Info on viruses and Fake anti-virus software

This is our Magic Vault, Please only take what you need, to help you on your Quest Enlightenment....

Moderators: Omen, Abe

Forum rules
1. PUT AS MUCH INFO AS YOU CAN IN THE SUBJECT LINE (for example: Gabriel source 7 plays upside down).

2. PUT PAGE URL & SOURCE# IN MESSAGE BODY WHEN REPORTING LINKS. EXAMPLE
User avatar

Nevermore669
Obsessively Addicted
Posts: 4509

Re: Info on viruses and Fake anti-virus software

Post#76 » Sun May 01, 2011 11:45 pm

Hi kingryan69,

I'm glad you enjoy icefilms, and I'm sorry you've been hit, what did you say, 4 TIMES IN 3 DAYS?!!??

Man, I don't want to sound like I'm passing the buck, but I'm going to give you some straight-up advice. You need to start taking some responsibility for your own security on the internet. It may be a little boring, but find some reputable security sites and do some reading. Learn something about the kinds of threats around, and how to avoid becoming infected. Find some good security products that work well together and provide multi-layered protection. This particular threat is not new, so it really shouldn't be getting past your defenses, and if it does, should be easily dealt with. Here is a paper on security on a reputable site, with links to other resources - take advantage of it.

What makes you think icefilms is the source of your problems (please be as specific as you can)?

Edit:

I did a little looking around, and these two programs are considered to be a couple of the best out there right now. Malwarebytes Anti Malware is shareware, but apparently only the realtime scanning is disabled in non-registered versions (and you shouldn't run more than one realtime scanner). SuperAntiSpyware is also highly recommended. Malwarebytes is especially good against this particular threat. You should also make sure your java and flash are updated, and get rid of adobe reader.

[I'm concerned because of recent malware activity that is likely tied to java, so I am asking everyone to check and update their java if necessary, to reduce their vulnerability. You can quickly check here.
You should also check that windows is fully updated (go to control panel and insure that the windows automatic update feature is ON), that flash is fully updated (you can check that here, and that adobe reader (if you use it) is fully updated (you can look your product up here - or remove it entirely through add/remove programs and install Foxit Reader which does not have adobe's vulnerabilities). These are said to be the current most common vectors for infection.]
Ignorance and callousness are not virtues

A bleeding heart is a symbol of holiness, a symbol of compassion, not an epithet

When our discourse sinks to the level of meaningless, pejorative labels and personal name-calling rather than honest reflection and reasoned dialogue, we are no longer a people, but a mob

User avatar

Nevermore669
Obsessively Addicted
Posts: 4509

Re: Info on viruses and Fake anti-virus software

Post#77 » Mon May 02, 2011 4:50 pm

For those of you who think that because you MAY have picked something up here that we should take drastic action, like shutting down our advertising, or warning our users "WARNING: USE OF THIS SITE COULD RESULT IN A NASTY INFECTION" (NOT!), or perhaps even nuking our servers...would that make you happy...

Let me ask you...DO YOU USE GOOGLE?

Well, take a quick look at Google's own Google Safe Browsing Diagnostic Page, then tell me how you're going to tell all your friends to stop using google, how disappointed in google you are, how google should warn its users, how google should stop accepting advertising and links from "bad" sites...

Allow me to let you in on a little secret: (there are bad people on the internet - sneaky people who want your money - and they TAKE ADVANTAGE OF INNOCENT WEBSITES TO DO IT, and there is only so much that can be done to mitigate it.

If you like icefilms, if you've received value for the money you've spent here (what? it's free?!!?), then support us. Update and secure your computer, click a link and enjoy a show.

