The Digital Rag
Real World Information in a Virtual World
Sign Up!
Login Welcome to The Digital Rag
Friday, September 03 2010 @ 05:25 PM PDT

Anti Virus 2009 and other nasty stuff

Thursday, January 15 2009 @ 08:54 AM PST

Contributed by: Richard Pitt

Newsletter Postings

The browser/phishing wars keep getting harder to beat. Now we have bogus "session expired" screens popping up when you're legitimately logged into your bank's web site. We also have nasty trojans that stop your system from getting help by blocking access to Microsoft Update and your favourite anti-virus sites.


Even if you really are logged into your own bank's web site, it is possible that the "bad uglies" have installed software into your browser that will pop up a window that IS NOT THE BANK'S COMPUTER CONTROLLED WINDOW.

This "session hijacking" or "session phishing" will make the popup look like it came from the bank's site but in fact it is running locally on your computer. It may ask you to "again" enter your account and password "because your session has expired". They also may ask you to complete a customer satisfaction survey (and again ask for your account and password to "complete" the form) or other misleading things like some sort of promotional scheme.

If a "session expiry" window pops up - ignore it and see if the underlying screen is still responsive. If the main screen is still responsive you should immediately close your browser completely. A real session expiry window will freeze the underlying screen until you reply to it.

I generally ignore the satisfaction or promotion windows in any case - and you should too, especially in light of this new attack strategy.

------------

On another note: My son and my nephew have both come to me lately with tales of woe and a computer that pops up browser windows on its own, has locked them out of Windows Update and their anti-virus update, and generally is misbehaving. It also may pop up windows (anti-virus 2009 - which does not exist) telling you that you have a virus and it must scan - will go through a bogus scan and then tell you you need to pay for a remover package.

This is a new threat that goes by a number of names. I found a great tool that eventually managed to get rid of the problem and it was free for the first 30 days. Simply Super Software has Trojan Remover 6.7.5 at http://www.simplysup.com/

I'm recommending that both kids purchase this out of their own pockets. It updated itself daily so the company is actively making it better and it did the trick, finding registry items that were bogus, reinstating access to the AVG update and Windows Update sites and generally getting things back to normal on these Windows XP boxes.

I'll note that it took several re-boots to get the system to the point where the popups stopped - and then it took several passes by the updated anti-virus software to get the actual infected files removed but this is better than re-installing the operating system and all programs from scratch.

Hope the New Year is treating you better than most

richard

Story Options

What's New

Stories

No new stories

Comments last 2 days

No new comments

Trackbacks last 2 days

No new trackbacks

Older Stories

Friday 02-Jul


Thursday 10-Jun


Tuesday 08-Jun


Friday 04-Jun


Tuesday 01-Jun


Sunday 30-May


Saturday 29-May


Friday 21-May

Ad

Poll

How do you like to find out news about the internet and computers?

  •  Newspaper
  •  Radio
  •  TV
  •  Web Search
  •  Favourite Web Site(s)
  •  Pod Cast
  •  Video Online
  •  Email List(s)
  •  RSS - Syndication
  •  Word of mouth
This poll has 0 more questions.
Results
Other polls | 4 votes | 0 comments

Upcoming Events

Stream 2010
Thu Sep 30, 2010
Streaming Media West 2010
Tue Nov 02, 2010

Event List