100% FREE ONLINE DATING
sponsored links
Previous
| Topic: Please read,,, NOW | |
|---|---|
|
|
|
There is a program being loaded onto comps. I having a helluva time right now cleaning my Moms two comps
She visited a site, it's called "BBW". I asked what the full name is. She doesn't remember much else about it. Until I find out more, please be careful. It has a password stealer and browser hijacker. I couldn't even find it in the history file as todays history is wiped clean. All I can tell you right now is that it puts a fake program on your comp that says you're infected with numerous trojans... DO NOT CLICK ON THE ICON ON YOUR DESKTOP, DO NOT CLICK ON THE POP UPS, DO NOT TRY TO OPEN THE PROGRAM. GET YOUR LATEST UPDATES FOR ANIT VIRUS AND SPYWARE DETECTORS AND DISCONNECT FROM THE INTERNET, THEN RUN THEM. My suggestion is to set the heuristics to aggresive... One sure way to tell if this is bogus AV ware is that it says it detected a trojan on July24, 2009... I'll repost more when I find out anything,,, |
|
|
|
|
|
|
|
http://www.bathandbodyworks.com/home/index.jsp comes up when I typed bbw.com
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When i think about you i touch my self
|
|
|
|
|
|
|
|
There are several variations on this type of malware. It is downloaded without the users consent when they visit a attacker website. These programs disguise themselves as A/V programs and advise you that you have a virus and should go to there site and purchase a download to fix it, but all they are doing is stealing your cc info. Most current A/V programs should be able to detect and remove it.
|
|
|
|
|
|
|
|
|
There are several variations on this type of malware. It is downloaded without the users consent when they visit a attacker website. These programs disguise themselves as A/V programs and advise you that you have a virus and should go to there site and purchase a download to fix it, but all they are doing is stealing your cc info. Most current A/V programs should be able to detect and remove it. The program will not show up as malware by scanning it. It has to be activated by accessing the internet. Once it reaches the home site, the malware is set. Go to a restore date previous to downloading and restore. Comes up as PAV on the menu. Scanning individual components or trying to uninstall doesn't work. |
|
|
|
|
|
|
|
|
http://www.bathandbodyworks.com/home/index.jsp comes up when I typed bbw.com My mother said it was a site for BBW for women as friends (she is one). I have no idea which one it was since she's older and couldn't give me much more info... |
|
|
|
|
|
|
|
|
OK, here it is
BBWPersonalsPlus.com |
|
|
|
|
|
|
Edited by
YouAndImake1
on
Tue 05/05/09 12:23 PM
|
|
My humblest apology...
I posted to a bunch of forums the problem with a malware program ending up on my Moms computers... I didn't observe the forum guidelines and posted quickly and without regard to them. I was absolutely concerned. Here's why... Mom just lost my stepdad recently. She's been doing all kinds of banking crap online. The malware was one that retained passwords, therefore, with her income being dwindled, if someone were to get into her bank accounts, she'd be wiped out... I pictured some women here possibly being in the same boat (BBW seeking friendship, whatever) without someone to help or prevent the situation from avalanching... The program was not picked up by Norton as it was designed to only achieve or attain the true malware part by being activated (via clicking the activate button on the menu for the program, thus downloading at that point which if an AV program wasn't running in the background, would have enabled the malware). The program constantly uses popups saying the computer is infected with such and such trojan, so the user eventually panics and opens the PAV (personalantivirus) and clicks it to activate it. The website is BBWPersonalsPlus.com if any of you visit or know of anyone who might... To those who reported me for the multiple postings, no harsh feelings, you did what you felt was necessary... |
|
|
|
|
|
|
|
|
Your problem does not appear to be from BBWPersonalsPlus.com.; it comes from antispywarepcscanner.com or something similar. The process is as I described earlier. Found this page deatiling how to get rid of it. BTW system restore WILL NOT get rid of it. The malware program must be removed.