Nev
Ignorance and callousness are not virtues

A bleeding heart is a symbol of holiness, a symbol of compassion, not an epithet

When our discourse sinks to the level of meaningless, pejorative labels and personal name-calling rather than honest reflection and reasoned dialogue, we are no longer a people, but a mob

User avatar

Russtronic™
Jeddak
Posts: 7028
Contact:

Re: Info on viruses and Fake anti-virus software

Post#78 » Tue May 03, 2011 1:38 am

Don't worry about it NM Little Minds cant grasp that concept.
Image


pauldonnelly
Average User
Posts: 49

Re: Info on viruses and Fake anti-virus software

Post#79 » Thu May 12, 2011 10:47 am

http://www.icefilms.info/ip.php?v=132616&

I am using google chrome to view movies and this is the second movie link not source that triggers a antivirus response from chrome due to an ad that is trying to do something to my pc


the site servedbyadbutler.com is the ad source
Last edited by Nevermore669 on Thu May 12, 2011 1:35 pm, edited 1 time in total.
Reason: disabled hot link


rk1965
no0b
Posts: 1

Re: Info on viruses and Fake anti-virus software

Post#80 » Sat May 14, 2011 3:26 pm

I have just had a very intreasting experience. I was downloading ST Voyager s4ep20 and instead of the show, I got a virus-" Win 7 Anti-Virus 2011". so i spent a good chunk of my saturday morning getting rid of it. I did just so and after some trials and errors, succeeded. (BTW- the SuperAntiSpyware program seems to be the only thing that really worked) Then after I went back to download the show once again and would you believe it, I got it again! So I had to do it again!
Now I must say that I love this site. I dont fault you guys at all for the actions of a moronic individual who think that it is fun to infect others machines. But I do want towarn everyone about the file. Once picking this virus up when downloading a file might just be me making a mistake somewhere. But twice in the same day with the same file? I am sure that it is on the server somewhere. Maybe it downloads itself only when you download the file
(I useualy will stream, but had an issue that made it more coviennt to just download it.)
I hope that someone can give me some feedback on this. I have been a faithful user since 2008,and have NEVER had anyproblem like this before. Thanks guys!
PS- I am using IE8

User avatar

Nevermore669
Obsessively Addicted
Posts: 4509

Re: Info on viruses and Fake anti-virus software

Post#81 » Sat May 14, 2011 8:57 pm

Hi rk1965,

I'm sorry you got infected using this site. As you probably know, since by your super anti spyware comment I assume you've read the rest of this thread, I don't think it came from the actual video file itself. As far as I've been able to discover, there are two primary methods of delivery for this malware, and both of them involve redirection to a site (may be invisible) where malware is auto-downloaded. This is all done with javascript (as I understand it). If you install the noscript extension, it will protect you from the redirection (I think it will do so even if you select to "allow scripts globally").

If I were you, I would consider getting rid of IE, in favor of firefox or chrome. IEs reliance on active-x makes it more vulnerable to exploitation.
Ignorance and callousness are not virtues

A bleeding heart is a symbol of holiness, a symbol of compassion, not an epithet

When our discourse sinks to the level of meaningless, pejorative labels and personal name-calling rather than honest reflection and reasoned dialogue, we are no longer a people, but a mob


badboy
no0b
Posts: 4

Re: Info on viruses and Fake anti-virus software

Post#82 » Sat May 21, 2011 8:39 am

First post on your fantastic site and hate it to be regarding this topic but ...

I have still to read the entirety of the thread (kids will do that to you) but just to confirm that I have received this fake security centre problem a few times and I have found for me that the best and easiest way to fix it is by using good old spyware search and destroy http://www.safer-networking.org/en/download/ note: your antivirus might not pick this up.

like I said before I have not read it all so I'm not pointing fingers at anyone.

User avatar

Nevermore669
Obsessively Addicted
Posts: 4509

Re: Info on viruses and Fake anti-virus software

Post#83 » Sat May 21, 2011 7:46 pm

Hi badboy,

Sorry you got hit. This is the first I've heard of spybot s&d being good for this issue. Most recommend malwarebytes antimalware in safe mode.

