Previous 1 2 3 4 Next 52 Replies Latest reply: May 24, 2011 4:26 PM by My voice is my password Go to original post
  • ds store Level 7 Level 7 (30,310 points)

    We've seen a significant increase in the number of misleading sub domains in .co.cc TLD that were promoting malware called Fast Windows Antivirus 2011

    . We usually classify such misleading websites as browser hijackers that pretend to scan your computer for malicious software and reports hundreds of false system security threats. They distribute malware and at least for the last few weeks they were hosting fake anti-virus application called Ms Removal Tool (BestAntivirus2011.exe). If you somehow ended up with this rogue anti-virus, please follow the <ommitted> Although, these browser hijackers or fake scanners are titled "Fast Windows Antivirus 2011", we haven't found any rogue security program with such name yet. Most likely, Fast Windows Antivirus 2011 is only used for marketing of other malware. Anyway, if a window titled Fast Windows Antivirus 2011 pop-ups on your computer screen and supposedly scans your computer then it's certainly a scam. Do not download anything from such misleading scanners as shown in the image below. If you think that your computer has been infected some sort of malware, please run a full system scan with anti-malware software. Good luck and be safe online!

     

    Here's an example of a fake anti-malware scanner tha reports non-existent infections on your computer.

     

    judyfromspring, are you running Windows?

  • judyfromspring Level 1 Level 1 (0 points)

    Thanks for your help!

  • clarefromcambridge Level 1 Level 1 (0 points)

    I have just had the same problem when clicking on an image from a google uk search for 'paid rubbber stamp'

    I can tell you how to get to the site. Type those words into Google. On the first page of results, about 7th result are 5 images in a row. The first image (left hand side)  shows a red PAID stamped onto a piece of paper. Click and voila, off you go.....

  • clarefromcambridge Level 1 Level 1 (0 points)

    I meant to write "paid rubber stamp", i.e. two b's, not 3!

  • MacJoseph Level 3 Level 3 (595 points)

    Clare

     

    Thanks for this info!

     

    Joseph

  • macincotuit Level 1 Level 1 (0 points)

    The same thing just happened to me and following the above threads I am pretty sure that I got it off my computer.  I was googling for scarves and went to a site: http://saltandpepperaruba.com (I checked back in my history) The next entry was the "fast windows antivirus 2011". I browse with Safari.  I checked applications, downloads, accounts, log ins, and removed anything associated with macdefender.  Their phone number is 1-800-417-5679 and web address www.browse4soft.com.  I just called my bank.

  • ds store Level 7 Level 7 (30,310 points)

    macincotuit wrote:

     

    The same thing just happened to me and following the above threads I am pretty sure that I got it off my computer.  I was googling for scarves and went to a site: http://saltandpepperaruba.com (I checked back in my history) The next entry was the "fast windows antivirus 2011". I browse with Safari.  I checked applications, downloads, accounts, log ins, and removed anything associated with macdefender.  Their phone number is 1-800-417-5679 and web address www.browse4soft.com.  I just called my bank.

     

    Thanks, I checked the site in question, it's loaded with hidden Flash elements.

     

    Please run the browser plug-in checker and update any (especially Flash) plug-ins

     

    https://www.mozilla.com/en-US/plugincheck/

     

     

    I think we've nailed it.

     

     

    Also consider running Firefox with the following Add-ons: NoScript, Ad Block Plus, Click&Clean, BetterPrivacy, Ghostery

     

    NoScript and Click&Clean have buttons in the Toolbar customization menu you need to drag into place on the Toolbar.

     

    NoScript turns off all "scripts" by default as you surf, if you trust a site and need scritps to run, you then click to the button enable them all or allow Flash elements one by one. Such as a video, but not the malware lurking somewhere on the page.

     

     

    If you want to continue using Safari at least install Click 2 Flash and Ad Block Plus.

     

     

    And it's a very good thing, if your the only Admin user on your machine, is to create another Admin user, log out of your user and into the new Admin User, turn your first Admin user to General user level and use that for general web surfing etc.

     

    If you have to make certain alterations to certain folders, like Applications for instance, OS X will require your Admin name and password.

     

    Small pain for leaps in security.

  • Pinetowns1stlady Level 1 Level 1 (0 points)

    You mentioned Firefox 4 having a huge memory leak. Could you please elaborate? I have a brand new (3 months) MacBook Pro 13 inch that I love, but after downloading Firefox 4 I have had nothing but trouble with my computer. It seems to run super slow, etc.

    Also may I ask you to please explain what exactly  a memory leak means to a computer?

    Thanks so very much to anyone whom may answer here.

