Hello,
I am new to the Avast community, so hello. I have had Avast for a while now. And its great!! I reccomend it to my friends and family. (I am the tech of the group).

I have seen this fake virus scanner thing that pops up every once in a while, when I click on a photo link. I am smart enough to Stop the thing before it finishes, but others I know were not so lucky. One computer was totally locked up, no copy and paste, no downloading. I could hook up a flash drive, but there was no way to install programs, as opening the program did nothing. No ctrl alt delete. It was real frustrating. I managed to get all the needed files off the computer by right clicking and Save A’s to each file, and saving it to my flash drive, Yup one by one. It took about three days… Then reformatted the hard drive. All is good. Then the most recient was easier to get off. Just a few downloads and poof… But I noticed that both computers seemed to have this in the history, or a version of it. hxxp://329dde83.proguardsysstore.com/stream1/cazb/mzmcqcbqc/zclhzdbqzz.html
DO NOT GO TO THAT LINK… Unless your prepaired as its some kind of a scan that will tell you your computer has a lot of viruses, and wants you to pay money to get rid of them. (even though the scanner is the actual virus… I was wondering if you could find the time to add it to the list of bad sites or explain why it hasnt been added? It seems to work through a redirect. Is it possible that this redirect is already on the computers before hand? or is it in the website that they got redirected from? Thanks in advance.

There is new ones every day and at new locations

Fake antivirus overwhelming scanners
hxxp://news.techworld.com/security/3203072/fake-antivirus-overwhelming-scanners/

plases chance the infectec link to httx or ww so it can’t be clicked on.

Use NoScript (Firefox add-on) to prevent such infections…!
asyn

Hi ntlgnce,

Make that link non-click-through like with hxtp etc. The URL is in a criminal spammer list: http://www.spamhaus.org/sbl/sbl.lasso?query=SBL87267 redirecting here: URL Status
329dde83.proguardsysstore*com/stream1/cazb/mzmcqcbqc/zclhzdbqzz.html (Name or service not known)
Pondus and Asyn gave a good advice; Wepawet reacts with: Invalid hostname - that could mean the following
3 things:

1. The domain name has no attributed server with it (the domain isn’t set up on any server/not set up properly)
2. It is registered but it isn’t parked or being used.
3. That domain is getting wiped off the Internet tongue.gif

polonus

The link is dead, fake scan pages dont live so long, they move around

hxxp://downforeveryoneorjustme.com/http://329dde83.proguardsysstore.com/stream1/cazb/mzmcqcbqc/zclhzdbqzz.html

Asyn, that’s great for people “in the know”, but for regular computer users that may not know better, it’s best that the links are invalidated to keep them safe.

+1

Plus not everyone uses Comodo 3.14 ¶ Fw/D+ - A² 4.5 - Firefox 3.6.3 (NS/ABP/BP/CSL/QP) - Thunderbird 3.0.4 (EM/CH)

Hi malware fighters,

But it would be a gigantic step forward in in-browser security if general users were aware of the complete protection level that NS provides for them and their machines. Alas users are not told, taught, educated. If we let motorists on the M1 like we let an average user use a web browser on the Internet, certainly hospitals would be full, be it only hospitals :o ,

polonus

P.S.
What about the blocklist protection for newly detected scripts, NoScript protects, blocklist does not, agree?
You’d always be running after the facts, and a script blocking extension like NoScript can stop even scripts that haven’t been invented yet, because it blocks all from running, simple factual all round protection…

D.