Viruses disguised as Java Updates

[Dragonus]

Has anyone else gotten attacked from viruses disguised as Java updates? I stopped coming here because of this. I'm only here now because I have my Jaba turned off on my Firefox browser.

This needs to be fixed, because I used to like coming to Akiba-Online daily for pictures and video stuff, but now I stay away unless I feel like coming here because of the virus-disguised Java updates.

 

[kbryc08]

Please be more specific. What virus-disguised Java updates are you referring to? I get my java updates from Oracle as most of us probably do. We do not provide java updates or anything like that, if you have some kind of proof like a link/screenshot we would love to see it.

 

[Dragonus]

Basically what happens is that the mysterious Java update will pop up, Firefox says something about missing something or rather, then my window freezes up, then it'll close out.

Next thing I know a bogus anti-virus shows up, then I click on Firefox and it says that Internet Explorer is having testicle difficulties or something like that. Afterwards, I get pop-ups about not being protected, then I open a program and a window opens saying that what I open is damaged, which it's not.

Thankfully I have Malware Bytes for this problem. A few times I've had to do a system restore by forcefully powering down then going into safe mode.

Again, this problem didn't start happening until I started going through the Idol downloads, then it started happening when I would search the anime downloads. So now I come here with my Java turned off so as to not get hit everytime I come to Akiba.

 

[kbryc08]

From your description it doesn't sound like Akiba-Online is the culprit which would be independently confirmed if no one else has this issue. It sounds like you have some kind of malware on your computer already and that there are certain triggers that are activated when visiting certain parts on A-O (just speculatin' here).

If you could be even more specific and provide any information verbatim from the pop-ups you've seen (like the name of the bogus anti-virus) that we can google and find the possible source of infection.

We want users here to have a clean experience and we do that by constantly cleaning up posts that break the rules (double-posting, etc.) and by banning imagehosts and filehosts that install malware/etc on a machine, have a pop-up, force users to wait before redirecting, etc.. I am sure that A-O is not the culprit but I would like to help you resolve this issue.

There are many ways to diagnose and clean your system and one method I recommend is to download Hijackthis (a freeware utility), run the tool and post the contents of the resulting text file. HijackThis will display a list of areas on your computer that might have been changed by spyware. Then someone knowledgeable can point out what entries are bad that can be removed.

You would probably be better off going to one of the many Hijackthis forums and submitting the report there but there are guru's here that can also help. I, myself, am comfortable with using and diagnosing Hijackthis if you want to go this route.

Good luck.

 

[CoolKevin]

I hope I can get back to you on this, I did visit the site, I have a problem XP, and possibly with firefox, but my problem was XP security centre wanted to sell me its own software, and I am still baffled how it managed to download itself, rather tired at the moment and I am off to bed,

PS I am using Ubuntu at the moment

 

[Rollyco]

XP security centre wanted to sell me its own software

Drive-by downloads can happen when you are running an outdated browser or browser plugin version.

Being behind just one version increment in Java or Flash is a recipe for disaster.

 

[CoolKevin]

is that what happened, because I was using opera, I never bothered with firefox until I checked another site, so I fell behind upgrades, at the moment I am using ubuntu, and at the top of the browser it says install missing plugins, and I get to the install part and it does not install

 

[licherpus]

Basically what happens is that the mysterious Java update will pop up, Firefox says something about missing something or rather, then my window freezes up, then it'll close out.

Next thing I know a bogus anti-virus shows up, then I click on Firefox and it says that Internet Explorer is having testicle difficulties or something like that. Afterwards, I get pop-ups about not being protected, then I open a program and a window opens saying that what I open is damaged, which it's not.

Thankfully I have Malware Bytes for this problem. A few times I've had to do a system restore by forcefully powering down then going into safe mode.

Again, this problem didn't start happening until I started going through the Idol downloads, then it started happening when I would search the anime downloads. So now I come here with my Java turned off so as to not get hit everytime I come to Akiba.

I suggest you see a doctor. Hope you get your computer cleaned up too.

 

[akuma2002]

It seems you have to be sure you're running the latest version of firefox. Do not click when it says it's missing some components. And install the official java packages from java.sun.com (well,it'll redirect you to Oracle, since Sun is part of Oracle now^^) Then simply let java updater take care of the updates.

 

[Syobon]

you should block ads also, they are one of the main vectors to malware nowadays.

 

[gyoza ramen & a beer]

I know I've fairly ranted about this twice before so don't mean to be annoying but that goddamn XP antivirus (or whatever its crafty Ukrainian authors-handlers are calling it now) was an absolute bitch to get rid of. And, of course, I've got to be wondering is it really gone?

It took a Norton tech one-and-a-half hours to root it out from everywhere it had replicated itself on my computer. At the time, he said the main source of the infections they were dealing with was the "My Barack Obama" site and iTunes.

In my experience, one of the prime indicators of its presence was that I couldn't install updates to programs and couldn't establish set-points using System Restore.

