| Delta Virtual Airlines Water Cooler | PC Support |
Watch out for Java Update Pop-up |
DVA9677
Captain, B737-800
OLP
Joined on April 11 2011
50 State Club
Online Double Century Club
Quincentenary Club
"American 1482, your APU is leaking baggage."
Kissimmee, FL USA
543 legs, 735.9 hours
247 legs,
299.2 hours online
538 legs,
725.6 hours ACARS
2 legs,
2.8 hours event
|
Posted onPost created on
August 29 2013 12:38 ET by John Anderson
|
As anal as I am about what goes on with my system, I got hit.
A pop up told me that there is a new update available for Java. When I clicked on it, it looked like it was going through the normal update procedures, then I noticed a couple of icons missing from my desktop.
Internet Protection is the name of the false scan, and the point of it is to scare you into buying there service which is, by the way, useless.
After spending an hour trying to find the process associated with it, I found it. Appropriately named, "BSProtection.exe"
A complete OS Reload is what it's taken to get rid of it.
I searched the web, and even though this particular trojan is known, I haven't seen anyone mention this method of delivery, and none of the advice given worked to get rid of it.
Point being: If any of your software is due an update, don't trust pop-ups. Go to that particular software gui and choose to update it from there.
I hope this helps someone out there.
|
DVA3520
First Officer, B747-400
Joined on September 07 2006
Double Century Club
"Feelin' good is good enough!"
Riverside, CA
280 legs, 834.6 hours
120 legs,
384.6 hours ACARS
|
Posted onPost created on
August 29 2013 13:46 ET by Bryan Lee
|
A complete OS install is only a last ditch resort. There are quite a few ways to get rid of viruses without taking such drastic measures. Next time ask in the forum before you wipe your drive and we can probably help.
Bryan LeeFirst Officer, B747-400
|
|
DVA9677
Captain, B737-800
OLP
Joined on April 11 2011
50 State Club
Online Double Century Club
Quincentenary Club
"American 1482, your APU is leaking baggage."
Kissimmee, FL USA
543 legs, 735.9 hours
247 legs,
299.2 hours online
538 legs,
725.6 hours ACARS
2 legs,
2.8 hours event
|
Posted onPost created on
August 29 2013 14:08 ET by John Anderson
|
I spent a total of six hours trying to clean it up. The problem is that it it burrowed into IE AND the boot sector so cleaning it up did nothing but clear the way for it to come back.
|
DVA3520
First Officer, B747-400
Joined on September 07 2006
Double Century Club
"Feelin' good is good enough!"
Riverside, CA
280 legs, 834.6 hours
120 legs,
384.6 hours ACARS
|
Posted onPost created on
August 29 2013 16:41 ET by Bryan Lee
|
There are ways to get rid of that, a good anti-malware program like Malwarebytes should do it. Start your computer in safe mode without networking(after updating your virus definitions) and run a full scan while in safe mode. This will usually take care of 99% of viruses. Also look for a program called TDSSKiller, a good program to get rid of boot and rootkit virus types.
Bryan LeeFirst Officer, B747-400
|
|
DVA9677
Captain, B737-800
OLP
Joined on April 11 2011
50 State Club
Online Double Century Club
Quincentenary Club
"American 1482, your APU is leaking baggage."
Kissimmee, FL USA
543 legs, 735.9 hours
247 legs,
299.2 hours online
538 legs,
725.6 hours ACARS
2 legs,
2.8 hours event
|
Posted onPost created on
August 29 2013 18:25 ET by John Anderson
|
Six hours of Symantec, MBAM, Trojan Killer, Root Killer, manual RegEdit to delete associated keys, and then the tools recommended by researching Intetnet Security and BSProtection,
It would go away for about twenty minutes, then suddenly back again,
This is why I'm posting here. The Army educated me about the intricacies of malware, and this one just WOULD NOT die. Even killing the process would spawn a second desktop icon and a new copy of BSProtection.exe.
This thing is tough.
|
DVA9262
Senior Captain, B737-800
Joined on December 09 2010
Everett 250 Club
Nine Century Club
Canton, MI USA
920 legs, 1,411.7 hours
13 legs,
12.0 hours online
918 legs,
1,409.5 hours ACARS
|
Posted onPost created on
August 30 2013 19:01 ET by Jeffrey Putz
|
Thanks for the intel report John, any first hand information concerning new and innovative malware programs out there is very helpful and always welcome. I'm just sorry to hear that you had to endure such an excruciating removal process. Thanks again for the information sir!
|
DVA9513
Captain, B757-200
OLP
Joined on February 16 2011
50 State Club
Century Club
Everett Century Club
DVA Five-Year Anniversary
Sugar Land, TX USA
145 legs, 288.9 hours
39 legs,
69.5 hours online
135 legs,
271.4 hours ACARS
18 legs,
31.1 hours event
|
Posted onPost created on
September 03 2013 16:29 ET by Michael Lacaze
|
That's why I do frequent backups to my computers. if I am sricken by a virus or my OS is corrupted by a windows update, which has happened twice before, I try a restore first and if that does not work I'll completely reimage my HD from my latest backup. It works every time. I can usually get back up and running in less than 2 hours. I may lose a couple of files but since I have two discrete bootable drives on my main PC, one for my normal windows system and one for games, I only have to reimage the drive for the games system.
Michael LacazeCaptain, B757-200
|
|
