• When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs and affiliations include, but are not limited to, the eBay Partner Network.

Archived

This topic is now archived and is closed to further replies.

**Warning** - Danger Danger

Started by QuickS-migration,

15 posts in this topic

groovyedwin

groovyedwin

Posted
Posted

It is probably not romitaman.com that caused this problem.

 

Best bet is that you have malware loaded on your computer that is giving you a false indication when you access romitaman.com in order to sucker you into buying more malware to remove the false indication. Most likely eastern european (former soviet union) or chinese in origin. These are the most likely locations if you trace the IP routing (even when masked - they may try to mask via a US gov't location).

 

Please check the following folders (on vista, maybe different based on you OS) for exe type files:

 

roaming

local

local low

 

These are subdirectories where temporary files may reside.

 

You can not go by file dales because the malware is loaded using older dates.

 

Also look for suspicious files under task manager to stop the executibles. Why? Even if you delete the executible it will automatically reload on your hard drive it if is being executed.

 

The quicker you remove the executibles the better off you will be.

 

There are couple of nasty malware programs that self load via your java interface and web brower interface. They set up shop in one of the locations where temporary flles reside and can become very nasty in order to sucker you into wasting your money for more malware to remove the false warnings.

 

These malware problems will bypass your security suite (regardless if it is Nortons or McAfee, et.)

 

Edwin

Link to comment
Share on other sites
glendgold

glendgold

Posted
Posted

Happened to me, too. On a Mac. My anti-virus identified the malware as follows:

 

Mal/Iframe-V is a small or hidden iframe within a web page that attempts to load further malicious content from a remote website.

 

Pages blocked as Mal/Iframe-V will often be within legitimate websites that have been compromised by malicious hackers. This technique is used to funnel web traffic from many compromised sites to the attack sites that are controlled by those attacks. At the time of writing, Mal/Iframe-V is loading malicious scripts that Sophos products block as Troj/ExpJS-BM and Troj/ExpJS-BO.

Link to comment
Share on other sites
glendgold

glendgold

Posted
Posted

Happened to me, too. On a Mac. My anti-virus identified the malware as follows:

 

Mal/Iframe-V is a small or hidden iframe within a web page that attempts to load further malicious content from a remote website.

 

Pages blocked as Mal/Iframe-V will often be within legitimate websites that have been compromised by malicious hackers. This technique is used to funnel web traffic from many compromised sites to the attack sites that are controlled by those attacks. At the time of writing, Mal/Iframe-V is loading malicious scripts that Sophos products block as Troj/ExpJS-BM and Troj/ExpJS-BO.

Link to comment
Share on other sites
stinkininkin

stinkininkin

Posted
Posted
It is probably not romitaman.com that caused this problem.

 

Best bet is that you have malware loaded on your computer that is giving you a false indication when you access romitaman.com in order to sucker you into buying more malware to remove the false indication. Most likely eastern european (former soviet union) or chinese in origin. These are the most likely locations if you trace the IP routing (even when masked - they may try to mask via a US gov't location).

 

Please check the following folders (on vista, maybe different based on you OS) for exe type files:

 

roaming

local

local low

 

These are subdirectories where temporary files may reside.

 

You can not go by file dales because the malware is loaded using older dates.

 

Also look for suspicious files under task manager to stop the executibles. Why? Even if you delete the executible it will automatically reload on your hard drive it if is being executed.

 

The quicker you remove the executibles the better off you will be.

 

There are couple of nasty malware programs that self load via your java interface and web brower interface. They set up shop in one of the locations where temporary flles reside and can become very nasty in order to sucker you into wasting your money for more malware to remove the false warnings.

 

These malware problems will bypass your security suite (regardless if it is Nortons or McAfee, et.)

 

Edwin

 

I think I've been infected too (and yes, on a mac!). Does anybody out there who is Mac savvy have a protocol for me? I'm just a dumb artist so I must rely on the kindness of strangers! lol

 

Scott Williams

Link to comment
Share on other sites
BrianHoward

BrianHoward

Posted
Posted
It is probably not romitaman.com that caused this problem.

 

Best bet is that you have malware loaded on your computer that is giving you a false indication when you access romitaman.com in order to sucker you into buying more malware to remove the false indication. Most likely eastern european (former soviet union) or chinese in origin. These are the most likely locations if you trace the IP routing (even when masked - they may try to mask via a US gov't location).

 

Please check the following folders (on vista, maybe different based on you OS) for exe type files:

 

roaming

local

local low

 

These are subdirectories where temporary files may reside.

 

You can not go by file dales because the malware is loaded using older dates.

 

Also look for suspicious files under task manager to stop the executibles. Why? Even if you delete the executible it will automatically reload on your hard drive it if is being executed.

 

The quicker you remove the executibles the better off you will be.

 

There are couple of nasty malware programs that self load via your java interface and web brower interface. They set up shop in one of the locations where temporary flles reside and can become very nasty in order to sucker you into wasting your money for more malware to remove the false warnings.

 

These malware problems will bypass your security suite (regardless if it is Nortons or McAfee, et.)

 

Edwin

 

I think I've been infected too (and yes, on a mac!). Does anybody out there who is Mac savvy have a protocol for me? I'm just a dumb artist so I must rely on the kindness of strangers! lol

 

Scott Williams

 

I use macs and I too have experienced viruses on them (although it's much less of a problem than with PCs)...

 

I've had good experiences using ClamXav, and it's free too.

 

Link to comment
Share on other sites
stinkininkin

stinkininkin

Posted
Posted
I have used a mac for 25 years, never used a virus program and never had any problems with viruses. 'Nuff said.

 

Me too Brian! Though only having used Macs for 10 years, this is the first time I've ever had any sort of virus (IF that's really what my problem is), and sort of thought macs were either immune or too much of a niche for anyone to bother making a virus for. But Apple/mac is pretty big time now, so maybe that's not the case anymore?

 

Scott Williams

Link to comment
Share on other sites
AKA Rick

AKA Rick

Posted
Posted

There is a virus called "Security Shield" which poses as an anti-virus solution, and pops up for an "update" prompt, then points out the viruses you supposedly have, then when you click to clear the viruses, it tells you to buy the "Security Shield" update for about $80. Then the fun begins, and the computer won't stop popping up screens telling you, you have a virus.

 

The solution was to press "F8" upon rebooting your computer to put it in a safe mode, then install an anti-malware program and any anti-virus to eliminate the "Security Shield" program.

 

It's a pretty complex virus that at one point, you might feel you want to throw away your computer and start new.

 

The moral of the story... be sure to back-up your files often, so if you do get infected, you'll be safe to have all of your documents, files, photos and videos safe and secure.

Link to comment
Share on other sites
alxjhnsn

alxjhnsn

Posted
Posted

Scott,

 

I think I'd take it to the Apple Store and have them help you.

 

Failing that, there are commercial ant-virus and anti-malware products as well as freebies. I use Symantec on my four Macs; just to be on the safe side.

 

You can google "macintosh anti-malware reviews" and "macintosh anti-virus reviews" to get some leads.

 

Hope this helps.

 

Regards,

 

Alex

Link to comment
Share on other sites
Go to topic listing