 Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me. |
Forum Index : Microcontroller and PC projects : Annoying phishing virus thing that hides in the notifications area....
| Author | Message | ||||
Grogster Admin Group  Joined: 31/12/2012 Location: New ZealandPosts: 9322 |
Hi all.  I've seen this on a couple of machines now, and it bombards the user with constant pop-ups via the Windoze notification system. A full(up to date) AV scan does not detect it, Spybot does not detect it. You can generally disable it using notification settings, but does anyone know how you go about uninstalling something that is hiding in the notification system? I attach some photos. Note the extremely random and non-sensical name of the app that is doing this.    These notifications APPEAR to be coming via Microsoft Edge, but in both cases that I have seen, neither person uses MS Edge, they use either Google Chrome or Firefox, so not quite sure how MS Edge can be routing this crap, if MS Edge is not being used as the web browser by either user. Anyone else seen this crap, and does anyone know how you remove it? Smoke makes things work. When the smoke gets out, it stops! |
||||
Supertech Newbie  Joined: 13/11/2016 Location: AustraliaPosts: 25 |
Could be a BHO installed from another package, Google chrome lets these in regularly during install as "advertizing", why I personally wont use Chrome, but genrally via it being offered from another package itself!!! Rule of thumb, only install Chrome direct, never accept it within another package, then no BHO's! A BHO stands for "Browser Helper Object" which indeed majority virus scanners ignore. Also do "full system" Microsoft scan, which can take some time. And do Microsoft "malicious" scan, although again, it may not be seen as such. In your installed programs, often you can spot the offending BHO, actually under a very subtle hidden name, and just uninstall it. Malwarebytes AdwCleaner 2024 should detect it, advising removal. See how you go. Take care. Supertech. |
||||
| robert.rozee Guru  Joined: 31/12/2012 Location: New ZealandPosts: 2358 |
are you referring to the messages from McAfee? if i saw such a message on a win10/11 machine, i would assume that McAfee was bundled with the PC from new as a 90 or 365 day 'free trial' and it was now just asking you to buy a yearly subscription to obtain continued protection. much the same as happens with Office 365 when bundled with a new PC. if it is bundled with the O/S there may be no way to remove it apart from buying the subscription. cheers, rob ;-) |
||||
TassyJim Guru Joined: 07/08/2011 Location: AustraliaPosts: 6126 |
A google search on jollypulse.co.in found this: https://sensorstechforum.com/jollypulse-co-in-ads/ I have no idea if the above site is any better than jollypulse so do further research before downloading their "fix" Edited 2024-12-19 16:41 by TassyJim VK7JH MMedit MMBasic Help |
||||
andreas Senior Member  Joined: 07/12/2020 Location: GermanyPosts: 222 |
but does anyone know how you go about uninstalling something that is hiding in the notification system? I would: 1) Not use anything else than Firefox as browser and add the "uBlock Origin" add on. 2) Go to "scan options" of Windows Defender and do an "offline scan" & restart system  3) Install "Firefox", "Revo" and "Malwarebytes" from ninite.com 4) Use Revo (uninstaller) to uninstall everything which is a "protector", "optimizer" or "toolbar". Search for software you don't know or use and uninstall it. 5) Do a "Malewarebytes" scan. (You can uninstall it with Revo later ;) 6) Go to the "task planner" and remove all jobs which doesn't make sense for you especially those having numbers as names. Remove all McAfee tasks and remove McAfee with Revo. 7) Use a software like "autoruns" to deactivate things you don't want to start (needs expertise) https://www.heise.de/download/product/autoruns-15431 8) Don't install software from untrusted sources. I trust ninite.com and heise.de only. If you still have problems I could help you using a RustDesk session ;-) -andreas |
||||
| Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9322 |
No. NEITHER of these two users, have McAfee installed, so this is total BS.... EDIT: It is phishing. The users don't even have the AV software being pushed via these "Notifications", so the notifications are trying to say they need to update software they don't even have. Red flag.  Edited 2024-12-19 17:34 by Grogster Smoke makes things work. When the smoke gets out, it stops! |
||||
| PhenixRising Guru Joined: 07/11/2023 Location: United KingdomPosts: 917 |
This is the update that I get from the Duckduckgo browser:  Aaaaan a few minutes later:  Edited 2024-12-20 01:18 by PhenixRising |
||||
Lodovik Regular Member  Joined: 17/05/2021 Location: CanadaPosts: 41 |
This probably caused by a site that is using browser notifications to do some phishing. Go into your browser settings and disable all notifications and also remove and block the sites that have been granted permission to notify. Do this for all your browsers, particularly Chrome and Edge. Check also for rogue extensions. After all is clean, use an adblocker. I recommend Ublock Origin Lite for Chrome (optimal setting) and regular Ublock Origin for the other browsers. Also, it would wise to scan with ADW Cleaner. Links: Unlock Origin Lite Unblock Origin for Edge ADW Cleaner Disabling notifications in Chrome Disabling notifications in Edge Edited 2024-12-20 16:13 by Lodovik |
||||
CaptainBoing Guru Joined: 07/09/2016 Location: United KingdomPosts: 2083 |
I use CCleaner to keep my machines reasonably tidy. It can remove "web helper" plugins from various browsers - I suspect your user has accepted an "offer" from some nefarious pop-up. Install CCleaner and then look to see what bolt-ons are installed for startup, browers etc... use disable instead of delete just for safety... anything that you cant positively identify, disable it and see if that fixes the problem... it will be a bit of trial and error I think but this tool is very good at helping. Then after a while and the problem not recurring, go in and delete those you disabled if you want.  h Edited 2024-12-20 21:27 by CaptainBoing |
||||
Martin H. Guru Joined: 04/06/2022 Location: GermanyPosts: 1125 |
could be this? How to get rid of fake McAfee virus pop-ups or This Edited 2024-12-22 01:46 by Martin H. 'no comment |
||||
stanleyella Guru Joined: 25/06/2022 Location: United KingdomPosts: 2183 |
I downloaded and got same. downloaded cccleaner. wish I'd left alone. |
||||
 Print this page |
