Jump to content

"Windows Security" bug


login123

Recommended Posts

Two days ago, normal internet surfing, got a bug. Managed to save some screenshots.

 

On Google, clicked an innocuous looking link: th_yahoo-virus1b.jpg got this: th_yahoo-virus2a.jpg then this: th_yahoo-virus3a.jpg.

 

Disconnected from the 'net, deleted the sandbox, reconnected and all was OK. That same link did not go to "Windows Security" the next time. If Sandboxie hadn't fixed it I would have restarted and Powershadow would have.

 

I wonder, what is the fix for this if one doesn't have Sandboxie or something like it running? A friend got it on a laptop and we just disconnected, deleted the temporary internet files, and all was OK. Another friend got it and couldn't get rid of it, had to seek help. Have no idea what the difference was.

 

IMHO, common sense is overrated as a protective measure. Virtualize. !!

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

Make sure Java is update to date on your system. Older versions of Java are used to exploit these types of infections.

 

OOps...1 update behind...6.25 is current...thanks. :)

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

  • Moderators

Sandboxie to me is worth it's weight in gold :)

 

Scareware, they tell you you have x number of virus/trojans and then you are asked to input you credit card details in order for the full removal to take place.

 

How you get rid of it (apart from posting in our spyware hell area of the forum of course) depends on which flavour of scareware it is, there are loads as can be seen from lists here. That is why it is best to get an trained spyware removers help, as sometimes the nasties do other things behind the scenes.

 

http://support.emsisoft.com/forum/22-new-malware-blog/

 

http://www.bleepingcomputer.com/virus-removal/

 

Support contact

https://support.piriform.com/hc/en-us/requests/new

support@ccleaner.com

 

Link to comment
Share on other sites

Sandboxie to me is worth it's weight in gold :)

Ditto here.

 

 

 

Make sure Java is update to date on your system. Older versions of Java are used to exploit these types of infections.

For years I thought I needed Java, often confusing it with Javascript. Then I followed the advice here and removed it from my system a few months back. Thus far, I have yet to miss it, although I'm sure it has valid uses for others.

Link to comment
Share on other sites

Another old news solution, don't browse the web with Internet Explorer.

 

That wouldn't have happened with Firefox? New news to me...who knew? :lol:

 

...

For years I thought I needed Java ... Then ... removed it from my system a few months back. Thus far, I have yet to miss it, although I'm sure it has valid uses for others.

 

Next available opportunity, will remove java and just see what happens for a while.

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

  • Moderators

I've seen this on firefox too; it has nothing to do with java nor internet explorer. It's a phising attempt for your credit card information.

It is a fake antivirus alert akin to the new "MAC malware" that attempts to make to download/buy malicious software.

 

 

The telltale signs for this (as can be seen in your images) are:

The "virus alert" is a javascript alert window and says "Webpage Alert"

The Scan results are for an ungooglable Webaddress (in this case ghavsonline.com)

 

Please Note that is the short time since you had this happen, the Registration for this website has be cancled by it's DNS registrar (NET4INDIA)

 

 

Below Is a WOT (web of trust) report for the site

http://www.mywot.com/en/scorecard/ghavsonline.com

 

and a Mcafee report here

http://www.siteadvisor.com/sites/ghavsonline.com

 

ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION

DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF.

Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark)

ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T.

CCLEANER, RECUVA, DEFRAGGLER AND SPECCY DOCUMENTATION CAN BE FOUND AT  https://support.piriform.com/hc/en-us and  https://www.ccleaner.com/docs

Pro users file a PRIORITY SUPPORT request at https://support.piriform.com/hc/en-us/requests/new

link to WINAPP2.INI explanation

Link to comment
Share on other sites

I dumped Java, and only once in a blue moon I'll pass something on the web that won't run, but nothing I must absolutely see or have. I even have the Java Deployment Toolkit in FF disabled. No problems on my end.

Link to comment
Share on other sites

I was actually wondering yesterday how many members who decided to bin Java, are still surfing happily without it?

 

At least one it appears Chris. :)

All's good here, Dennis.

Link to comment
Share on other sites

... It's a phising attempt for your credit card information ...

 

A fools errand, on the part of the Phisherman... :lol: Thanks for the information.

 

Dennis, I have uninstalled java also, will try it for a while just to experiment.

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

  • Moderators

That wouldn't have happened with Firefox? New news to me...who knew? :lol:

Years ago when I used to have Java installed it was only to use Trend Micro's HouseCall online free virus scan and nothing else, the rest of the time it was on purpose disabled to avoid exploits.

Link to comment
Share on other sites

  • Moderators

I don't know about it so much being used for PC games as I've never played a java-based game before. However there's still developers that make their software using it for cross-platform compatibility.

 

I didn't like Java from the first time I used it since some of the applications I used back in the day were resource hogs that had nothing but memory leaks.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.