| Author | Thread |
|
|
09/26/2010 06:31:16 PM · #1 |
I was doing research on a plant I bought today and clicked on a google link which read - //thetouristsguide.com/Septembers-azalea-pink/
After the new tab opened, the link changed to - //77.78.239.168/index.php?5t=YJNP71547Z5PE4YL56WOP6L75B1584BR&BD=NEtBWmtePkkxImswKEldMjYsQiVaUD5NAQkac2&4F=9Q0N
&vWYN=vNgBXU1IDOwUzd1U9fVEAZi41Sn0FDXcEBg4DdWQgMTxG&k9sH4=FdAEMSmdJAjp2JmM4XVULNnFWN1N8aH0&ZG8=Fmenc&8W=TTO2Z396V53FGZQY909SC4OEAyKRUn
The first message that came up was this one:
Perhaps foolishly, I clicked OK and got this:
I panicked and did not even notice that it said I don't have anti-virus software on my computer, so when this came up:
I clicked on Remove All. It came up with this:
and I clicked run. It was only after running for a few seconds when it came up with a message about not being able to verify the source that I clicked cancel. I then tried to click cancel on the earlier alert (snip 3), but it once again brought up the program to run. After going through the whole stupid process again, I realised that whatever I click on in snip 3 had the same result. I then tried closing the window and it reopened with this message:
After clicking OK on that, it finally let me close the window.
I have now run AVG twice and both times it has said "No infection was found during this scan". Can I trust AVG, or might this website have hidden some virus or other unwanted infection on my computer that AVG has somehow missed?
Edit to fix width of page by inserting a blank in the undesirable web address.
Message edited by author 2010-09-26 20:26:15. |
|
|
|
09/26/2010 06:50:30 PM · #2 |
Malware often disguises itself as windows dialogs. It appears from your description and screenshots that the initial notice came from an external source. It also looks like you had some notices from legitimate security apps on your computer. You may have some malware. If AVG didn't find anything, that is a good sign, but no anti malware solution is 100% effective.
You can only have one antivirus on your computer at a time, because these programs use virus like behavior to find viruses and keep themselves secure, they interfere with each other. I would suggest installing Spybot S&D, which you can have installed at the same time as AVG, as it is a bit different. Run a scan with that as well.
You can also try the AVG Rescue CD, which is an image file you download and use it to create a bootable CD. The computer then boots from this CD, which runs a version of Linux and can scan your hard drive without Windows running. This is a good way to "nuke it from orbit", as many viruses can hide themselves once they are active. If it is not running however, it can't hide itself as easily.
Here is a copy and paste of my suggestions that I made a few months ago when another member had their computer compomised:
Originally posted by Yo_Spiff:
Hopefully it is an easily removed piece of malware. I use the free version of AVG antivirus and I periodically run AdAware and Spybot S&D
If any of these scanners suggests you have a rootkit, your best bet might be to nuke (reformat) the drive and reinstall windows. Rootkits put there hooks deep into the core of the operating system and are difficult to remove.
A couple of suggestions to be better protected in the future:
-If you are still using internet explorer (especially v6 or earlier), stop using it. IE supports a technology called ActiveX, which is a good idea that can be used for bad things. IE7 will ask permission to run activex controls and other browsers, like Firefox, do not even support it.
-My own recommendation is using Firefox with the NoScript extension. NoScript will block javascript from a site unless you specifically allow it. A lot of malware gets in via the browser allowing scripts to run unrestricted.
-A custom hosts file will block many known malware and adware sites and your browser will load things more quickly without having to seek out doubleclick from every other page. (Note, some online shopping sites may not work due to links to these e-commerce trackers, but the hosts file is easily edited to allow them if need be.)
Added: When working on a heavily infested PC, I will run repeated cycles of AVG, Spybot and Adaware. Each cycle seems to uncover some more crap that was previously covered up, and no software finds everything. You can run different adware scanners at different times, but it it not recommended to have more than one antivirus installed at any give time. The AV programs will treat each other as viruses. |
Message edited by author 2010-09-26 18:54:13.
|
|
|
|
09/26/2010 08:24:38 PM · #3 |
Thanks. I have downloaded Spybot S&D and have it running at the moment. I'm not watching it all the time but have seen it scan some files with names containing words like Fake and Fraud Alert. I'm terrified to see what it finds at the end of all this, though the computer hasn't been doing anything strange so far.
