I was on MySpace today & Instantly bad programs called "Web Buying", "WinAble", "Command" & other malware got installed on my Computer.

I removed the Bad Programs but the Damage is done now.

Can I get some Advice here?

Learn rules of capitalization? I mean, I'm all for dialect grammar instead of proper grammer, and I too have occasional problems with capitalizing important, specific nouns as I'm typing them out...but...Geez! This makes me cringe.

Let alone the fact that you chose to visit MySpace. (Zing!)

Damn, Usoki beat me to the easy hardcore dis about Megaman visiting MySpace.

Nuke your hard drive and reinstall everything.

Don't use internet explorer ever again. Switch over to Mozilla Firefox immediately. I had that happen once watching double penetration porn (had to nuke my hard drive afterwards) but then I switched to Mozilla and haven't had any problems ever since.

About the double penetration porn, I was young and naive and had never even heard of the concept of two cocks in a woman at the same time and felt compelled to click the link just to see the logistics of it. It decimated my computer, and permanently changed my background to this message saying if I didn't pay them money they would tell my wife and kids about what I had been looking at.... I think I was 12 or 13 at the time...

The newest Internet Explorer is fairly secure. It's unusual for someone as tech-savvy as I am to dislike Mozilla, but I was never into it. In fact, I've still got IE6, and I've never had problems. If you are using IE, go into internet options and configure the various security settings you'll find there (security-custom level, privacy - block pop-ups, and the Advanced tab). Make sure you have all the security patches for Windows itself no matter what browser you use.

Staying away from "risky" sites helps (warez and porn sites are notorious), as does having updated and properly configured antivirus and antispyware protection and scanning your hard drive with them regularly. Some antispyware programs ask your permission before programs install, modify your browser, insert themselves in your startup, etc; they stop threats before they can execute, not after they've already installed and started doing damage. Windows Defender isn't the best out there, but it does that sort of thing and I think it's free. AVG Antivirus and Spybot - Search and Destroy are free; Spybot is good but last I checked you can only scan with it, not block threats before they become resident, so use it especially in the case of active virii damaging your computer. AVG is just an okay antivirus, but it is better than nothing and probably comparable to McAfee and Norton these days (though I haven't tried the latest Norton). Oh, and go to Windows Start>Run and type 'msconfig' (no quotes), then enter. Go to the Startup tab - these are the programs that start with Windows; you may be surprised at what you find there.

Please don't listen to End (in the event you took him seriously in the first place, of course) - I have had many friends who see erasing their hard drives and starting over as the best solution, but in reality almost every problem you encounter can be solved without resorting to that. Tell me what "Damage" you're referring to and I'll tell you how to fix it.

Locke: Yeah the newest Norton Antivirus software works pretty well. I got that on, along with 2 pop up blockers, spybot, and a firewall.

I don't understand why some of you are wandering the web without anti-virus software and firewalls anyway. Really only a Mac user can routinely get away with that sort of behavior.

Firewalls and anti-virus protection use up a ton of computer resources and they are for pussies anyway. Real men don't get virus's because computer virus's and trojans are afraid of them.

Locke, nice advice.
There a lot more ways programs can start themselves up at boot. There are virtually thousands of ways to do this without touching the startup folder or the Run Key in the Registry.

If you aren't familiar with how Windows works on a low level, download adware and spyware wiping programs and start your computer up in Safemode with Networking (which you can find out how to go with google). Not that Safemode is terribly good, but lower quality malware usually won't run under Safemode. Run the programs after getting the most recent updates. Reboot out of Safemode and check the damage. If you are still infected, run HijackThis and post the output you get on their forums.

Xnull, I seem to remember a situation where we tried not wiping my computer and you were unable to get rid of the primary program that was infecting it....

A lot of time has passed since then. The same thing happened to my brother a year later and I was able to fix it. I mean, worst comes to worst, boot up a live CD and fix it from there, however I didn't need that for my brother.

I'm a lot better than I once was. If I were as malicious it would be a bad thing. By the way I just found a remote exploit on Mac users using Safari. You should turn off "Open 'safe' files after downloading" in Safari.

Wait wiping? When did we wipe your computer and have the problem persist?

...By the way I just found a remote exploit on Mac users using Safari. You should turn off "Open 'safe' files after downloading" in Safari.


...........................Why?What can happen.....

Eh, nevermind. It's a lame exploit. Double free.
However, it would require too much interaction to take over a computer and therefore is a bad exploit.

Basically, Address Book has a flaw with a certain format of vcard. Vcards are opened automatically when they are downloaded from a site when you use Safari (.vcf are considered safe). An evil user can force you to download and therefore open the file.

Unfortunately, the exploit would require you to download at least two (but most likely three) files. Each time, you would need to choose a very particular option to jump to the part of the code which handles the vcards incorrectly.

So I doubt any Macs will get taken over this way unless there is some way to abuse the program further and force Address Book to open the files using a particular part of code to eliminate the unreliable user middle-man.

You can turn Safe Files back on - the exploit I found isn't some wonderful code executing whore.