Post by StuartG on May 27, 2011 22:44:15 GMT 1
Well You've all seen the posts for the Mac scam. Well this is how to catch the equivalent Windows scam. It's virtually the same.
First of all, You may have seen the reference to the 'hosts' file that exists on most, if not all, modern operating systems.
127 0 0 1 2613010 com * added 19:34 26/05/2011 sy alert
127 0 0 1 12e5512 com * added 07:43 20/05/2011 sy alert
[I've left out the dots so this site doesn't think it's an address]
these are two of the entries in my hosts file as a result. Unfortunately the scam site keeps changing it's address, so I shall probably get bored with entering all the sites. I will have to just live with it to a certain extent. As has already been said by the posted security 'blogs' the scam is 'caught' by tapping on pictures on Google. It's typical 'KGB' type tactics to use a female lure to entrap. Mine was a picture of Nigella Lawson in revealing top. [probably a fake] The picture very quickly changes and a browser window [fake] completely covering the whole screen. In the background is a fake but convincing screen of Windows Explorer showing the drives [the standard screen of MyComputer] with some extra additions showing supposed security threats. In the centre of the screen is an overlaid info box stating that 2613010 com says there are security threats, run the scan? [or words to effect] and the OK button [to start the process] DON'T tap on the OK button! The idea is to panic the user into doing just that- Don't do it resist, in fact, do nothing but take stock.**
As a preparation for this eventuality it's a good idea to make sure the
"Keep the taskbar on top of other windows" box is ticked in properties.
The reason for adjusting the taskbar properties is to stop the 'fake browser screen' from covering any controls that can be used to stop the scam. [it tries to fill the whole screen to do just that]
Another preparation is to have a shortcut to the 'taskmanager' program. C: WINDOWS system32 taskmgr.exe [again the back slashes have been omitted] on the taskbar. In the event of a lockup of the browser or any program the task manager can be invoked, and it will popup over other screen as a default. Go to 'applications' tab and 'end task' the browser invocation by hi-lighting and click.
The scam process will be ended. It doesn't hurt to run a security scan
Shut down [cold start] and re-run the scan.
If the scam is stopped there, at the scam security screen, it should be OK. It hasn't started to install any fake software. It may of course leave some 'bad' cookies so search for those.
** If You can't be fagged to do all above, just turn off the power. Then restart and allow Windows to reload. Run security software [genuine!] That's how to catch a scam.
StuartG
First of all, You may have seen the reference to the 'hosts' file that exists on most, if not all, modern operating systems.
127 0 0 1 2613010 com * added 19:34 26/05/2011 sy alert
127 0 0 1 12e5512 com * added 07:43 20/05/2011 sy alert
[I've left out the dots so this site doesn't think it's an address]
these are two of the entries in my hosts file as a result. Unfortunately the scam site keeps changing it's address, so I shall probably get bored with entering all the sites. I will have to just live with it to a certain extent. As has already been said by the posted security 'blogs' the scam is 'caught' by tapping on pictures on Google. It's typical 'KGB' type tactics to use a female lure to entrap. Mine was a picture of Nigella Lawson in revealing top. [probably a fake] The picture very quickly changes and a browser window [fake] completely covering the whole screen. In the background is a fake but convincing screen of Windows Explorer showing the drives [the standard screen of MyComputer] with some extra additions showing supposed security threats. In the centre of the screen is an overlaid info box stating that 2613010 com says there are security threats, run the scan? [or words to effect] and the OK button [to start the process] DON'T tap on the OK button! The idea is to panic the user into doing just that- Don't do it resist, in fact, do nothing but take stock.**
As a preparation for this eventuality it's a good idea to make sure the
"Keep the taskbar on top of other windows" box is ticked in properties.
The reason for adjusting the taskbar properties is to stop the 'fake browser screen' from covering any controls that can be used to stop the scam. [it tries to fill the whole screen to do just that]
Another preparation is to have a shortcut to the 'taskmanager' program. C: WINDOWS system32 taskmgr.exe [again the back slashes have been omitted] on the taskbar. In the event of a lockup of the browser or any program the task manager can be invoked, and it will popup over other screen as a default. Go to 'applications' tab and 'end task' the browser invocation by hi-lighting and click.
The scam process will be ended. It doesn't hurt to run a security scan
Shut down [cold start] and re-run the scan.
If the scam is stopped there, at the scam security screen, it should be OK. It hasn't started to install any fake software. It may of course leave some 'bad' cookies so search for those.
** If You can't be fagged to do all above, just turn off the power. Then restart and allow Windows to reload. Run security software [genuine!] That's how to catch a scam.
StuartG