Same old scam by a different name

Perhaps I'm just behind the curve, but I ran into a new (for me) "fake antivirus" with a twist--a fake drive scanning utility.

Like the "fake antivirus" that jumps up and tell you it's just scanned your 2 terabyte harddrive in 3 seconds and found you are infected with 23 viruses, 12 rookits, and 4 trojans, this one jumps up and tells you that 30 percent of your drive is unusable, your MBR is damaged, and so is your fat allocation table--BUY ME!

I suppose it was only a matter of time that the fake antimalware writers would come up with another scare tactic as people were becoming savvy too the fake antivirus, but this one really freaked out someone who called me today that their computer was about to die.



Simple enough to remove--drop into safe mode, delete 4 or 5 files in the c:\documents and settings\all users\application data folder, but you have to give them props for original thinking I guess....

Anyone else see this yet?

 

In my part-time job, I see these on college freshmen laptops all the time. They all freak out too. Sigh...

 

fake antivirus, yes, but fake drive scan utilities?

Wow, I am out of it. That is the first one I've seen. I haven't even read about these before. Again, same trick different game, but I haven't seen one.

 

These are becoming more and more common, the funny thing is that anyone unfortunate enough to not know what they are doing and follow the malware instructions will have a hell of a time removing the things it leaves behind. The last one I had to remove from a client left behind 14 copies of itself to run, all renamed different things, in various folders.

On the plus side, these things are caught almost immediately by anyone in the field and submitted right away - MSE has been doing an excellent job and has been catching newer ones quickly.

Unfortunately they are kind of hard to prevent from even being seen, short of installing noscript, and let's face it people who have noscript installed wouldn't fall for these anyway

 

Did that guy that had 14 copies running actually went as far as paying the "companies" for the "programs?" I HOPE not...

 

I'm considering creating such an app that just spits obvious crap (like, obvious even to my mom and dad). i bet i'd still find people who pay..

it's ridiculous, such stuff, it really is. the only scary thing is, it works well enough.. sad world, sad world.

reminds me a bit of the iamrich app from the iphone, and those that complained that after they bought it, it was just useless, and cost tons of money. well.. duh.. that's the idea..

 

those are awful, surely if your pc really had those problems it probably wouldn't even boot lol....

 

those pop ups are definitely getting annoying. I was on google images looking for something and I got this windows security alert pop up saying my computer was infected!



too bad I was running linux (mint 10) at the time.
It was strange because all i did was mouse over the image and it redirected the browser to that site.

 

I know...lol....the owner called me up and said Windows is telling me that I my boot sector and file allocation table are damaged. The best part is the scroll reveals 38 percent of your paritition is unreadable.

My response was, "Windows is telling you that? You can actually get into windows with that kind of damage? OK, slow down, what exactly are you seeing...."

 

They are REALLY epic when you get them under Linux.

 

My sister's laptop got infected by this same thing the day it came out, so it wasn't yet picked up by MWB or any other utilities. It was a pretty frustrating manual removal as the filenames are random gibberish and changed on each boot.

 

What got me laughing was their recommendation: "Defragmentation should be executed"... :laugh:

 

I just call these basic IQ tests lol

 

Firefox + NoScript + Adblock Plus = smooth sailing for years now.

 

Like I said though, whoever is running those wouldn't be fooled by these things. As much as I'd love to put noscript on triggerhappy friends or the grandparents' computers, I suspect they'd be phoning more to ask why they can't watch the latest "funny video" forwarded by their friends. I know noscript has whitelists but there has to be a better happy medium :/

 

Well I guess I just failed on my G73
I believe i typed imageshack.com into IE 8 (win 7) and hit enter. A pop up box came up and I clicked the red X to close (only other option was OK)
Then the dreaded bogus scan started. MSE (latest version) did not warn me at all...
I was able to kill all my browser windows within 30 seconds,and shutdown Win 7.
Is it best to start a new thread to get some further advice? I did get a screen shot of the pop up window, then I threw up!
Thanks for the help. I booted to safe mode and only found a hosts file in the download folder, that I deleted (when ever I download I use D drive). I then scanned with MB and MSE - nothing was found!!

 

Hah, yeah it's retarded that there is even an option in jscript to make all the prompts essentially say "bend me over", even if they are red x's or no's. When I do find a site like that and the popup js prompt comes up, i simply do nothing and end the ff process 3 times (so it will say "oops firefox crashed... which tabs to restore?"), so I don't lose whatever else I was tabbed into.

If the "scan" started (it's just a javascript with pretty images, or somtimes flash) it doesn't do anything except either download an .exe into your dl folder, or try and run the .exe directly via the browser, which newer browsers simply won't allow. Go to your dl folder and MSE will go detect the file, if it was even downloaded in the first place.

Usually these malware .exe's are named something "important sounding", like update1234_56.exe, or upgrade.exe or whatever. Just be aware of what you've downloaded yourself and (if MSE fails to detect/remove anything) delete whatever you don't remember dl'ing.

 

it most likely was just a nice website show and nothing real.

 

Thanks for the replies guys. On my Vista machine (Dell D610), I see a red X where the picture S/B in your sig. davepermen
I have all M$ updates, reset IE 8 via internet options, upgraded to IE 9 beta in safe mode, reverted back to IE 8. The issue persist, .png files show as a red X. Apppreciate any pointers on this, upgrade to Win 7 is not a good option for me....

 

download the reg fix

PNG images are not displayed on Web sites in Internet Explorer

The vista one will work on Win7

 

The main problem is some of you guys are using Internet Explorer - THE most unsecure web browser ever!

Use Firefox w/
- AdBlockPlus
- NoScript
- WOT
- McAfee Site Advisor

...KeyScrambler is another nifty tool if you do alot of online banking, etc.

...and get a 1 year AVG subscription (make sure it's "AVG Internet Security") from Purplus for 19$ (or like 25$ for 3 computers)...and a MalwareBytes subscription.

Problem solved. I guarantee you, unless you're not very bright, that you will NEVER, EVER get a virus/trojan again

This imo, is the best security combo ever. The only way you will get penetrated is if you download torrents (non-VIP) [not promoting torrents, I use them for games I purchased from stores but lost/scratched the discs].

The IE users sound like my brother - Always has a virus/trojan but never switches browsers

 

The irony is that AVG is one of the WORST AV Scanners ever in existence. I has the highest false positive hit rate of any AV Scanner. Microsoft Security Essentials is so much better than AVG and it is free!

 

I had a crappy Toshiba laptop and was extremely bored one day, so I purposely heavily infected the laptop with dozens of various viruses/trojans and used 5 anti-virus protection tools in a rotation. The one that came ontop was AVG and caught them all. The worst one was McCafee.

Ever since I started using AVG (as well as the other tools), I've been 100% safe. Many reviews put AVG/Kapeski ontop as well (that I've read).

AVG Internet Security 2011 Offers:
- Anti Virus
- Firewall
- Anti Spyware
- Link Scanner (works like McAfee Site Advisor and WOT)
- E Mail Scanner
- Web Shield
- Anti Spam
- Anti Rootkit
- Identity Protection
- Residential Sheild

But ...this is just my opinion on the matter Everyone has their own "combos" of security tools. As long as it works

 

Maybe I am biased and kept looking at the crappy AVG Free as the benchmark for the rest of the AVG line. Either way, if it works for you then you should keep using it. I am content with the reliability of MSE.

 

Yeah, the AVG-Free isn't real-time, so you can get pwnd by virus/trojans and it won't find it at all until you scan (paid sub can).

 

I would second you on clubbing FF / Chrome with these Adblocks, Noscript & Mcafee.
Rest I have been quite safe with Avast free edition n Malwarebytes for years.
No need to buy AV .. at least worked out for me so far. Debatable though

 

And out the door goes your credibility. Resident Shield is real time scanning and is included in AVG.

I'm not disputing your contention that your package of software and strategies keeps you safe, but you don't even do the research to back up your claims.

I have NO antivirus and no anti-malware program and only the firewall built into windows on my computers and have not been infected with a virus since the early 1990s when someone put an infected floppy in my work computer.

All the software in the world will not save you but common sense will.

 

Credibility out the window? AVG-Paid Internet Security offers added layers of protection and combined with the other software tools I mentioned, it makes you impenetrable, unless the user is newbie to the internet.

I am merely sharing my opinion on the matter of internet security and here you come out of nowhere with a hostile post instigating an argument.

Good for you ...you've been able to avoid being a victim of trojans/viruses, however just because you've managed to evade being "hit" doesn't mean the rest of the internet population has been as lucky.

You have to factor in that a large portion of internet users use torrents, social networking sites, etc., which are the prime targets of malicious attacks. Hell - even innocently doing homework can get you "hit".

For example, I was doing a WW2 Power Point presentation last night, gathering data on the axis of powers naval strength. A couple websites attempted to hack/infect me. Even if you "play it safe", there is always a threat. Luckily, I was saved from the malicious attack because of the software I use. There is always a threat.

You can "play it safe" as much as possible. It's only a matter of time until you get nuked by malicious trojans/viruses.

 

:laugh: Heheh, got a good laugh out of that one. It never ceases to amuse me how those hobby security "experts" keep dissing IE, given that they clearly do not have the faintest clue of what it is they are talking about. It turns out that, as a matter of fact, IE, at least IE8 in Vista and above, is more secure than most other browsers out there, including Chrome and Firefox. This statement is borne out by even a brief look at published statistics of vulnerabilities, as well as by an examination of underlying technologies.

Conclusion: Feel free to use, or not use, whatever browser you like, but lack of security is certainly no reason to not use IE.

 

Nonsense. I have never been "nuked" by anything, and that includes more than two decades of using multiple PCs, some of them on and online 24/7 for years, and without any anti-virus software.

But, yeah, I agree, if you're not very bright, nothing and nobody can save you...

 

First off, sorry for coming off as such a jerk. I re-read what I wrote and I apologize.

My point was that AVG Free has real-time security and when you say it doesn't --and it's such an easy thing to check--it makes me wonder where you are coming from with the rest of your post.

Listen, I am not recommending that people go "commando" with their PC security. In fact it comes across pretty arrogant when I say I do. I have 7 computers in the house and four of them have some sort of security software on it.

My point is twofold--a) common sense is better, and b) any one who goes around saying a+b+c is the best there is and d is no good because I read it somewhere or I think it has or does not have a feature is asking for trouble.

 

Yup - I noticed that (Shield) on AVG-Free, so it does have a preventative measures to intercept threats (for some reason I thought it was only a virus scanner and nothing else - perhaps they changed it?).

But yeah, I agree that common sense wins for the most part, however there are a few isolated cases that warrant the over-protectiveness.

Popular sites such as Myspace for example have attackers who use scripts that they insert into comments where it attacks users who are stopping by to give the artist a listen. Sure it can be avoidable by not visiting Myspace, but for users who don't have their "street smarts" on the web, it can be difficult to differentiate between good and bad.

I've always believed in "better safe then sorry" method of approach

We all have different ways of handling our internet browsing experience, so if it works and keeps you safe, then that's great

 

As mentioned above (Myspace example), there are situations where the extra layer of protection is warranted. The majority of our youth dominate social networking websites, which are the prime targets of attacks (as well as torrent websites).

No disrespect, but alot of things have changed over the last two decades. We have more users than ever using the internet and attackers are getting alot smarter.

Fun Fact:
- Hackers are responsible for 57,000 malicious websites per week
(source: maximumpc)
- 48% of 22 million computers scanned are infected by malware
(source: zdnet)

Having Firefox addons such as Adblock and NoScript will significantly decrease users from being one of the infected/attacked compared to IE in my opinion (we're all sharing opinions - remember)

 

I run No Script end of story, never see this crap unless I want to.