• The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 30 years!

    Join Tens of Thousands of other Owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 30 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 30th anniversary: Happy 30th Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    Free memberships for every 50 subscribers!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $21,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $21 Million dollars
  • Sign up to get the TUG Newsletter for free!

    60,000+ subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

HELP - Got Trojan Virus from Facebook

GrayFal

TUG Review Crew: Expert
TUG Member
Joined
Jun 6, 2005
Messages
10,051
Reaction score
2,099
Points
699
Location
The Hamptons, NY
Resorts Owned
Marriott Bluegreen SVV Morritt's Seaside Former WSJx5
Yes, I know - never click on anything - but when I received a link from a source that has sent my pictures before, I didn't think twice.

The virus stole/changed my Facebook password but I was able to change the password again and delete the 'video' from my homepage and the link to about 30 friends.

BUT, the virus is on my computer and even though I have an up to date McAfee program I have run three times, the virus page keeps trying to open.

McAfee says the following:

McAfee has automatically blocked and removed a Trojan
About this Trojan
Detected : Generic Dropper!bdr (Trojan), Generic Dropper!bdr (Trojan)
Location: C:\WINDOWS\rdr_1256073649.exe

Any suggests or sources to try and remove this...I have been at it for about 6 hours :wall:

As I type this, the page is trying to load again..McAfee blocked it and then said something about "Jake Script" - the window trying to open is called My computer Online Scan...and looks like a legitimate page.

Arrrggghhhhhh

Any help appreciated!
 

ScoopKona

Guest
Joined
May 7, 2008
Messages
5,722
Reaction score
3,309
Points
598
Location
Monkey King Coffee - Captain Cook, Hawaii
(I should turn the following into a macro.)

McAfee is an anti-virus package. It's not very good with trojans. (And in my opinion, it's not very good with viruses, either.)


Superantispyware
and Malwarebytes are my two go-to solutions for trojans, spyware and other nogoodnik programs. And they're free.

And at the risk of beating a dead horse: If McAfee isn't protecting you, are you going to continue paying for updates? If so, why?
 

timeos2

Tug Review Crew: Rookie
TUG Lifetime Member
Joined
Apr 11, 2005
Messages
11,183
Reaction score
5
Points
36
Location
Rochester, NY
Yes, I know - never click on anything - but when I received a link from a source that has sent my pictures before, I didn't think twice.

The virus stole/changed my Facebook password but I was able to change the password again and delete the 'video' from my homepage and the link to about 30 friends.

BUT, the virus is on my computer and even though I have an up to date McAfee program I have run three times, the virus page keeps trying to open.

McAfee says the following:

McAfee has automatically blocked and removed a Trojan
About this Trojan
Detected : Generic Dropper!bdr (Trojan), Generic Dropper!bdr (Trojan)
Location: C:\WINDOWS\rdr_1256073649.exe

Any suggests or sources to try and remove this...I have been at it for about 6 hours :wall:

As I type this, the page is trying to load again..McAfee blocked it and then said something about "Jake Script" - the window trying to open is called My computer Online Scan...and looks like a legitimate page.

Arrrggghhhhhh

Any help appreciated!

It's the infamous SmitFraud. Boot to safe mode w/networking. Turn off system restore. Download & run smitfraudfix then download and run Malware bytes (free), Spybot Search & Destroy and the http://onecare.live.com/site/en-us/default.htmMicrosoft fix.

After that reboot to your desktop, update & rerun your anti virus & HOPE it's all gone. As you guessed the link they are presenting is fake & will make things worse. Good luck.
 
Last edited:

John Cummings

TUG Lifetime Member
Joined
Jun 6, 2005
Messages
5,020
Reaction score
80
Points
433
Location
Murrieta, California
Do a search for the name of the virus and you will find many web sites with instructions how to fix it.
 

GrayFal

TUG Review Crew: Expert
TUG Member
Joined
Jun 6, 2005
Messages
10,051
Reaction score
2,099
Points
699
Location
The Hamptons, NY
Resorts Owned
Marriott Bluegreen SVV Morritt's Seaside Former WSJx5
Thank you all for your suggestions - I will let you know how I make out.

I apologize to any TUG friends who received an infected email from my facebook account.
 

TUGBrian

Administrator
Joined
Mar 24, 2006
Messages
22,093
Reaction score
7,677
Points
1,099
Location
Florida

ArtsieAng

TUG Member
Joined
Feb 21, 2006
Messages
481
Reaction score
1
Points
228
Location
New York
I have the same virus as Pat, and have not been able to get rid of it. My computer is currently non operable.

I purchased Malware, but it did not eliminate the virus.....I tried to download Smithfraudfix, and Superantispyware, but my computer would not let me download the programs. It said the administrator was preventing downloading these two programs because they could not be verified. Very frustrating. I am currently running McAfee, because I already had the program, but do believe it will do any good. Not sure what to do next. :bawl:

Pat.....How did you get rid of the virus? Thanks!
 

Mosca

TUG Member
Joined
Jun 6, 2005
Messages
1,463
Reaction score
8
Points
248
I have the same virus as Pat, and have not been able to get rid of it. My computer is currently non operable.

I purchased Malware, but it did not eliminate the virus.....I tried to download Smithfraudfix, and Superantispyware, but my computer would not let me download the programs. It said the administrator was preventing downloading these two programs because they could not be verified. Very frustrating. I am currently running McAfee, because I already had the program, but do believe it will do any good. Not sure what to do next. :bawl:

Pat.....How did you get rid of the virus? Thanks!

Use a separate computer to download smitfraudfix malwarebytes sas etc to a thumb drive, then run/install on the infected computer from the thumb drive in safe mode.
 

TUGBrian

Administrator
Joined
Mar 24, 2006
Messages
22,093
Reaction score
7,677
Points
1,099
Location
Florida
trend micro has an online virus scanner as well if you wish to try that route.
 

Passepartout

TUG Review Crew: Veteran
TUG Member
Joined
Feb 10, 2007
Messages
28,462
Reaction score
17,213
Points
1,299
Location
Twin Falls, Eye-Duh-Hoe
My computer is currently non operable.

... my computer would not let me download the programs. It said the administrator was preventing downloading these two programs because they could not be verified.

If you have Superantispyware and it gives you the administrator rigamarole, try right clicking on the icon that launches it and select 'Launch as Administrator' if you can. then do your scan/clean, etc.

The other option is if you have the original disk(s) that came with your computer, format the hard drive and reinstall the operating system and all your applications and new anti virus/malware/spyware stuff and then reload your data from wherever you have it backed up- you DO have it backed up, don't you?

Or barring that, get an brand new Windows 7, format your HD and do a clean install of the new OS.

Jim Ricks
 
Last edited:

ArtsieAng

TUG Member
Joined
Feb 21, 2006
Messages
481
Reaction score
1
Points
228
Location
New York
Thanks all for your help, and suggestions! I think I finally got rid of the virus.

I re-ran Malwarebytes, along with a few of the other suggested programs, and it now seems to be gone. Oy, thank the lord. :cheer:
 

GrayFal

TUG Review Crew: Expert
TUG Member
Joined
Jun 6, 2005
Messages
10,051
Reaction score
2,099
Points
699
Location
The Hamptons, NY
Resorts Owned
Marriott Bluegreen SVV Morritt's Seaside Former WSJx5
Thanks for everyones suggestions - malware helped and AVG got rid of it completely.
 
Top