­
Welcome, Guest
Username: Password: Remember me

TOPIC: Is this a scam?

Is this a scam? 06 Nov 2017 15:11 #4803

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
Just had this (see the pasted website below) to see what the pop up looked like:
malwaretips.com/blogs/remove-google-membership-rewards-virus/#uninstall

I`ve been into my programs list but can`t see anything relating to this? I would delete/uninstall it if there was but I can`t identify anything with a strange name to it on the list of programs?

Anyway, I got this pop up telling me I`d won an iPhone or a Samsung x? or a PlayStation....I immediately closed the browser as I couldn`t get rid of it or scan it with defender to check it`s authenticity. Now I`m paranoid that some bloody malware or something else has managed to sneak onto my laptop? I could run a full scan using windows defender, but that doesn`t usually throw anything up. So what should I be doing? Any tips appreciated as it`s making me paranoid. :(

I do one of those `give us your feedback` things through google at the weekend for the company (My Memory) who I purchased a memory stick from on their performance and service and I think this may have been the gateway for this thing to start popping up on my screen?

Is this a scam? 06 Nov 2017 15:30 #4804

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
I got this pop up but not from google, from Microsoft:

This image is hidden for guests. Please log in or register to see it.


I`m always wary of these things appearing so took no part in clicking on it. But now I`m not sure what the hell is running in the vaults that I don`t know about?

Is this a scam? 06 Nov 2017 19:35 #4805

Flotsam: People who are considered to be worthless or to have been rejected by society.
The following user(s) said Thank You: comply or die

Is this a scam? 07 Nov 2017 09:34 #4809

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
Hey Tarquin. These are the two most recent programs to be installed/updated in my Control Panel:

This image is hidden for guests. Please log in or register to see it.


Here is the pop up screen I was getting:

This image is hidden for guests. Please log in or register to see it.


As you can see, it didn`t say it was from google but from Microsoft, saying (in an audible voice) congratulations you have been chosen to win one of three prizes and to make a choice before someone else gets the chance.

I posted the earlier snip thinking that it was a google pop up or adware, but this one is more like the one I was getting. I have no indication on my control panel list of programs that anything has been suspiciously installed as everything on the list seems familiar, but not being a techie I wouldn`t know where else to look! It`s possible that something has sneaked on just by browsing or clicking on an image or other website link, so even though I don`t look at dodgy websites, I know these things can take a grip from any source.

Any ideas where I can identify this bug or whatever it is within my system or will I presume it has gone? I did a full Defender scan yesterday (nothing found) and closed my browser using Task manager. But whether this defeats the purpose or not, I don`t know.

Is this a scam? 08 Nov 2017 20:25 #4830

Defender is useless if you have a virus. Try something like this, free version is quite efficient: www.malwarebytes.com/
Flotsam: People who are considered to be worthless or to have been rejected by society.
The following user(s) said Thank You: Paul-UB40, comply or die

Is this a scam? 09 Nov 2017 11:35 #4831

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
Thanks Tarquin. Looked at the site and it states Malware for Windows is a 14 day trial and then it expires? See link:

www.malwarebytes.com/premium/

So should I download the free trial and run it just to check my system and then allow it to expire? I`m not sure if the FREE version is like CCleaner where you download it and then updates are also free. Looks like Malwarebytes is a trial only? Would do the job though if it`s only to check for anything suspicious.
The following user(s) said Thank You: Paul-UB40

Is this a scam? 09 Nov 2017 12:32 #4832

You can go for the the 14-day trial, once it expires Malwarebytes reverts to the free version.
www.malwarebytes.com/pricing/
Flotsam: People who are considered to be worthless or to have been rejected by society.
The following user(s) said Thank You: Paul-UB40, comply or die

Is this a scam? 09 Nov 2017 12:54 #4833

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
Thanks again Tarquin. Will download the FREE version on that listing and keep a close eye on it after 14 days are up to make sure they don`t install the paid version! Will update later if it finds anything.

Is this a scam? 09 Nov 2017 13:16 #4834

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
Downloaded the 14 day free trial. It found TWO threats:

This image is hidden for guests. Please log in or register to see it.


They have been (what it calls) quarantined? What do I do with them now? Leave them put or is there a way to remove/delete them? They are Trojans (malware) found in the registry apparently. Have no idea what this means. Are these nasty? Or are they placed onto computers and nothing more than logs to read your preferences or are they gremlins that wait for you to key in your bank details? I`m none the wiser right now which is why I won`t be purchasing anything online until I know my laptop is `clean` again.

Many thanks Tarquin, your a gem.

Is this a scam? 09 Nov 2017 14:42 #4840

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
And does `Disinfection` mean I can still identify any attacks made AFTER they have happened just by running a daily scan on the FREE version and then quarantining it?

See this:
This image is hidden for guests. Please log in or register to see it.

Is this a scam? 09 Nov 2017 15:01 #4841

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
I`ve also found the culprit:

This image is hidden for guests. Please log in or register to see it.


I installed an updated version of CCleaner recently and according to this website, it was infected by this Trojan:

www.theregister.co.uk/2017/09/18/tainted_ccleaner_downloads/

Those home users using windows 32 bit versions (like me) are advised to re-install the newst version, but according to the report, it was the version 5.33.6162 that was infected. My update begins with 5.36? So do I uninstall CCleaner and start again? Or because I downloaded Malwarebytes and quarantined the Trojans makes my machine safe again? I also rebooted it, but not as some say in `safe mode` as I`m not too sure what that is or whether it`s something I need to do still?

Is this a scam? 09 Nov 2017 15:09 #4842

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
From the above website link:

This image is hidden for guests. Please log in or register to see it.


So are they saying those who have/had the infected version are now SAFE? Should I uninstall CCleaner? I don`t have the Cloud version, but this paragraph seems to suggest we uninstall it?


This image is hidden for guests. Please log in or register to see it.

Is this a scam? 09 Nov 2017 15:24 #4843

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
And....just found this on Piriform`s website, an announcement that CCleaner version 5.33.6162 WAS compromised and that users of the 32 bit home premium (me!) would have been infected. Nice of them to give me warning eh? They said that they sent out immediate notifications to update the version and no doubt I`ve done this already as my CCleaner version is now 5.36 and not 5.33? So I must have updated it not knowing the 5.33 version was infected?

www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users

Is this a scam? 09 Nov 2017 16:40 #4848

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
I am running this version:

This image is hidden for guests. Please log in or register to see it.

Is this a scam? 09 Nov 2017 19:46 #4850

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
....And have now uninstalled it.

Is this a scam? 10 Nov 2017 09:26 #4857

  • comply or die
  • comply or die's Avatar
  • OFFLINE
  • Platinum Member
  • Posts: 2131
  • Thank you received: 2042
Really could do with some input now as I ran a full Windows Defender scan late last night. The scan took 3 hours to complete but unlike other times when I have done this scan using Defender, it was always clean/clear. Last night, it found this: Trojan.Win32/Rundas.B

First time Defender has caught anything, but this was after I downloaded the Malwarebytes that Tarquin recommended and that threw up those two other Trojans, which I quarantines and then deleted. I then uninstalled the CCleaner version I had installed and haven`t yet downloaded the newest version but will probably do that shortly.

Googling around this morning, it seems just deleting these Trojans and thinking they have been destroyed/removed is not the case as other users have been instructed to run various programs the length of your arm as `no one program can detect everything`? So because I`ve only used Windows Defender and Malwarebytes, how do I know that my laptop isn`t being hijacked regardless of running these programs and believing I`m clean?

I`m now too scared to buy anything online or trust the actions I input incase there is a key logger or other malicious spyware hiding beneath. Any help would be appreciated.
­