Skyace45

iTrader: (1)

Just got infected by xp security 2010 virus while checking out the diy section. Let me tell you, it's one tricky malware to remove. Nevertheless it's out of my comp. Hope the mods can clear it up.

3hree5ive0ero

iTrader: (95)

This has been reported and labeled as high priority. Today is Sunday so most likely it will not be resolved until Monday at the earliest.

Hraesvelg

iTrader: (1)

It's JVanquish.

JEKL

iTrader: (24)

That is exactly what happened to me. It blocked me from accessing any websites at all. I used another computer and found those directions. The problem was I couldn't get to it from the infected computer and do a copy and paste to Notepad.

Here are the registry changes I had to make to remove it:

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\comman d "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_CLASSES_ROOT\secfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFO X.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFO X.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLO RE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"

Black Z Eddie

Man, now, you guys got me all paranoid. I haven't seen anything that you've brought up on both my machines. But, I think I'm gonna run Malwarebytes anyways. Both machines are running FF+ABP+Kaspersky AV.

Silly Wabbit

got hit today too by some fake virus scanner.

Crom

iTrader: (47)

This blows...got my comp just now and I am running AVG pro...It installs that fake internet security crap....I think IB better make this a higher priority - def not cool at all. currently trying to remove using fix.reg and malwarebytes..

http://www.bleepingcomputer.com/viru...rus-vista-2010

terrasmak

iTrader: (8)

Ya i got popped with the Virus on friday morning. Got my computer up and running again today.

MDHRZ

iTrader: (14)

Another good security practice is to NOT log on as a administrator for daily use. You should only be using an account with user permissions. Registry settings can't be changed under user permissions. Renaming the admin account and setting a password of 15 characters or more will also help.

buzzardmountain

iTrader: (17)

Good to see it's a high priority for most of the mods........

gregtotheb

iTrader: (49)

this bug was preventing me from installing any programs. just reformatted and installed avg, hopefully it keeps anything else OFF my comp.

BornSlippyZ

iTrader: (1)

This thing jack my 'puter up too. Got it all fixed now.

Entaille

iTrader: (16)

while this is definitely best practice and something I recomend doing (really, how hard is it to shift right click something and run as the admin account when needed?), this will *not* prevent this particular infection from installing.

I've seen this on a few machines at work and on one of my home pc's when my pal was using it.

also, while this has popped up three times for me, I've just closed my browser and it prevented the install.

JCat

iTrader: (4)

Caught the AV.exe here Friday 3/5/2010 at 3:57pm

35oZephyR

iTrader: (4)

Got rocked twice! Is this still an issue?

GeauxLadyZ

iTrader: (9)

I got infected 3 times last week....IT fixed my comp and i went on My350 this morning at work and got it as soon as the My350Z page loaded....

This is rediculous!!!!!!!!!!!!!!!!! MODS PLEASE FIX!!!!

Ok guys i keep getting this like crazy, and i found out that when you go into task manager, the malware's id in task manager is AV.exe or something with AV.****.

If you end that process, you will be able to access everything (IE, Programs, etc) but it somehow is still blocking my Malwarebytes program so i cant remove it. Also, it is still running after you end this process because the icon for it is still in my tray on the start bar.

MODS, please fix this if you can, IT is getting pissed at me because they keep having to fix my CPU, lol.

Shift_SpecV

iTrader: (3)

Mods/Admins can't do anything about it. Its all in the hands of IB staff. Believe me when I say that we are complaining as well. I gotten the phishing web twice already. 3ree5ive0ero already sent a High priority ticket to the IB staff yesterday. Hopefully it should be resolved soon.

Shift_SpecV

35oZephyR

iTrader: (4)

^^^ shhhh....chill out homie.

You might get banned here quicker than this virus gets taken care of.

SOLO-350Z

iTrader: (26)

I don't blame MC for doing so either as it was his contributions. Nothing against this site or you, it just makes sense.

3hree5ive0ero

iTrader: (95)

I'm not blaming him for anything. I just think it's ridiculous that he did that. What if every single member here who no longer visits this site decided to erase all trace of their activity on here? How much info do you think we'd have?

Remember that in order for forums to exist, knowledge must be shared and retained.