SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 well this is an elaborate scam

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
gerald.fird
Baiting Guru


Joined: 24 Mar 2010
Posts: 2058
Location: Ladland


PostPosted: Sat Jul 24, 2010 11:40 pm Reply with quoteBack to top

Sometimes, they even show their own files as infected

_________________
ThailandUnited KingdomSouth AfricaSpainNigeriaUnited StatesGhanaCanadaBahamas, TheBurkina FasoChinaGermanySwitzerland = 309 Mugu Reseller
Closed lad accounts x211 Easter Egg 2013 x36
Cellphone X17
Safari Mrs. CHIPIWA MAZIVA - Johannesburg to Cape Town - 1800 miles round-trip

"IDIOT DEY FOOL YOURSELF........ YOU NON GET WORK DATS WHY U DE FIND FOLLOW UP..... ILLITERATE
TAKE MY ID MAKE U ADD ME

MAKE I SHOW U MY WEBMAIL... U WILL NO DAT AM NOT HUNGRY... HUNGER GO KILL UR GENERATION"
View user's profileSend private message
puckettgw
Master Baiter


Joined: 26 Jun 2010
Posts: 168
Location: fe80::**d:9**:fe**:c**e


PostPosted: Sat Jul 24, 2010 11:46 pm Reply with quoteBack to top

yeah, that's usually how they operate Very Happy

this site's different though... it distributes a windows executable to show you that movie, rather than just showing it in the browser xD

perhaps this is to avoid telling mac users they have windows problems Razz


i always tell my friends to quit looking at so much porn.. xD

_________________
Closed lad accounts x4

^__^ FIRST PIGGY 7/15/2010 !

<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a>
View user's profileSend private messageMSN Messenger
gerald.fird
Baiting Guru


Joined: 24 Mar 2010
Posts: 2058
Location: Ladland


PostPosted: Sun Jul 25, 2010 12:01 am Reply with quoteBack to top

My computer's been infected several times. It's actually partially infected right now. We installed Norton Internet Security before it fully installed. Every now and then adware pops up, and whenever I try to go to a site which is against scams, it redirects 80% of the time

_________________
ThailandUnited KingdomSouth AfricaSpainNigeriaUnited StatesGhanaCanadaBahamas, TheBurkina FasoChinaGermanySwitzerland = 309 Mugu Reseller
Closed lad accounts x211 Easter Egg 2013 x36
Cellphone X17
Safari Mrs. CHIPIWA MAZIVA - Johannesburg to Cape Town - 1800 miles round-trip

"IDIOT DEY FOOL YOURSELF........ YOU NON GET WORK DATS WHY U DE FIND FOLLOW UP..... ILLITERATE
TAKE MY ID MAKE U ADD ME

MAKE I SHOW U MY WEBMAIL... U WILL NO DAT AM NOT HUNGRY... HUNGER GO KILL UR GENERATION"
View user's profileSend private message
puckettgw
Master Baiter


Joined: 26 Jun 2010
Posts: 168
Location: fe80::**d:9**:fe**:c**e


PostPosted: Sun Jul 25, 2010 12:04 am Reply with quoteBack to top

Try MalwareBytes. It works really well (and doesn't use nearly as much memory as Norton) ... If you've bought a license for Norton, I'd definitely consider buying MalwareBytes when your license expires... It's a lot cheaper and does a really good job. The free version still scans for and removes all kinds of stuff that McAfee and AVG won't find.. it just doesn't have automatic protection. I don't like Symantec products... Google "norton broke my computer" or something similar.

Also if you have your windows install CDs you can reinstall internet explorer .. i forget where exactly the file is located but if you google "reinstall ie.inf" you'll find it.

edit:

also, go to c:\windows\system32\drivers\etc\ and open the "hosts" file with notepad. there should only be one entry -- "127.0.0.1 (some tabs) localhost"

any other entries are either norton hijacking you or some kind of malware.
exceptions are things like activate.adobe.com which you might have if you own Photoshop or something similar. Basically, if it's just a random IP address and it goes to some crazy URL it's probably bad.

if you want, i'll fix it for you remotely for free. i'm a certified technician. PM me if you're interested.

_________________
Closed lad accounts x4

^__^ FIRST PIGGY 7/15/2010 !

<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a>
View user's profileSend private messageMSN Messenger
gerald.fird
Baiting Guru


Joined: 24 Mar 2010
Posts: 2058
Location: Ladland


PostPosted: Sun Jul 25, 2010 12:18 am Reply with quoteBack to top

I know I've tried it a hundred times. It can't remove it, surprisingly! I've had the free version for months, since sometime last year

EDIT: YEs, my computer's being attacked every day.

_________________
ThailandUnited KingdomSouth AfricaSpainNigeriaUnited StatesGhanaCanadaBahamas, TheBurkina FasoChinaGermanySwitzerland = 309 Mugu Reseller
Closed lad accounts x211 Easter Egg 2013 x36
Cellphone X17
Safari Mrs. CHIPIWA MAZIVA - Johannesburg to Cape Town - 1800 miles round-trip

"IDIOT DEY FOOL YOURSELF........ YOU NON GET WORK DATS WHY U DE FIND FOLLOW UP..... ILLITERATE
TAKE MY ID MAKE U ADD ME

MAKE I SHOW U MY WEBMAIL... U WILL NO DAT AM NOT HUNGRY... HUNGER GO KILL UR GENERATION"
View user's profileSend private message
puckettgw
Master Baiter


Joined: 26 Jun 2010
Posts: 168
Location: fe80::**d:9**:fe**:c**e


PostPosted: Sun Jul 25, 2010 12:21 am Reply with quoteBack to top

That's pretty gnarly. Sounds like you've got the same trojan my girlfriend had a while back. It's modified the file permissions (and the owner of the files) so that you can't modify or delete them. You might be able to "take ownership" in Safe Mode (as Administrator) and then delete them that way. You'll also need to find the entries in your registry and remove them.

