starbuck Posted February 12, 2015 Posted February 12, 2015 The latest trend in the awful Windows ecosystem is pretty ridiculous — scammers have a fake version of the reputable AdwCleaner tool, which is a real tool for Windows experts. And this one pretends your computer is infected and tries to make you pay them to remove it. AdwCleaner is indeed a real freeware tool, with a good reputation for removing spyware and adware. It’s not as well known as MalwareBytes because it’s not all that user friendly, since it is meant for Windows experts rather than regular users. And the scammers have tried to mimic the interface, stealing the logo, and even ripping out the icon (badly) for their fake version. Fake AdwCleaner is Being Distributed Through Adware Infections The ironic thing is that this is getting on people’s PCs that are already infected with adware or spyware of some type, which then keep popping up windows to a page that looks like this one… which tells you that adware is detected. Which is surprisingly accurate, although the fake app isn’t going to remove that adware. Once you click through that dialog, it’ll give you a scary message like this, telling you to download AdwCleaner. Since you’ve probably heard your geeky friends talking about AdwCleaner, a normal user might be tempted to download it. If you make the mistake of downloading and running this fake AdwCleaner, you’ll be quickly presented with a window that looks an awful lot like the real thing. Once the fake one finishes scanning, it’ll present you with a dialog saying your PC is completely infected with spyware and browser hijackers, and then it’ll offer to remove it, as long as you pay $59.99 to them through Paypal. And of course that fire sale ends tomorrow. It’s important to note here that the real AdwCleaner is completely free. You can download it from AdwCleaner Source: http://www.howtogeek.com/209654/scammers-are-using-a-fake-version-of-adwcleaner-to-trick-people/ Quote
FPCH Admin AWS Posted February 12, 2015 FPCH Admin Posted February 12, 2015 They are getting trickier and trickier. I bet many people will be fooled by this one. Quote Off Topic Forum - Unlike the Rest
starbuck Posted February 12, 2015 Author Posted February 12, 2015 The website has been reported to Google as a Web Forgery .... if they add this to the database it should protect users of Google Chrome and Firefox. Quote
FPCH Admin allheart55 Cindy E Posted February 13, 2015 FPCH Admin Posted February 13, 2015 What about all the poor IE users? Quote ~I know that you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I meant.~ ~~Robert McCloskey~~
DSTM Posted February 13, 2015 Posted February 13, 2015 Thanks for the heads up, Pete. I always try Bleeping first for specialized malware removal programs. Just a habit. Quote Roses are red, violets are blue, I'm Schizophrenic, and so am I Free Photo Restoration and Repair for all Forum members - CLICK HERE Please pop back and let us know if your Computer problem has been solved.
donetao Posted February 13, 2015 Posted February 13, 2015 (edited) Thanks Pete! I would like add these links from Adobe to your thread if you don't mind!! I think we are going to see a lot of this in the future, so be prepared for a epidemic of this behavior! https://forums.adobe.com/thread/1435362 http://www.symantec.com/connect/blogs/fake-adobe-flash-update-installs-ransomware-performs-click-fraud Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the web. The "updates" or "alerts" in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer. Edited February 13, 2015 by donetao Quote Some times you're the wind shield. Some times you're the bug!!:(
starbuck Posted February 13, 2015 Author Posted February 13, 2015 What about all the poor IE users? If they're using Google as the search engine, they should be covered as well. Have no idea if 'Bing' has been informed though. Obviously this protection will only cover those running a search for AdwCleaner. This scareware is fairly easy to remove. Simply terminate the 6AdwCleaner.exe process in Task Manager to end the program. Once the program is terminated, delete the HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AdwCleaner Registry key via Msconfig or Autoruns and then delete the C:\Users\<login name>\AppData\Local\6AdwCleaner.exe file. If you would prefer to use a program to remove this infection, Emsisoft Anti-Malware and Malwarebytes both detect this scareware already. AdwCleaner should only be downloaded from ToolsLib.net and BleepingComputer.com. If you download it from any other location then you run the risk of becoming infected with adware or possibly something worse. Quote
starbuck Posted February 13, 2015 Author Posted February 13, 2015 The legit AdwCleaner can now remove the scam version. 1 Quote
Rich-M Posted February 14, 2015 Posted February 14, 2015 Thanks Pete, this is really getting ridiculous.... Quote
donetao Posted February 14, 2015 Posted February 14, 2015 It certainly is!!!! The whole world is in a heap of trouble and the internet has gone into the cesspool Quote Some times you're the wind shield. Some times you're the bug!!:(
Recommended Posts