This should help you get rid of it: PAV- Personal AntiVirus, another rogue software, how to remove/get rid of it: I recently got word that the site antispywarepcscanner.com was spreading a new fake/rogue anti virus application. I have blogged about this annoying type of threat previously (anti-virus-1 and Anti virus 360 being two examples) I decided to investigate this threat further. The website antispywarepcscanner.com triggers a fake scanning page if the user vists via a specially crafted link placed on genuine, but hacked sites. A convincing fake scan window is displayed, like the one below: Fake scan window If a user clicks remove all an installer file is downloaded Fake remove now window If the installer file is launched/run, it will initiate connections to a number of other sites to download the main infection. Once the installer finishes downloading the infection, the malware file wincontrol.dll will be dropped into C:\Windows\System32\wincontrol.dll (newer versions drop winexplorer.dll) and the main infection dropped into C:\program files\PAV\pav.exe It will then proceed to issue (fake) scary warnings of impending doom and inform the user that their computer is infected with many serious viruses (which is not true, the only virus being Personal AntiVirus itself), with screens such as the ones below displayed in order to frighten the user into buying into the scam: Scary fake scan The main interface of personal antivirus Scary baloon tooltip Of course, to remove all of the scary infections it claims to have found, personal antivirus will require you to “register”…which means handing over your hard earned cash to a bunch of scammers…. Here's the catch Now, lets get on to how to remove this scum from your computer: There are two tools that I know definitely do detect and remove this infection, the first one being the well known Malwarebytes Anti-Malware…. this tool is FREE to use for detection and removal, but the realtime protection that will prevent such an infection in the first place will require a license. Download it from their website- http://www.malwarebytes.org/mbam.php , install it, remember to update it first and then perform a scan which will find and remove this nasty. If Malwarebytes Anti-Malware has helped you remove personal anti virus, please consider buying a license to say thanks and support their fight against malware- you can securely purchase a license by clicking here: https://store.malwarebytes.org/342/?affiliate=4568&cart=29945&scope=cart - please note that this is completely optional and not a requirement for it to scan and remove personal anti virus, but you will benefit in future from real time protection that will prevent infections like this and many others installing themselves on your system! The other tool is from a well known anti virus vendor, Kaspersky Lab- It is called AVPTool and is a free virus removal utility. You can download and run it from their website, and it will scan your computer for any threats that MBAM missed and remove them free of charge. Get it here: ftp://ftp.kaspersky.com/devbuilds/AVPTool/index.html For more info go to http://malwarecrawler.com/?p=146 The author warns though that if you visit his page before removing the malware, the malware program will give you a false warning about the site. Ignore that warning for this site. |
|
|
|
|
|
|
|
My humblest apology... I posted to a bunch of forums the problem with a malware program ending up on my Moms computers... I didn't observe the forum guidelines and posted quickly and without regard to them. I was absolutely concerned. Here's why... Mom just lost my stepdad recently. She's been doing all kinds of banking crap online. The malware was one that retained passwords, therefore, with her income being dwindled, if someone were to get into her bank accounts, she'd be wiped out... I pictured some women here possibly being in the same boat (BBW seeking friendship, whatever) without someone to help or prevent the situation from avalanching... The program was not picked up by Norton as it was designed to only achieve or attain the true malware part by being activated (via clicking the activate button on the menu for the program, thus downloading at that point which if an AV program wasn't running in the background, would have enabled the malware). The program constantly uses popups saying the computer is infected with such and such trojan, so the user eventually panics and opens the PAV (personalantivirus) and clicks it to activate it. The website is BBWPersonalsPlus.com if any of you visit or know of anyone who might... To those who reported me for the multiple postings, no harsh feelings, you did what you felt was necessary... No Problem, YouAndImake1, I will remove a couple..no big deal. Thanks for the warning! Hope you get things worked out on her pc. Welcome aboard! Mark |
|
|
|
|
|
|
|
One of the best free online scanners around: http://housecall.trendmicro.com/
Never visit unknown sites and report any malware to any sites admin, I've done this a couple of times at legitimate sites (not here). Admins have no control over what ads get placed on their site, they are usually filtered by another company (e.g. Google). Typically the companies that filter the advertisements do a relatively good job and not compromising any site that uses their system, though Google has even slipped in the past. Keep your anti-virus updated and scan at least once a week, it is in safe measure to also scan with any one of the free online scanners as well: http://www.kaspersky.com/virusscanner http://www.bitdefender.com/scan8/ie.html http://www.pandasecurity.com/homeusers/solutions/activescan/ --And of course the above noted Trend Micro. Ctrl+Alt+Del, bring up the task manager and take a screenshot if needs be. Always remember the typical 'User' programs that are running (name is whatever the computer signs on as) anything that you see new do a Google search on it to figure out what it is and if it is a risk. |
|
|
|
|
|
|
|
|
ThomasJB, thanks for the help.
