Initial D World - Discussion Board / Forums [Powered by Invision Power Board]

Printable Version of Topic
Click here to view this topic in its original format

Initial D World - Discussion Board / Forums > Computers and Technologies > MALWARE WARNING

Posted by: matter1387 Mar 21 2013, 05:54 PM

I got this virus from a link to a torrent from this site I am fairly certain.

everyone needs to really check their computers using an anit-malware program. Numerous people in my life, online and the real world, have had a vicious virus attack their computer. There is no way to know if you have this virus, other than to have it already in effect. Basically when you start up your computer, a screen comes up when you log in and says FBI CYBER DIVISION HAS TAKEN A HOLD OF THIS COMPUTER FOR then lists reasons like kiddy porn, pirating, illegal use of programs, bank fraud, and a lot more. Then says to get it off you need to pay a fine. It is downloaded through streaming videos, cookies, torrents, and direct video downloads as well. You will notice a program that is new that you did not install, nor does it have the normal indications of a new program, like being highlighted in the start menu. Do not touch any of those files if you see a new program, unless using a anti-malware or virus program. If you move any files, or try to delete them, you are already screwed.

Ways to prevent this are:
Create a partition on your HDD, if you have two HDD's use windows, if you only have one, look up a tutorial, then install windows onto it so you can always have a way to save your personal files.

Set a restore point right now to send your computer back to if it happens. If you use factory restore, you lose 100% of all your crap.

Clear cookies

Download Microsoft Security Essentials

Malware Bytes - trial is 14 days, and can be used over and over if you just delete the program -

Be smart when torrenting and read comments on the torrent as well.

Do not use anime sites that you never use, or know is new.

NEVER DOWNLOAD ANYTHING FROM A VIDEO SAYING PLUGINS NEEDED

never download anything from a porn site, ladies....

user posted image

Image size reduced, original size: 1097 x 771. http://www.supportchoice.com/blog/wp-content/uploads/2012/11/ME-POPE1-SEP064.png to view the image in its original dimension.

Image size reduced, original size: 686 x 444. http://www.delete-spyware.com/wp-content/uploads/2012/11/Federal-Bureau-of-Investigation-MoneyPak-Ransom.jpg to view the image in its original dimension.

Posted by: Shirogane Mar 21 2013, 06:08 PM

It's been happening for a long time, man. Most of us probably know how to safe-guard our own rigs.

Posted by: Nomake Wan Mar 21 2013, 06:20 PM

This has nothing whatsoever to do with IDW. Requesting this be moved to Computers and Technologies where it belongs.

Microsoft Security Essentials... I lol'd hard.

[ Post made via Mobile Device ]

Posted by: Perry Mar 21 2013, 06:34 PM

When I see the title of the thread, I thought we were compromised again. You almost gave me a heart attack! xD

Posted by: Alastair Mar 21 2013, 06:47 PM

oh my god viruses...oh nooo.... -__-

Posted by: matter1387 Mar 21 2013, 07:10 PM

I got the virus from a link to a torrent from this site I am farely certain. Seeing as I had nothing downloaded on my computer since I put windows 8 on it, except for Apps from the Microsoft App store that match my phone, and videos from this site and torrents for videos. So i do think it has something to do with this site. I forgot to add that into the OP, my bad.

plus I am usually on top of safeguarding my rig as well as stopping virus's. I never get any, my track record is like 3 virus's ever getting past my lines of defenses, but I turned my computer on after updating a lot of shit I had been putting off, and I was accused of owning kiddy porn.

PS, make a joke about that I will not take it lightly, my little sister was abused, and her pictures still exist on the internet.

Posted by: Nomake Wan Mar 21 2013, 08:23 PM

QUOTE (matter1387 @ 1 hour, 12 minutes ago)

Yes, Virginia, there is such thing as too much information--and it's not just a Duran Duran song anymore. We don't need to know nor should we care about your sister. It's erroneous information that you can only do harm by posting.

How did you download the torrent? Windows 8 doesn't have a native torrent client, so you had to have installed a program to do something like that. There are probably plenty of other things you installed without thinking about it, too. Is it even a legitimate copy of Windows 8? Why would anyone install that crap in the first place!? Okay, that last one is my own personal opinion but still.

You didn't get jack from this site, period. You did get it from another source, such as an unpatched security vulnerability while browsing (Java, anyone?) or an illegal copy of an OS or some other random program you installed.

