Page 2 of 4 [ 52 posts ]  Go to page Previous  1, 2, 3, 4  Next

sinsboldly
Veteran
Veteran

User avatar

Joined: 21 Nov 2006
Gender: Female
Posts: 13,488
Location: Bandon-by-the-Sea, Oregon

28 Feb 2010, 12:47 pm

CTBill wrote:
It's apparently seeing a surge as a result of the Chile earthquake: Link


Quote:
Notice that this fake scan window was actually presented inside a Firefox browser window but the fake scan window says I'm using IE 7.0, I guess the people behind this particular scam slipped up a bit on this minor point.


Quote:
After the fake scan is complete or if you try to navigate away from the page, you are offered the obligatory download of files with various filename such as packupdatebuild[RANDOM NUMBER]_[RANDOM NUMBER].exe or inst.exe. These are being detected by Symantec as Trojan.FakeAV or VirusDoctor. In addition our IPS detections are also effective at preventing the fake scan pages from being loaded in the first place. While we can’t protect you from earthquakes or tsunamis, we can at least help you avoid another wave of damage to your computer and your wallet following disasters of this type.


_________________
Alis volat propriis
State Motto of Oregon


passionatebach
Velociraptor
Velociraptor

User avatar

Joined: 8 Nov 2009
Age: 48
Gender: Male
Posts: 447
Location: Cedar Rapids, Iowa

01 Mar 2010, 6:02 pm

My Norton anti-virus alerts me to this infrequently when I am in the "work and jobs" forum.



sketches
Deinonychus
Deinonychus

User avatar

Joined: 24 Mar 2009
Age: 36
Gender: Female
Posts: 326
Location: Everywhere you want to be

02 Mar 2010, 4:32 pm

roadracer I followed your link from your second post. I know what everybody here is talking about and honestly there is nothing to worry about -- it's not an attack. It's just another flashy pop-up image and people are gullible enough to look at it and click on it. Also, someone please answer this: if it's in the same window or tab, then can't you just click on the "back" button?

The first time I saw this advertisement, I was on my Mac using Firefox. This ad for malware is absolutely not related directly to I.E. And may I repeat, it is not an attack (nor is any other pop-up ad, to my knowledge).

Bottom line: don't fall for pop-ups.


_________________
~


Inventor
Veteran
Veteran

User avatar

Joined: 15 Feb 2007
Gender: Male
Posts: 6,014
Location: New Orleans

03 Mar 2010, 12:56 am

I don't think it has to do with WP or Google, my computer customers call me about, I tell them the three finger salute, Ctrl-Alt-Delete.

It is one of those things that as often as it is shut down, it gets launched from somewhere else.

It is a bit worse than a pop up, but spreading the word is the best defense.

If you do not know them, nothing coming from the web is to be trusted, nothing is free, except a few things that a little search will tell are real, good, and they are still taking names.

Name and email lists are sold, resold, and that is what these scams work off of.

I constantly get ads from JC Penneys, I have never bought from them, gone to their web site, but they are good for an email a day. I get spam, the Canadians sell any drug you want, and lots of people send "Hi, thinking of you," who have no reason to know I exist.

My Ebay paypal account has been frozen several times, and it looks just like real paypal. They have my email, and say because of fraud I have to click on a link and change my password. I forward it to paypal, they say some of this just runs for hours before changing location, leaving no trace. I respond in seconds, which gives paypal the link while still active.

The virus scam most likely comes from outside the country. The real deal is people who do pay, buy credit card, then that information is sold, and within hours, more is being bought with that information.

From someone who lived in Honduras for a while, who checked with Social Security, he found he was working four jobs, two in Florida, one in Texas, and one in California, all at once, as he was working for cash in New Orleans.

Who knows what part of the population is living by identity theft?



jawbrodt
Veteran
Veteran

User avatar

Joined: 26 Jan 2008
Age: 51
Gender: Male
Posts: 7,766
Location: Eastern USA

03 Mar 2010, 5:46 am

It's getting worse, in my case. It's happening once or twice an hour, which is getting to be really annoying. Anyone else having the same problem?


_________________
Those who speak, don't know.

Those who know, don't speak.


