Virus on the forum? -> FIXED. VIRUS IS REMOVED.

[djfoster]

I hope so I just got it 5 minutes ago

we were filled with malware again,
so i cleaned it again.

it is safe now, but we have to prevent this happening again...

sorry but from my Safari is not fixed cause I still get that msg every time.

it is safe.
the reason why you still have msg is because google tagged it as infected with malware.
and it takes time till they check again and tag it as clean. ok?
now they checked again and said it is clear and you can access without msg, right?

all good now, thanks

[Stupid_Fly_Records]

my Avast says its blocked over 100,000 threats in the last few days.. and fire fox has shut down on me every time Ive opened it. so i haven't been able to get any work done.. im still having these issues. In fact since i started typing this message Avast has block 25 malware attempts. this really sucks.. but im not sure if it was dubstepforum or just weird timing

[Fent Plates]

my Avast says its blocked over 100,000 threats in the last few days.. and fire fox has shut down on me every time Ive opened it. so i haven't been able to get any work done.. im still having these issues. In fact since i started typing this message Avast has block 25 malware attempts. this really sucks.. but im not sure if it was dubstepforum or just weird timing

Nope. I'm the same. My mozilla will not open.

And all my java doesn't work. Says I need to update it. Go to update it. Major crash out, bare error screens and it just stops.

[jsilver]

i'd wipe my computer or use this fix... http://www.dubstepforum.com/dsf-malware-t158608-20.html

u guys probably been botted hard, just sayin

[prism]

this intruded my system too wtf

[Phigure]

I'm afraid it's happened again

You know how DRTY had that virus? Well I was talking with him about it, and he had this virus called Alureon. Anyways, he ended up getting rid of it, however, two/three days later, I hop on my computer and I've got a fake anti-virus installed called Security Tool. It was pretty nasty, couldn't open up task manager or any system application besides Explorer.exe without it closing instantly. I managed to get rid of it, but two days later, I get on my netbook, and I've got BOTH Alureon and Security Tool, so they must be related. Seems kind of suspicious that three separate computers who were all used to browse DSF were infected by the same malware. I sent Dubway an email two days ago about it, because I figured it COULD be a coincidence and I could be wrong, but now Chrome's giving me warnings on every page on DSF, so it looks like it's happened again


Anyways, this malware is pretty nasty. But it is relatively easily removed with the proper tools. I've put together a .rar with all the tools that I used to get rid of this malware three times (DRTY, and myself twice). If you don't trust me, and would rather collect the tools yourself, then what you want is:

Malware Bytes Anti Malware
Super Anti Spyware
Combofix
rkill.com
TDSSKiller
Hostsperm.bat (NOT hot sperm)
Task Manager renamed to Explorer.exe

http://phiik.com/Virus%20Kit.rar

DRTY's infection was dealt with using TDSSKiller in conjunction with MalwareBytes and Combofix.

My first computer's infection didn't allow me to open any applications besides Explorer.exe, and it wouldn't let me close the process of the virus so you'll need to go to C:/Windows/system32 and find taskmgr.exe. Put a copy on your Desktop, and rename it Explorer.exe. Now hover over the Security Tool icon in your taskbar, and a short string of numbers will appear. I assume it's randomly generated, but mine was 60821822. Now open Explorer.exe on your Desktop, and go to the Processes tab, and find that string of number appended with .exe. Kill it. Now run rkill.com and TDSSKiller. After they've completed, launch Combofix. It'll most likely reboot your computer, allow it to do that. When your computer reboots, log in to Windows, and let Combofix continue. It'll scan and then go through 50 stages of cleaning. It'll most likely reboot again. When it reboots, it should be finished and will create a log file. Then install and launch Malware Bytes Anti Malware and SuperAntiSpyware, and perform a full scan. Make sure you scan your memory with SuperAntiSpyware. Now run hostsperm.bat to fix your HOSTS file. If your internet doesn't seem to work, open command prompt (run dialog box > cmd), and type in ping google.com. If you get a response with XX ms, etc, but none of your browsers work, then go to Control Panel, find Add or Remove Programs or Programs and Features. Look for some Norton Software that you probably never installed and uninstall it. If pinging google doesn't work, then try reinstalling your ethernet/wireless drivers.

My second computer's infection made my computer reboot as soon as I logged in, so I had to boot into Safe Mode by pressing F8 during start up. I managed to kill the infection using only this:

"Now run rkill.com and TDSSKiller. After they've completed, launch Combofix. It'll most likely reboot your computer, allow it to do that. When your computer reboots, log in to Windows, and let Combofix continue. It'll scan and then go through 50 stages of cleaning. It'll most likely reboot again. When it reboots, it should be finished and will create a log file. Then install and launch Malware Bytes Anti Malware and SuperAntiSpyware, and perform a full scan. Make sure you scan your memory with SuperAntiSpyware. Now run hostsperm.bat to fix your HOSTS file. If your internet doesn't seem to work, open command prompt (run dialog box > cmd), and type in ping google.com. If you get a response with XX ms, etc, but none of your browsers work, then go to Control Panel, find Add or Remove Programs or Programs and Features. Look for some Norton Software that you probably never installed and uninstall it. If pinging google doesn't work, then try reinstalling your ethernet/wireless drivers."



Even if you're not infected, or think you're not infected, I recommend you download the .rar and keep it on your Desktop because you could have the infection hiding in your system without even knowing it (EGADS!). It pretty much crippled both of my computers. Neither were able to connect to the internet, so I had to use an SFTP client to connect to my jailbroken phone with which I downloaded the antivirus tools and copy over the tools...

[Visitor]

that shit was so annoying lol

[basra]

anything similar programs for Mac users?

[prism]

that shit was so annoying lol

still is.

[badger]

anything similar programs for Mac users?

mac users should be ok

have you actually had any problems?

[djvj3000]

i just noticed today some of my google searches are getting redirected to kdirectory.co.uk, did a search and alot of people are saying its malware ..

anyone else get this ?

[Phigure]

i just noticed today some of my google searches are getting redirected to kdirectory.co.uk, did a search and alot of people are saying its malware ..

anyone else get this ?

run combofix from the virus pack, should do it

[djvj3000]

yea did all those programs, looks like it worked

cheers!

[incnic]

lolsss
thought i got rid of it
but it got in mah online bank and took 3k lol

[arktrix45hz]

Yooo, this is back on that "dubstep t-shirts" thread near the top!

[Bloodstream]

its again attacked via modzilla firefox

[Fent Plates]

Yep.

It's back!!

[faust.dtc]

i just noticed today some of my google searches are getting redirected to kdirectory.co.uk, did a search and alot of people are saying its malware ..

anyone else get this ?

run combofix from the virus pack, should do it

Im still getting redirected after the last attack but nothing seems to be able to remove it.

Its definitely back though...

[Ruttah]

Just got a warning from chrome before I entered the forum then a random file tryed to download itselff, looks like its back

[badger]

should be fixed now