I really can't believe how stupid I was. Some of those messages have spelling or grammatical errors in them, it's not true that I don't have an anti-virus, and I don't have the floppy drive it "found" in snip 2. All those should have been warning signs. |
|
|
|
09/26/2010 08:50:58 PM · #4 |
| It appears to have found a few spyware problems which I have fixed. I really don't know whether these are related to what happened earlier or whether they were there before. I don't like this at all. |
|
|
|
09/26/2010 08:54:46 PM · #5 |
| I've got it running a second time and am seeing names containing words like Casino in them. I never go to sites like that so they must be cookies that come from somewhere else. I suppose deleleting cookies would be a good idea, once this scan is finished. It is already way passed any normal bedtime here though and I don't know how urgent any of this is. |
|
|
|
09/26/2010 09:12:25 PM · #6 |
| I use Kaspersky and love it. Actually prefer it over AVG. They both have free trials. |
|
|
|
09/26/2010 09:19:01 PM · #7 |
I've been using AVG for some time and it is still paid until next year March, so I'm not keen to change if it's doing its job. What does Kaspersky offer that AVG doesn't?
Message edited by author 2010-09-26 21:20:38. |
|
|
|
09/26/2010 09:33:38 PM · #8 |
| tThey are fake, quite obviously, annoying yes, but will do no harm. Try microsoft essentials. |
|
|
|
09/26/2010 09:39:23 PM · #9 |
Microsoft Security Essentials. Install this and run it. It's pretty good. I don't use AVG or Spybot S&D since I've installed it.
What you have is most probably not a virus but a scam. |
|
|
|
09/26/2010 09:48:21 PM · #10 |
Originally posted by Jac:
What you have is most probably not a virus but a scam. |
There's often a fussy line between things these days. I just use the term malware which covers it all.
|
|
|
|
09/26/2010 10:44:29 PM · #11 |
Originally posted by Yo_Spiff:
Originally posted by Jac:
What you have is most probably not a virus but a scam. |
There's often a fussy line between things these days. I just use the term malware which covers it all. |
I know what you mean. I got phished using an old Warcraft account I had for my son. I answered the email thinking it was legit but wasn't. I alerted Blizzard to it and asked to delete the account. |
|
|
|
09/26/2010 11:13:26 PM · #12 |
I have seen this before on one of my kid's computers. It's a scam, but can be an absolute bear to get out of your pc.
If the AV software you are running doesn't clear everything up, you may need to go into MSCONFIG to remove any startup programs you can't definitively identify and then re-run the scan. A google search on the fake product "WIndows Defender" will bring up a number of good results listing what you need to manually remove to make this thing go away. |
|
|
|
09/27/2010 05:33:28 AM · #13 |
| I'll have to go through all these extra suggestions when I have time. The problem is that I'm not really sure that there's anything there that I need to get rid of. I think it downloaded something onto my computer (don't know where or what), but I actually stopped short of letting it run. |
|
|
|
09/27/2010 06:19:42 AM · #14 |
| What I'm trying to figure out now is whether it has saved anything on my computer and how to find it. I can't find anything that matches the names in snip 4, but there could be something under an unknown name and I have no idea where it might have put it. |
|
|
|
09/27/2010 06:26:58 AM · #15 |
The most dangerous point was when you clicked 'run' on that .exe - Most of the other dialogs seem to have been fakes generated by a website. It was downloading and running the .exe that will cause the most problems, as that's when it had the opportunity to install something on your PC.
Hopefully, you cancelled it in time, and probably at the point where Windows complained that the source wasn't trusted.
I know that Vista onwards adds additional layers of security to make it difficult to run .exe's downloaded from the web.
ETA: If you downloaded the .exe but didn't actually run it, you should be okay.
