Jump to content



Photo

Unknown Scareware

scareware scam fake antivirus

  • Please log in to reply
29 replies to this topic

#16 articuno1au

articuno1au

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 20-March 11
  • Location: Brisbane, Australia

Posted 30 April 2013 - 20:35

Not running in safe mode isn't an issue, that's just to try and get around the screen lock.

After MalwareBytes, I'd run whatever other AV/AM tools you like and just make sure you got everything.

Personally after this kind of infection I always format, I'd just rather not to take the risk. Entirely up to you though >.<


#17 wahoospa

wahoospa

    Neowinian

  • Joined: 05-July 07
  • Location: South Carolina

Posted 30 April 2013 - 20:59

I don't know about this malware but I have been able to move the malware screen off to one side of the machine (not completely off) and any other windows that pop up I stack them on top of each other. This gives me access to the start button and an open place on the desktop to work from.

#18 ShareShiz

ShareShiz

    Neowinian

  • Joined: 21-June 11

Posted 30 April 2013 - 21:19

Not running in safe mode isn't an issue, that's just to try and get around the screen lock.

After MalwareBytes, I'd run whatever other AV/AM tools you like and just make sure you got everything.

Personally after this kind of infection I always format, I'd just rather not to take the risk. Entirely up to you though >.<


Yeah. My dad should have fixed this himself just to teach him a lesson.

IE8 user, uses random crappy AV and other software, has a TON of files (all of which are located on C: ) .. and hasn't done a Windows update in over a year.


If it were me, I would have formatted C and reinstalled everything. It would have only taken 45mins to do, and I wouldn't have any files lost since everything is stored on my D partition :)


But, it was fun having to deal with a virus for the first time in a few years.

#19 primexx

primexx

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 24-April 05

Posted 01 May 2013 - 01:38

Yeah. My dad should have fixed this himself just to teach him a lesson.

IE8 user, uses random crappy AV and other software, has a TON of files (all of which are located on C: ) .. and hasn't done a Windows update in over a year.


If it were me, I would have formatted C and reinstalled everything. It would have only taken 45mins to do, and I wouldn't have any files lost since everything is stored on my D partition :)


But, it was fun having to deal with a virus for the first time in a few years.


why didn't you just LiveCD and pull all his data off, then nuke it?

#20 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California

Posted 01 May 2013 - 05:46

Hello,

Were you able to determine what exact type of ransomware was on the computer?

Regards,

Aryeh Goretsky


#21 Raa

Raa

    Resident president

  • Tech Issues Solved: 5
  • Joined: 03-April 02
  • Location: NSW, Australia

Posted 01 May 2013 - 05:48

So pay up!!



Just kidding. :p

#22 JJ_

JJ_

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 31-July 05

Posted 02 May 2013 - 00:50

Hello,

Were you able to determine what exact type of ransomware was on the computer?

Regards,

Aryeh Goretsky


I'm betting it was something John McAfee wrote, whilst on the run in Belize

#23 OP Alley Cat

Alley Cat

    Neowinian

  • Joined: 28-May 08
  • Location: Botswana

Posted 02 May 2013 - 10:40

Is it the FBI virus ?


I am not sure, I never heard of this FBI virus before. Another Scam, isn't it ?

I went into safe mode, I seemed to have cleared out the scareware. One further Attempt to restore to a previous state, resulted in a strange BSOD, that had a countdown timer.

Laptop is running again, no clue though, which SCAREWARE stuck. I bet it was a drive by injection/infection.

#24 B0mberman

B0mberman

    Silence is the key to Wisdom

  • Joined: 25-June 07
  • Location: CPT
  • OS: Windows 8.1
  • Phone: Galaxy S2 CM

Posted 02 May 2013 - 13:08

just reformat, boot off linux live cd and do backups if needed. Job done.

#25 alphamale

alphamale

    Neowinian

  • Joined: 12-October 03

Posted 04 May 2013 - 07:58

go in your browser and disable java plugin and acrobat. those are used to infect your machine more than you know.

#26 cork1958

cork1958

    Neowinian

  • Tech Issues Solved: 2
  • Joined: 04-October 02

Posted 04 May 2013 - 09:00

Not running in safe mode isn't an issue, that's just to try and get around the screen lock.

After MalwareBytes, I'd run whatever other AV/AM tools you like and just make sure you got everything.

Personally after this kind of infection I always format, I'd just rather not to take the risk. Entirely up to you though >.<


What's the sense of reformatting AFTER finding the infection? For one, this infection ISN'T that big of an issue and another, reformatting should be a very last resort.

It's obvious it was the fake FBI warning and other than locking you out of the screen for a bit, it isn't s**t!!

EXACTLY why everyone should have Malwarebytes AND SupserAntiSpyware installed and updated EVERY DAY!!

That stupid FBI Warning comes out of the blue from anywhere. There should be law against that kind of crap and then those people who created it should be hung by the gonads!!

#27 Top Qat

Top Qat

    Neowinian

  • Tech Issues Solved: 8
  • Joined: 09-July 04
  • Location: London, UK
  • OS: Windows 8.1u1 and Server 2012 R2u1
  • Phone: Samsung Galaxy S 3

Posted 05 May 2013 - 19:28

I use this one:

http://www.avg.com/gb-en/avg-rescue-cd

Didn't know about the Kaspersky one so thanks for that, always usefull to have options.

#28 goatsniffer

goatsniffer

    Supercalifragilisticexpialidosh

  • Joined: 11-January 04
  • Location: New York, USA

Posted 05 May 2013 - 19:44

I've cleaned this and other MBR viruses successfully without having to reformat. If you think something is damaged, just do a repair install. Reformatting is overkill.

#29 articuno1au

articuno1au

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 20-March 11
  • Location: Brisbane, Australia

Posted 05 May 2013 - 19:56

What's the sense of reformatting AFTER finding the infection? For one, this infection ISN'T that big of an issue and another, reformatting should be a very last resort.

It's obvious it was the fake FBI warning and other than locking you out of the screen for a bit, it isn't s**t!!

EXACTLY why everyone should have Malwarebytes AND SupserAntiSpyware installed and updated EVERY DAY!!

That stupid FBI Warning comes out of the blue from anywhere. There should be law against that kind of crap and then those people who created it should be hung by the gonads!!

The point of reformatting AFTER finding the infection is because infections very rarely come out cleanly. Even if you remove the infection, the system is likely to be less stable, which presumes you can actually remove the infection properly.

A lot of these malware types demand payment and wipe your computer if you try and go around them. Without knowing exactly which malware variant this is, all I can suggest is general best practices.


Formatting has a lot of benefits, least of which is it's hard to infect a completely erased disk.

Given my degree is in Net Sec, I tend to be a lot more cautious than the average person, and formatting takes a few hours out of your day and guarantees a clean system.

I've cleaned this and other MBR viruses successfully without having to reformat. If you think something is damaged, just do a repair install. Reformatting is overkill.

As above.

There's more than one way to skin a cat. If you are satisfied with cleaning it out as best as the tool can, so be it. I'm cautious and I've yet to be bitten by being careful :\

#30 Anibal P

Anibal P

    Neowinian

  • Tech Issues Solved: 1
  • Joined: 11-June 02
  • Location: Waterbury CT
  • OS: Win 8.1
  • Phone: Android

Posted 05 May 2013 - 23:08

I fall under the better safe than sorry crowd too, backup all essential files and nuke your install, it's never failed to clean out any infection.

It drives my family crazy when I do it, yet slowly but surely without needing to gimp my systems or disable half the internet the infections have slowed down to maybe once a year if that, and I have 3 teenagers who used to click on EVERYTHING