PHOTOBUCKET IS INFECTED!!! BE CAREFUL!!!

If you go on Photobucket today...the AV2009 Virus pops up...don't click ANYTHING but the red X and close out IE windows FAST!!! I hope they are able to fix it...I've got a ton of pics in my account there!

 

how do you know that... and what does it do... my computer is at risk, cuz i have an invalid ctf file to update the virus data base.... it sucks

 

Don't even click the red X Don't touch the window at all, close it from your taskbar. Or ctrl-alt-del and kill it in task manager. Touching the window at all, even the red X, is granting permission.

If you get that thing, go here
http://www.bleepingcomputer.com/combofi ... e-combofix

download Combofix and run it. Follow the instructions NOT TO TOUCH IT while its running very carefully. Once Combofix is done, run a full scan with whatever antivirus you use; then run Combofix again.

We've been very successful using that procedure to kill the damn AV2009 thing over the last few months. My group supports Wayne County's computers (the county Detroit is in.)

 

im the computer tech here in the forum and i deal with this virus on a day to day bases and to get rid of this virus you have to use three tools AVG root kit removal tool combo fix and malware bites if it does not let you use the toold you have to rename the .exe file its actually a virus that get in to your system and it acts like a virus program toring to get rid of the infections on your computer but its actually the virus it self and its going to ask you to pay it about 50 bucks and if you do it charges your card 3 times that amount and it tryes to still your identy this virus has other names like xp antivirus 2006-07-08-09 and 2010 spyware protection 07-08-09- and 2010 vista anti virus about 90% of all my calls that i go out to work on is because of this virus and about 50% of thoes call actually pay for it so use AVG ROOT KIT found on google then use COMBOFIX found on google and then MALWARE BYTES found on google then use spybot search and distroy and super anti spyware these programs are all free and if you have the pop up of AV2009 you have the virus ohhh go ms config in the run path and type in MSCONFIG in lower case and click on start up and click disable all and then go to services tab and then click on hide all microsoft services and then click on disable all but if you have a hp printer or dell printer or lexmark printer you might disable that to so look for any thing for hp that has hp in it and for dell it would DLCT or lexmark which would be lxcm or somthing like that soory ill fix my errors now but my customer just waled in to my shop i hoped i helped thnx

 

this is why i use firefox, with several 'popup' and flash / ad blockers loaded. nothing comes up unless i tell it to.

Stevetibb .... your post gave me a headache. I gave up trying to decipher it.

I see bits and pieces of good info in there, basically just do as bigfitz says and you should be fine. If that doesnt get rid of it, try the AVG root kit removal thing that stevetibb mentioned.

 

sorry sorry my mind runs way faster than my fingers do
AVG root kit
combofix
malwarebyts
then use
spy bot search and destroy
super anti spyware
in that order

 

stevetibb: no offense intended, i'm the same way sometimes.

Very good advice, thats exactly what I use as my "emergency anti-virii" setup for friends.

 

It's good to have a BlackBerry! The claim there is no such thing as a BlackBerry virus. Too stupid I guess!

Keep the faith guys! Sure would be a great thing to find and prosecute on a 0regular basis the b**tards who continue to perpetuate this ridiculous crap on American business a it's citizens.

 

Do you run any of these in safe mode?

 

Nothing to fear running Ubuntu...

 

Or Mac OS X...
Saludos desde Reynosa, Tamaulipas, Mexico!
macnifico

 

combofix does

 

Would someone who is knows how to explain this in terms all will understand PLEASE sort it out.

 

I tried to keep it simple. You don't usually need all that, "Combofix" plus a good antivirus will usually kill it. Although I will admit it is getting nastier of late, I believe people are building variants and adding things.

I was trying to stay away from starting a PC support thread, and was just trying to throw a couple of quick tips your way.

The "Antivirus 2009" thing is a piece of "malware" that gets into your PC and tries to SELL YOU a spyware removal tool. If you fall for it, it will rip you off. If not, it will pester you and screw with your computer and piss you off until you manage to get rid of it.

