Posted on 10/16/2009 7:14:08 AM PDT by knittnmom
Attack forces user to purchase phony antivirus package to free computer
(Excerpt) Read more at darkreading.com ...
Which story at that link are you referencing?
See the link in Post #2.
It goes so far as to disable booting in safe mode and it completely takes over the Windows shell.
I hope we see an
Ad-Aware/MalwareBytes/Spybot/HijackThis type solution to this one soon. I do “Tech Support” for 4 grandsons age 5-11 so I’m dealing with this sort of thing all the time.
Thanks. I thought I pasted the full link, but must have missed some.
Okay, being a Mac person, I don’t understand this entirely. What company is responsible for this, and why can’t that company be held accountable? Are they overseas? Why can’t people put a stop pay on their blackmail payment to these thieves?
The link in the article to PandaLabs is invalid, correct link is http://pandalabs.pandasecurity.com/archive/Rogueware-with-new-Ransomware-Technology_2221_.aspx
And has a list of valid serial numbers to disable the attacking software.
Ping
A couple of weeks ago my screen went blank then up comes one showing what looked like the My Computer screen, it showed flashing red triangles telling me that it was under a virus attack and to click something to stop it.
I didn’t do it, of course.
I X’ed the window and did a virus scan. It found nothing.
See #11.
Have you heard of this before?
Same/similar thing happened to me. The bogus screen made it look as if it had come from Microsoft. And at first, the warning didn’t want to close. IIRC, I just rebooted and did a scan; nothing came of it, thank goodness.
And I can’t download Adobe 10 so I no longer can watch Youtube videos. It says I am running a 64 bit browser and Adobe 10 only works on 32 bit browsers. Anybody have any solutions?
Practically all of the computer viruses "in the wild" are designed to attack Windows exclusively. Why wear a such a big target on your chest? I surf the web using an operating system whose environment is alien and immune to those Windows-oriented viruses: Linux. No worries. You don't even use an AntiVirus program, although you could download a free one if it made you feel any safer. Your grandsons would find Linux just as easy to use as Windows, and probably easier. It is easier to install, too. I recommend Ubuntu or Linux Mint. All free, too.
I’ve been a victim of this one. Got past Norton.
I deal with these all the time with my work and I call them “extortion ware”. The companies look like they are based out of Russia, and unlike traditional viruses, it is not about bragging rights, it’s about cold hard cash.
These programs are designed to look legitimate, even going so far as scanning your system to find out what anti-virus you are using and modifying the “warning screen” to match it. I’ve seen screens that look like it came from Microsoft, Norton, McAfee, AVG, Avast and Panda.
They make money because many people assume that it came from their company and they need this new program from that company to clean off the viruses.
When people run their anti-virus or anti-spyware program, these nasty little pieces of extortion-ware unleash their trojans and infect the system something fierce.
Malware-bytes and Spybot S&D have been lifesavers for me and my clients when they get hit hard.
An FYI to Mac users who care. One of the Russian groups has put out a bounty contest on anyone who can infect a large group of Macs with a trojan and get verified reports back from the machines. Every Mac who sends a report back earns the creator of the virus 40 cents. This sounds like someone is finally going to go after the growing Mac user base. So be careful what you click on out in cyberspace.
I try to run scans every night (when I remember), I launch MalwareBytes one night, and McAfee the next. So far, so good.
there is no solution. Adobe has idiots working for them. No 64-bit Flash. No Flash for iPhone. Morons.
I never click on ANYTHING unless I know exactly what it is. Creature of habit, dislike of change, ebay shopper. And I never open things I didn’t personally download.
Since this morning I am unable to play videos, music or anything.
Open task manager and stop this processes. TotalSecurity 2009.exe, tsc.exe, Sc2C21UvvM.exe.
Delete following files. Winsource.dll, tsc.exe Sc2C21UvvM.exe winsource.dll TSC.lnk Help.lnk Registration.lnk Uninstall TSC.lnk and also delete the directory at C:\Program Files\TSC.
Remove registry entries of this files. To do this open registry editor and press F3.Then search for tsc.exe. Delete all the entries of that file from registry. Now search for TotalSecurity and Total Security and delete those entries too.