And up-to-date anti-virus (the real kind) and anti-spyware programs were useless against it. One never detected it and the other claimed it had been successfully quarantined.

 

[Rollyco]

If you're the type of person that gets infected with malware, you need to be more proactive (antimalware and antivirus are fine, but reactive in nature.)

Sandbox your browser and other internet-facing applications (Adobe Reader, Outlook, Office) to limit the damage in case an exploit gets through. http://mukki.org/0day/sandboxie-v3-52-multilingual-cracked-eat-32515

Keep your software and plugins up-to-date. If you install the free Secunia PSI it will periodically scan your installed software and notify you if any is out of date (and optionally auto-update some of them.)

 

[gyoza ramen & a beer]

If you're the type of person that gets infected with malware,

Actually, I'm the type of person that gets infected with...STDs...but that's for a different forum. :joker:

But, seriously; thanks, Rollyco.

 

[dumbcow]

virus

had same attack java update disguised ms/ exploite had to reinstall system to clear

 

[CoolKevin]

had same attack java update disguised ms/ exploite had to reinstall system to clear

I wondered if I had to reinstall, oh well I suppose that will take a few days,

I guess it only buries itself in the OS, and not sneaks onto partitioned parts and external HHD

 

[jplond]

If you had Security Center pop up and it was trying to sell itself, then that is the security center virus/bug/whatever and not actually Microsoft. So that is not legit.
Ive had this before and it does suck but not that hard to clean.

If your not willing to pay for protection like Norton, I ran the cheapest net version of Norton for a year and it worked great. U dont need the large suite packages. I Find a compilation of the following free products works the best. Always run this stuff in safe mode so bad things don't get loaded. Once you feel your system is clean, run everything once more for safeties sake in safe mode and then run again in normal mode.

Malware Bytes Anti-Malware
Search and Destroy
The real Microsoft Security Center Windows Defender.
CCleaner

If you do safe mode with networking, make sure to physically remove your Ethernet wire from your computer or disconnect your wireless so you aren't connected to the net and things cant re-download. Also make sure to check in the control panel in internet options/connections tab/LAN settings to make sure a proxy has not been added. Under proxy setting, field should be blank and box should be unchecked, that is of course if you are not set up to go through a proxy on purpose.

Ive only had to do a fresh install on a computer twice due to virus once on a cpu of mine and once on a clients. fresh installs should be last ditch effort IMO, only because i hate having to re-install everything. Sometimes its just better to spend a day cleaning the infected computer.

 

[Dragonus]

I downloaded superantispyware, and now I don't have any problems with coming back here. Since then, I changed the Quick Style Chooser to black, and I've been able to come here daily.

 

[WillEater]

If you had Security Center pop up and it was trying to sell itself, then that is the security center virus/bug/whatever and not actually Microsoft. So that is not legit.
Ive had this before and it does suck but not that hard to clean.

If your not willing to pay for protection like Norton, I ran the cheapest net version of Norton for a year and it worked great. U dont need the large suite packages. I Find a compilation of the following free products works the best. Always run this stuff in safe mode so bad things don't get loaded. Once you feel your system is clean, run everything once more for safeties sake in safe mode and then run again in normal mode.

Malware Bytes Anti-Malware
Search and Destroy
The real Microsoft Security Center Windows Defender.
CCleaner

If you do safe mode with networking, make sure to physically remove your Ethernet wire from your computer or disconnect your wireless so you aren't connected to the net and things cant re-download. Also make sure to check in the control panel in internet options/connections tab/LAN settings to make sure a proxy has not been added. Under proxy setting, field should be blank and box should be unchecked, that is of course if you are not set up to go through a proxy on purpose.

Ive only had to do a fresh install on a computer twice due to virus once on a cpu of mine and once on a clients. fresh installs should be last ditch effort IMO, only because i hate having to re-install everything. Sometimes its just better to spend a day cleaning the infected computer.

All good suggestions for sure..

The combination I use is about the same.

Microsoft Security Essentials (Free, and replaced Defender)
CCLEANER (Free and cleans sludge and registry errors)
Spybot Search & Destroy (Free, and cleans ad ware)
Malware Bytes (Free and cleans most infections if caught early)
Threatfire (Free, and detects rootkits)

Another option is Avast. I love the way Avast stops drive by downloads.
When or if a website tries to download crud, Avast breaks the connection, and stops it in its tracks. Very good stuff.. (If you use this one, MSE is not needed)

Just my humble opinion..

As to the XP2009 (or 2010, 2011) virus, disguised as an anti virus, it's difficult to remove, save some time and format and install the OS again.
Quit screwing around and format..

 

[billinauburn]

I had to do 2 reinstall after coming here.

The only common thread was 1)Coming here and 2)after opening a cover or screenshot link I would be notified about something. I usually back out or click the close x,never hit no(or decline,ect.)

Things would seem normal until I left the site and then double click to Outlook..can't find the .exe, double click games..can't find the .exe

I have XP sp3, AVG, Malwarebytes, use IE8. Thought I was doing OK on the security front but guess not.