Jump to content

Ad virus attempted again

lonewolfkai

By lonewolfkai
in Site Support

 Share

Recommended Posts

lonewolfkai Mentor

lonewolfkai

Posted
Posted

I was about to download a mod when I got one of those "your system is infected, perform a virus scan now and get protected" type hijackers that force you to scan using their bogus scanners. Surprised the heck out of me too because I have a pretty tight security system in my PC now.

 

Unfortunately, I don't know which advertisement it was because I had my flash player turned off.

 

Not much of report, but thought I'd at least give you a heads up, Dark and staff.

Link to comment
Share on other sites
bben46 Grand Master

bben46

Posted
Posted

I have run into several of these lately - NOT on the Nexus but other places. One used Avira logo and claimed to be an Avira warning It wasn't from Avira. The other pop up said it was from Microsoft an it needed to update the 'Microsoft antivirus security' (which I don't use) but not only wasn't from Microsoft, but tried to get me to disable the UAC.

 

Neither MS or Avira use these type of pop ups to warn you. They may have a pop up that warns that a particular web site you are visiting has security problems though, and advise not going there. One trick they are using is a delayed pop up. it waits until you leave the site where you got it before popping up - to hide where it comes from.

 

Good indications that a pop up like this is bogus are; It cannot be cleared by clicking the 'x'. It cannot be cleared by clicking the 'close' and it's scan only takes a few seconds to return that you are infected and MUST download their program or update immediately - then proceeds to do it without your explicit permission. If this happens, pull the plug immediately as you are already infected.

 

Those fake antivirus viruses are some of the nastiest around - and difficult to get rid of. >:(

 

The first thing they do - if you have UAC turned off, is disable your real antivirus, then call over their big brother to help trash your machine while they scan for credit card numbers. Turn it off. Unplug it from the internet - if you have wifi disable that until you are ready to disinfect it.

 

My own solution - a rescue CD - Boot from the rescue disk and not your virius ridden hard drive - it boots a Linux system and scans the hard drive from the CD drive or a bootable USB stick.

Here is a source for several different Antivirus rescue disks:

http://www.techmixer...-download-list/

 

If you are not infected, go ahead and create one now to save time when you are.

 

Pick the antivirus you like, save it to a friends computer as an ISO, then use almost any CD burner to burn the program onto a CD - then use that CD to boot your infected computer. You will want Internet access turned ON for this as they all automatically update their antivirus database with the newest when they run. :thumbsup:

Link to comment
Share on other sites
bben46 Grand Master

bben46

Posted
Posted

I think we should have the death penalty for the jerk who came up with that idea. I would be willing to pull the switch on them myself.

 

I currently have 2 laptops from separate family members on my bench running a full scan to get rid of two separate viruses (viri?) of this type. One claims to be a registry cleaner that you 'need' to pay for, but actually keeps locking up the computer with bogus claims like - 'Out of memory error on attempt to scan' And shutting the computer down if a real AV program is run. The other is the standard bogus AV.

 

One, the standard bogus AV is a 15 year old who downloads a lot from torrent sites. :whistling:

 

The other is used by an 11 year old girl who only goes to a few 'approved' game sites. She probably picked up the virus from an advertisement on one of them.

Link to comment
Share on other sites
lonewolfkai Mentor

lonewolfkai

Posted
  • Author
Posted

I think we should have the death penalty for the jerk who came up with that idea. I would be willing to pull the switch on them myself.

 

I currently have 2 laptops from separate family members on my bench running a full scan to get rid of two separate viruses (viri?) of this type. One claims to be a registry cleaner that you 'need' to pay for, but actually keeps locking up the computer with bogus claims like - 'Out of memory error on attempt to scan' And shutting the computer down if a real AV program is run. The other is the standard bogus AV.

 

One, the standard bogus AV is a 15 year old who downloads a lot from torrent sites. :whistling:

 

The other is used by an 11 year old girl who only goes to a few 'approved' game sites. She probably picked up the virus from an advertisement on one of them.

You know how they used to execute in the old military films? 5 to 10 gunmen line up and fire blanks except for one with the real bullet and no one knew which they had so they wouldn't feel gility? I'd volunteer shoot the live bullet!

 

What type of scanner are you using Ben? I always thought those type of virus are the type that you'd have to do a complete format/reinstall of the harddrive and OS.

 

And LOL at your avatar CommanderCrazy!

Link to comment
Share on other sites
bben46 Grand Master

bben46

Posted
Posted

I use several. The most effective for the bogus registry cleaner scanner was called SuperAntiSpyware. I used both that one and MalwareBytes manual scan, then after it was cleaned, I ran the Macafee that was already on the computer.

 

The other one the MalwareBytes worked, and when I scanned with the SuperAntiSpyware it found nothing beyond a few standard spyware apps. That one had Avira as its antivirus, and after using the other two, it found nothing either.

 

Then, after rebooting, I ran ccleaner to finish taking out the trash.on both of them.

Link to comment
Share on other sites
Fatalmasterpiece Veteran

Fatalmasterpiece

Posted
Posted

I'm just glad I finally got rid of Adobe Acrobat and started using an alternative, Foxit Reader

 

About once a month I would have some malware download through a PDF format without even prompting me and take over my system before I could say HOLY FRACKIN GRIPES BATMAN!

Link to comment
Share on other sites
bben46 Grand Master

bben46

Posted
Posted

A little more info - the bogus registry cleaner is called 'Disk Cleaner'. the screen that pops up looks like a legitimate cleaning prog. it shows it checking for various problems such as bad sectors, viruses :rolleyes: bad registry entries etc. then within seconds it shows a bogus report that says it found serious problems and you need to download the full version - for a fee. Then starts locking up your programs, with bogus problem reports.

 

The young lady who uses the computer (11 years old) actually remembered where she got it - it was from a facebook message supposedly from a known friend - that said something like 'Hey (her user name) you gotta see this its really cool.' Then gave a link to click on which proceeded to download the virus. When the computer started showing the pop up and locking her programs She knew enough to realize she had been tagged by a virus and shut the computer down to limit damage. :thumbsup:

 

But, typically those kind of virus grab your address book before they start causing problems - so it's likely all of her facebook friends will get the same garbage. :verymad:

 

These scum are relying on the natural trustfulness of children to spread their trash. When caught that should automatically add at least another 10 years to whatever sentence they get.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...