Skip to main content

Technoviking I am not amused

Technoviking I am not amused


So yesterday I was looking on Google Images for the Technoviking. Im sure most of you know the guy/meme but just to be sure:


http://knowyourmeme.com/memes/technoviking

In case youre wondering, I do not remember why he flashed in my mind all of a sudden, but I was listening to some music on Youtube and I suppose there was a Suggested Video wink .

Either way, some of the Google Images were in fact redirecting to a scareware page, urging you to download a file to "clean" your computer. Some of the images that were infected:



Some infected Google Image results


If you click on any of them, you would get the following message:


"Windows Security" will perform a fast scan of system files


... and when clicking on "OK" youll get the well-known fake scanning page:



Fake Scanning page finding numerous infections


The following file was downloaded:

BestAntivirus2011.exe
Result: 18/41 (43.9%)
MD5: e705b657f5830eb2a43eee3a32f549c3
VirusTotal Report
ThreatExpert Report
Anubis Report

Today I checked again and the scareware/rogueware campaign is still active. I was now presented with another file that has a very low detection rate on VirusTotal:

BestAntivirus2011.exe
Result: 2/41 (4.9%)
MD5: 56ce5479183913f2082bf0fd790dbaea
VirusTotal Report


The payload is a rogueware called MS Removal Tool.

When executing the dropped file (BestAntivirus2011.exe) :


MS Removal Tool fake scanning screen


It is interesting to note that you would only get redirected when using Internet Explorer or Google Chrome. Neither on Firefox 3.6 or Firefox 4.0 the redirect would commence.


Prevention

- Be careful when visiting any webpage. A useful trick is to check the real URL behind the image. Most of the times you can verify this by checking in the left corner of your browser:

Clicked on a picture and started loading this website instead of the original one

- Use browser extentions to verify the integrity of an image or URL. Useful add-ons for Google Chrome are for example VTchromizer, NotScripts and WOT .

- Keep your Antivirus and browser, as well as your browser add-ons up-to-date.

- If it is too late and a scan is already starting, immediately close your browser by bringing up Task Manager (CTRL + ALT + DEL) and killing your browsers process:
  • a) For Google Chrome: chrome.exe or chrome.exe *32
  • b) For Mozilla Firefox: firefox.exe or firefox.exe *32
  • c) For Microsofts Internet Explorer: iexplore or iexplore.exe *32


Desinfection

If the harm is already done and you are getting warnings, messages or pop-ups stating you are infected and you need to take immediate action to clean your computer, follow the guide below at BleepingComputers to rid yourself of this malware:

Remove MS Removal Tool



Conclusion

Dont be fooled by Googles preview of images, you can still get infected even though the site appears to be safe.

Follow the above prevention tips to decrease the chance of your computer becoming infected.

download file now

Labels:

Popular posts from this blog

Ragnos1997 Low Specs Patches for low PC Download

Ragnos1997 Low Specs Patches for low PC Download Ragnos1997 Low Specs Patches for Low PC Full Download "Let your system breathe, and enjoy even the latest games on your low end hardware. Only with Low Specs Experience�" Which games are affected ? ALAN WAKE ALAN WAKE�S AMERICAN NIGHTMARE ALIEN: ISOLATION ALIEN: COLONIAL MARINES 7 DAYS TO DIE AMERICAN TRUCK SIMULATOR ANNO 2205 ARMA III ASSASSIN�S CREED ASSASSIN�S CREED II ASSASSIN�S CREED BROTHERHOOD ASSASSIN�S CREED REVELATIONS ASSASSIN�S CREED III ASSASSIN�S CREED III LIBERATION HD ASSASSIN�S CREED IV BLACK FLAG ASSASSIN�S CREED UNITY ASSASSIN�S CREED ROGUE ASSASSIN�S CREED SYNDICATE BATMAN ARKHAM ORIGINS BATMAN ARKHAM ORIGINS BATTLEFIELD BAD COMPANY 2 BATTLEFIELD 3 BATTLEFIELD 4 BATTLEFIELD HARDLINE BATTLEFIELD 1 BIOSHOCK INFINITE BORDERLANDS BORDERLANDS 2 BORDERLANDS THE PRE-SEQUEL CALL OF DUTY BLACK OPS CALL OF DUTY BLACK OPS II CALL OF DUTY BLACK OPS III CALL OF DUTY GHOSTS CALL OF DUTY ADVANCED WARFARE CALL OF DUTY INFIN...
Read more

REPOST HAZE Hazecolor Dia 1971 German Hard Psych Rock

REPOST HAZE Hazecolor Dia 1971 German Hard Psych Rock BEAUTIFUL ALBUM!!! GREAT SOUND HARD PSYCH ROCK WHIT FLUTE SOLOS!!! HIGHLY RECOMENDED!!! UMA MANEIRA DE ENCONTRAR O PARA�SO E FUMAR O SEU HAXIXE!! ASSIM ERA DEFINIDO � �POCA O SOM DO HAZE!! GRANDE SOM HARD PSYCH ROCK COM PITADAS DO BLUES, SOLOS DE FLAUTA QUE N�O SE SABE QUAL INTEGRANTE TOCA, VISTO QUE N�O H� ESTA INFORMA��O NA CAPA E NEM NA HIST�RIA DA BANDA!!! O CERTO � QUE � UM SONZA�O ALTAMENTE RECOMENDADO!!!   The sole album released by Haze featured another of those extraordinary artwork sleeves designed by Walter Seyffer of Nine Days Wonder fame. It was made to look exactly like a slide picture, complete with die-cut cover and an attached transparency Picture center of the group Haze on both its front and back covers. What you get here is a photo reproduction of that artwork. Hazecolor-Dia was a Hauke & Dierks production, recorded during April 1971 at the Clerks Studio. All five tracks were written by Dietmar Low. Slow,...
Read more