It torques me that this thing has been around for over a year, over a quarter billion hits and damned Norton didn't pick it up. My mother's husband paid good money for a three pack and it was basically worthless or, possibly she downloaded it without thinking by clicking ok to the popup bar at the top of the browser. I appreciate your advice. I've sat her down, shown her what to do and not to do, what to allow and not allow. Have set her browser so it won't download without her consent. A near 70 old shouldn't have to be worried about crap like that... Again, thanks. I hope I can return the favor some day... Thanks to Markecephus and Don for understanding my panic and having cool heads... FandL, yep, I even showed her about the task manager so she can get an idea of what's happening if it starts acting funny or slow and be able to tell me what's happening... Later all and thanks... |
|
|
|
|
|
|
|
|
ThomasJB, thanks for the help. It torques me that this thing has been around for over a year, over a quarter billion hits and damned Norton didn't pick it up. My mother's husband paid good money for a three pack and it was basically worthless or, possibly she downloaded it without thinking by clicking ok to the popup bar at the top of the browser. I appreciate your advice. I've sat her down, shown her what to do and not to do, what to allow and not allow. Have set her browser so it won't download without her consent. A near 70 old shouldn't have to be worried about crap like that... Again, thanks. I hope I can return the favor some day... Thanks to Markecephus and Don for understanding my panic and having cool heads... FandL, yep, I even showed her about the task manager so she can get an idea of what's happening if it starts acting funny or slow and be able to tell me what's happening... Later all and thanks... No prob. Just doing my small part to make the computer world a better place for all. 
|
|
|
|
|
|
Edited by
Johncenawlife316
on
Wed 05/06/09 10:26 PM
|
|
Norton basically sucks.. it's a given, I used it for some time and now I only use mcafee and that seem's to work well for me thus far until I have a problem with that one. But to each there owen.
Not to mention I have to say Mcafee catched some things that Norton wouldn't of got, at least for me it did. If I was your mom's husband.. I would call Norton up and Bit$h em out and make em refund him in full. |
|
|
|
|
|
|
|
|
When I'm working within windows, I prefer Avast(or Clamwin) and Adaware. I'm not fond of Mcafee or Norton, they are both resource hogs. I generally prefer to use Linux and not worry about malware.
|
|
|
|
|
|
|
|
Bit Defender does not work well removing or stopping malware, I would suggest PC tools AV (yes I know its a microsoft product). Normally I wouldn't do that, but I actually had to use this one to remove a nasty online threat. calls itself SYSTEM PROTECTOR, an is a popup that cannot be closed. Eventhough I was able to locate the DLL file on my system and the IE.exe extension it used, I couldn't remove it, kept telling me it was in operation and had to be shut down first.
PC tools AV was able to give the smackdown on that little problem and even blocks the pop up completely. Now I don't rely on this AV as my main one, I do have it set to run when I am on the internet, and no more problems since. |
|
|
|
|
|
|
|
|
XxAchillesxX... you could have used something like linux puppy (which can be burned and then run from a cd) to boot into a crappy linux session and remove the file there... since you had found the thing
|
|
|
|
|
|
|
|
|
Thanks, not having used Linux before, I had not thought of that....file that under lesson learned for the future!
|
|
|
|
|
|
|
 
|
|
|
|
|
