miriam_e | outrageous scam site!!!

Today I accidentally happened across this scam site that seems to intercept google searches somehow (I was trying to find out what would dissolve a particular epoxy resin called Araldite here in Australia). Google came up with a lot of results, including this fake site called
onlinesecurescannerv3.com

At first it came up with an annoying pop-up telling me that my computer is infected and would I like to do an online scan. I cancelled, but it pretended to do a scan anyway and came up with the utterly amazing screen which I've put behind this lj-cut tag:

How astonishing is the level of work that has gone into that! I had no idea the scammers had gotten so sophisticated now. The window looks just like a standard Microsoft Windows file view. The red warnings of numbers of trojans in "Shared Documents" and the two hard drives blink to attract attention, the green fake scanning line grew to the right, and the blue window could be moved around just like a real window. Just one problem... I'm using Linux and my system looks nothing like this. Even when I used to use MSWindows I always used a different color scheme from the standard.

When I dragged the fake "Windows Security Alert" window to the side the site tried to send me an installable file. If I'd been using Microsoft InternetExplorer on Microsoft Windows this might not have even notified me (I'm not sure if they fixed that security hole yet) before installing it. Even if I saved the file to my machine on Linux I doubt it would have run. I don't use Wine because of just such risks (Wine lets Linux fool programs into thinking they are in a MSWindows machine thus allowing them to run).

Once installed on the machine I shudder to think what such a program could do. Horrifying.

I wonder how many people are sucked in by such assholes. I hope the cops come down on these scum-sucking bastards. Warn as many people as possible of the dangers of such sites. The only real safety here is knowledge.

Flat | Top-Level Comments Only

From:

greylock.livejournal.com

My. That is pretty impressive. Even the spelling is better than usual.
Not so much with the random capitalisations but you see it so much in corp-speak that it's easy to bland over.

I could easily see people being taken in my this. Hell, I'd get a bit of a heartshock if I saw it on one of my win-machines.

I wonder if NoScript would have blocked this.

I'm more worried about it intercepting your google search. I have heard of it happening, but usually at an ISP level.

From: (Anonymous)

I just had the fake trojan/scanner scam happen on my windows. My heart stopped. I felt it was fake but I couldn't be sure. I believed my McAfee should have been warning me. The problem is, I saved the file. Now I don't know where it is or how to find it. Or if it is really on the machine, which it probably is. Can you help? Advice?
Candy

From:

greylock.livejournal.com

First thing, right click on a picture. It should take you to where your default files go when you try to save it.
Select Save Type As: Any File and look to see what's in that folder.
Chances are of your saved it, it'll be there as an EXE (although it might be disguised).

Look through that folder, sorting by date, for the last few things saved/modified. If it's something you don't recognise you can delete it or google the name & extension and see if you can figure out what it is.

If that doesn't work: Go to search, and look for any file created in the last day.
You might want to start with checking initially for "*.exe" files.
And make sure you tick advanced options and select scan hidden folders.

I'm sure Windows searches extensions even if you have them switched to hidden.

From: (Anonymous)

I've tried everything you suggested. I can't find the file anywhere. I was amazed to see how many files were modified 8/9/09 around 1:30 in the morning. Now it's 3 am here and I'm exhausted. I hate to think that thing is hanging around somewhere in my computer, but I'm just not that computer savvy. Candy from Carolina

From: (Anonymous)

ps. thanks :) for trying to help me

From:

greylock.livejournal.com

No problems.

From:

greylock.livejournal.com

I was amazed to see how many files were modified 8/9/09 around 1:30 in the morning.

Windows update, perhaps? If you have that set to automatic (or the registry is taking a snapshot. I shouldn't worry too much. My machine has modified 161 files in the last five hours.

If you couldn't find the file doing what I suggested then you can relax a little. There are ways to hide files effectively from Windows but I haven't come across a virus or trojan that used any of them so far.

Files like the one you think you have tend to rely on user intervention to activate them (even if they do try a drive-by download).

If you're still worried, I'd back some stuff up,update McAffe's definitions and see if someone tech savvy and come around and have a look before you reboot but it seems to suggest you're clear for the moment.

From: (Anonymous)

Thanks for that info. I will rest a little easier with that information. Someone told me I should go to superantispyware.com and download the free home version. They said it would find anything on the computer. I should think my McAfee should do that, but she insisted that this program cleaned up her computer and had it running better. Have you any knowledge of this program/site? Thanks again (Lunchtime in Carolina)
Candy:)

From:

greylock.livejournal.com

I haven't heard of it, and with a name like Superantispyware I'm suspicious.

If you want a free AV program you could try Avira (www.avira.com) or Avast! (www.avast.com/eng/avast_4_home.html).

Avira has the benefit, I think, of being able to run off a boot CD but that will only help if you have an access to another machine to create a clean boot CD.

Either way, it's recommended you uninstall McAffe because AV programs sometimes do not play nice with each other.

From: (Anonymous)

LOL you're clever. I don't know if I'll make it through the 21st century but I'm giving it all I've got! I don't know what a clean boot CD is. tee hee hee. I'm not much fun am I? I don't think I saved that evil program because I remember a window popping up and asking me if I trusted the site. You know the one. So I think I opted out at that point because I didn't trust the site.

I have enjoyed this livejournal site. I may join it.

From:

miriam-e.livejournal.com

Many Linux distributions have boot CDs available. You put the CD in the drive, restart the computer, it boots from the CD instead of the hard drive, and you can use it to rescue or tinker with an infected system, without having to install it on the computer.

When I used to use MSWindows I had the bad experience of getting my machine infected once by a program that used Windows itself to protect it from deletion. The only way I could delete the damn thing was to reboot on a bootable floppy disk. These days it would be much easier, because I could boot the Windows machine on a Puppy CD, get rid of the infection, take the Puppy CD out, and reboot the machine as normal in Windows, minus the infection.

These days I use Linux so am quite a bit safer (until Linux becomes popular enough for the predators to want to feed on us). The particular Linux variant I use most of the time is Puppy Linux (http://www.puppylinux.com). While many Linuxes have bootable CDs available, Puppy is always distributed as a bootable CD. You can install this on your computer's hard drive (as I have on most of my machines) or you can simply use it from CD (as I do with the computer I use to connect to the net -- nothing can tamper with the operating system if it is sitting on CD).

This boot-CD quality of Puppy is one of the reasons I like it, but the main two reasons I prefer it are that it is tiny compared to most modern operating systems (less than 100MB), runs much faster than most modern operating systems (mainly because it isn't as bloated as others), and is very easy to use (it superficially resembles Windows98).

The size and speed issues are very important to me because I don't upgrade my machines the way other people do. Many of my machines are quite old, slow, and have little memory. Puppy makes them usable, where other operating systems would make them laughable. However Puppy's speed and size are still assets even on fast machines with oodles of RAM and giant hard drives; it lets them move like greased lightning and gives you far more room for other things.

From: (Anonymous)

Thanks for that info, Miriam. And I can't thank you enough for posting the fake scam. I experienced only minutes after you posted it and when I googled it, your posting was the ONLY one that came up. GREYLOCK was online and did his best to help me. I can't thank you both enough for the time and effort you went to to help a complete stranger. I guess there are some good guys on the net! :) Candy

From:

miriam-e.livejournal.com

:) No worries. I'm really happy it was some help.

One of the things I love about Live Journal is the number of really helpful and good people here, both individually and in its communities. That is pretty-much true of most places on the net though. Most forums are helpful places, full of great people. You will always meet a small number of rotten people, but I find the internet is made up of mostly good folk.

This means really good things for the future.

Incidentally, to check out an example of some of the cool people and communities on LiveJournal, see my latest friends' postings.
http://miriam-e.livejournal.com/friends/
Some are individuals and some are communities. Each member can make their own list of friends. LiveJournal is waaayyy better than MySpace -- quicker to load, easier to use, and you have a choice of whether advertisements show on your pages. LiveJournal is free unless you decide to pay for it. I am a free member, though whenever I have income I pay for membership, by my own choice. I like to support such a cool environment.

From: (Anonymous)

Hello,

I came across this post while looking up an article on C.L. Stong, and saw that you got this anti-virus scam. The problem you describe appears to be common now, if not prevalent on the internet. It's very unfortunate. It happened to me on an unprotected laptop in a very similar manner a week ago. "Closing" the window does no good, because it is not necessarily a real windows screen, but rather an image, and no matter where you click on the image, it goes ahead and runs.

I was also "hijacked" a while ago, by clicking on a link that google turned up in response to a search. The link was bad, and it in turn sent me to some Russian site that ended up installing spyware on my computer.

The solution to both problems was to use Firefox as my browser EXCLUSIVELY, and also to install an add-on called No-script on Firefox. The added layer of security forces you to manually accept any sites that the browser wants to visit. It prevents unknown (and un-seen) scripts from running that can cause harm.

I highly recommend it. Use the Firefox menu Tools --> Ad-Ons and then search for No-script.

Dan

Flat | Top-Level Comments Only

Profile

miriam_e

February 2026

S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28

Page Summary

greylock.livejournal.com - (no subject)
(Anonymous) - Internet security threat scam

Style Credit

Style: Old Honey for Crossroads by branchandroot
Resources: 3 minutes

Expand Cut Tags

No cut tags

Page generated Monday, 9 February 2026 07:48 am

Miriam's Dreamwidth blog

outrageous scam site!!!

outrageous scam site!!!

no subject

fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Re: fake scanner

Internet security threat scam

Profile

February 2026

Page Summary

Style Credit

Expand Cut Tags