Morning lovelies. :-) I'm sitting in Yahoo minding my business reading my e-mail and scheduling appointments when I come across a notification from ActiveRain support that my writers have new posts to be approved for my team blog. Cool. I click the link, log into AR, make a few comments, approve the post syndication and start trolling the blogs for my blogging buddies.
I see Lenn Harley did a reblog. Cool. I check it out. I click the links. Register. It says I have to check my e-mail to confirm. Okay. Back to Yahoo I go. I click the link. I get a confirmation page. Before I can close the tab out a new tab pops up entitled "VirusDoctor" and I get crazy screen showing a green program load bar flying from 0 to 100%
I rip the network cords out of the back of my computer.
I am staring at a new browser tab pissed the hell off because I don't know what this is. I have a triple firewall and double antivirus. How the hell did I get this? Adware.Win32.Winad? AdvWare.Hotbar? Trojan-Downloader.Win32.Small.dge? Trojan.Qoologic - Key logger? Sheur.ZSQ?
I freak out when I see the key logger shit because that is a nasty hack attack. I gotta go change all of my account passwords if this turns out to be true. The damn thing has the nerve to recommend "Click 'Start Protection' button to erase all threats."
Oh really?
I am not clicking that. It is inconceivable to me that Norton 360 would miss these and a few others. The tab claims that I have 10 critical and high threat viruses. Hmm... The interesting thing is the scan has been disabled on my PC Tools Antivirus but not Norton 360. Hmm... I am running Norton 360 waiting for confirmation that these things are actually on my computer while I stare at three red blinking warnings declaring 10 viruses found: 1 in my documents and 9 in shared documents.
Off I migrate to the laptop to write this while I wait for Norton to give me a report. Mike's computer and my laptop appear to be fine. We are sharing a five station router. My HP tower is the only one that appears to be under attack. Bummer. All my work is on there. I can't afford to lose a single file off that machine.
I don't know what this is and I hope it isn't crap to make me buy something that I do not need. I certainly am not clicking some strange button to "remove" something that appears to have been maliciously downloaded this morning. I am pissed off that my PC Tools wont scan this. Norton appears to be doing it's job. When Norton is done I'm going to use Evidence Eliminator to wipe all of the temp files with a department of defense scrub and digital bleach job. I don't want any temp files left anywhere... I am thinking clicking the "start protection" button will trigger a malicious installation. What say you?
WTF is Microscano.info and how did it pop up it's own tab on my Firefox browser to start this shit???
This better not be a fucked up advertisement for a product because I am soooo calling my attorney girlfriends about this unauthorized intrusion into my little digital world. I am stressed out beyond belief because Paralegals have to maintain the confidentiality of client files. Comprehensive scans and running computer forensic tools to track alterations and accessed files take a long time and I have a client I need to drive to an open house in Long Island. I just cancelled my gym routine to deal with this crap.
A pissed off Wordy C may be getting really evil with some stupid person later this afternoon... Seriously evil... I do not let people mess with my home office. It's how I pay the bills and feed my kids. Mama is really loaded for bear today. Will keep you guys posted...
Disclaimer: Any comments and contributions provided on ActiveRain.com (or other electronic or print media) does not establish an agency relationship with any third party. Blog posts are intended to be informational only. Please be advised that real estate practices vary in regions and from state to state and market to market. The information contained herein does not constitute legal advice. All parties in need of legal, accounting, tax, or real estate guidance are directed to consult with the licensed professional of their choice. Please seek specific guidance from a retained professional in the specific field(s) required to service your interests. I and/or team blog writers make no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained in or linked to this web site and its associated sites inclusive of but not limited to ActiveRain Group Club Chaos ClubChaosAgents.com CyberMinions.net CTannStarr Outside Blog CTannStarr Localism Blog TannStarr.net UberMental.com
I did a little investigating on Virusdoctor. It is a trozan and tries to compromise the security settings you have set. Check out this link for info on how to get rid of it: http://www.2-spyware.com/remove-w32-virusdoctor-a.html Hope this helps you out.
It is bad news I agree it is a trojan and the fix is as Dan said.
Haven't run across this one yet, but I see there's some info available above. Hope you get all this worked out C.
Little Sister - This happens to me all the time and it is a bunch of crap, if you catch it right away and click remind me later.
I have missed the little reminder and it will shut down the computer so it can reboot some times. So of these computers have a mind of their own, scary!
VB;o)
C.,
You have your answer already. My staff gets them from going to certain social networking sites.
This thing is a pain in the butt. Been working on it all morning. Bummer...
Thank you for the link Dan.
Tim, very bad news...
JL, working on it and purging my Facebook applications...
Robert, this whomps. I'm sorry to hear this happens to you frequently Big Brother.
Julie, I have an idea of what needs to be done. It's messing up the rest of my weekend. I'm running late for all of my appointments. Should be on the road but still here trying to audit my client files and computer registries.
C- That really "whomps!" Hope it gets straightened out quick and you are back on schedule soon.
Sorry you are having to deal with this crap. I have fears of such things happening and not knowing what to do. I'm scared I'll do precisely the wrong thing and make matters worse!
One of the agents in my office had this about a year ago. She tried the on line fix and it didn't work and she ended up having to have someone from Norton remotely take control and remove it. Maybe the link Dan left has come along in the past year. It cost my agent $99.00 to have it removed. Pain in the ass, but she did not loose any files, just a lot of valuable time.
C - this stinks for sure. When you get it figured out I do hope that you will share the 'fix' with all of us so if we come under attack we will be able to deal with it immediately.
I'm praying for ya!
I have lost my mind. Seriously... Didn't lose any files but had to check every last one of my electronic client files. Still checking a few issues out but at least the HP is back on-line and most of my passwords changed. :-)
Thank you Judy, Ann, Tammy and Carol.
Ooooo... The NY Times had something odd happen as well. Bad ad issues. Seems a malicious ad made a fake page pop up about computers being infected. Tweet peep posted a link: http://nxy.in/9jax2
C: It sounds like you have had an awful time. Let us know when you get it fixed. Good Luck.