Moving on~

Posted by: matter1387 Mar 21 2013, 10:21 PM

sure. I know what happened on my computer, and I am fairly certain it came from this site, not directly this site, but content from this site, and of which I do not blame anyone directly or anyone at all. I was just saying it so someone would look into it. Dont need to be a dick, and yea fuck off about my sister. I was saying so because I didn't want a /b/tard pissing me off and a reason to report any joke as being super offensive. I don't care if you you care or not, just figured people who are mature would care about offending someone if they actually knew it would offend them. This isnt /b/, so yea, fucking cool story bro.

and i figured I wouldnt make a list of 100% of everything i downloaded, because when it has been downloaded on both a laptop and a desktop, and the desktop gets the virus, its probably not the stuff in common, right? so guess the fucking difference.

Posted by: Perry Mar 21 2013, 10:40 PM

Without knowing where you got the virus from, there is nothing we can do. It's as helpful as saying it's somewhere on the Internet... We have tens of thousands of threads here, we need more than just "content from this site."

Posted by: SgtXDNX Mar 21 2013, 11:36 PM

Bahahahahahahahaha.

...oh, you're actually serious.

Posted by: Lupin_III Mar 21 2013, 11:44 PM

QUOTE (matter1387 @ 4 hours, 33 minutes ago)

I got the virus from a link to a torrent from this site I am farely certain. Seeing as I had nothing downloaded on my computer since I put windows 8 on it, except for Apps from the Microsoft App store that match my phone, and videos from this site and torrents for videos. So i do think it has something to do with this site. I forgot to add that into the OP, my bad.

plus I am usually on top of safeguarding my rig as well as stopping virus's. I never get any, my track record is like 3 virus's ever getting past my lines of defenses, but I turned my computer on after updating a lot of shit I had been putting off, and I was accused of owning kiddy porn.

PS, make a joke about that I will not take it lightly, my little sister was abused, and her pictures still exist on the internet.

Umm.. do you?

Posted by: Vortrex Mar 22 2013, 01:20 AM

QUOTE

It's not from here. You'll get the malware with downloading: NO-CD's, Music and the worst one: AdFly... I hate AdFly. And more, mostly when there are ads around.

But, idforums.net doesn't give viruses.

I know this trojan malware whatever. Even in Holland it exits, but as police-malware.
I have been hit for almost 4/5 times

But after a time, i recognised the pattern. So i was always a step ahead.

So, after you get your screen back. Malwarebytes - Anti-Malware works fine to detele it!
But, you should check 'C:\ProgramData' too, mostly of the time, there will be created a folder there with the malware.

And if it isn't there: C:\Users\'Your Username'\AppData\Local\Temp, here comes all the pics for the virus and sometimes the .exe. Check Appdata/Roaming too.

You still get messages when starting up as: 'Can't find wgsdgsdgdsgsd.exe' rundll error: You should do Windows-Run (windows-sign+r). And typ msconfig : you'll get a screen, first go to 'Services' and sort on 'Manufacturer' and search for unkown rare files and disable them.
Then, go to Startup and do the same (sort 'Manufacturer' and disable them!)

So, run Anti-malware again. And it should be okay.

Posted by: Nomake Wan Mar 22 2013, 02:10 AM

QUOTE (matter1387 @ 3 hours, 37 minutes ago)

Holy shit, you sound pretty mad bro! I specifically said that you shouldn't have said jack about your sister because all you could possibly do by mentioning it is hurt her, yet you keep harping on it. Are you looking for someone to prod you about it? Don't fucking talk about it and no one will have any ammo. Keep fucking talking about it and OH LAWD are we gonna have some fun.

You want us to help you out then you come back with that attitude? Epic lulz. Come back when you do know what's going on with your computer since you so obviously don't.

QUOTE (Vortrex @ 39 minutes, 19 seconds ago)

I know this trojan malware whatever. Even in Holland it exits, but as police-malware.
I have been hit for almost 4/5 times

But after a time, i recognised the pattern. So i was always a step ahead.

Eh... eh. You're not going deep enough and you're not being thorough enough. First off, if this really is as nasty as OP thinks it is a simply in-OS scan isn't gonna do jack. You might think you've killed it but it ain't dead. If it's worth its salt then it's a boot-sector infection and it's sitting on your hard drive spawning again. You'd need a rootkit scanner (Sophos makes a great free boot CD tool for this) or a tool to wipe the sectors on the hard drive (if you're keen on starting completely from scratch).

Once you've made sure that there's nothing nasty sitting dormant in your hardware you can start working on the software side. Malwarebytes is a great suggestion but it tends to just scratch the surface. It'll usually remove the infection, but as you noted it can leave behind error messages and such. The way you recommended to fix that is incorrect, however. The proper way to do it is one of the following:

1.) Use a tool like CCleaner to sweep the registry for orphaned registry keys. If you removed the infection, chances are the errors are caused by entries in the registry which no longer point to an existing file.

