GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   virtumonde virus/spyware (https://gfy.com/showthread.php?t=879267)

Pipecrew 01-03-2009 12:59 PM
virtumonde virus/spyware
 
What a pain in the ass this thing is, any one else ever been infected? I dont know how it got me but its a nightmare to remove.

Any adult site i visit I get an AFF popup, go figure.

seeandsee 01-03-2009 01:01 PM
AFF Ipo :)

SmokeyTheBear 01-03-2009 01:02 PM
whats the affiliate id the ftc loves threads like these

brand0n 01-03-2009 01:03 PM
malwarebytes to start

Pipecrew 01-03-2009 01:13 PM
Quote:
Originally Posted by SmokeyTheBear (Post 15277370)
whats the affiliate id the ftc loves threads like these
who knows, looks encrypted

http://adultfriendfinder.com/p/regis.../&site=ffadult

Barefootsies 01-03-2009 01:13 PM
Yes. It is a real pain to get rid of.
I have had it twice. First time, it took maybe half a day to get rid of 2-4 hours.
Next time, was gone in an hour. Just a lot of waiting for programs to run.

WiredGuy 01-03-2009 01:41 PM
Affiliate ID: p62151c
WG

Mutt 01-03-2009 01:46 PM
i've had it 3 fucking times - dude you are in for a long day - it can be wiped off your computer if you have at least half a day to deal with it - if not, re-format and re-install.

Fletch XXX 01-03-2009 01:50 PM
http://www.gofuckyourself.com/showth...ght=virtumonde

my thread about it.

Mutt 01-03-2009 01:51 PM
No one piece of anti-spyware will clean that shit up - you need to follow this guide
every step - don't skip any of them

in the end CombiFix will get it - but you still need to run the rest first - i think anyway - i wanted it gone so bad that i figured i better follow the steps exactly because these geeks seem to really know their spyware shit

even after it's all gone you'll still find some remnants in your registry - they are harmless remnants

http://forums.majorgeeks.com/showthread.php?t=35407

Sosa 01-03-2009 01:57 PM
It struck another one

Pipecrew 01-03-2009 02:05 PM
Quote:
Originally Posted by WiredGuy (Post 15277512)
Affiliate ID: p62151c
WG
i hope this "affiliate" goes to internext. Prepare the lynch mob

farkedup 01-03-2009 02:15 PM
I'm not sure exactly How I had gotten rid of it but I've had it LOL Spybot, adaware and AVG were all I had to use if I remember right. I Know I used HJT too but that mainly kills startup shit you don't want.

u-Bob 01-03-2009 02:41 PM
format + reinstall imho

CrkMStanz 01-03-2009 02:50 PM
Quote:
Originally Posted by u-Bob (Post 15277766)
format + reinstall imho
i run an 80g C drive - ghosted, all data is on other harddrives and offline backups

I rebuild my C drive many times a year, whenever i suspect a problem, whenever I visit 'one of those sites', or once a month whether it needs it or not

tip: get to know your running processes (task manager)

no virii for me

ztik 01-03-2009 03:01 PM
Its pretty easy to remove after you figure out how the damn thing works

Turn off system restore (it will keep installing from there)

Restart into safe mod - scan with other scanners and this one also - http://secured2k.home.comcast.net/to...undoBeGone.exe

germ 01-03-2009 08:00 PM
Fuckin AFF...

PersianKitty 01-03-2009 08:02 PM
Where does it originate? ie... how did you get it?

Pipecrew 01-03-2009 08:11 PM
Quote:
Originally Posted by PersianKitty (Post 15278795)
Where does it originate? ie... how did you get it?
I really wish I knew! i was reading online that it exploits the latest version of java or something like that.

Thurbs 01-03-2009 09:29 PM
just get a mac jordan, done and done.


All times are GMT -7. The time now is 05:34 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123