IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Re: XP Issue
Had one like that three weeks ago. Booting in safe mode was also disabled.

These are getting pretty hard to clean out now.

I did the Ctrl-Alt-Del to bring up the process manager and stopped processes until "Can't run Programs" message didn't come up any more. Then I ran ComboFix and MalwareBytes.

Then I could boot in safe mode and ran ComboFix again letting it come back up in standard mode to do it's final clean-up.

Ran them both again in standard mode and cleaned up any junk I could see using Hijack This.

Then I installed AVG Antivirus and scanned again, but it didn't find anything.

New Thanks, I'll give those a try
they are getting really hard to clean now. This is the first real stumper for me. Even deleting the registry keys for the policy editor re: taskman and regedit doesn't work..whatever they put in there is buried pretty well.
I will choose a path that's clear. I will choose freewill.
New One important point.
Get your ComboFix from Bleeping Computer. The bad guys have plenty of sites from which you can download "ComboFix" but not the one that works.
New Where do these people go...
...on the internet in order to get these ferociously unpleasant infections?

Serious question.
New To date . . .
. . not a one of them has any idea. Some who have picked them up are rather conservative in their browsing habits.

Legit servers are increasingly being invaded and compromised - maybe that's where they encounter them.

Since I do a lot of searching, every few days I click on a link, and instead of the site I get a "spyware checker" that pretends to have started scanning my disks for infections, putting up very Windows-like messages and progress bar. Of course the "Cancel" button doesn't work. Of course the "checker" also doesn't know I'm running OS/2.

It's probably things like that that inject the infections.
Expand Edited by Andrew Grygus Nov. 9, 2009, 03:36:50 AM EST
New Lost mine last night. Wasn't even at the computer.
firefox and chrome were left open on multiple sites.

Point, no click was required. Guessing it was flash borne.
I will choose a path that's clear. I will choose freewill.
New There is a problem with ad networks reselling ad space.
They buy and sell space to from other ad networks, to the extend that some sites have no idea what sorts of ads will be shown. Then when one ad gets obnoxious and the site gets complaints, they try to trace it back and discover that the transaction went through four people, for instance.

Most ad networks take very hard lines against problematic ads because sites and networks can and do turn off advertising from whole vendors. But all it takes is one network to sell to someone dodgy, even by accident, and for a short time something nefarious can be on even the most blue-ribbon site.

Wade.

Q:Is it proper to eat cheeseburgers with your fingers?
A:No, the fingers should be eaten separately.
New I have seen that
When my computer at work got hit with a trojan it was through a flash/PDF exploit in an ad on Digg.

Jay
     XP Issue - (beepster) - (10)
         I know! - (Another Scott) - (1)
             Well.. - (beepster)
         Re: XP Issue - (Andrew Grygus) - (7)
             Thanks, I'll give those a try - (beepster) - (1)
                 One important point. - (Andrew Grygus)
             Where do these people go... - (pwhysall) - (4)
                 To date . . . - (Andrew Grygus)
                 Lost mine last night. Wasn't even at the computer. - (beepster)
                 There is a problem with ad networks reselling ad space. - (static) - (1)
                     I have seen that - (jay)

You tread upon my patience.
86 ms