Jump to content

Recommended Posts

Posted

The latest trend in the awful Windows ecosystem is pretty ridiculous — scammers have a fake version of the reputable AdwCleaner tool, which is a real tool for Windows experts. And this one pretends your computer is infected and tries to make you pay them to remove it.

 

AdwCleaner is indeed a real freeware tool, with a good reputation for removing spyware and adware. It’s not as well known as MalwareBytes because it’s not all that user friendly, since it is meant for Windows experts rather than regular users. And the scammers have tried to mimic the interface, stealing the logo, and even ripping out the icon (badly) for their fake version.

 

Fake AdwCleaner is Being Distributed Through Adware Infections

 

The ironic thing is that this is getting on people’s PCs that are already infected with adware or spyware of some type, which then keep popping up windows to a page that looks like this one… which tells you that adware is detected. Which is surprisingly accurate, although the fake app isn’t going to remove that adware.

 

89bcdfb72382473695de18ae97ecff63.png

 

Once you click through that dialog, it’ll give you a scary message like this, telling you to download AdwCleaner. Since you’ve probably heard your geeky friends talking about AdwCleaner, a normal user might be tempted to download it.

 

f0cb5e9d4718622969eba278dd9a92e8.png

 

If you make the mistake of downloading and running this fake AdwCleaner, you’ll be quickly presented with a window that looks an awful lot like the real thing.

 

f2dd79595268c17d07cf60db8e2e5eae.jpg

 

Once the fake one finishes scanning, it’ll present you with a dialog saying your PC is completely infected with spyware and browser hijackers, and then it’ll offer to remove it, as long as you pay $59.99 to them through Paypal. And of course that fire sale ends tomorrow.

 

It’s important to note here that the real AdwCleaner is completely free. You can download it from AdwCleaner

 

891961014869762fb710cd7b3fbfcf6e.jpg

 

 

Source:

http://www.howtogeek.com/209654/scammers-are-using-a-fake-version-of-adwcleaner-to-trick-people/

76c90dd0e79a714317a8daeecc1584d2.png

Posted
The website has been reported to Google as a Web Forgery .... if they add this to the database it should protect users of Google Chrome and Firefox.
76c90dd0e79a714317a8daeecc1584d2.png

Posted (edited)

Thanks Pete! I would like add these links from Adobe to your thread if you don't mind!!

I think we are going to see a lot of this in the future, so be prepared for a epidemic of this behavior!

https://forums.adobe.com/thread/1435362

http://www.symantec.com/connect/blogs/fake-adobe-flash-update-installs-ransomware-performs-click-fraud

 

Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the web.

 

The "updates" or "alerts" in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.

Edited by donetao
Some times you're the wind shield. Some times you're the bug!!:(
Posted
What about all the poor IE users?

If they're using Google as the search engine, they should be covered as well.

Have no idea if 'Bing' has been informed though.

Obviously this protection will only cover those running a search for AdwCleaner.

 

This scareware is fairly easy to remove.

Simply terminate the 6AdwCleaner.exe process in Task Manager to end the program.

Once the program is terminated, delete the HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AdwCleaner Registry key via Msconfig or Autoruns and then delete the C:\Users\<login name>\AppData\Local\6AdwCleaner.exe file.

If you would prefer to use a program to remove this infection, Emsisoft Anti-Malware and Malwarebytes both detect this scareware already.

 

AdwCleaner should only be downloaded from ToolsLib.net and BleepingComputer.com.

If you download it from any other location then you run the risk of becoming infected with adware or possibly something worse.

76c90dd0e79a714317a8daeecc1584d2.png

Posted
It certainly is!!!! The whole world is in a heap of trouble and the internet has gone into the cesspool
Some times you're the wind shield. Some times you're the bug!!:(
Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...