{"id":3701,"date":"2012-02-11T11:54:23","date_gmt":"2012-02-11T16:54:23","guid":{"rendered":"http:\/\/thundercloud.net\/infoave\/new\/?p=3701"},"modified":"2012-02-11T11:54:23","modified_gmt":"2012-02-11T16:54:23","slug":"another-rogue-strikes-again","status":"publish","type":"post","link":"https:\/\/www.thundercloud.net\/infoave\/new\/another-rogue-strikes-again\/","title":{"rendered":"Another Rogue Strikes Again!"},"content":{"rendered":"<p><strong>Sally was attacked by an online virus scanner and couldn&#8217;t get away.<\/strong><br \/>\nI want to thank you for everything you do and for providing common sense, plain English answers to our computer questions.<\/p>\n<p>Recently I was browsing the Web and suddenly a window appeared saying I was infected with something. But it wasn&#8217;t my AVAST it was something else.\u00a0 I tried using the F4 key to close the window but it wouldn&#8217;t let me, it said something about if I close this window I might damage my computer. So, thanks to your newsletter I knew better than to click &#8220;Close&#8221; on that box. I had no choice but to shut down my computer by turning it off using the power button. Luckily when I turned my computer back on, everything was normal. Afterwards I scanned my computer with Avast and<a href=\"http:\/\/thundercloud.net\/sale\/sas\/autumn\/\">SuperAntiSpyware<\/a> but found nothing. What happened? Thanks!<br \/>\n<strong><br \/>\nOur Answer<br \/>\n<\/strong>Hi Sally &#8211; thanks for your nice comments. Rogues are the most common form of malicious attack you&#8217;re likely to encounter these days. You&#8217;re much more likely to encounter a rogue as you are a virus. You cannot F4 yourself out of this one.\u00a0 But you did very well in not clicking any &#8220;Close&#8221; buttons or in trying to close these windows by clicking the &#8220;X&#8221; in the top-right corner. You would have ended up installing VirusDoctor &#8211; a rogue, malicious program most likely another AntiVirus2011 clone from the world of rogue security software.<\/p>\n<p>Here&#8217;s a tip for you the next time you find yourself in a similar situation. If the ALT+F4 key combination does not work, don&#8217;t panic.<\/p>\n<ul>\n<li>Calmly right-click on an empty place on your taskbar and right-click it. Select Task Manager.<\/li>\n<li>When Task Manager opens, click the Processes tab and locate your Brower&#8217;s exe file. Internet Explorer is called iexplore.exe and Firefox is called firefox.exe.<\/li>\n<li>Right-click on the browser&#8217;s exe and choose &#8220;End process tree&#8221;. Ignore the warning and proceed. This will close your browser immediately regardless of whatever tricks the site may be playing.<\/li>\n<li>If you have more than one instance of your browser running you may have to individually close each instance. Simply repeat the steps above.<\/li>\n<li>If all else fails &#8211; turn your computer off at the switch.<\/li>\n<\/ul>\n<p>For the benefit of those who&#8217;ve not had the misfortune to encounter these kinds of rogues, here are some screen shots we created when we intentionally went out and tried find one for you. We found it and we allowed it to begin its attack on our computer. We&#8217;re nuts, I know. But this will help you recognize a scam when you see it &#8212; and this, friends, is a blatant scam and a violation of your computer. This is a crime.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/thundercloud.net\/infoave\/images\/2012\/av-scanner.png\" border=\"0\" alt=\"Cloudeight InfoAve\" width=\"593\" height=\"156\" \/><br \/>\nFig 1.\u00a0 &#8220;System Security&#8221; sounds like it&#8217;s a Windows function. It is not. It&#8217;s a deception. Do not click the &#8220;X&#8221; and do not click &#8220;OK&#8221;. Press ALT+F4. If ALT+F4 does not work, follow the steps outlined below.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/thundercloud.net\/infoave\/images\/2012\/av-scanner1.png\" border=\"0\" alt=\"Cloudeight InfoAve\" width=\"540\" height=\"351\" \/><br \/>\nFig 2. Tricky, tricky, tricky. See how it looks like your own computer. It&#8217;s not. We did this on Vista on a computer with 4 hard drives. This is just a clever reproduction that could be anyone&#8217;s Windows XP computer. It couldn&#8217;t be a Vista or Windows 7 computer. Look at the folders and look at the name &#8220;<em>My <\/em>Documents&#8221;. On Vista and Windows 7 &#8220;My Documents&#8221; are called &#8220;Documents&#8221;. Again, never click the &#8220;X&#8221; or &#8220;OK&#8221; or &#8220;Cancel&#8221; , if you do you&#8217;re going the installation will start. Never click anything on these kinds of pages. Use ALT+F4. If that fails to close the browser use Task Manager to end the process and terminate your browsing session.<\/p>\n<p><a href=\"http:\/\/thundercloud.net\/infoave\/images\/2012\/av-scanner-big.png\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/thundercloud.net\/infoave\/images\/2012\/av-scanner-small.png\" border=\"0\" alt=\"Cloudeight InfoAve Premum\" width=\"467\" height=\"295\" \/><\/a><br \/>\nFig 3. Kind of hard to see this? Click on the picture to see the full-size image. Note our computer is &#8220;infected&#8221;. Why? Every computer is infected because this is just an graphic, everyone who gets caught in this trap sees the same picture. It&#8217;s used to scare unwitting users into downloading malware. Not only that, they&#8217;ll want you to pay to &#8220;clean&#8221; your computer. Can you say &#8220;scam&#8221;? We were using Windows Vista when we took this screen shot. Notice the graphic still showing a Windows XP computer. It can&#8217;t be a Windows 7 or Windows computer &#8211; but if you&#8217;re not paying attention you might THINK it is your computer &#8211; even if you are using Vista or Windows 7.<\/p>\n<p>So there you have it. These kinds of scummy tricks go on every day on the Web. If you haven&#8217;t seen one yet, just wait, you probably will. But, now you know what to do. If ever the ALT+F4 key combination doesn&#8217;t work, don&#8217;t panic, don&#8217;t turn your computer off at the switch, use Task Manager to shut down your browser. If you can&#8217;t find it in Task Manager &#8211; then shut down your computer at the switch. It&#8217;s been than dealing with the damage installing one of these rogues can cause.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sally was attacked by an online virus scanner and couldn&#8217;t get away. I want to thank you for everything you do and for providing common sense, plain English answers to our computer questions. Recently I was browsing the Web and suddenly a window appeared saying I was infected with something. But it wasn&#8217;t my AVAST it was something\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.thundercloud.net\/infoave\/new\/another-rogue-strikes-again\/\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1655,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/3701"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=3701"}],"version-history":[{"count":1,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/3701\/revisions"}],"predecessor-version":[{"id":3702,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/3701\/revisions\/3702"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=3701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=3701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=3701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}