We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Fake anti-virus cloaks itself to appear to be Microsoft Update
Comments
-
Had a suspicious one pop up on fly or die darts earlier. People say never to use the cancel button within the fake anti-virus but to get out of it by using x top right. sometimes they wont let you. Can you simply use log off in the windows start button. I always run scans after these warnings and never find anything.
Best to:- Shut down the browser via the Task Manager, which you can access using CTRL SHIFT ESCAPE, or CTRL ALT DELETE and then use End Process.
- Open Malwarebytes, update it, and run a QUICK scan and clean anything it finds (not a full scan, which can take 15 times longer for little or no extra benefit) http://www.malwarebytes.org/mbam-download.php
- Manually check for any odd autoruns or Task Scheduler entries (can use Sysinternals Autoruns to make it easier http://technet.microsoft.com/en-us/sysinternals/bb963902)
- Use ATF cleaner or TFC to clear all temp files and infected Java cache, then restart http://www.geekstogo.com/forum/files/download/187-tfc-temp-file-cleaner-by-oldtimer/
Edit: also doesn't hurt to run system restore at some point during this, as this will make sure no system settings will be altered by malware.
Alternatively yes logging off, restarting, or shut down are all valid methods, but my concern though with this is that some exploits don't require user interaction, and will set some Run Once or Scheduled tasks to run trojan droppers on restart.0 -
Had a suspicious one pop up on fly or die darts earlier. People say never to use the cancel button within the fake anti-virus but to get out of it by using x top right. sometimes they wont let you. Can you simply use log off in the windows start button. I always run scans after these warnings and never find anything.
Yank the plug out if your sat there watching it happen. Ive no idea whether it will knacker your computer but it sounds like fun if you managed to shriek a little whilst doing soone of the famous 5
0 -
Because it won't look like a standard web browser window.
If it launches a popup window with an animated gif, then it can look like anything it wants to.
The screen shot in post #1 looks like a standard browser window which could appear in any brand of browser. Did it pop up spontaneously or was it browsed to? To me it already looks suspicious at this point. The address at the top will definitely not be a Microsoft one (it is blurred out in that screen print). This is the point where it starts. If there is a bad-site checker plug-in from one of the AV programs, that might stop any next step or even close the browser for you, but at this early point, it's not a browser security issue but a 'surfer beware' issue, and read the address at the top to see if it is really from MS.0 -
yeah, it's now a combination of : trusted and excellent security software -- opinions remain wide on
-- and having your wits about you. i mean, anti-virus installs are - and carry - clever algorithms but they don't come labeled as 'common sense ' . A new abacus
:A.
red robin ribbed :kisses2:.
Someone please contact the Society for the Prevention of Cruelty to Cans!0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.5K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.5K Spending & Discounts
- 245.5K Work, Benefits & Business
- 601.5K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards