B
bhringer
Guest
The have been a number of reports of fake virus warnings when using Microsoft Games (and possibly other apps) as shown in screenshot below>>>
As reported in German MC there may be other fake offers for prize redemption.
Windows Apps öffnen Fake-Webseiten mit angeblichen Gewinnspielen oder angeblichen Virenproblemen
Currently, there is an increase in the number of malicious banner ads that open fraudulent web pages
in the standard browser when starting or using apps on Windows 10. These websites either promise winnings
in a competition or threaten to infect your PC with viruses. Both are nonsense.
It's not local malicious software on the PC! As a result, it is not necessary to install any tools to scan or to install the system at all.
As long as you just close the window without confirming any questions to start scans or to pick up winnings, the thing is without consequence. The apps include advertising banners on external networks. About this, also repeated fraudulent banner apparently delivered in addition to normal advertising. Apparently, the operators of these ad networks have their deliveries still not under control. Such things appear every now and then in the Web browser. There, they can at least block through the use of an adblockers.
The relevant Web pages should be reported via the browser as fraud page. Some of them are currently already by the Windows SmartScreen filter considered malignant. To solve the problem on the server side, the corresponding apps should not be used simply.
Who has the ability to block advertising on DNS level, E.g. via a central adblocker on your network such as a Pihole, you should block these sites:
*.adnxs.com
*.nuxues.com
*.vungle.com
Currently Windows Defender SmartScreen is not recognizing all of these and therefore not blocking.
The fake virus warnings eventually direct to a download page for Reimage Repair which is classified by Microsoft as potentially unwanted application (PUA) but not detected as malware by Windows Defender at this time. A scan of the downloaded file at VirusTotal indicates nine different antivirus/antimalware programs detect it as malware and some may block the download or even the landing page for the download.
VirusTotal
When the fake virus screen appears simply close the page (or tab). If page will not close open Task Manager (Ctrl + Shift + Esc) and kill the browser process (End Task)) As a precaution clear your browser cache and temporary internet files.
~bhringer
Author's note: Several Microsoft apps/services (MSN Money, News and Weather) are scheduled to be discontinued June 3 and I speculate in the process some other services may have been left vulnerable in the process. Hopefully this issue is temporary and will be resolved shortly.
For Windows 10 users, more information may be available at Feedback Hub (Windows key + F).
More...
As reported in German MC there may be other fake offers for prize redemption.
Windows Apps öffnen Fake-Webseiten mit angeblichen Gewinnspielen oder angeblichen Virenproblemen
Currently, there is an increase in the number of malicious banner ads that open fraudulent web pages
in the standard browser when starting or using apps on Windows 10. These websites either promise winnings
in a competition or threaten to infect your PC with viruses. Both are nonsense.
It's not local malicious software on the PC! As a result, it is not necessary to install any tools to scan or to install the system at all.
As long as you just close the window without confirming any questions to start scans or to pick up winnings, the thing is without consequence. The apps include advertising banners on external networks. About this, also repeated fraudulent banner apparently delivered in addition to normal advertising. Apparently, the operators of these ad networks have their deliveries still not under control. Such things appear every now and then in the Web browser. There, they can at least block through the use of an adblockers.
The relevant Web pages should be reported via the browser as fraud page. Some of them are currently already by the Windows SmartScreen filter considered malignant. To solve the problem on the server side, the corresponding apps should not be used simply.
Who has the ability to block advertising on DNS level, E.g. via a central adblocker on your network such as a Pihole, you should block these sites:
*.adnxs.com
*.nuxues.com
*.vungle.com
Currently Windows Defender SmartScreen is not recognizing all of these and therefore not blocking.
The fake virus warnings eventually direct to a download page for Reimage Repair which is classified by Microsoft as potentially unwanted application (PUA) but not detected as malware by Windows Defender at this time. A scan of the downloaded file at VirusTotal indicates nine different antivirus/antimalware programs detect it as malware and some may block the download or even the landing page for the download.
VirusTotal
When the fake virus screen appears simply close the page (or tab). If page will not close open Task Manager (Ctrl + Shift + Esc) and kill the browser process (End Task)) As a precaution clear your browser cache and temporary internet files.
~bhringer
Author's note: Several Microsoft apps/services (MSN Money, News and Weather) are scheduled to be discontinued June 3 and I speculate in the process some other services may have been left vulnerable in the process. Hopefully this issue is temporary and will be resolved shortly.
For Windows 10 users, more information may be available at Feedback Hub (Windows key + F).
More...