It would be helpful if you could include the exact link (video and source) you clicked, and if you remember, what ads were there on the page.
Ignorance and callousness are not virtues

A bleeding heart is a symbol of holiness, a symbol of compassion, not an epithet

When our discourse sinks to the level of meaningless, pejorative labels and personal name-calling rather than honest reflection and reasoned dialogue, we are no longer a people, but a mob


badboy
no0b
Posts: 4

Re: Info on viruses and Fake anti-virus software

Post#84 » Sun May 22, 2011 2:28 pm

ive used spybot S&D for many years and it works well, since ive had the time to read through this thread I have started using malwarebytes and I must say it picked up a few things that have been on my system for some month's so i'm a happy chappy with that one.

I have not encounterd another instance with this since I have tweeked some setting on firefox and updated java. two of the times that stick out would be:

game of thrones [ source 1 stn def which seems to be now removed http://www.icefilms.info/ip.php?v=132813&

Supernatural 6x21 Let It Bleed http://www.icefilms.info/ip.php?v=133136&

as for the adverts I have no clue

User avatar

Nevermore669
Obsessively Addicted
Posts: 4509

Re: Info on viruses and Fake anti-virus software

Post#85 » Mon May 23, 2011 2:55 am

Thanks badboy!
Ignorance and callousness are not virtues

A bleeding heart is a symbol of holiness, a symbol of compassion, not an epithet

When our discourse sinks to the level of meaningless, pejorative labels and personal name-calling rather than honest reflection and reasoned dialogue, we are no longer a people, but a mob


bfdman
no0b
Posts: 2

Re: Info on viruses and Fake anti-virus software

Post#86 » Sat May 28, 2011 4:26 am

I have been infected with a rogue antivirus while attempting to access an Icefilms source for the sixth time in as many weeks. The infection has definitely come from a link to an icefilms source. The latest one happened an hour ago. I cannot post the link because to copy and paste it would require opening the link which would then reinfect my system. The infections have occurred when I open the link to the movie I have intended to watch. The latest one was the first source for the movie Kill The Irishman.

I am a computer technician with 28 years of experience and I clean this crap from people's pc's on almost a daily basis. It does not matter what security applications you have installed. I have removed the very same rogue antivirus program from pc's that were supposedly protected by Norton, Bitdefender, Kaspersky, McAfee, Nod32 , Trend Micro as well as a plethora of free antivirus programs.

Someone mentioned MalwareBytes and SuperAntiSpyware. These programs do NOT offer real time protection unless you are using a paid for subscription and are only really useful for cleaning up after the fact.

If you are using any flavor of XP you have to boot to SAFE MODE with NETWORKING SUPPORT. The infection is often root kit based and no amount of scanning with standard antivirus programs will reveal the infection. You then need to be able to connect to the net and download COMBOFIX to your desktop. Often the infection will rear its ugly head the second you try to launch any browser. If that is the case then you need to download combofix from another pc and copy it to your desktop in safe mode with net support. Having done that open Task Manager and wait for the infection to appear. When it does appear, switch to Task Manager and look for an oddly named .EXE file ( tonight, in my case, it was jii.exe ) kill the process then immediaately launch combofix. Once combofix has launched, do NOT click on anything other than any response combofix requires from you. It may want to update and it may want to install the Recovery Console. Allow it to complete. If combofix wants a reboot make sure you choose safe mode with net support before your os boots to standard mode. Combofix will produce a logfile displaying files and/or folders it has deleted.

Every time I have gotten this infections from an Icefilms source, combofix has deleted files and folders related to something named PriceGong.

Next you can use MalwareBytes and/or SuperAntiSpyware to clean up any other files or registry entries left behind.

Reboot to standard mode, DISABLE System Restore, reboot and ENABLE System Restore to purge the infection completely.