It is, as stevetibb says, getting harder to get rid of and sometimes CAN require all the steps he has suggested.

Carl; Combofix does run in safe mode and has better results that way; even better if you are SURE you're running in the infected profile too, and system restore is OFF.

What I said in my original post goes for any unintended or unwanted "do you want to install this on your computer" thing that pops up. DON'T TOUCH IT. NOT EVEN the red "X." Close it from your taskbar or task manager, if you click it ANYWHERE you grant it permission.

Run a good solid antivirus program and keep it up to date.

 

Ok
1/1000 websites are infected with a virus, spy-ware,Trojan,malware, and ad-ware every day

these tools that i have listed, are all tools that remove the threats above i just stated.

tragically photo bucket is infected with AV2009. these are called drive by downloads. which are people who buy space on a website, to advertise there product but actually put a very bad code behind the advertisement, where people who load up the website. "actually download the website to there computer under the temp file." view the website to see what ever they are looking for IE XJBIKES.com and by the time photo bucket and other websites realize that there website is infected the person has packed up the bags and moved to the next web site, and so many computers are infected with the virus. then these computer infect other computers.

SPYWARE: spy's on you and try's to get info about you or try's to find out where you go online, and then send you spam emails.

ADWARE: AKA POPUPS.

TROJANS: there are different types of these, some take over your keyboard, AKA key logger, or they open up ports to allow the infecter in your computer, and get inf,o about you or still files.

MALWARE: these programs are bad ones. there the fraud ones that try to defraud you. AKA AV2007-08-09-2010 they act like a virus program, so they can get money from you. to actually get the full version on your computer which is fake.

ROOT-KITS: they are a program that hides on your OS, they are like a MINI OS which downloads MALWARE, to your computer eeeeeek.

any and all computer Q's can come to ME PM me if you like.

 

Fedora 10 here...

 

it can get infected too

 

I spent the better part of yesterday removing malware and rootkits from a friend of mines computer. They had no anti-virus protection(it expired). And I believe they relied on the Windows Firewall to protect from intrusions.....
8O
4 things you need to fix an infection and they are free:
Super Antispyware
MalwareBytes
Spybot Search and Destroy
Combofix

Worked for me on my machine and my wifes as well as my friends computer. If you have to run Combofix, do so as a last resort and be prepared to do a Windows XP system rebuild if you have a lot of Data or programs on your drives. REBUILD, not reinstall!

 

I've never had ComboFix wreck anything, except maybe set security for ODBC connections back to defaults. You can't be running anything or touch it while it's running or it will break stuff.

 

Combofix does mess up a computer sometimes it used to be more often that's why it asks you now if you want to install recovery consul if you don't have it

 

I have to agree with Flash... On a Windows box, #1 vulnerability is Internet Explorer.... So you can run Firefox, Chrome or Opera instead. All are free, good quality browsers. There's a nifty plugin for Firefox called NoScript, which disables things like JavaScript, object embedding (like movies and flash objects) unless you explicitly allow them. It may be tedious at first, cause you have to allow all your most often visited sites, but the end result is a much more secure browser.

Another thing that doesn't get stressed enough IMHO.... Most people routinely use administrator-level accounts on Windows for every day use. This is a Bad Idea. Create yourself an unprivileged account for surfing, gaming, email etc... That way, if you do manage to get an infection, it will be contained within your account, instead of taking out the whole system. It doesn't help that most brand-name PC manufacturers create passwordless, fully-privileged accounts on most of their computers out of the box, and the sheeple that buy them just keep using them that way.

It goes without saying that you should use strong passwords, and also set a password on your broadband router, if you have one. There are viruses that can change your router settings, creating all kinds of havoc (like Zlob).


An ounce of prevention... blah blah blah

 

is photobucket cured yet?

 

yepper.

 

Photobucket virus; What's that? Just kidding .......

Better late than never post Department:

I use FIREFOX.
Just like the Energizer Bunny this robust browser just keeps on workin' and workin'.