Announcement

Collapse
No announcement yet.

Malware Infection

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Malware Infection

    I recently was infected with a nasty virus/malware/spyware infection that really made my computer go crazy for a few days. I was able to remove most, if not all of the software from my computer, but I believe there's still remains of it lurking around that the scans aren't picking up.

    Every so often, I get a pop-up called the "Just In Time Debugger," where I'm prompted to select which debugger I want to use: Microsoft Script Editor or Microsoft Script Editor :turned: . If I click no, it message pops up again, but if I click yes, then it opens up the Microsoft Script Editor and fails to debug whatever needs to be debugged.

    There seems to be no real way around this as I can't just simply leave the Microsoft Script Editor open since it will eventually close on its own and give me a new pop-up.

    Can anyone help?

    EDIT: Here's the anti-malicious software I've used thus far:
    MalwareBytes' Anti-Malware
    SuperAntI Spyware
    McAfee Anti-Virus
    Last edited by Veloce; 02-21-2010, 02:36 AM.
    2:Sauro> dp i placed 4th today at yugoh tournament
    Sauro> i traded e tele for 2 dark bribes and a primy today dp

    2:Sauro> IM REARRAGNGING MYD ECK WTF
    Go go go!

    Sauro> DARK MAGICIAN GIRL SHOWS CLEAVAGE OK
    Sauro> my fav card

    1:Mootland Farmer> Duel, want to stfu please? Real m,en talking about Yu-Gi-Oh here
    1:Sauro> yea dp

    1:Sauro> i love dick

  • #2
    SmitFraudFix

    Comment


    • #3
      Reformat using a bootdisk/format utility.
      sigpic

      Comment


      • #4
        Originally posted by TagMor View Post
        Reformat using a bootdisk/format utility.
        Not quite sure what you mean exactly, but I'm not trying to reformat. I don't have any XP installation disks.
        2:Sauro> dp i placed 4th today at yugoh tournament
        Sauro> i traded e tele for 2 dark bribes and a primy today dp

        2:Sauro> IM REARRAGNGING MYD ECK WTF
        Go go go!

        Sauro> DARK MAGICIAN GIRL SHOWS CLEAVAGE OK
        Sauro> my fav card

        1:Mootland Farmer> Duel, want to stfu please? Real m,en talking about Yu-Gi-Oh here
        1:Sauro> yea dp

        1:Sauro> i love dick

        Comment


        • #5
          Did some googling, seems "just in time debugger" isn't a malware, but which popup when program crashes (so programmer can debug whatever causing the crash "just in time"). Found a few possible solution for its removal:

          1. Disabling in Internet Options

          Control Panel -> Internet Options -> Advanced -> Check "Disable script debugging (Internet Explorer)" and "Disable script debugging (other)" under "browsing" tab.

          2. Registry editing

          32-bit systems:
          Delete:
          • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug\Debugger
          • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramewor k\DbgManagedDebugger

          64-bit systems:
          Delete:
          • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows NT\CurrentVersion\AeDebug\Debugger
          • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ .NETFramework\DbgManagedDebugger

          Of course I'm no expert in this so take these with a grain of salt, but if I were you I won't use solution 2 unless solution 1 doesn't work

          some links for your reference:
          http://social.msdn.microsoft.com/For...1-d5fc3aa5167c
          http://blog.csdn.net/bright60/archiv...4/1111592.aspx
          http://www.ehow.com/how_5585908_remo...-debugger.html

          Comment


          • #6
            You should try running Spybot Search & Destroy.
            Maverick
            Retired SSCU Trench Wars Super Moderator
            Retired SSCU Trench Wars Bot Coordinator
            Retired Trench Wars Core Administrator
            Subspace Statistics Administrator
            Former Mervbot plugin developer

            Comment


            • #7
              Spybot Search and Destroy came up negative.

              Andy H.K.: I had been doing a lot of internet research myself and found your first suggestion, which I tried and it didn't work.

              Your second suggestion, I just tried along with the Spybot Search and Destroy and it just popped up again.

              Here are some suggestions I've found on the internet but I'm a little hesitant to download all this software suggested in random forums:
              http://www.cybertechhelp.com/forums/...d.php?t=205378
              http://forums.techguy.org/malware-re...just-time.html
              2:Sauro> dp i placed 4th today at yugoh tournament
              Sauro> i traded e tele for 2 dark bribes and a primy today dp

              2:Sauro> IM REARRAGNGING MYD ECK WTF
              Go go go!

