HomeQ&AVirus warning

Virus warning

7
votes

Last night (05-04-10)I was browsing questions to answer few of them. I found one referring to some kind of dance (forgot the title) when I clicked on the link it took me to a fake virus warning site simulating the scanning of my computer. At the end of course I got a popup prompting me to go to my computer's firewall settings with Ok & Cancel button. If one clicks on either of those buttons it actually installs a virus, trojan, malware, etc.

I cannot find that post anymore, has it been removed. Have others experienced the same event as I did?

5644 views
updated MAY 4, 2010
edited by --Mariana--
posted by sfrenchie
I changed your category because this deals with the website. Thank you for the warning! - --Mariana--, MAY 4, 2010

9 Answers

4
votes

I work on computers with viruses for a living.

There are some "nasty's" going around at this time.

Many of them come from Rogue Security Products which is the author of a group of viruses called "Fake Alert".

The "KoobFace Virus" which was started on "Facebook" (which is why it was named KoobFace), and it was one of the first to begin a tunneling mechanism.

It soon spread to many "Social Networking" sites, such as "Myspace" and "Twitter".

It works when you click on a picture, or sometimes by just going to the wrong website, and it "tunnels" in and opens a port and the next thing you know you have a thing telling you that your computer is infected.

sfrenchie is correct. DO NOT CLICK ON ANYTHING. The best thing to do and this happened to me also on Photobucket, is to immediately turn off your computer at the switch.

I think it is safer than even closing your browser. If you click on anything, even the "Red X" of the Fake Alert program, it will drop a payload, and you are infected.

The worst antivirus program to use is Norton Antivirus. It is a piece of Junk. I know, some may disagree with me, but between me and Jeff, a level-3 tech who works for me, we have uninstalled probably 100 Norton’s in the past year or so. It is a memory hog, and almost everyone who has it, after we uninstall it, and run a sweep with the program we use, there is ALMOST ALWAYS a virus or trojan running.

McAfee isn't too bad, but not perfect.

Anything free like AVG, Spybot Search & Destroy, Avast, and all the rest don't work.

We have a saying in the business: "If it is free, it is expensive".

The Antivirus software that I use and that I have been using for the 8 or 9 years, is not free, but it is not expensive either is called "Webroot Antivirus".

This will stop tunneling viruses, and it will also clean computers that are infected.

Here is a little trick. If you have an infection and are having a hard time getting rid of it, put your computer in "Safe Mode" (Hold down the F8 key during startup and select "Safe Mode"), and do a sweep in that mode.

The reason that works is because only the system files are loaded in, nothing else, including any viruses that are running in the background.

Before you do that, you should turn off "System Restore". Depending on your operating system there are various ways of doing that, just go under help and type in System Restore and it will tell you how to turn it off".

The reason you need to do this is because the operating system makes frequent backups called "Restore Points" in case you want to go back in time. However, it is what is known as "Fault Tolerant" which means that you can read from it, but you can't write to it.

What that means is that if you have a virus, and even if you get rid of it, it can be rebuilt through System Restore if it is sophisticated enough.

After you run your sweep in Safe Mode, and it deletes the virus, you can then do a restart, and it will restart in the regular mode, you can then if you want to, go back and turn System Restore back on. I leave mine off, and just do a lot of backups of important things.

updated MAY 6, 2010
posted by Rolest
Thanks for all that info!! - --Mariana--, MAY 4, 2010
Great answer although I thnik Avast is doing a great job. I never had a single virus while using it. - sfrenchie, MAY 4, 2010
I agree. Of the free ones, Avast is the best, but it still has some limitations, especially with rootkits. - Rolest, MAY 4, 2010
4
votes

I think I got it some months ago. This is what the screen looks like when you get it.

alt text

And you get pop-up dialogs, warning messages, etc. It also installs warning icons in your task bar and blocks access from downloading removal software, anti virus, or anything you can try to get your computer fixed.

Don't click on anything. Turn off the computer.

