• Welcome to Autism Forums, a friendly forum to discuss Aspergers Syndrome, Autism, High Functioning Autism and related conditions.

    Your voice is missing! You will need to register to get access to the following site features:
    • Reply to discussions and create your own threads.
    • Our modern chat room. No add-ons or extensions required, just login and start chatting!
    • Private Member only forums for more serious discussions that you may wish to not have guests or search engines access to.
    • Your very own blog. Write about anything you like on your own individual blog.

    We hope to see you as a part of our community soon! Please also check us out @ https://www.twitter.com/aspiescentral

Which virus scan to believe

Sherlock77

Sherlock77

Well-Known Member
V.I.P Member
A couple days ago while searching for something, regarding of all things Freightliner trucks, I came upon a website that had security issues so backed out right away... At the time I had a bunch of computer things on the go and everything stopped so I re-started the computer

Since then I've been getting pop ups while on the internet (Firefox) about a trojan virus specifically promoting McAfee to get rid of it, while that happened I immediately scanned my computer using Microsoft Security that is already installed and up to date (as of today) and it has found nothing, zero, nothing

I have a suspicion that the pop up messages themselves might be spam, and I don't trust them, tried to get a screen shot tonight but just missed...

I did go to the McAfee website to download from their site their virus scanner, while installing it they wanted me to remove Microsoft Security from the hard drive, so I've been unable to actually install it...

I don't really want to uninstall Microsoft Security, just to put McAfee on my computer, although I did pay them to get the download, and my Microsoft Security has always worked well for me in the past, I'm just not sure which one to believe
 
It's likely that the rogue website installed a cookie on your web browser. Every time you use your web browser it serves you up an ad as it knows you went to the non trustworthy website. It knows you likely saw a load of warnings so it knows that if you see warnings popping up, you are primed to be in a psychological state where you might buy the "solution".

I suspect if you completely clear out all the cookies/caches/site settings and remove any browser extensions, you will probably find the pop ups stop.

You are probably unlikely to have a virus as if you are using windows, it will have asked to install any executables or make changes to the OS. This would explain why your virus scan is clean.

Generally it's not recommended to run two virus scanners as one may detect the others virus pattern database as a bunch of viruses. This spurns that antivirus application to see the others as malicious activity and defend itself and everything grinds to a halt.
 
How ironic, eh, that a virus scanner, can be a virus in itself!

Recently, my husband told me that he received what looked like an authentic email, from our tax office, here in France, saying that we owed them over 2000 euros. My husband, thankfully, did not go in straight away ( past he has) and once he told me, I googled it and sure enough, it was a scam! I reasoned that to suddenly receive such an email, was suspicious in itself.

I used to get emails from PayPal, to say that there is suspicious activities going on. But, rather than clicking on the link, I went straight to PayPal and my suspicious were confirmed! I alerted PayPal and they said that I will know it is them, because they use my full name. Guess what? I did receive an email with my full name ( about a year later), saying, once again, suspicious activities. But, again, checked my account and thus discovered that it was a scam too.

What I tend to do, if I go into a site and it is bad. I try to delete all the cookies etc and generally, it is fine.
 
Have you considered using Windows' System Restore utility if you have a restore point prior to being infected with some kind of malware?

It might be just a "popup scam" and little else. Restoring your system to an earlier point might fix the problem.
 
I think it has been dealt with now, pretty sure it was popup scam... I certainly didn't download anything...
 
Have you tried Malwarebytes? Usually this one will even find PUPs (potentially-unwanted programs) and is generally the least-spammy of them all (not to mention free). It seems to know exactly when you have adware on your PC (which sounds like your potential scenario), which it still classifies as malware and many others do not*. I've also successfully cleaned up probably hundreds of PCs with this piece of software alone in the past decade, and it's a PC tech's dream after all these years.

* = Not to sound alarmist, but I definitely believe that certain adware companies pay off malware scanners like McAfee so they can slip on by, but this is just a hunch.

Browser popups can also be managed with extensions like Ublock Origin, and many others
 
Last edited:
Glad you were able to fix the situation, Sherlock.

Off topic, but can anyone recommend an app that I can download to my I-phone to stop spam calls? Preferably a free app. I get calls from all over the country. In fact, sometimes the "United States of America" and the "United Kingdom" call my cell phone. I never answer those calls and block the numbers but I'd love to be able to block all of them, permanently.

I also get text messages that are bogus. Is there a way to bock them, too?
 
Mary Terry said:
Glad you were able to fix the situation, Sherlock.

Off topic, but can anyone recommend an app that I can download to my I-phone to stop spam calls? Preferably a free app. I get calls from all over the country. In fact, sometimes the "United States of America" and the "United Kingdom" call my cell phone. I never answer those calls and block the numbers but I'd love to be able to block all of them, permanently.

I also get text messages that are bogus. Is there a way to bock them, too?
Click to expand...
You might start here. I've used Nomorobo for years, though they can't filter all criminal scams. Plus my phone carrier marks them as "Spam Risk" on the caller id.

Stop robocalls and spam texts with Nomorobo

Finally! No more annoying robocalls and spam texts.
nomorobo.com nomorobo.com
 
Judge said:
You might start here. I've used Nomorobo for years, though they can't filter all criminal scams. Plus my phone carrier marks them as "Spam Risk" on the caller id.

Stop robocalls and spam texts with Nomorobo

Finally! No more annoying robocalls and spam texts.
nomorobo.com nomorobo.com
Click to expand...

Thanks, Judge. I'll investigate it. My phone identifies "spam risk" and "telemarketer" but I'd love to block all of the spammers and scammers.
 
Mary Terry said:
Thanks, Judge. I'll investigate it. My phone identifies "spam risk" and "telemarketer" but I'd love to block all of the spammers and scammers.
Click to expand...
I still get them, but far fewer than I used to. Some days go by without any such calls at all. Not any different than hacking, where the criminals remain ahead of the curve, just not as much as in the past.

I simply don't bother to pick up on any call I can't identify as being legitimate. Plus the logic of legitimate callers likely to leave a message, where most criminal scammers know better.

At least with using "Nomorobo" it tells criminal scammers that I'm not the "easy mark" they are looking for.
 
Last edited:
Mary Terry said:
Glad you were able to fix the situation, Sherlock.

...
Click to expand...

Maybe... Ran a scan last night, got rid of a bunch of cookies... Maybe not the right ones, because I'm still getting the popups, finally got a photo of one... Again my virus scan is picking up nothing, I'm pretty sure there is no virus on the computer... I don't have time to do anything with it right now because I have to go to work soon, and I really don't have the time to deal with this! :rolleyes:

Finally got a photo of the message:

Virus Scan 01.jpg
 
Elementalhammer.top is a malicious web domain. Reflecting malware that resides within your browser, and not likely the operating system itself. Which might explain why Windows Defender isn't showing any problems. Perhaps Microsoft's way of telling you to use their browser and not Firefox....lol.

Simply uninstalling the browser may not solve the program. Where you must not only delete the browser in its entirety, but also all references to Mozilla Firefox within the Windows Registry. And to purge all your existing system recoveries as the malware will come back unless you delete all system recovery entries.

A tedious process, but best to go through all registry keys to look for anything with Mozilla Firefox and delete them accordingly. Without deleting any reference to Mozilla Thunderbird, if that's your email client.

The joy of editing the Windows Registry is that if you delete the wrong thing, you may bring down the entire operating system with unrecoverable errors.

The really ugly part of it all is how predatory anti-virus and malware vendors can be in offering to "fix" such problems. When they may be giving you the virus, only to offer a "cure" at the same time. Where just looking for explanations in the wrong place might get you reinfected.
 
Last edited:
maycontainthunder said:
Might be worth having a look what add-ons Firefox has installed. There might be a fake one there that is doing this.
Click to expand...
Quite possible.

Look for any extension you didn't intend to have...especially if it's named "elementalhammer" extension. After all, the name itself is a domain. Perhaps the most painless solution if this is the case.
 
Judge said:
...

A tedious process, but best to go through all registry keys to look for anything with Mozilla Firefox and delete them accordingly. Without deleting any reference to Mozilla Thunderbird, if that's your email client.

The joy of editing the Windows Registry is that if you delete the wrong thing, you may bring down the entire operating system with unrecoverable errors.

...
Click to expand...

I have no idea what you're talking about, about to go web browsing... And I've never heard of Mozilla Thunderbird...
 
I found registry keys, still not sure what to look for, found the Mozilla/Mozilla Firefox folder in particular...
 
Sherlock77 said:
I found registry keys, still not sure what to look for, found the Mozilla/Mozilla Firefox folder in particular...
Click to expand...

Three basic things need to be done to completely delete an application from Windows:

#1) Uninstall Firefox first.

#2) Use the file manager and manually delete anything pertaining to Mozilla. (Quite often the uninstall process can leave residual data that might impact a re-installation of the same program. )

#3) Delete all references to Mozilla subkeys only, found in the Windows registry using the registry editor:

Most of the time to effectively eliminate all traces of a single application like Firefox, you have to focus on three keys:

* HKEY_LOCAL_MACHINE
* HKEY_CURRENT_USER
* HKEY_CLASSES_ROOT

Most of the time you want to go directly to the "software" subkey, and then search for "Mozilla" and delete it. Since you obviously don't use Mozilla Thunderbird (a common e-mail client) don't worry about it. And if you find Mozilla subkeys elsewhere, delete them to. Just don't delete anything outside of a Mozilla subkey or you'll likely bring down the whole OS.

There may be a fourth consideration prior to reinstalling Firefox. Whether or not to turn off system restore, and delete all restore points in the event the malware has found its way into that as well. Given the low-level of this kind of malware, it may not be necessary.
 
Last edited:
Judge said:
Three basic things need to be done to completely delete an application from Windows:

#1) Uninstall Firefox first.

#2) Use the file manager and manually delete anything pertaining to Mozilla. (Quite often the uninstall process can leave residual data that might impact a re-installation of the same program. )

#3) Delete all references to Mozilla subkeys only, found in the Windows registry using the registry editor:

Most of the time to effectively eliminate all traces of a single application like Firefox, you have to focus on three keys:

* HKEY_LOCAL_MACHINE
* HKEY_CURRENT_USER
* HKEY_CLASSES_ROOT

Most of the time you want to go directly to the "software" subkey, and then search for "Mozilla" and delete it. Since you obviously don't use Mozilla Thunderbird (a common e-mail client) don't worry about it. And if you find Mozilla subkeys elsewhere, delete them to. Just don't delete anything outside of a Mozilla subkey or you'll likely bring down the whole OS.

There may be a fourth consideration prior to reinstalling Firefox. Whether or not to turn off system restore, and delete all restore points in the event the malware has found its way into that as well. Given the low-level of this kind of malware, it may not be necessary.
Click to expand...
Thanks!

I'll look at it later, heading out right now for a few hours
 
You must log in or register to reply here.

New Threads

Top Bottom