PDB User Virus Warning - Page 3

I think I got it...time will tell. Let's see how it does today. Once I saw this and remembered I'd seen it a bunch, and my son told me "I tried to click on my letter game and got a bunch of screwdrivers for sale" I had a lightbulb moment. I found a site on how to get rid of it and what it can hide with and then saw "Shop At Home" kept popping up banner ads over my CL and eBay searches. I was able to get rid of that and so far, been running ok (just did it last night) and haven't seen the screen again.

I, too, only ever saw it on this site. It would show when I was trying to watch a youtube someone had posted or view a new page or different page. 

Jenni, probably not the answer you want to hear, but I don't actually use any paid or free software. I remove malware and adware "by hand" so to speak.  I've done it so long day in and day out, I know what files and services belong on a computer and what don't, which processes should be running at startup and which should not, I know where to look (where the files are usually saved, what services get hijacked, etc), I know what a clean hosts file looks like, etc.  I will occasionally use Auto-Runs (a program from Microsoft's Sysinternals) to clean up a bit faster, but that is a program where you have to know what you're looking at for it to be useful (you can mess things up).  I've never been all that happy with any antivirus/antimalware programs and don't have time to be running filescans on computers I'm cleaning. I'm not being paid to run freeware. Besides cleaning computers at work all day, I do it for people in my neighborhood for $35.  It generally doesn't take me longer than 10-15 minutes to go through my process, but then I also update their OS and do some other cleaning, updating, and security patching whilst I'm at it so I don't see their computer back a month later. I also try to tell them how they got it/what they were doing when they got it so they know what to avoid.  Last time it was a middle school kid with permission to do homework on the computer and thought the popup about the flash player update was legit.

Yeah, that's how I did it last night- picked through until I found what didn't belong and removed it all. I'm sure you're faster, Lies! LOL! I think I removed one thing I didn't want to, but no big deal. I can download it again. 

Now that I had a clue what to look for it was easy to find. But not having been the one who clicked it, I didn't suspect anything until I saw this thread. Thanks to the OP!!! 

I've been getting several on this site. Just got this one a little bit ago. Happened when I opened the Herdersfarm link from the homepage and popped up in a seperate tab.

Got this one too.

I have had the "flashplayer" one pop up on me here several times.

Happens to me also whenever I come here.  Didn't happen this time, but I installed the program GSD admin suggested.  Took over an hour to run the scan and another 45 minutes to repair or remove what needed to be.  So we will see.

I manually removed it right away, and it seemed to work ok for a week or so, but then weird stuff kept happening.  It totally trashed my computer.  It's been with my computer guy for 2 weeks now, he said the same thing, he has removed it and it keeps coming back, looks like everything will have to be wiped and restored back to factory settings.  Thankfully I had everything important backed up this time.

It's a malware that often comes into a router hack. Moon worm / trojan. It affects certain routers, originally only Linksys, but now some others as well. It started early in 2014. Depending on your virus software, itr might have infected local computers, or your router. Originally, it only affected Linksys routers, but a few other brands this fall have become subject to it. Since it's a router hack, it won't show up on your computer. I keep my home network very well scrubbed (router included), so I haven't had issues, but for other folks here's some info:

Here's a little about it on Adobe's site from October, 2014: https://forums.adobe.com/thread/1435362

From other forums:

"My Linksys/Cisco E4200 router was the problem.  I didn't replace it, just Disabled the Remote Management Access & save and then under Security turned on Filter Anonymous Internet Requests and save.  Then rebooted the router the issue stoped.  Linksys called this The Moon malware it apparently bypasses authentication on the router by logging in without actually knowing the admin credentials.  Once infected the router starts flooding the network with ports 80 and 8080 outbound traffic."  

"The router hack simply changes the DNS server to a DNS hosting service (severel.com). In my case a password hack could get downloaded. The malicious DNS server numbers in question for my issue were; 199.182.166.168 and 199.182.166.169  After you reset or flash your router firmware, make sure and install the correct DNS servers for your ISP.. Also make sure you disable "remote management". My router is a linksys E3000. Linksys has never updated the bios for this router."

.

*adds* As it is a router hack, I'm thinking it can infect then spread via a host-server by interupting normal webflow with a re-route to a propagtion site; which is probably why it might be an issue on PDB.