League_Girl
Veteran
Veteran

User avatar

Joined: 4 Feb 2010
Gender: Female
Posts: 27,317
Location: Pacific Northwest

03 Mar 2010, 6:47 am

I haven't had it lately.



jawbrodt
Veteran
Veteran

User avatar

Joined: 26 Jan 2008
Age: 51
Gender: Male
Posts: 7,766
Location: Eastern USA

03 Mar 2010, 3:30 pm

Well, I came up with a half-assed solution, but it works.....I went into to my control panel and blocked the Google website, in the privacy section. I don't use Google for my search engine, so hopefully it doesn't become a problem. Time will tell, eh?lol


_________________
Those who speak, don't know.

Those who know, don't speak.


jawbrodt
Veteran
Veteran

User avatar

Joined: 26 Jan 2008
Age: 51
Gender: Male
Posts: 7,766
Location: Eastern USA

03 Mar 2010, 3:32 pm

Nevermind, that didn't work, I just had it happen again.LOL


_________________
Those who speak, don't know.

Those who know, don't speak.


Keith
Veteran
Veteran

User avatar

Joined: 12 Aug 2008
Age: 42
Gender: Male
Posts: 2,321
Location: East Sussex, UK

03 Mar 2010, 4:34 pm

Been using Firefox since 1.5 - no major problems



Roxas_XIII
Veteran
Veteran

User avatar

Joined: 8 Jan 2007
Age: 35
Gender: Male
Posts: 3,217
Location: Laramie, WY

03 Mar 2010, 5:03 pm

I haven't been getting this at all, but by the sound of it it sounds like it's only happening to IE users. I gave up on IE a long time ago, use Google Chrome and Lolifox (spin off of Firefox for the otaku community) for most of my websurfing now.

Try going to BleepingComputer.com and see if it has anything on this particular threat. I know it has a list of fake-virus-scanner malware at least a mile long.


_________________
"Yeah, so this one time, I tried playing poker with tarot cards... got a full house, and about four people died." ~ Unknown comedian

Happy New Year from WP's resident fortune-teller! May the cards be ever in your favor.


sketches
Deinonychus
Deinonychus

User avatar

Joined: 24 Mar 2009
Age: 36
Gender: Female
Posts: 326
Location: Everywhere you want to be

03 Mar 2010, 5:43 pm

Hi, not to sound like an ass, but nobody even read my post? Did nobody read the OP's second post? He gave us a link with information on the pop-up. Check it out. And I gave information that even while using Firefox on Mac operating system I get the ad (Roxas_XIII, that comment was for you). It's just a pop-up.

Inventor mentioned that it's a bit worse than a pop-up, but I must disagree. The only thing that makes it seem any worse is the overwhelming number of people falling for it. It is deceiving, yes, but it's NOT an instant download. It's NOT an attack. There is NO reason to ctrl-alt-del (I also got the ad on a computer using Windows operating system and I.E. and as far as I remember, I only had to hit the back button).

I'm no hacker or coder, but I can say with confidence and without lying that my experiences with this advertisement were legitimate. This thing is merely a simulation of Windows Explorer with a fake representation of your folders and disk drive information. It's easy to spot if you pay attention to it because it's the same image (with the same speed of "scanning for the virus" and the same typos in the same fake text) every single time. I can easily point out how they made only the "Full system cleanup" button clickable! It's a no-brainer.

The only way to get a virus from this is by accepting the "scan" and installing the virus software itself! Please be careful.

Someone let me know if anything I said is inaccurate.


_________________
~


DenvrDave
Veteran
Veteran

User avatar

Joined: 17 Sep 2009
Age: 61
Gender: Male
Posts: 790
Location: Where seldom is heard a discouraging word

03 Mar 2010, 6:02 pm

sketches wrote:
Inventor mentioned that it's a bit worse than a pop-up, but I must disagree.


Respectfully, I disagree. With a popup, you click the red X and the popup goes away. With malware, you click the red X and it triggers the virus, and that's what makes it nefarious. That's how it was triggered on my machine. In my case, the virus blocked any internet connection, created lots of additional popups advertising for scam anti-virus software, and changed values in the registry. It could only be fixed/deleted in safemode by downloading legitimate anti-malware software. Fortunately the software was free, but it still cost me many hours of personal time to fix the problem. I'm not trying to argue or complain, just provide facts.

Both Roadracer's and Inventor's suggestions work very well.

Also, very funny joke in your signature line, hahaha.



