|
|
Post by johneppstein on Dec 22, 2016 16:39:59 GMT -6
I was just browsing the 500 series thread and suddenly got hit with a popup claiming to be an alert fgrom Microsoft that my computer had been infected and to follow their instructions to fix it. Now, Microsoft does not operate like that,and this sort of popup is a commob ploy used to infect the computerrs of unwary people with spyware, adware, virii, trojans, etc. I copied down the attached phone number and the purported ID code, kiilled the popup (which was slightly difficult as it attempted to grey out my back button) and Googled the code - turns out it's malware, specifically a well known adware installer known as 268D3. Beware of this. It's particularly nasty si8nce this site relies on popup blockers being disabled to generate revenue.
Edit: I just got hit with two more while trying to access my profile - one for a puported Java update and one trying to sell me something. I would say that this site is under attack.
Edit2: Just got another for an alleged Flash update.
|
|
|
|
Post by Johnkenn on Dec 22, 2016 17:38:12 GMT -6
Hmm. I'll report it on the main board.
|
|
|
|
Post by Martin John Butler on Dec 22, 2016 18:04:24 GMT -6
Beware the "you need to update your flash player" prompts. Only go to adobe.com for it. The links install a nasty malware program that's extremely difficult to get rid of. Popup ads begin showing up everywhere, covering your work and then you have to click on each one to get them off your page. Then it happens again and again and again. Essentially, it's taken over your computer and you're not free to use it as you please.
|
|
|
|
Post by johneppstein on Dec 23, 2016 0:28:36 GMT -6
Beware the "you need to update your flash player" prompts. Only go to adobe.com for it. The links install a nasty malware program that's extremely difficult to get rid of. Popup ads begin showing up everywhere, covering your work and then you have to click on each one to get them off your page. Then it happens again and again and again. Essentially, it's taken over your computer and you're not free to use it as you please. I didn't click on the link and it seems to haved infected me anyway -really nasty. I just got a popup that wants me to install a program called "pc keeper". |
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Dec 23, 2016 3:34:04 GMT -6
John - have you tried malwarebytes - it's a free anti malware. Cheers.
|
|
|
|
Post by Martin John Butler on Dec 23, 2016 8:55:29 GMT -6
Beware the "you need to update your flash player" prompts. Only go to adobe.com for it. The links install a nasty malware program that's extremely difficult to get rid of. Popup ads begin showing up everywhere, covering your work and then you have to click on each one to get them off your page. Then it happens again and again and again. Essentially, it's taken over your computer and you're not free to use it as you please. I didn't click on the link and it seems to haved infected me anyway -really nasty. I just got a popup that wants me to install a program called "pc keeper". Damn John, that sucks. That happened to me too, and it was grueling to remove . There are a dozen steps necessary, and if you miss one, it resets and you have to do it all over again. I close my browser immediately if I see that kind of page now. |
|
|
|
Post by jjinvegas on Dec 23, 2016 9:03:41 GMT -6
Got the same episode here, seen it before so I just did a manual shutdown after hitting save on the work, as I couldn't exit the Chrome browser where it was having a party. A quick scan and then a boot scan revealed nothing. I removed a program I had used to open an odd file, sometimes i don't read all the fine print, but although it might be coincidental, it went away.
|
|
|
|
Post by winetree on Dec 23, 2016 13:01:11 GMT -6
My hard drive was encrypted and they wanted $1000. for a code to fix it.
Replaced the hard drive and started over. Don't know what I lost because I don't miss it.
I bought a Mac Mini i5 to only go on line with. I now save my data on a separate drive.
|
|
|
|
Post by Ward on Dec 27, 2016 5:30:25 GMT -6
Thanks for the heads-up, johneppstein I never ever use my studio computers for web surfing or even connecting to anything besides email or dropbox. They are Digital Audio Workstations. |
|
|
|
Post by johneppstein on Dec 27, 2016 13:28:29 GMT -6
Thanks for the heads-up, johneppstein I never ever use my studio computers for web surfing or even connecting to anything besides email or dropbox. They are Digital Audio Workstations. I don't, either. The studio computer stays disconnected except for software installation/upgrades. It's annoying as hell when the communications computer gets a problem. I think I'm going to have to call in a pro. Funny thing though -the only sites I seem to be having problems with are this one and one other small forum. |
|
|
|
Post by Johnkenn on Dec 27, 2016 18:20:36 GMT -6
That's totally just fishing...all you have to do is restart the browser.
|
|
|
|
Post by Johnkenn on Dec 27, 2016 18:24:42 GMT -6
I've created a thread on the support page. Awaiting a response.
|
|
|
|
Post by johneppstein on Dec 27, 2016 22:01:01 GMT -6
That's totally just fishing...all you have to do is restart the browser. Nope. Did that. Restarted the computer. Turned the computer OFF and restarted the browser. Did the Firefox cleanup routine. Scanned with Avast. Downloaded Malwarebytes and ran that. It caught a few bad files and the problem diminished slightly but continues, mostly here and on another audio site run by a very well known guy which is the site that led me here. Rarely Farcebook has a problem and I may have had a problem somewhere else or when trying to get somewhere from search. Anyway, fishing shouldn't be able to get through the firewall. It would have had to piggyback on a trusted site somehow. |
|
|
|
Post by svart on Dec 28, 2016 14:07:40 GMT -6
That's why I run two adblockers and a javascript popup blocker in chrome.
I know it sucks for those who rely on the adclick revenue, but since I've done that, I've had ZERO problems with hijackers like that.
|
|
|
|
Post by svart on Dec 28, 2016 14:11:26 GMT -6
Also look into running a rootkit remover. The fancy hijackers will hide in the MBR and keep running on the computer, cloaking themselves between scans by alternating between RAM, MBR and disk.
Some of these are extremely hard to kill, even running multiple anti-virus and malware programs.
|
|
|
|
Post by jjinvegas on Dec 28, 2016 14:35:21 GMT -6
After seeing Snowflake's post I added Malwarebytes which is blocking whatever is messing with us. I did a rootkit scan, but every time I reach for the scroll on the right something pops up (now blocked, but still). It did promote a mouse move I should be using anyway, with the dial, old habits die hard I guess. I have done an earlier restore, scanned it with Avast, Malwarebytes, Windows Defender, I am getting sort of annoyed with this quite persistent and pernicious hitchhiker.
|
|
|
|
Post by svart on Dec 28, 2016 15:20:07 GMT -6
I used an app called GMER once to remove an especially hard to remove trojan. It was the only one that did, but be aware that it's also pretty powerful and can ruin a windows installation if you're not careful using it.
I had a browser hijacker once too, and it was buried in the browser EXE, so a remove/reinstall of IE was still called for after running the anti-virus stuff. This was back in XP/2000 days, so I'm not sure if that's an option these days.
|
|
|
|
Post by popmann on Dec 28, 2016 15:36:07 GMT -6
This is absurd that this is a thing in 2016. What is it that Windows can do online that OSX can't? I just don't understand why this is still a thing.
I don't run my Windows machine as an admin....but, I don't understand why they can't seem to get browser sand boxing to work correctly. This is one of the reasons I run OSX for my personal computing. I don't care about the Windows DAW because I don't surf on it...,and like I said--I don't run it as an admin, because that's just poor practice for plenty of reasons. Worst case, I fuck up the one profile, log in as admin, blow it away, and create new. But, even that would be a PIA with all the Cubase prefs and such....
|
|
