by Tdarcos » Tue Dec 13, 2011 11:05 pm
I am not sure exactly what happened, as my computer was running okay, then somehow I got infected with a "fake antivirus" program. I use Firefox, I'm behind a hardware firewall and yet somehow I got infected with a fake antivirus program.
A "fake antivirus" is a virus - or actually a trojan - that infects your system then proceeds to tell you your system is infected (with other viruses). Then it goes to falsely claim that stuff that isn't infected is, and claims you need to (of course) pay for the full version to disinfect your system. It was claiming some of the files for one of Blizzard's games - which means either SC2 or WOW - had a number of viruses. I found that claim a bit unlikely.
My sister had one of these on her laptop a few months ago. How you can tell is it starts claiming practically everything is infected with spyware, malware, keyloggers or is trying to steal your credit cards. A dead giveaway is they claim anything executable is infected and will not allow you to run it.
First of all, I don't give a damn what you are, if you tell me that CMD.EXE is infected or REGEDT32 is, and won't let me execute them, that's a clear and obvious sign you're a trojan. Because with those, you can either remove them or disable them. And besides, I didn't give you permission to say what I can or can't execute.
Well, I was able to partially disable it through task manager and killing the appropriate processes, then start up Firefox and do a search on "remove fake antivirus" and I find a free program to do that. So I run it and it finds the incriminating files, processes and registry entries, and terminates them with extreme prejudice, with the requirement for a full removal I need to restart the machine. I did.
So far, it looks good. What I can't figure out is how I got infected. I don't go to strange websites, I don't download executables unless I trust the distributor, and I don't think I ran anything that could have provided a payload for the infection. But, apparently I did.
Well, it's only one time in something like 23 years. I have never gotten any malware on any of my computers before.
I am not sure exactly what happened, as my computer was running okay, then somehow I got infected with a "fake antivirus" program. I use Firefox, I'm behind a hardware firewall and yet somehow I got infected with a fake antivirus program.
A "fake antivirus" is a virus - or actually a trojan - that infects your system then proceeds to tell you your system is infected (with other viruses). Then it goes to falsely claim that stuff that isn't infected is, and claims you need to (of course) pay for the full version to disinfect your system. It was claiming some of the files for one of Blizzard's games - which means either SC2 or WOW - had a number of viruses. I found that claim a bit unlikely.
My sister had one of these on her laptop a few months ago. How you can tell is it starts claiming practically everything is infected with spyware, malware, keyloggers or is trying to steal your credit cards. A dead giveaway is they claim anything executable is infected and will not allow you to run it.
First of all, I don't give a damn what you are, if you tell me that CMD.EXE is infected or REGEDT32 is, and won't let me execute them, that's a clear and obvious sign you're a trojan. Because with those, you can either remove them or disable them. And besides, I didn't give you permission to say what I can or can't execute.
Well, I was able to partially disable it through task manager and killing the appropriate processes, then start up Firefox and do a search on "remove fake antivirus" and I find a free program to do that. So I run it and it finds the incriminating files, processes and registry entries, and terminates them with extreme prejudice, with the requirement for a full removal I need to restart the machine. I did.
So far, it looks good. What I can't figure out is how I got infected. I don't go to strange websites, I don't download executables unless I trust the distributor, and I don't think I ran anything that could have provided a payload for the infection. But, apparently I did.
Well, it's only one time in something like 23 years. I have never gotten any malware on any of my computers before.