              Sauro> DARK MAGICIAN GIRL SHOWS CLEAVAGE OK
              Sauro> my fav card

              1:Mootland Farmer> Duel, want to stfu please? Real m,en talking about Yu-Gi-Oh here
              1:Sauro> yea dp

              1:Sauro> i love dick

              Comment


              • #8
                On top of this all, I'm pretty certain it's malware as sometimes I'll be searching in google - I'll click on a site from the Washington Post, and I'll automatically get redirected to some random search site, or yellow pages is another common one I get redirected to. If I try again later, it may work.

                EDIT: I'll also have a random web page open on me sometimes as I'm browsing
                2:Sauro> dp i placed 4th today at yugoh tournament
                Sauro> i traded e tele for 2 dark bribes and a primy today dp

                2:Sauro> IM REARRAGNGING MYD ECK WTF
                Go go go!

                Sauro> DARK MAGICIAN GIRL SHOWS CLEAVAGE OK
                Sauro> my fav card

                1:Mootland Farmer> Duel, want to stfu please? Real m,en talking about Yu-Gi-Oh here
                1:Sauro> yea dp

                1:Sauro> i love dick

                Comment


                • #9
                  try Hijack This, Avast, you already have Malwarebytes which is really good, and maybe a CCleaner registry scan to fix any broken registry problems, also go down the list of programs and see if something doesn't belong.
                  Rabble Rabble Rabble

                  Comment


                  • #10
                    Ill say it again, SmitFraudFix

                    Comment


                    • #11
                      In the end it may be best to reinstall windows (no kidding) as malware can really fuck up windows and make it work slow.
                      Maverick
                      Retired SSCU Trench Wars Super Moderator
                      Retired SSCU Trench Wars Bot Coordinator
                      Retired Trench Wars Core Administrator
                      Subspace Statistics Administrator
                      Former Mervbot plugin developer

                      Comment


                      • #12
                        yea not much to add as the programs i use for malware been listed and the best safest option is a clean install but that can be a pain in the ass :P

                        i use AVG free for antivirus and the free COMODO firewall, not tried the other free comodo products (they seem to have a malware and reg cleaner you might want to check out but i've not used them) but their firewall seems really good and i've never had problems might want to check it out if your running the defualt windows firewall as microsoft r evil
                        In my world,
                        I am King

                        sigpic

                        Comment


                        • #13
                          'buy' avast anti-virus. do a full scan. I had a malware infection similar to yours for roughly 4 hours. I did a full scan, removed the sob, and was good to go!
                          4:BigKing> xD
                          4:Best> i'm leaving chat
                          4:BigKing> what did i do???
                          4:Best> told you repeatedly you cannot use that emoji anymore
                          4:BigKing> ???? why though
                          4:Best> you're 6'4 and black...you can't use emojis like that
                          4:BigKing> xD

                          Comment


                          • #14
                            I don't really use micro$oft windoze any more

                            Comment


                            • #15
                              I used Hijack This, the free version of Avast!, and finally CCleaner, but the pop up kept coming back.

                              I eventually tried something called ComboFix, which was recommended in this forum thread:
                              http://www.cybertechhelp.com/forums/...d.php?t=205378

                              It required me to shut down other anti-virus software before using it but seemed to have a better system of virus removal: it restart my computer after each infection was found (only 1 in my case) and also recommended that I rename the file name before using it as it advised that I should do this in case some viruses would recognize ComboFix by name and disable it. As far as anyone else using it, I would ONLY download it from the link in that forum thread because apparently there are some bad versions of it around the net...highly recommended!
                              2:Sauro> dp i placed 4th today at yugoh tournament
                              Sauro> i traded e tele for 2 dark bribes and a primy today dp

                              2:Sauro> IM REARRAGNGING MYD ECK WTF
                              Go go go!

                              Sauro> DARK MAGICIAN GIRL SHOWS CLEAVAGE OK
                              Sauro> my fav card

                              1:Mootland Farmer> Duel, want to stfu please? Real m,en talking about Yu-Gi-Oh here
                              1:Sauro> yea dp

                              1:Sauro> i love dick

                              Comment

                              Working...
                              X