Naked Science Forum
Non Life Sciences => Geek Speak => Topic started by: syhprum on 02/12/2013 15:19:44
-
Recently after setting up a new 500Gb drive on my PC I ran "Exterminate It" and was surprised to find two instances of ransomware thrown up that had not been detected by my regular anti virus program (admittedly I had not done a full scan as I had only loaded what I thought to be clean software) .
These were not causing any loss of performance as far as I could see and were removed by "Exterminate It" with no recurrence, I believe they might have been part of some rogue bit coin mining scheme.
-
Some free antimalware is malware in disguise ... https://en.wikipedia.org/wiki/Rogue_antivirus
"exterminate-it" has a "very poor" WOT (https://en.wikipedia.org/wiki/WOT_Services) rating ... https://www.mywot.com/en/scorecard/exterminate-it.com (https://www.mywot.com/en/scorecard/exterminate-it.com)
"Exterminate it!" is listed as rogue ... https://en.wikipedia.org/wiki/List_of_rogue_security_software
I use the free version of MBAM (http://www.malwarebytes.org/) as a second opinion,
[ MBAM has an "excellent" rating on WOT ... https://www.mywot.com/en/scorecard/malwarebytes.org (https://www.mywot.com/en/scorecard/malwarebytes.org) ]
-
Ouch,
I wonder if these were False Positives, as it sounds like true ransomeware (https://en.wikipedia.org/wiki/Ransomware_%28malware%29) actually locks access to part of your PC until the "ransom" is paid. I don't think I've run across that yet, although I've encountered anti-spyware programs that were difficult to remove, and had annoying popups unless one paid to buy the program.
As far as "bitcoin mining", if a virus or worm encountered a bitcoin wallet, it likely could just steal the wallet, or perhaps capture any necessary ID codes, then steal it. No need for a "ransom".
-
I am surprised to see exterminate it listed as rogue I have always thought it was rather good but now it is removed, malwarebytes thru up a few adware malwares but nothing serious.
-
I am surprised to see exterminate it listed as rogue I have always thought it was rather good ...
That can appear to be the case as the rogue-antimalware will find things that legitimate antimalware doesn't find. But it's not more effective : the things it "found" didn't exist before the rogue was installed , i.e. it planted them , (then will offer to remove them for a fee).
-
I will say that even some of the "good" antispyware programs such as Adaware or Spybot will ALWAYS find something wrong the first time the program is run. Many of the issues are minor. A few cookies here and there. Perhaps a few registry issues.
But, at least they don't make things up. And, they are FREE for non commercial use.
-
I tried the same procedure on another newly formatted drive, no signs of "ransomware" with exterminate or any other antivirus it must have been some scam anti virus that snuk in when I loaded something else from the internet.
-
Did you delete the programs or quarantine them?
Perhaps there is a log that will give you more info about the actual occurrence.
-
I quarantined them I will have a hunt, I am having a battle with a Wi-Fi router at the moment that does not like windows 8.1!.
It works OK on Windows 8.1 but one has to use a computer running Win 7 or 8 to configure it.