• Hey Guest. Check out your NeoGAF Wrapped 2025 results here!

Was just redirected to a shady "anti virus" site from a GAF thread

Status
Not open for further replies.
bobbychalkers said:
Is that the one that hides folders and says your hard-drive crashed and a bunch of other parts failed? I remember panicking like hard when I got it.
Click to expand...

I've gotten this one twice before. Getting rid of it is slow, but pretty easy is with a Google search.

Right now though AVG is saying if I delete this one virus that my system will crash, not sure what to do....

AVG removed 4 viruses and Malware removed 10. One of them disabled MSE when I wasn't paying attention.
 
So after downloading it to see what it was, as I expected it was just a standard Fake AV that wants your money. At the moment only 4 of the major AV's actually detect it, so it must be pretty new.
 
Yeah, I got this too. Right when I went to the off topic page. Hasn't happened again yet, but it was the same one as the screenshot posted. queerprocess or something like.
 
JustinSane said:
Adblock plus is available for firefox and google chrome. install it now.
Click to expand...

i1h6HwkHmjkZy.jpg


lol jk, sorry had to.
 
Demon Ice said:
Anyone else getting this? It was in the Post pics of yourself thread, went to change pages and got redirected.

Didn't catch the URL before I reflexively backed out.
Click to expand...

I forget what they called but it's a virus that puts your computer through a proxy. Download malwarebytes malware remover... or w/e. Scan and delete.
 
Just out of curiosity for those who get infected with viruses. Are you running Windows 7? And if you are do you keep UAC enabled, or do you turn it off?
 
SPDIF said:
Just out of curiosity for those who get infected with viruses. Are you running Windows 7? And if you are do you keep UAC enabled, or do you turn it off?
Click to expand...
Win7 professional with all updates up to date, UAC enabled, MSE installed, careful with sites I visit.
 
It's being investigated by the ad network. If anyone's able to secure additional info, like the banner involved (assuming that the problem is originating from a gaf banner ad) then any and all info would be helpful for determining the source and fixing it.
 
OnkelC said:
Got a ZeroAccess /Sirefef.R Sirefef.AH infection last friday, maybe related?
Click to expand...

I had that yesterday, got into my system via a fake Adobe update that looked 100% like the real thing. Fucking monster, isn't it? It took mt like 10 hours of tinkering and scanning and hacking and rebooting to fix. Coulda just re-installed Windows but I was determined to beat it and keep my system the way it was.

ZeroAccess is absolutely nasty and spreading like wildfire. http://blogs.mcafee.com/mcafee-labs/targeting-zeroaccess-rootkits-achilles-heel
 
VALIS said:
I had that yesterday, got into my system via a fake Adobe update that looked 100% like the real thing. Fucking monster, isn't it? It took mt like 10 hours of tinkering and scanning and hacking and rebooting to fix. Coulda just re-installed Windows but I was determined to beat it and keep my system the way it was.

ZeroAccess is absolutely nasty and spreading like wildfire. http://blogs.mcafee.com/mcafee-labs/targeting-zeroaccess-rootkits-achilles-heel
Click to expand...

Could you help me with instructions for removal please?
 
OnkelC said:
Could you help me with instructions for removal please?
Click to expand...

I tried very many things, in the end it was a combination of RogueKiller and Combofix that did it.

'Scan on reboot' with RogueKiller took a lot of the peripheral viruses and registry entries away that ZeroAccess brought in and Combofix repaired the infected drivers and services.

Combfix is a pretty heavy program, though, so I'd make sure you have a Windows recovery disc present just in case something goes wrong. Good luck.
 
I got the same thing yesterday while browsing here as well. Fake virus scan in the browser saying it found a virus and wanted me to click OK to remove. Instead of clicking OK, I opened up the task manager and ended Chrome's process. Then I restarted Chrome and installed the Adblock plugin.

Malwarebytes was running at the time and didn't alert me to anything as well.
 
I just got this hitting a next page button on a thread, I also just updated my java today as soon as i turned on my pc, so i don't know if that had anything to do with it.
 