2.) Use a tool like HijackThis to poll your system and check it manually for erroneous entries. Be very careful because this program will actually mark many legitimate entries as 'file missing' on 64-bit systems. If you don't know what you're doing, don't do it.

Seriously, though... there's just some basic shit going on here. I mean we both use IDW, right? We both use torrents, right? Yet I don't have viruses and shit all over my computers and you do. So... wanna try this again, OP?

Posted by: matter1387 Mar 22 2013, 02:51 AM

I only downloaded these items

episodes 1-9 for mobile phones, so the mp4's, direct if possible.

torrents for the episodes that this site didn't actually host due to bit rate caps.
which were episodes 1-4, and 7-8. Which were mkv, once I found that out after episode 1 downloaded, I stopped the rest and didn't delete them in case I wanted to resume the download.

episodes 1-4, 7 & 8, .mkv version so I could convert them to .mp4 for my phone, I used the built in converter Windows Phone 8 has when you drag and drop, so there was no program used for that.

images from the wall paper thread.

It may have been in one of the torrents during the process of data transfer, my co-worker / friend just showed me how to get into anyone's computer who is torrenting anything he already has torrented and is seeding. It actually was very simple to do, and he did it to me as an example right there using two different networks, the antivirus scan didn't find anything but he still got in using a video to hide the file. He also showed me how he could get something onto your computer using a picture you load on a web page without it being noticed by your browser or antivirus. Though, things like that are pretty much job, finding out how to get into the average users computer working against all the new security features. I just work with Windows Phone and WP8 products in the sales and promotions departments.

this thread was just meant to be a warning. To do what you can to protect yourselves from a malicious virus that has just reached my community of friends and family locally, and yes this has been around for a while, but I have never seen it actually get so many people in the span of a couple weeks, so it could have been rewritten and updated. Just because I thought a group of people who obviously are on the computer all the time, and on the place that could have been the source of mine, would like to know that its happening frequently so they can do something. But I guess a nice gesture online still gets you chastised and ridiculed. W.e, I don't care anymore, honestly, why did I even bother being considerate. I'm done.

Vortex, thanks for being mature and constructive to this thread, I am usually one step ahead, but I got hit during set up. There is a program called chameleon, by malware bytes. It runs the program under the malware or virus even if you can't tell it too. Pretty useful for this particular one.

Perry, I don't expect you to hunt down w.e happened, but if possible, maybe set up a sky drive or other cloud server people can log onto and just download the files, but they cannot upload or alter anything. I will look into that, if you are interested PM me, otherwise I will probably make one anyways and put videos up to circumvent torrents.

nomake- Yea, we both do the same things. But if they aren't at the same time, then that is a variable. The torrenting thing I was showed only affects those who he is seeding for at that time. Once he has a few bites, he switches back to the unaltered file so he doesn't cause suspicion in popular torrents. He was hired because he made a lot of virus's and Microsoft wanted people like him to show them where they went wrong. And about my sister, yea I know. I had already stated a common screen the virus shows, that is one of the top most common, so I didn't want any joke period. Figured people would have a heart, and I wanted them to know my standpoint on it after I said it what my screen said.

Posted by: Perry Mar 22 2013, 03:47 AM

If the virus was from a torrent, then you are looking at nyaa.eu as they host the torrent files for Fifth Stage. I have a hard time believing their torrents contain virus though. If there were malicious torrents, it usually gets removed very very quickly. If you did get a virus from their torrents, then you might be one of the very few as no one else thus far has reported any similar problems.

Posted by: Nomake Wan Mar 22 2013, 04:10 AM

So you've just admitted, by your own account, that this has nothing whatsoever to do with IDW and everything to do with poor personal security while being a YARR HARR FIDDLEDY DEE on the internet.

With that bombshell, I take my leave.

Posted by: Tessou Mar 22 2013, 08:11 AM

This thread is hilarious. One of them yohohos catches malware, blames it on IDW, hilarity ensues.

Go2ID.net does not host Fifth Stage torrents. We only provide links to existing torrents outside the site, so if you caught something, it's not something you got from IDW.

Take this to heart: pirating is risky, and you got the bad end of things. If you're going to torrent something, use a torrent client that scans incoming files before you download them. Be smart, and sweep your computer afterwards just to be safe.

Posted by: vincentrichter Mar 24 2013, 05:25 AM

Know what I learned from this thread?
1. Guess how long it's been since anything with a Windows flag has seen the light of day on my media server. Go on, guess.
2. Suggesting that a decentralized, anonymous service be abandoned in favor of a centralized, ID-required service is really fucking stupid.