Another tip for XP users is to install Comodo Time Machine. It is far superior to System Restore and by virtue of the way it works, will NOT restore an infection like System Restore will if you choose to restore to a date BEFORE the infection occurred. Another thing this type of infection does is to break XP's EXE file association. If you cannot launch .EXE files then copy and paste this link, http://filext.com/WinXP_EXE_Fix.reg into your browser's address bar, save then launch it to restore the registry settings that control EXE file associations.

User avatar

Nevermore669
Obsessively Addicted
Posts: 4509

Re: Info on viruses and Fake anti-virus software

Post#87 » Sat May 28, 2011 6:59 am

Hi bfdman,

I apologize for the infections. I wish there was something I could do about it.

Your instructions for removal seem very detailed and especially relevant for the worst of this variant. I'm sure it will be helpful.

Have you tried using the noscript addon? As I understand the infection process with this particular bit of malware, it should provide protection by preventing redirection to the infection site. I think it will do this even when set to allow scripts globally.

Edit:

Another tip for XP users is to install Comodo Time Machine.


Both mine and my wife's computers have kubuntu installed as the primary os, but on our xp partitions I have commodo's anti-malware suite on both (free). One of its neat features is a built-in sandbox. I imagine that would go a long way in preventing this, actually any, I guess, malware from getting a foothold. The only reason I haven't recommended it is that we use our windows partitions so seldom I really don't know how well it works yet. But I've been using commodo products (starting with boclean) for years. The firewall is excellent - though really annoying and confusing for beginners.
Ignorance and callousness are not virtues

A bleeding heart is a symbol of holiness, a symbol of compassion, not an epithet

When our discourse sinks to the level of meaningless, pejorative labels and personal name-calling rather than honest reflection and reasoned dialogue, we are no longer a people, but a mob

User avatar

Topic Author
Abe
AbeZ Apostle
Posts: 1515
Contact:

Re: Info on viruses and Fake anti-virus software

Post#88 » Sun May 29, 2011 8:01 am

I cannot post the link because to copy and paste it would require opening the link which would then reinfect my system.
I am a computer technician with 28 years of experience

I am sorry, but a computer tech with 28 years experience would know that copying & pasting a link does not require opening it.

The infection has definitely come from a link to an icefilms source.

Based on what evidence? Surely you cannot expect us to just take your word for it.
"Lets burn this mother down!"


* ALL SUPPORT REQUESTS VIA PM WILL BE IGNORED. INSTEAD, SEARCH THE FORUM, POST, OR START A NEW TOPIC.


bfdman
no0b
Posts: 2

Re: Info on viruses and Fake anti-virus software

Post#89 » Wed Jun 01, 2011 12:39 am

Sex Robot, whoop de freaking doo about the link. It was almost 1:30 am, I'd been awake for almost 32 hours and had a long day repairing computers. I made reference to which link caused the problem, that's the point.

I check my email, browse some crap on the net, play several games and the last thing I do every night is to watch something from icefilms. On each of the 6 occasions that my system got infected it happened just as I launched the film from the link I had chosen.

OMFG, I didn't paste the link, string me up bu usb cable and flog me with sata cables

User avatar

Topic Author
Abe
AbeZ Apostle
Posts: 1515
Contact:

Re: Info on viruses and Fake anti-virus software

Post#90 » Wed Jun 01, 2011 2:47 am

computer tech,
What I'm saying is...

1. you didn't make yourself sound credible with the link pasting nonsense, and...
2. your story is of no help because I can't reproduce your results.

You are very nonspecific for a computer tech. Where did the virus come from? Megaupload? An ad on megaupload? I'm sorry people make viruses, but I don't know any way to stop them in this capitalist world. Do you?
"Lets burn this mother down!"


* ALL SUPPORT REQUESTS VIA PM WILL BE IGNORED. INSTEAD, SEARCH THE FORUM, POST, OR START A NEW TOPIC.

Return to “Old Help Section... For Refrence Only...”

Who is online

Users browsing this forum: No registered users and 1 guest