my computer and gave it back a day or so later. Essentially they just nuked the drive, and re-installed everything from a freshly scrubbed hard drive.

_________________
"I DO NOT THINK WE CAN DO THIS TOGETHER. YOU HAVE BROUGHT MORE PAINS TO ME THAN GOOD." Mr. Wang Yan- After I attempted to rebait with same name as last time. 2-4-09

"you are the must fool i have ever seen fuck you like the 12.5 million idoit dont write me again" Radebe Gumede 7-16-09 after his bank transfer failed.


"Sorry we do not know Mr. Gomer. Send that email fromthe so called gomer to us for scrutiny."- Devati Mooleedhar

SON OF A DOG GO EAT SHIT AND DRINK WATER!!!!!!!!!!!!!!!!!!!!!!!!!!!!! LOSERRRRRRRRR.GET A LIFE--Bakar Saud (After Mr. Gomer chopped his dolla')

YOU ATE OUR MONEY AND YOU START MOCKING US--Bishop Anthony

Fake Checks Received= $63,487 US
View user's profileSend private message
A Skinner
Texas Lad-Saw Massacre


Joined: 16 Nov 2003
Posts: 3680
Location: Texas, USA


PostPosted: Thu May 06, 2010 3:52 pm Reply with quoteBack to top

It may be that the file(s) that run it is hidden behind a Restore Point on your computer. If so, then it will be able to find it's way out and reinfect you again.
The solution is in Safe Mode to remove all Restore Points, run Malwarebytes again & your anti virus program, then create a new Restore Point.

_________________
Safari Safari Safari Mortar x 25
Closed lad accounts X ? Nurse Nastys Audi TT x3 Purple Flower
Sand Timer x2 Easter Egg 2012 Nigeria Benin United Kingdom Ghana
SINCE YOU MADE ME TO GIVE MY CAR AWAY AND ALL THE DISAPOINTMENTS YOU GAVE TO ME,WHICH MADE ME TO STOP CONTACTING YOU. PLEASE DO NOT INVOLVE ME WITH ANYTHING YOU ARE DOING WITH ANYBODY, PLEASE DONT INVOLVE ME.I DONT WANT ANYTHING THAT WILL JEOPARDIZE MY IMAGE IN THIS COUNTRY.I AM A HUMANITARIAN LAWYER.

infact am getting tired with all this speculation in this transaction, honestly if i had known that this is the kind of person you are i would not have contacted for an assistance

Urgent??? Impotent massage

* Help Keep Eater Running - Click here to donate
View user's profileSend private messageSkype Name
Happy_Slacker
419Eater is my life


Joined: 09 Apr 2007
Posts: 291
Location: Location: Location:


PostPosted: Thu May 06, 2010 3:59 pm Reply with quoteBack to top

I can't help but chime in:

The thing is, a majority of this shit wouldn't be such a problem if something drastic happened on both ends:

First end: Microsoft: If they took a closer look on how they implement their software, and how their software is made to work, it would drastically reduce the number of infections. What do I mean by this?

Defective by design: Ever since Microsoft transitioned users from the all access only version of windows (9x) to NT based XP, things would have been a little better right? WRONG. The problem is that XP and future versions of NT based windows during the stages of setting one's user, THAT user has admin privileges. So if you create user foo, foo has admin rights. Nevermind that ALSO there is a username Administrator by default. SO, now you have two administrator accounts.

The other end: Users. Most Windows users just go about their business, not realizing that they are always working in an account with admin rights. Or maybe they do, but what do they care? They don't want a restricted account, so that they have to constantly have to log into admin to install a driver, or whatever. They have no concept of what an admin account is for, and what is a standard user for. A computer is more like an appliance.

This also applies to gamers, though for the life of me, I can't understand why anyone needs to run World of Warcraft, or (insert_major_title_here) as admin.

Also don't get me started about IE.

I myself also run XP on occasion. Do I run any kind of anti-virus,anti-malware? Actually no I do not, but I also NEVER work in administrator account (from the UNIX mantra, NEVER WORK AS ROOT), and I at least do keep up with Windows patches, run Firefox instead of IE, and use Thunderbird. No hiccups at all. Does this mean I am 100% safe? NOPE.