Sorry, that's just how I feel about these things.
Technology would be better if some people would get half a clue; and as much as I want this to apply solely to Matt up there, it's a problem that affects a good majority of computer newbies today.
FBI.MoneyPak is a scary thing when you don't know how to deal with it.

Also, advice to OP: if you didn't get it from microsoft.com, it ain't MICROSOFT Security Essentials.
I only say this because there are only a few thousand roguewares masquerading as that program.

Posted by: Spaz Mar 24 2013, 07:43 AM

Somehow I missed this. That's unfortunate.

Long story short, just visiting an infected website can get you a virus. How long did it take you to install a proper browser? Did you ever put a proper virus scan and firewall on the machine? These are important. If you didn't do either, you could have gotten it ANYWHERE.

A great example, do you remember the w32.blaster.worm? It's still alive and kicking, install a copy of XP with no service packs installed and give it a day connected to the internet without touching it, I bet you'll be bootlooping.

Posted by: Nomake Wan Mar 24 2013, 07:54 AM

QUOTE (Spaz @ 11 minutes, 36 seconds ago)

I think you missed his final post in this thread, where he admitted that the attack vector he was seeing had absolutely nothing whatsoever to do with IDW or in fact even the content he was pirating, but was rather an attack piggybacking off of some content he downloaded. As in the attack was not the content but rather simply using the open network connection.

Basically, a massive fail.

Posted by: HorizontalMitsubishi Mar 24 2013, 03:45 PM

Yeah, that's a fun virus to remove, I've had to clean it several times.

Posted by: vincentrichter Mar 24 2013, 04:58 PM

QUOTE (HorizontalMitsubishi @ 1 hour, 13 minutes ago)

Yeah, that's a fun virus to remove, I've had to clean it several times.

I've been meaning to ask you this for a while now:
Is there any particular reason why your sig is Fifty Shades of D?

Posted by: SgtXDNX Mar 24 2013, 11:01 PM

Because he loves the D.

Posted by: Spaz Mar 25 2013, 09:12 AM

QUOTE (Nomake Wan @ Yesterday, 10:54 AM)

I started to read it and then assumed it was more herp derpery so I skipped it. Whatevs. If you're not running proper protective software while pirating things, you deserve what's coming. Common sense.

Posted by: Tessou Mar 25 2013, 12:19 PM

One does not simply read a thread title and assume it's not herp derpery.

Posted by: vincentrichter Mar 25 2013, 01:00 PM

QUOTE (Tessou @ 40 minutes, 36 seconds ago)

One does not simply read a thread title and assume it's not herp derpery.

WTF, mang?
It's "One Does Not Simply ReadTitle Into HerpDerpery!"

Posted by: Spaz Mar 25 2013, 01:07 PM

QUOTE (Tessou @ 47 minutes, 40 seconds ago)

One does not simply read a thread title and assume it's not herp derpery.

Haha, isn't that the truth.

Posted by: Rudy Mar 28 2013, 09:56 AM

QUOTE (SgtXDNX @ Mar 25 2013, 02:01 AM)

Because he loves the D.

Nothin' wrong with a little D in your life.

Wet conditions, crappy tires, traction and stability control off, RWD...

...you'll have a good time :3

btw this entire thread was a riot.

Posted by: khat17 Jun 15 2013, 03:32 PM

I've been out of touch guys. Very sorry about that. No promises tho. Been spending most of my time playing http://store.steampowered.com/app/630/.........That and I have a kid now.........

Anyways.

Good points have already been made - tied in with a bit of trolling, but good points all the same. Very little to add.

Ads are tailored to your browsing preferences. IDW has no control over what ads you see.

Whether or not you like Captain Picard is all up to you. Legal in some places but just not in your state most likely. Thing is - scareware will try to get you to do what they want by making random references. If you've ever once looked at https://encyclopediadramatica.se/Flat_Chan some 100 years ago it will be in the back of your mind. Whatever you do - whether the scareware is right or not - don't follow through. Bear in mind also that tricks to get your personal info or access to your accounts are not limited to scareware. https://idforums.net/index.php?showtopic=45920 can end up screwing you over.

On the notes of torrenting - N1 put it best.

QUOTE (Nomake Wan @ Mar 22 2013, 04:10 AM)

So you've just admitted, by your own account, that this has nothing whatsoever to do with IDW and everything to do with poor personal security while being a YARR HARR FIDDLEDY DEE on the internet.

And in future - make sure you read all your comments on a torrent before downloading. Some may actually give you a CIN from your ISP.