« previous next »
Pages: [1]   Go Down

Author Topic: I have a Rogue Scanner  (Read 2369 times)

0 Members and 1 Guest are viewing this topic.

Offline David1970

  • Newbie
  • *
  • Posts: 15
I have a Rogue Scanner
« on: December 15, 2009, 05:13:16 AM »
Last night, I had just entered Yahoo and I get a pop-up message:"THREAT: Exploit Rouge Scanner (type 976).  At the bottom says Firefox.exe was infected and it also has a link to  the AVG Virus Encyclopedia.  I looked up the rogue scanner and the encyclopedia came up empty.  The popup looked like AVG.

I then did a MalwareBytes scan and it came up clean.   I scanned Firefox with AVG and that came up clean.

What should I  do next to clean my system?

David




Here's the log of my MalwareBytes scan:

Malwarebytes' Anti-Malware 1.42
Database version: 3356
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/14/2009 1:57:25 PM
mbam-log-2009-12-14 (13-57-21).txt

Scan type: Full Scan (C:\|)
Objects scanned: 382772
Time elapsed: 5 hour(s), 31 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Logged

Offline winchester73

  • Administrator
  • Hero Member
  • *****
  • Posts: 5123
  • Half a bubble off plumb
Re: I have a Rogue Scanner
« Reply #1 on: December 15, 2009, 02:17:47 PM »
First, I trust you have AVG installed as your anti-virus, and not another product ... I was unclear whether your AVG scan was an online scanner or your onboard protection.  It would be useful to know the exact and full wording of the message, but I don't use AVG, and don't know if there is a log that you can find or not.

If you do indeed have AVG onboard, the popup screen was telling you that it blocked the firefox.exe process from accessing the mentioned malware/exploit, and blocked it before it reached your system.  In other words, the detected threats were on the website you were visiting and not on your computer.  

"Rogue scanner" refers to websites that "inform" you that your computer is "infected", and try to entice you to check the "OK" button to "scan" your computer.  If you were to do so, this "scanner" would then report many infections were found, and recommend that you download their application to remove these infections.  The applications usually "appear" to be legitimate in their appearance, but they are merely tools to separate you from your money ... they actually remove nothing, but worse can often open back doors for other infections to steal passwords, credit card info, etc.

Since MBAM found nothing, I presume you exited out of all of the windows without clicking on any buttons to install anything.

Just to play it safe, you might wish to run the ESET online scanner:  http://www.eset.com/onlinescan/

Logged
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member


Offline David1970

  • Newbie
  • *
  • Posts: 15
Re: I have a Rogue Scanner
« Reply #2 on: December 27, 2009, 06:06:30 AM »
I don't know if this is a virus or not,but on some webpages,  some of the words turn into giant-size green links.  If I hover my mouse over the link, a pop up ad appears.

I use Mindfield (Firefox pre-release) as my web browser and I have already ran malware bytes and AVG and both came out clean.

I've had this problem for quite a while, but I want to get rid of these annoying links.

Is there a easy way to resolve thia?

David
Logged

Offline David1970

  • Newbie
  • *
  • Posts: 15
Re: I have a Rogue Scanner
« Reply #3 on: December 27, 2009, 06:09:02 AM »
Looks like AVG did its job.   The online scanner came out clean too.  Thanks!

David
Logged

Offline David1970

  • Newbie
  • *
  • Posts: 15
Re: I have a Rogue Scanner
« Reply #4 on: December 27, 2009, 06:11:09 AM »
Also, it seems that the Green Link monster likes guestbooks and forum pages.
Logged

Offline David1970

  • Newbie
  • *
  • Posts: 15
Re: I have a Rogue Scanner
« Reply #5 on: December 27, 2009, 06:34:43 AM »
Also, this problem is currently affecting Firefox, not just Minefield.   IE8 is not working at all tonight, but then again, even when it does work, it's an useless piece of crap.   

David
Logged

Offline David1970

  • Newbie
  • *
  • Posts: 15
Green Links (Possible Adware)
« Reply #6 on: December 27, 2009, 04:33:18 PM »
I don't know if this is malware or a virus, but when I go to some sites (especially forums abd guestbooks, but not this forum), I get giant green links for certain words on the site, When I hover my mouse cursor oer the affected word, a ad pops-up that is related to the affected word.

I am using Minefield (pre-release of FIrefox), but it affects all brwsers.

I scanned my computer with Malware Bytes and AVG, and both were clean.

Is there a easy way to get rid of the green links?

David
Logged

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 11530
  • "Stronger than the past, united in our goal."
    • Security Garden
Re: I have a Rogue Scanner
« Reply #7 on: December 27, 2009, 05:47:03 PM »
Hi, David1970.

Kindly follow the instructions in the topic at Log Posting Instructions and please post all replies in this topic rather than creating new topics.
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Pages: [1]   Go Up
« previous next »