It's hard to remove. The way I did it was to download Malwarebytes using other computer and copied the installer to a memory stick. Started the infected computer in safe mode, then installed the software and performed a full scan and repair. This removed the virus. Restarted the computer in normal mode and the virus was gone.

updated MAY 4, 2010
posted by 00e657d4
Great illustration. - Rolest, MAY 4, 2010
2
votes

When I joined earlier, my anti-virus software blocked an attempt to access my computer, but that is a common occurance, and may not be related to your problem. I don't know what I had clicked on, I was exploring the site at the time.

updated SEP 21, 2010
posted by fontanero
2
votes

Ok folks if this happens to you, a site tells you your computer is infected and you see the popup asking you to either go to one of your computer settings or to scan your computer DO NOT click on any of the buttons, DO NOT press the Escape key as it is the same as clicking on Cancel. Don't panic, simply close the browser or if you are unsure just shut down and restart your computer.

Most viruses cannot install themselves if you don't authorize them to do so (which you do by clicking the buttons.) Also make sure you have not authorize installation of programs without prompting you, in the settings of your Windows firewal.

I am sure SpanishDic had antivirus installed but I beg the administrators to look into this issue.

Thank you.

updated MAY 4, 2010
edited by sfrenchie
posted by sfrenchie
1
vote

Thank you guillermo for the advice on removing that **** nuisance. Here is one I should have included in my original post. EVERYBODY SHOULD HAVE AN ANTIVIRUS. I have used Avast for years, it is 100 percent free, it's better than other paying brands and doesn't slow your computer down to a crawl. Make sure you get it from the official Avast web site link text

Edit: after seeing another post naming the antivirus I was thinking about (I didn't know if it was ok) I will agree than Norton AV is a piece of crap. It's a memory hog. And did you see the booboo they did recently? Their AV confused a legit Windows file with an infected file and simply deleted it. Hundreds of universities, hospital, etc. had all of their computers down and it took a lot of man hours to fix the issue.

updated MAY 4, 2010
edited by sfrenchie
posted by sfrenchie
I agree. Of the free ones, Avast is the best, but it still has some limitations, especially with rootkits. - Rolest, MAY 4, 2010
1
vote

Yes! Around noon EDT. I turned my computer off immediately and re-started it. My son's previous experience with this virus is that it is extremely malicious. I do not know why my anti-virus program did not quarantine it. I was only working on the "List of Questions" page and had not selected a particular reply to focus on.

This damnable virus has been active over many many months and may not be confined to Span¡shD!ct,com.

updated MAY 4, 2010
posted by Moe
1
vote

I've had this happen several times. I've always just closed the browser and had no further problems but thanks for bringing it up. Some folks might not realize that it's about to install a virus.

updated MAY 4, 2010
posted by alba3
0
votes

The main reason I love Linux.

That was a fantastic post, Rolest. Thank you for sharing your knowledge and your time to post that.

updated MAY 4, 2010
posted by Lrtward
Your welcome. - Rolest, MAY 4, 2010
0
votes

Also another thought on the subject. We often talk about viruses and forget malwares. Viruses are usually built to destroy. Malware are more directed at using your resources for some kind of profit. It can simply monitor the sites you are browsing and send a report to advertisement agents. It also can use your computer as a relay carrying info/data to another infected computer. By linking thousands of infected computers those criminals have a time bomb in hand as they can distribute code at will across the entire world. So you may think that since it is not harming your computer it's not such a big deal and in itself it is not really. However one malware may use say 1 percent of you CPU (central processing unit), imagine what happens when you have 50 of them. You computer slows down by 50 percent…yes. When you see a degradation in performance of your system then chances are you simply have a lot of malwares installed. It doesn't mean your computer is going bad. Simply run a scan, remove them, protect yourself and you should see a great improvement in your processing. If you are technologically advanced then do as I do, I completely rebuild my computers every year or so, clean restart from scratch.

updated MAY 4, 2010
posted by sfrenchie
SpanishDict is the world's most popular Spanish-English dictionary, translation, and learning website.
© Curiosity Media Inc.
SOCIAL NETWORKS
APPS