  • ds store Level 7 Level 7 (30,310 points)

    Pinetowns1stlady wrote:

     

    You mentioned Firefox 4 having a huge memory leak. Could you please elaborate? I have a brand new (3 months) MacBook Pro 13 inch that I love, but after downloading Firefox 4 I have had nothing but trouble with my computer. It seems to run super slow, etc.

    Also may I ask you to please explain what exactly  a memory leak means to a computer?

    Thanks so very much to anyone whom may answer here.

     

    Firefox 4 appears to be have a more flexible memory use pattern, same on Windows or OS X, don't know if this intentional or not due to the huge amount, complexity and variety of add-on's Firefox enjoys. Would think it proper to set a certain memory amount at the program start based upon add-ons installed as not to conflict with other programs.  So yes, it appears it does have a memory leak, is being addressed as we speak in the bug reports, likely a patch will be issued for that soon.

     

    In your case the issue is more pronounced on poor performance integrated graphics machines like the 13" MacBook Pro which "share graphics memory" along with the regular memory then has to page the excess memory to storage, for even more performance degradation.

     

    You need to know that your CPU does double duty, so it's very important to max out the memory (RAM) and if possible, increase the storage speed, either with a 7,200 RPM drive or a SSD to assist the processor better with memory pagination.

     

    I find problems with Firefox occurs only when my available memory is nearly full, not when I just have it and a few small programs open. With this malware making the rounds on the Internet, ready to strike unawares to take advantage of a browser flaw, Firefox and the NoScript "web cop" add-on working silently in the background, has been of immense benefit that outweigh the memory leak issue at this time, at least for me.

     

    Since NoScript is not available for Safari or Chrome, both which are based upon the problematic insecure webkit foundation, there really doesn't seem to be any "safe harbour" in mainstream browser choices today, malicious types are even targeting Opera as to leave no stone unturned in their quest for profits.

     

    If this keeps up, one might have to begin surfing the general web utilizing a lightweight operating system like Linux running in a virtual machine, flushing each session daily and reverting to a earlier saved snapshot. Only more powerful computers with dedicated graphics and plenty of cores and RAM are able to perform this function with Windows. But with Linux it can be done with 1 core and 1GB of spare RAM. VirtualBox and Linux Mint 32bit ISO would be the easiest no cost combination in that regard. Firefox is the browser used and the NoScript Add-on works in Linux as well.

  • annefromfw Level 1 Level 1 (0 points)

    I also got the Mac Defender virus on my computer this morning.  I was just now able to figure out all of the steps to delete it.  It automatically installed while I was browsing online, I am not sure exactly what website I was on.  I did not click on anything to install.  Thank you Mac Joseph, I read all of your comments and was able to solve the problem!!!!!

  • Pinetowns1stlady Level 1 Level 1 (0 points)

    First off I really want to thank you for taking the time to reply to my question and answering in a way that I could understand. I would like to know however if you could tell me where I can find the memory in my computer so that I can keep an eye on how much I am using, or how much I have (left).

    Again thank you so very much!!!!

  • ds store Level 7 Level 7 (30,310 points)

    Pinetowns1stlady wrote:

     

    First off I really want to thank you for taking the time to reply to my question and answering in a way that I could understand. I would like to know however if you could tell me where I can find the memory in my computer so that I can keep an eye on how much I am using, or how much I have (left).

    Again thank you so very much!!!!

     

    Look in your Applications > Utilities folder for a OS X program called Activity Monitor.

     

    Or simply Apple + space bar = spotlight and type "Activity Monitor"

  • MacJoseph Level 3 Level 3 (595 points)

    Anne

     

    Glad to hear you removed it.

     

    Joseph

  • cynthiafromkingscliff Level 1 Level 1 (0 points)

    Hi Everyone,

    My husband was just getting some coloring picture of Ben 10 for our son when the same thing happen...

    as i just installed, a week ago, Mackeeper, i did not know if i should install macdefender, it was really hard to get out of it so i installed it... then did not like the look of it and put everything in the trash and checked what was macdefender and saw all your messages; thanks to MacJoseph, i followed your direction and hope that i can empty it from the trash... does Mackeeper will keep my computer clean and safe?

     

    cheers

    CJ

  • Linc Davis Level 10 Level 10 (165,610 points)

    does Mackeeper will keep my computer clean and safe?

     

    No, it's worthless, and the developer is just a cut above the "MacDefender" level on the ethics scale.

     

    Some of us would like to analyse the trojan, but I at least have been unable to find it. It would help if you could locate the page where you found it in your browser history. Don't post a link to that page here; instead please see this topic.