Also look for winsource.dll file in registry and delete related entries from registry.
get Root !
This has been my saving grace more than a few times. Have your drive partitioned into at least 2 drives. Put your Ghost images on to D:drive. You are protected to the extent you keep your images up to date.
Thanks!
I cannot vouch for that, I just came across it. The site seems legit, and I guess it can’t hurt if you remove only the things it stipulates. See if it works.
Perfect. Thanks.
My daughter, unfortunately, DID click...and the virus totaled the system.
In the end, I had to reformat and do a clean install. NOT good!
ouch. My laptop did not come with a restore disc... I need to make one... or two
I’ve had my system infected by similar ‘rogueware’ programs in the past. It throws up a fake ‘You’ve been infected’ message and prompts you to go to a website to download the program to remove it. Some of the newer ones will cripple your system preventing you from using your antivirus or antispyware software.
What most people aren’t aware of is that you can reboot your system into ‘Safe mode’ and in this mode the rogueware in almost 99% of the cases can’t cripple your system. I then use Malwarebyte’s AntiMalware software. You can download it for free and it has always found and gotten rid of all these rogue programs.
I’ve seen those steps posted as well, but I urge extreme caution. Please, please be very wary of anything that instructs you go edit your registry. Even if this is a completely innocent attempt to help out, unless you are very skilled with computers and have experience with editing a registry, don’t take this approach. All it takes is one simple entry being accidentally erased in the registry to completely ‘brick’ a system. Once that’s done, it’s almost impossible to restore it. I’m a software engineer, I know this from experience.
The advice I’ve always given is go download MalwareByte’s AntiMalware software. It’s free (there is also a payed option, but I’ve never needed it) to download and update, and it has always located and completely removed any rogueware I’ve had on my systems or on other systems I’ve helped fix.
The ideal situation is to just have your OS and program files on C: drive. If you have a crash or virus, you still have your "stuff" on another drive.
Instead of messing around with regedit and uninstalling and re installing for hours with all the reboots and headache, just get Norton Ghost. Been there, got the T shirt.
How much is Ghost Drive?
I could burn all the important stuff on DVD’s couldn’t I?
The smaller stuff could be put onto a flash drive? Mine is only 4GB.
This was no pop-up window.
It looked like my computer and not something from the internet. Thats what was new about it. I’m glad I didn’t click it.
Norton Ghost will save an image of your whole drive into a file that you need to put somewhere else. If your computer only has one drive, you can partition it into 2 drives( or more) and save the image to the other partition. If you have the money, just buy a second drive and install it as a slave drive. What that does is it assures you that if drive C is damaged and won't even format, then you still have your image. If you have a DVD burner, you can burn the image file to DVD's. If your Image is under 4.35 GigaBytes, it may fit on just one disk. You can also put the image on a thumbdrive if it is large enough to hold it. WalMart recently had 20 Gig dives for $20. They are much cheaper on Ebay but you can get one today if needed. I have several drives for myself, but that is just me. I have several Ghost images in various places for different reasons. I convert home movies, save movies, and music, and have large files when needed. If I had spent several hours and even days working on converting home movies and then stored it on C: drive and the caught one of these viruses, I would be very disappointed and may have to vent with my .45 Colt.
I can’t afford anything right now. Its just going to have to not get infected for a while. =o)
Thank you. But I am a Mac person, so I think I am not threatened by this particular menace. You might want to post this to the others on here who thanked me.
It no worky for me, because I am a Mac person. As I said above, I can’t vouch for it, I only came across it. Must have worked for the person who thanked me. Maybe your daughter has a different virus. Maybe she should be looking at a Mac instead of a PC. I am very low tech, and since changing, haven’t had any problems.
Had something similar a year ago. It was a nightmare. Get Malwarebytes anti-malware beforehand. That’s what fixed my system. It’s free, also.
From the sounds of it, my brother had something VERY similar. He told me what he was doing when he started having the problem. It turned out to be a malicious site which exploited a hole in IE 7. We managed to get rid of the thing with Symantec AV, but it was a regular PITA I tell ya!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.