Actually there is no such thing as a 100% secure system. Still, if Windows users would be a little more mindful, it would make a difference.

edit

Also ironically, to get any kind of anti-spyware/malware and anti-virus to work properly at all, you almost always have to be administrator anyways. So again, kinda defeats the purpose. Rolling Eyes

_________________
Closed lad accounts x2
View user's profileSend private message
A Skinner
Texas Lad-Saw Massacre


Joined: 16 Nov 2003
Posts: 3680
Location: Texas, USA


PostPosted: Thu May 06, 2010 4:29 pm Reply with quoteBack to top

I just noticed that Malwarebytes has a forum and in it are specific instructions for removing your bug.

http://forums.malwarebytes.org/index.php?showtopic=49527

_________________
Safari Safari Safari Mortar x 25
Closed lad accounts X ? Nurse Nastys Audi TT x3 Purple Flower
Sand Timer x2 Easter Egg 2012 Nigeria Benin United Kingdom Ghana
SINCE YOU MADE ME TO GIVE MY CAR AWAY AND ALL THE DISAPOINTMENTS YOU GAVE TO ME,WHICH MADE ME TO STOP CONTACTING YOU. PLEASE DO NOT INVOLVE ME WITH ANYTHING YOU ARE DOING WITH ANYBODY, PLEASE DONT INVOLVE ME.I DONT WANT ANYTHING THAT WILL JEOPARDIZE MY IMAGE IN THIS COUNTRY.I AM A HUMANITARIAN LAWYER.

infact am getting tired with all this speculation in this transaction, honestly if i had known that this is the kind of person you are i would not have contacted for an assistance

Urgent??? Impotent massage

* Help Keep Eater Running - Click here to donate
View user's profileSend private messageSkype Name
Juan Freizwidatt
Forum Admin


Joined: 18 Apr 2004
Posts: 19777
Location: Hanging out at In-n-Out


PostPosted: Thu May 06, 2010 5:14 pm Reply with quoteBack to top

Based on comments in this thread and things I've found online, I went ahead and ponied up for the full version of malwarebytes. $25 to prevent it in the first place is cheap compared to the hassle and time of trying to remove this crap.

And here I thought that as long as I never clicked on anything executable I'd be safe. Rolling Eyes I learned a scary lesson.

_________________
"SATAN WILL KILL YOU . BECAUSE YOU ARE A DAUGHTER OF MERMAID"

"HOW DOES IT SOUND TO YOU THAT ANOTHER PERSON IS DEALING WITH YOU AND ASK YOU TO CONTACT ANOTHER PERSON AND NOW YOU SAID THAT YOU WANT TO DEAL WITH THE OTHER PERSON WITHOUT THE KNOWING OF THE PERSON THAT ASK YOU TO CONTACT THE OTHER PERSON"

"please if you want your funds just pay me,!! pay me!! pay me!!"

Sand Timer x4: Shorty
Safari x 16:
US lad w/Capone: ( Golden Pith ) Black Ribbon
- ATL>DC>ATL>Vegas>Seattle>ATL>San Diego>LA>ATL>Seattle>ATL>WY>ATL>Aspen>ATL (21K+ miles, $11K+ expenses)
Shorty w/bohigal:
- Lagos>Abidjan
Random lads:
- Douala>Korup; Lagos>Cotonou>Parakou; Cotonou>Niger border; Cotonou>Pendjari>jail in Tanguietta; Asaba>Abuja; Accra>Tamale
Purple Flower Goat Jack Boot Whip
View user's profileSend private message
Pastor Frank
Moderator


Joined: 31 Jan 2007
Posts: 11521
Location: EN34ix


PostPosted: Thu May 06, 2010 9:19 pm Reply with quoteBack to top

I madeTHIS leap a few weeks ago and will never look back. Save all of your personal data on an external drive, or a jump drive, burn the ISO and install. It was a bit of a learning curve, but well worth the hassle.

_________________
"Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R
View user's profileSend private messageSend e-mail
TaleSpinner
Wannabe Baiter


Joined: 27 Apr 2010
Posts: 82
Location: Ooh! There I am!!


PostPosted: Thu May 06, 2010 10:06 pm Reply with quoteBack to top

I strongly recommend using FrireFox (here) with the NoScript AddOn (Tools -> AddOns -> Get AddOns -> search for NoScript). Those attacks rely on javascript, iFrames, and embeded objects to run. If you only allow them to execute from places you trust, your world will be a lot safer. And in this game, better safe than sorry! Smile
View user's profileSend private messageYahoo Messenger
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



** Find out information about your IP address **


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT