Ron Pope Motorsports                California Custom Roadsters               

stupid hackers

dovehunter79

New Member
Just thought I would let out the word that there has been a trojan virus going around called Antivirus 2009. It isnt quite new but has been around for a few months. We have had about a dozen computers in the past couple weeks get infected with the virus from people poking around on the internet. I am having to download a Unix program so I can pull data files off the laptop before I have to rebuild it. I cant load any external media or any windows programs once windows loads. (using Unix to fix Windows, go figure!):smashpc: I have spent countless hours on too many computers fixing this dern virus. There are tools on the internet to clean it if you happen to get it installed. Also had a guy bring in his laptop today that had "Antivirus 360"


Just thought I would throw that out there to everyone as an FYI.
 
I'm using Kaspersky Internet Security for my antivirus software. I go hit hard by a worm and I called them and they directed me to a free download for SUPERAntiSpyware. I think it was Antivirus 2009 that nailed me. It asked for me to purchase an upgrade to knock it out. Kaspersky told me that that was the virus and it was phishing for my credit card info. The SUPERAntiSpyware software took care of it. I do weekly system scans now and get free weekly updates and I've been operating for several months trouble free, knock on wood.
 
Later on this week, I am locking down the internet on all computers because its an internet based program... Its the only way I can make my life easier so I can have more time for my bucket.
 
Reason is because its going to take me about 4 hours to rebuild this laptop and to load all the software that it needs to be able to perform the job that its required to do... Im pretty certain that he was on sites he shouldnt have been visiting, i just didnt check before i deleted the trails.
 
I agree with you, I have read some posts/forums and what I have found is the av2009 comes mostly from xxx sites. They hide in the media code, I know that the guys that I have to rebuild his laptop likes to look at those kinds of sites and emails them to other people... Hes going to be t'd off when he gets it back and is only going to be able to go to two websites but I will just look at him and do this number...:boohoo:
 
Yep it got my desk top and now it got my new lap top ,:smashpc:mad:$%^& !!
I would love to meet the SOB that made it !!!
22a.gif
 
it just crashed my lap top and lost all t-bucket plans,pics,drawings,ect. now i have to clean reinstall and start over . I would like to put a virus somewhere!!
 
dovehunter79 said:
Reason is because its going to take me about 4 hours to rebuild this laptop and to load all the software that it needs to be able to perform the job that its required to do... Im pretty certain that he was on sites he shouldnt have been visiting, i just didnt check before i deleted the trails.

dovehunter79,

I see you are in Weatherford and I'm curious as to what you do. Are you in the computer buisness or do you just work on them for grins? I used to go to Weatherford quite a lot before leaving Fort Worth several years ago. A long time friend of mine has a shop south of I-20 at Bankhead Rd. He builds high articulation rock crawler jeeps. We race cars together years ago. I stay in touch with him and need to go for a visit. If I do, I'll let you know.

George
 
fluidfloyd said:
dovehunter79,

I see you are in Weatherford and I'm curious as to what you do. Are you in the computer buisness or do you just work on them for grins?
George


George,

I work for a pipeline company and I am an IT/SCADA Administrator... I actually work down hwy 51 near granbury about 2 miles north of the lake. I know where that shop is but I havent owned a big 4X4 in years so I havent stopped by. I do my best to stay away from computers when I am not at work, the last thing I really want to do when I leave from here is touch another computer... I am taking it that you dont frequent Weatherford much anymore?

Jeff
 
dovehunter79,

I moved from Fort Worth to Mountain View, Arkansas a little over two years ago so it's about a 600 mile run to do lunch. The man that owns that 4x4 shop is actually a mechanical engineer and has spent a life time designing and building oil field equipment. He founded and ran Hydra Rig until selling it to the old PENGO/Harold Owens group some years ago. He retired and started building those rock climbers to support his habit but when the boom came back he went back to designing and consulting for another company in Fort Worth. He really doesn't do much jeep building anymore due to time restrictions. You ought to go by and introduce yourself and take the tour. He's a real stand up guy and he likes hot rods/race cars. You would like him. His name is Tom Elliston. Tell him Hillbilly George sent you.

Hillbilly George
 
It is not only xxx sites you can get this from. It seems to be popping up all over, I have seen people get it from the "gossip" sites as well.

As for having to rebuild the laptop to get rid of it, you do not have to do that. Here is what I do to get rid of it.

Go to computer that is not infected. Download Malwarebytes. Put it on a usb stick. You need to do this since the av2009 blocks sites that have programs like hyjackthis, combofix, and malwarebytes (all of which can be used to fix this infection)

Delete all temp files on the infected computer.
Install the program on the infected machine.
Reboot into safemode.
Run the full scan.
Come back in an hour and delete everything it finds.

That should sort you out.
 
Keeper said:
It is not only xxx sites you can get this from. It seems to be popping up all over, I have seen people get it from the "gossip" sites as well.

As for having to rebuild the laptop to get rid of it, you do not have to do that. Here is what I do to get rid of it.

Go to computer that is not infected. Download Malwarebytes. Put it on a usb stick. You need to do this since the av2009 blocks sites that have programs like hyjackthis, combofix, and malwarebytes (all of which can be used to fix this infection)

Delete all temp files on the infected computer.
Install the program on the infected machine.
Reboot into safemode.
Run the full scan.
Come back in an hour and delete everything it finds.

That should sort you out.

That might work if I could only boot into safe mode but since I CANT, it is not an option...
 
I doubt the virus is preventing you from using the F8 key to get to the boot options menu. If it is, just boot the machine fully and do a hard shutdown. If it's a desktop, just pull the plug out of the power supply to kill it. If it's a laptop, hold down the power button until it shuts off (usually takes about 4 seconds to do). This hard shutdown will force windows to take you to the boot options menu the next time you boot. From there you will be able to select to boot into safe mode.

I hate Windblows.

Just my two cents.

David
 
You can run that program without going to safe mode but its better if you can.

It can't hurt to give it a shot. Save you a few hours and the frustration of the "Do you have such and such file, I cannot find it anymore and I need it for todays meeting" since it is never the users fault for them screwing up the computer in the first place.
 
Keeper said:
You can run that program without going to safe mode but its better if you can.

It can't hurt to give it a shot. Save you a few hours and the frustration of the "Do you have such and such file, I cannot find it anymore and I need it for todays meeting" since it is never the users fault for them screwing up the computer in the first place.

I got Ubuntu dl'd to get the files that he needs so i can transfer them to the pc that hes using currently. Hes had it for over a year so its really about time... I will try it and let you know how it fairs. Hes even managed to screw up a desktop at a remote location... dont even know whats wrong with it yet cause I havent had time to drive over there and look at it. I just know that when I am done he wont even be accessing msn.com.
 
Sorry Keeper, that didnt work either... I did however try it so i reloaded windows and it blue screened on me again... :format=Everything will work:

"When it doubt, format it out" :)
 

     Ron Pope Motorsports                Advertise with Us!     
Back
Top