Message edited by author 2010-09-27 06:27:50. |
|
|
|
09/27/2010 06:57:05 AM · #16 |
I'm using Windows 7 so I think the security probably saved me. As far as I can tell I did download the .exe but stopped short of running it. I just wish I knew if it is still somewhere on the computer so that I can get rid of it.
To date I have seen no performance issues on my computer. Spybot did find a few items of spyware, which have now been deleted. I hope those haven't caused any problems though. I really don't know whether they are related to this or whether they have been undetected on my computer for some time. |
|
|
|
09/27/2010 06:58:27 AM · #17 |
| Have you tried running Microsoft Security Essentials? |
|
|
|
09/27/2010 07:23:52 AM · #18 |
Originally posted by Jac:
Have you tried running Microsoft Security Essentials? |
No, all I've used so far is AVG and Spybot S&D. I really don't have time right now for this problem, but I'd better check that one out. Thanks. |
|
|
|
09/27/2010 07:43:11 AM · #19 |
Originally posted by GinaRothfels:
Originally posted by Jac:
Have you tried running Microsoft Security Essentials? |
No, all I've used so far is AVG and Spybot S&D. I really don't have time right now for this problem, but I'd better check that one out. Thanks. |
I got as far as where it tells me to remove any other antivirus and antispyware programs. What happens if I don't do this? |
|
|
|
09/27/2010 09:29:31 AM · #20 |
Originally posted by GinaRothfels:
I got as far as where it tells me to remove any other antivirus and antispyware programs. What happens if I don't do this? |
A/V programs actually use malware-like behavior in order to function. What happens with multiple similar apps installed is that the a/v programs will see each other as malware and either try to remove each other, or have their effectiveness reduced by the other app. It's a hassle to remove one and then install the other, but running several in sequence is a good approach if you believe you have a problem that is not rooted out yet.. |
|
|
|
09/27/2010 11:19:03 AM · #21 |
Originally posted by GinaRothfels:
Originally posted by GinaRothfels:
Originally posted by Jac:
Have you tried running Microsoft Security Essentials? |
No, all I've used so far is AVG and Spybot S&D. I really don't have time right now for this problem, but I'd better check that one out. Thanks. |
I got as far as where it tells me to remove any other antivirus and antispyware programs. What happens if I don't do this? |
Nothing. MSE might detect files that were put in quarantine by other software, that's why it asks to remove or disable your anti virus software. Run it, I'm sure it'll detect something. It's really good. yes it's MS but this works. ;) |
|
|
|
09/27/2010 04:48:25 PM · #22 |
| Okay, Microsoft Security Essentials is installed and busy getting updates. On top it says "Computer status - At risk". I'm nervously waiting to see what it says. |
|
|
|
09/27/2010 04:52:46 PM · #23 |
| Crash your pc, then open in safe mode. Run AVG in safe mode, it gets rid of that virus which you will find is a Trojan horse. Already done this three times with daughter's laptop as she keeps going on these unsafe sites:) |
|
|
|
09/27/2010 04:59:11 PM · #24 |
Originally posted by SteveJ:
Crash your pc, then open in safe mode. Run AVG in safe mode, it gets rid of that virus which you will find is a Trojan horse. Already done this three times with daughter's laptop as she keeps going on these unsafe sites:) |
I don't even know if there is a virus. And I haven't a clue how to crash my pc or how to open it in safe mode. |
|
|
|
09/27/2010 05:02:51 PM · #25 |
Originally posted by GinaRothfels:
Originally posted by SteveJ:
Crash your pc, then open in safe mode. Run AVG in safe mode, it gets rid of that virus which you will find is a Trojan horse. Already done this three times with daughter's laptop as she keeps going on these unsafe sites:) |
I don't even know if there is a virus. And I haven't a clue how to crash my pc or how to open it in safe mode. |
Hold the power button for about five seconds while it is on as normal. That will crash it and reboot it, it should give the option to open in safe mode, if not, keep crashing it until it does. This does not hurt your PC. |
|
Home -
Challenges -
Community -
League -
Photos -
Cameras -
Lenses -
Learn -
Help -
Terms of Use -
Privacy -
Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 08/21/2025 04:44:38 AM EDT.