King Mystery said:
I got the same thing yesterday while browsing here as well. Fake virus scan in the browser saying it found a virus and wanted me to click OK to remove. Instead of clicking OK, I opened up the task manager and ended Chrome's process. Then I restarted Chrome and installed the Adblock plugin.

Malwarebytes was running at the time and didn't alert me to anything as well.
Click to expand...

ಠ_ಠ
 
King Mystery said:
I got the same thing yesterday while browsing here as well. Fake virus scan in the browser saying it found a virus and wanted me to click OK to remove. Instead of clicking OK, I opened up the task manager and ended Chrome's process. Then I restarted Chrome and installed the Adblock plugin.

Malwarebytes was running at the time and didn't alert me to anything as well.
Click to expand...

Yeah but you made the GAF ads an exception, right?

Right?

(SAY YES!)
 
WickedCobra03 said:
No I got that same thing like 5 minutes ago. This computer has seemed to be alright before that.
I will run some anti-malware programs, but I looked in my running programs and nothing looked suspicious, so I dunno.


edit: here are some screencaps. Anyone else getting these, or close to these?

5224e59e.png


461816dd.png
Click to expand...

Yup. Got this this morning.
 
Demon Ice said:
Anyone else getting this? It was in the Post pics of yourself thread, went to change pages and got redirected.

Didn't catch the URL before I reflexively backed out.
Click to expand...

Same thing happened to me I think (yesterday). My Norton antivirus prevented the page from opening. It just happened when I clicked on the next page.
 
I scanned yesterday with Malware bytes and Spybot but neither of them found anything.

I was thinking about doing Kaspersky but it takes so long and sucks anyway.
 
I've been getting redirects latley as well. I tried Hijack This! but I don't know enough about what I'm doing to start deleting stuff.
 
Dammit. We had a great deal with this network too, but I can't let this sort of thing continue. Can't exactly be against my users using adblock if we're serving any malicious ads, and continuing to serve anything like this is ethically no-go. I'll pull the tags today if they don't address it 100%. Sorry for any inconvenience.
 
i got it too :(

using IE at work, no problem at home with FF
 
So far nothing on my end. I have chrome, use norton as my AV and since I saw this thread I've been full scanning with malwarebytes twice a day. I feel like I'm playing with fire.
 
WickedCobra03 said:
No I got that same thing like 5 minutes ago. This computer has seemed to be alright before that.
I will run some anti-malware programs, but I looked in my running programs and nothing looked suspicious, so I dunno.


edit: here are some screencaps. Anyone else getting these, or close to these?

5224e59e.png


461816dd.png
Click to expand...

Happened to me too, right here in the GAF OT. I didn't let it get that far though. Not giving any actual viruses though, just a very intrusive ad.
 
It happened to me yesterday. I thought it was just something wrong on my end, but I guess I'm not the only one. I am also using Chrome.
 
EviLore said:
This still happening to anyone?
Click to expand...
Yes, just happened to me less than 5 minutes ago while viewing the subscription page, in IE9. I got a couple of popups and the subscription page was redirected to that custodian etc. .in webpage screenshotted above, I believe.
 
VALIS said:
I tried very many things, in the end it was a combination of RogueKiller and Combofix that did it.

'Scan on reboot' with RogueKiller took a lot of the peripheral viruses and registry entries away that ZeroAccess brought in and Combofix repaired the infected drivers and services.

Combfix is a pretty heavy program, though, so I'd make sure you have a Windows recovery disc present just in case something goes wrong. Good luck.
Click to expand...
thanks a bunch, will try it out this weekend.
 
Status
Not open for further replies.

Similar threads

Just a reminder how awesome Eddie Van Halen was
8
578
EviLore replied
  • Poll
Should GAF publicly display what country a user is posting from?
2
58
1K
ForAcademicPurposes replied
Just found old Marvel trading cards from when I was a kid. How to go about selling them?
13
2K
Yerd replied
Trailer for Animal Farm from Andy Serkis just dropped
35
834
Tajaz2426 replied
And just like that, we got a mech as a prototype by a respected robotics company. Unitree presents their GD01.
42
437
Idleyes replied
Top Bottom