CowboyFromHell
Veteran
Veteran

User avatar

Joined: 22 Dec 2007
Age: 37
Gender: Male
Posts: 1,158
Location: Surprise, Arizona

03 Mar 2010, 6:52 pm

I've gotten these from almost any and all websites. Only three I haven't gotten these from are WP (ironically), Last.fm and YouTube. I'm using Firefox. I might just have a virus to begin with.

From what I've been told, you can buy a brand new computer and it'll download viruses as soon as you connect to the internet without even opening a browser.


_________________
www.Last.fm/user/BadMoonReaper
I love WP's color scheme. Green is awesome when you're blue!


superboyian
Veteran
Veteran

User avatar

Joined: 9 Sep 2009
Age: 34
Gender: Male
Posts: 14,718
Location: London

03 Mar 2010, 7:21 pm

1) Scan your computer for spyware using SUPERAntispyware or Spyware Doctor (Not Recommended for slow computers) under Google Packs and make sure you do a full scan also while removing these viruses, I'd recommend you close you firefox browser, using the Save & Quit so you can return back to the page.

2) Clear all your cookies

3) Clean Temporary Internet Files

Hopefully this should hopefully eliminate these problems.

superboyian

[Removed]


_________________
We are a community and we are one in unity.


Last edited by superboyian on 04 Mar 2010, 11:46 am, edited 1 time in total.

Roxas_XIII
Veteran
Veteran

User avatar

Joined: 8 Jan 2007
Age: 35
Gender: Male
Posts: 3,217
Location: Laramie, WY

03 Mar 2010, 7:34 pm

sketches wrote:
Hi, not to sound like an ass, but nobody even read my post? Did nobody read the OP's second post? He gave us a link with information on the pop-up. Check it out. And I gave information that even while using Firefox on Mac operating system I get the ad (Roxas_XIII, that comment was for you). It's just a pop-up.


My bad. I saw the first page of this thread and replied without reviewing the rest.

Still, if this is a recent problem then I haven't been bothered by it at all. Also I use Google Chrome as my browser.


_________________
"Yeah, so this one time, I tried playing poker with tarot cards... got a full house, and about four people died." ~ Unknown comedian

Happy New Year from WP's resident fortune-teller! May the cards be ever in your favor.


roadracer
Veteran
Veteran

User avatar

Joined: 9 Nov 2008
Age: 42
Gender: Male
Posts: 778

03 Mar 2010, 7:41 pm

sketches wrote:
Hi, not to sound like an ass, but nobody even read my post? Did nobody read the OP's second post? He gave us a link with information on the pop-up. Check it out. And I gave information that even while using Firefox on Mac operating system I get the ad (Roxas_XIII, that comment was for you). It's just a pop-up.

Inventor mentioned that it's a bit worse than a pop-up, but I must disagree. The only thing that makes it seem any worse is the overwhelming number of people falling for it. It is deceiving, yes, but it's NOT an instant download. It's NOT an attack. There is NO reason to ctrl-alt-del (I also got the ad on a computer using Windows operating system and I.E. and as far as I remember, I only had to hit the back button).

I'm no hacker or coder, but I can say with confidence and without lying that my experiences with this advertisement were legitimate. This thing is merely a simulation of Windows Explorer with a fake representation of your folders and disk drive information. It's easy to spot if you pay attention to it because it's the same image (with the same speed of "scanning for the virus" and the same typos in the same fake text) every single time. I can easily point out how they made only the "Full system cleanup" button clickable! It's a no-brainer.

The only way to get a virus from this is by accepting the "scan" and installing the virus software itself! Please be careful.

Someone let me know if anything I said is inaccurate.


yes, I must agree with most everything you said, you are perfectly safe as long as you dont follow it or click on it.
BUT, I couldnt get the back button to work on it, and the IE x button would not work because it brings up a box inorder to force you to click on it, or use ctrl+alt+del.
The thing is, and the reason why you and some might be able to simply use the back button, all comes down to what browser you are using, and what the security settings are in that broswer, and or what popup blockers you are using, and what virus/firewall software you are using.

For worst case, you can use ctrl+alt+del to close it with no harm done to your computer. Best case you can use the back button with no harm done.
It does not matter what browser you use, but how you have that browsers security settings set, and what popup blocker or ad blocker you use, defently makes a difference.