Go Back   Technibble Forums > Technical Discussions > Security, Viruses and Trojans

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #1  
Old 01-01-2012, 02:43 AM
Rosco's Avatar
Rosco Rosco is offline
 
Join Date: Jul 2011
Location: Massachusetts, USA
Posts: 1,804
Rosco is on a distinguished road
Default uptick in fake antiviruses

all of December had a lot of fake antiviruses... Three just since Tuesday. anyone else seen this happening?
__________________

There's no place like 127.0.0.1
C:\WINDOWS C:\WINDOWS\GO C:\PC\CRAWL
Nibbler for life
Reply With Quote
  #2  
Old 01-01-2012, 03:48 AM
altrenda altrenda is online now
 
Join Date: Nov 2011
Location: So California
Posts: 1,628
altrenda is a jewel in the roughaltrenda is a jewel in the roughaltrenda is a jewel in the rough
Default

Hadn't seen a fake av for a while, now have seen 5 right around Christmas.

2 got past MSE, 1past Norton, and 1past AVG, 1 had nothing at all.
Reply With Quote
  #3  
Old 01-01-2012, 11:15 AM
LedHed LedHed is offline
 
Join Date: Oct 2011
Location: Southwest Louisiana, USA
Posts: 95
LedHed can only hope to improve
Default

I have seen 3 in the past 2 weeks. The most recent one called itself Windows System Check. It was nasty. It hid all the files, disabled access to the control panel, task manager, etc. Haven't seen that behavior since last spring. It also had a bootkit which I removed using BitDefender's Bootkit remover.
Reply With Quote
  #4  
Old 01-01-2012, 12:33 PM
papuchazo papuchazo is offline
 
Join Date: Nov 2011
Posts: 335
papuchazo is on a distinguished road
Default

I gotta say, my business has been enjoying the increase in these

most seem to have come from ads on legit sites being infected.
Reply With Quote
  #5  
Old 01-01-2012, 02:19 PM
jamesp4330 jamesp4330 is offline
 
Join Date: Nov 2011
Location: Powder Springs, GA
Posts: 41
jamesp4330 is an unknown quantity at this point
Default

Yes, this Virus has turn my normally slow holiday season into a very steady one. 4 Last week and I too see them getting past all the big Anti-Virus names.
Reply With Quote
  #6  
Old 01-01-2012, 02:21 PM
Steve202's Avatar
Steve202 Steve202 is offline
 
Join Date: Sep 2010
Location: Staffordshire, UK
Posts: 864
Steve202 is on a distinguished road
Default

I've started to notice a small increase in rogue AVs since the beginning of December.
__________________
Steve
"Hello, have you tried turning it off and on again"
Reply With Quote
  #7  
Old 01-01-2012, 03:21 PM
YeOldeStonecat's Avatar
YeOldeStonecat YeOldeStonecat is online now
 
Join Date: Nov 2011
Location: Southeast Connecticut
Posts: 7,395
YeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to all
Default

XP Antivirus 2012, Vista Antivirus 2012...those are the big ones we're setting. The new BETA MSE actually stopped one last night from coming into my system....I saw MSE's popup and auto actions happen before it jumped up on my screen. This was through Chrome too..so good to see the new MSE reaching into that.
__________________
Resident "Geek on a Harley" doing IT in Southeast Connecticut
http://www.dynamic-alliance.com/
https://www.facebook.com/YeOldeStonecat
Reply With Quote
  #8  
Old 01-01-2012, 04:31 PM
Rosco's Avatar
Rosco Rosco is offline
 
Join Date: Jul 2011
Location: Massachusetts, USA
Posts: 1,804
Rosco is on a distinguished road
Default

well i guess its not just me....it sucks for EUs but really helped a slow week. i crushed my goal for December because of these. So far they totally disable anything in the machine to fix it. Makes it great for us techs. These are real nasty ones. every customer had up to date antivirus software. Well i guess if you make $100.00 milllion and the US goverment only makes you pay 8 million in damages i would set up shop again too. We are all in the wrong business i guess, lol!
__________________

There's no place like 127.0.0.1
C:\WINDOWS C:\WINDOWS\GO C:\PC\CRAWL
Nibbler for life
Reply With Quote
  #9  
Old 01-01-2012, 05:10 PM
bluefalcon bluefalcon is offline
 
Join Date: Nov 2011
Posts: 34
bluefalcon is an unknown quantity at this point
Default

I have fixed two on a windows 7 system. One made it past Trend Micro and the other one was not even running an AV.
Reply With Quote
  #10  
Old 01-01-2012, 07:01 PM
MisterMalware's Avatar
MisterMalware MisterMalware is offline
 
Join Date: Jul 2011
Posts: 18
MisterMalware is an unknown quantity at this point
Default

What I'd like to know is the exact configuration(s) these PCs had before they got infected.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:34 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.