Setec Astronomy
Well-known member
- Aug 31, 2010
- 17,035
- 1,321
No improvement yet, if I'm reading the Google analysis correctly, they tested 20 pages at the site today, and 100% of them resulted in malicious software being downloaded.
Autopia.org bad for you?
- Thread starter davidc
- Start date
trhland
New member
- Nov 8, 2006
- 3,998
- 0
wow what a shame . im going tomiss scott waxes details love them
Bunky
Well-known member
- Jun 20, 2007
- 6,427
- 148
Well if the good posters went elsewhere, there would be less of loss.
wascallyrabbit
New member
- Jun 7, 2010
- 14
- 0
i've seen several of the better posters screen names over here.
C. Charles Hahn
New member
- Aug 27, 2007
- 3,103
- 0
Yep, and as far as Scott in particular I know he posts on a few other forums as well.
Grizzly
SELF BANNED
- Feb 5, 2010
- 498
- 0
Which ones?
Pats300zx
Active member
- Mar 7, 2006
- 5,332
- 21
Off Topic (dot com)
watermark
New member
- Nov 28, 2009
- 98
- 0
The malware is actually pretty easy to remove, albeit it takes a long time. You need two pieces of software, both available here:
Remove the Fake Microsoft Security Essentials Alert Trojan and AntiSpySafeguard
You may have to download them onto a thumb drive on another pc to get it to work.
Start your PC in "safe mode" with the thumb drive in a USB port. Running "rkill" will stop the malware from running. Then run the free scan with Malwarebytes Anti-malware. Took about an hour, but completely fixed my system.
So much for using Autopia until they fix this.
Remove the Fake Microsoft Security Essentials Alert Trojan and AntiSpySafeguard
You may have to download them onto a thumb drive on another pc to get it to work.
Start your PC in "safe mode" with the thumb drive in a USB port. Running "rkill" will stop the malware from running. Then run the free scan with Malwarebytes Anti-malware. Took about an hour, but completely fixed my system.
So much for using Autopia until they fix this.
builthatch
New member
- May 25, 2008
- 2,352
- 0
i have an xp machine. i run avast! and have ccleaner, MBAM, superantispyware on standby just incase (along with some other crazier stuff like RKUnhooker, ATF-Cleaner, GMER, etc.)
i've had to handle a bunch of these at the office, for different people. i usually have great success with either the typical online write-ups and/or just my programs in safe mode, etc.
well, i got hit with one of these rogue anti-virus scams a few months ago and had a heck of a time battling it. nothing worked. it was a DOOZY.
all i'm going to say is that the volunteer staff at bleepingcomputer.com was amazing and helped me out completely. they are all doing it for the love, and will work with you one on one, free, to get your system sorted without having to reinstall.
for what it's worth, i now use exclusively firefox with adblocker plus installed. it's amazing for this sort of thing as it prevents it from running in the first place.
best of luck and i hope they get this fixed at some point since i tend to reference my own posts sometimes, haha.
i've had to handle a bunch of these at the office, for different people. i usually have great success with either the typical online write-ups and/or just my programs in safe mode, etc.
well, i got hit with one of these rogue anti-virus scams a few months ago and had a heck of a time battling it. nothing worked. it was a DOOZY.
all i'm going to say is that the volunteer staff at bleepingcomputer.com was amazing and helped me out completely. they are all doing it for the love, and will work with you one on one, free, to get your system sorted without having to reinstall.
for what it's worth, i now use exclusively firefox with adblocker plus installed. it's amazing for this sort of thing as it prevents it from running in the first place.
best of luck and i hope they get this fixed at some point since i tend to reference my own posts sometimes, haha.
Setec Astronomy
Well-known member
- Aug 31, 2010
- 17,035
- 1,321
I was googling around on this a bit this morning, and it has already become internet conspiracy-theory lore. Plenty of DavidB bashing, misinformation, but mostly, a lot of warnings to stay away from the site, amid suggestions that the management was complicit in the problem because they didn't do anything about it. And so the price of not reacting quickly enough. Oh well.
Mindflux
New member
- Apr 11, 2008
- 668
- 0
Just be aware that I run FF and ABP and got this "virus" from Autopia. It had nothing to do with the ads really and everything to do with a javascript that got injected into the pages and allowed to run. :nomore:
Setec Astronomy
Well-known member
- Aug 31, 2010
- 17,035
- 1,321
Fluxy, I presume someone is actually making money from this "virus" since there must be some percentage of infected users who buy the "antivirus" solution it is pushing. Any idea how that works (again, presuming that "SecurityTool" or whatever it was actually takes your money; I didn't see where anyone actually said that--maybe it does nothing if you try, or just steals your CC data)?
builthatch
New member
- May 25, 2008
- 2,352
- 0
ahh, i should have been more specific - does anyone know if browsers got hijacked as a result of these rogue programs coming from autopia? in all honesty that was the one problem with the doozy i faced in terms of removal because it actually hijacked IE. thankfully firefox with ad block plus is supposed to prevent this from happening. apparently if you have firefox without it, the solution is MUCH easier than all of the processes required to take back IE. there is one program called gooredfix that handles redirect issues with firefox.
if i had JUST the rogue AV and nothing else, then i would have been much easier to remove IMO vs. the AV + IE hijack.
as far as what happens if you pay the ransom, they are getting the money; here is an example of one that was shut down: FBI shuts down $100 million rogue antivirus operation - FierceCIO:TechWatch
Mindflux
New member
- Apr 11, 2008
- 668
- 0
I don't think I got any browser hijacking because of it, but I got the malware even though I was using FF+ABP. It came through a java loader. (I hit the page, java splash screen popped up which was abnormal so I knew I was in for some bad stuff) and then WHAM that crappy fake AV popped up and my antivirus blocked some virus injections.
Mindflux
New member
- Apr 11, 2008
- 668
- 0
The cleanup of the virus is why it's down, not that the virus itself brought it down. They took the board offline to cleans the code of the injection points.
Well I haven't even tried going on Autopia is awhile But I figured I'd post up an update there and found out the site was all messed.. Do a quick google search and I find out this whole mess. And to see it's been down for quite awhile is a little disturbing actually. Ah well I guess. The place really wasn't as good as it used to be anyways. But since the new owners just paid a decent sum (I assume) for the site I hope they get it back up and running so they can get their ROI for the purchase.
fyi - I'm running Win7 64bit with Symantec Endpoint Protection. The fake virus detector virus got on my machine via a file that I had downloaded. I believe that is the same as the autopia.org malware.
I used malwarebytes to remove it. Worked very fast and everything is nice and clean now (I hope). Make sure you run a full scan of your PC to get all points. Now I have to figure out why Symantec didn't detect it. I may switch Avira or run some combo.
I used malwarebytes to remove it. Worked very fast and everything is nice and clean now (I hope). Make sure you run a full scan of your PC to get all points. Now I have to figure out why Symantec didn't detect it. I may switch Avira or run some combo.
trhland
New member
- Nov 8, 2006
- 3,998
- 0
oh ok .. i know very little about these things.