If there are DLLs involved, start->run->regsvr32 /u (drag and drop the offending DLL) ->press enter, then try to delete them.

ALSO!!! I just remembered! If you're trying to remove files and they get deleted, then come back at reboot -- you may need to type the following in a command prompt:

sfc /disable

then delete the offending files

then reboot,

then sfc /enable (in a command prompt)

_________________
Closed lad accounts x4

^__^ FIRST PIGGY 7/15/2010 !

<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a>
View user's profileSend private messageMSN Messenger
gerald.fird
Baiting Guru


Joined: 24 Mar 2010
Posts: 2058
Location: Ladland


PostPosted: Sun Jul 25, 2010 12:26 am Reply with quoteBack to top

By remove, I mean it can't even find it. Like I told you, it's not fully installed. If it was, I would'nt even be connected to the internet.

EDIT: Have you ever been infected with AVSoft? It's pretty hard to remove. It disables everything on the computer. Everything! I'm not infected with that right now

_________________
ThailandUnited KingdomSouth AfricaSpainNigeriaUnited StatesGhanaCanadaBahamas, TheBurkina FasoChinaGermanySwitzerland = 309 Mugu Reseller
Closed lad accounts x211 Easter Egg 2013 x36
Cellphone X17
Safari Mrs. CHIPIWA MAZIVA - Johannesburg to Cape Town - 1800 miles round-trip

"IDIOT DEY FOOL YOURSELF........ YOU NON GET WORK DATS WHY U DE FIND FOLLOW UP..... ILLITERATE
TAKE MY ID MAKE U ADD ME

MAKE I SHOW U MY WEBMAIL... U WILL NO DAT AM NOT HUNGRY... HUNGER GO KILL UR GENERATION"

Last edited by gerald.fird on Sun Jul 25, 2010 12:32 am; edited 2 times in total
View user's profileSend private message
puckettgw
Master Baiter


Joined: 26 Jun 2010
Posts: 168
Location: fe80::**d:9**:fe**:c**e


PostPosted: Sun Jul 25, 2010 12:31 am Reply with quoteBack to top

oic. in that case...

have you checked the autorun areas in your registry?
They're at

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

and

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Have you tried running HiJackThis in Safe Mode?

_________________
Closed lad accounts x4

^__^ FIRST PIGGY 7/15/2010 !

<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a>
View user's profileSend private messageMSN Messenger
gerald.fird
Baiting Guru


Joined: 24 Mar 2010
Posts: 2058
Location: Ladland


PostPosted: Sun Jul 25, 2010 12:33 am Reply with quoteBack to top

As I told you before, only adware was installed. And anyway there's practically nothing in AutoRun

_________________
ThailandUnited KingdomSouth AfricaSpainNigeriaUnited StatesGhanaCanadaBahamas, TheBurkina FasoChinaGermanySwitzerland = 309 Mugu Reseller
Closed lad accounts x211 Easter Egg 2013 x36
Cellphone X17
Safari Mrs. CHIPIWA MAZIVA - Johannesburg to Cape Town - 1800 miles round-trip

"IDIOT DEY FOOL YOURSELF........ YOU NON GET WORK DATS WHY U DE FIND FOLLOW UP..... ILLITERATE
TAKE MY ID MAKE U ADD ME

MAKE I SHOW U MY WEBMAIL... U WILL NO DAT AM NOT HUNGRY... HUNGER GO KILL UR GENERATION"
View user's profileSend private message
puckettgw
Master Baiter


Joined: 26 Jun 2010
Posts: 168
Location: fe80::**d:9**:fe**:c**e


PostPosted: Sun Jul 25, 2010 12:37 am Reply with quoteBack to top

HiJackThis would more than likely be able to shed some light why your browser is being redirected. If there's nothing in your hosts file, or your registry, or detected by norton or malwarebytes, and your DNS servers aren't altered, then perhaps you should check your browser's proxy settings.

AVSoft is pretty gnarly. One of my least favorite ><

Did you make sure that your TCP/IP Properties are set to automatically acquire your DNS server?Image

_________________
Closed lad accounts x4

^__^ FIRST PIGGY 7/15/2010 !

<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a>
View user's profileSend private messageMSN Messenger
evil_sheep
Compulsive Self Abuser


Joined: 15 Jul 2010
Posts: 1100
Location: 419eater Passport office.


PostPosted: Sun Jul 25, 2010 1:08 pm Reply with quoteBack to top

Try deleting c:\windows\system32

It speeds up your PC. Wink

Wouldn't you agree, fellow btard? Very Happy



(DO NOT DELETE THAT FOLDER, I AM JOKING!)

_________________
Closed lad accounts x11 Thailand x3 Ghana Senegal United Kingdom Welsh Flag United Nations

"I thank you for your quick massage this morning. " - Prince Abdul Hakeem
"u lied. i know u as black man" - Timothy Fred
"Get out. If you mail me again, i will destroy your mailbox." - Clydesdale Bank PLC.
"picece of shit gett off here junkie" "arse hole like u" "u r a bullshit around the corner" "fuck off and die" "is that how you write ur father?" "do u need some crack from Brazil?" "please leave me alone" - Dr. Mohamed Gaza

FREE BEER!

"Baiting is like sex. If it does go pear-shaped, pull out, get a new email address and try again from a different angle." - Me
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT