 Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me. |
Forum Index : Microcontroller and PC projects : Annoying phishing virus thing that hides in the notifications area....
| Author | Message | ||||
Grogster Admin Group  Joined: 31/12/2012 Location: New ZealandPosts: 9593 |
Hi all.  I've seen this on a couple of machines now, and it bombards the user with constant pop-ups via the Windoze notification system. A full(up to date) AV scan does not detect it, Spybot does not detect it. You can generally disable it using notification settings, but does anyone know how you go about uninstalling something that is hiding in the notification system? I attach some photos. Note the extremely random and non-sensical name of the app that is doing this.    These notifications APPEAR to be coming via Microsoft Edge, but in both cases that I have seen, neither person uses MS Edge, they use either Google Chrome or Firefox, so not quite sure how MS Edge can be routing this crap, if MS Edge is not being used as the web browser by either user. Anyone else seen this crap, and does anyone know how you remove it? Smoke makes things work. When the smoke gets out, it stops! |
||||
Supertech Regular Member  Joined: 13/11/2016 Location: AustraliaPosts: 43 |
Could be a BHO installed from another package, Google chrome lets these in regularly during install as "advertizing", why I personally wont use Chrome, but genrally via it being offered from another package itself!!! Rule of thumb, only install Chrome direct, never accept it within another package, then no BHO's! A BHO stands for "Browser Helper Object" which indeed majority virus scanners ignore. Also do "full system" Microsoft scan, which can take some time. And do Microsoft "malicious" scan, although again, it may not be seen as such. In your installed programs, often you can spot the offending BHO, actually under a very subtle hidden name, and just uninstall it. Malwarebytes AdwCleaner 2024 should detect it, advising removal. See how you go. Take care. Supertech. |
||||
| robert.rozee Guru  Joined: 31/12/2012 Location: New ZealandPosts: 2437 |
are you referring to the messages from McAfee? if i saw such a message on a win10/11 machine, i would assume that McAfee was bundled with the PC from new as a 90 or 365 day 'free trial' and it was now just asking you to buy a yearly subscription to obtain continued protection. much the same as happens with Office 365 when bundled with a new PC. if it is bundled with the O/S there may be no way to remove it apart from buying the subscription. cheers, rob ;-) |
||||
TassyJim Guru Joined: 07/08/2011 Location: AustraliaPosts: 6269 |
A google search on jollypulse.co.in found this: https://sensorstechforum.com/jollypulse-co-in-ads/ I have no idea if the above site is any better than jollypulse so do further research before downloading their "fix" Edited 2024-12-19 16:41 by TassyJim VK7JH MMedit |
||||
andreas Senior Member  Joined: 07/12/2020 Location: GermanyPosts: 226 |
but does anyone know how you go about uninstalling something that is hiding in the notification system? I would: 1) Not use anything else than Firefox as browser and add the "uBlock Origin" add on. 2) Go to "scan options" of Windows Defender and do an "offline scan" & restart system  3) Install "Firefox", "Revo" and "Malwarebytes" from ninite.com 4) Use Revo (uninstaller) to uninstall everything which is a "protector", "optimizer" or "toolbar". Search for software you don't know or use and uninstall it. 5) Do a "Malewarebytes" scan. (You can uninstall it with Revo later ;) 6) Go to the "task planner" and remove all jobs which doesn't make sense for you especially those having numbers as names. Remove all McAfee tasks and remove McAfee with Revo. 7) Use a software like "autoruns" to deactivate things you don't want to start (needs expertise) https://www.heise.de/download/product/autoruns-15431 8) Don't install software from untrusted sources. I trust ninite.com and heise.de only. If you still have problems I could help you using a RustDesk session ;-) -andreas |
||||
| Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9593 |
No. NEITHER of these two users, have McAfee installed, so this is total BS.... EDIT: It is phishing. The users don't even have the AV software being pushed via these "Notifications", so the notifications are trying to say they need to update software they don't even have. Red flag.  Edited 2024-12-19 17:34 by Grogster Smoke makes things work. When the smoke gets out, it stops! |
||||
| PhenixRising Guru Joined: 07/11/2023 Location: United KingdomPosts: 1361 |
This is the update that I get from the Duckduckgo browser:  Aaaaan a few minutes later:  Edited 2024-12-20 01:18 by PhenixRising |
||||
Lodovik Regular Member Joined: 17/05/2021 Location: CanadaPosts: 41 |
This probably caused by a site that is using browser notifications to do some phishing. Go into your browser settings and disable all notifications and also remove and block the sites that have been granted permission to notify. Do this for all your browsers, particularly Chrome and Edge. Check also for rogue extensions. After all is clean, use an adblocker. I recommend Ublock Origin Lite for Chrome (optimal setting) and regular Ublock Origin for the other browsers. Also, it would wise to scan with ADW Cleaner. Links: Unlock Origin Lite Unblock Origin for Edge ADW Cleaner Disabling notifications in Chrome Disabling notifications in Edge Edited 2024-12-20 16:13 by Lodovik |
||||
CaptainBoing Guru Joined: 07/09/2016 Location: United KingdomPosts: 2170 |
I use CCleaner to keep my machines reasonably tidy. It can remove "web helper" plugins from various browsers - I suspect your user has accepted an "offer" from some nefarious pop-up. Install CCleaner and then look to see what bolt-ons are installed for startup, browers etc... use disable instead of delete just for safety... anything that you cant positively identify, disable it and see if that fixes the problem... it will be a bit of trial and error I think but this tool is very good at helping. Then after a while and the problem not recurring, go in and delete those you disabled if you want.  h Edited 2024-12-20 21:27 by CaptainBoing |
||||
Martin H. Guru Joined: 04/06/2022 Location: GermanyPosts: 1220 |
could be this? How to get rid of fake McAfee virus pop-ups or This Edited 2024-12-22 01:46 by Martin H. 'no comment |
||||
stanleyella Guru Joined: 25/06/2022 Location: United KingdomPosts: 2540 |
I downloaded and got same. downloaded cccleaner. wish I'd left alone. |
||||
| Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9593 |
Are you saying Martin's link actually installed software that CREATED the issue being talked about here? If that is the case, let me know here, and I will delete the post, cos we don't want people following a link that might actually create the problem for them! No offense to Martin - I am sure he was just trying to help. I will download CC Cleaner, thanks Captain.  Smoke makes things work. When the smoke gets out, it stops! |
||||
phil99 Guru Joined: 11/02/2018 Location: AustraliaPosts: 2611 |
Loaded CC Cleaner on a computer that was slowing down long ago. The free version worked ok (but not perfect) for a while but recent updates have made it less effective and more difficult to use with endless nag screens asking you to upgrade to the paid version. I think I will get rid of it soon. |
||||
Chopperp Guru Joined: 03/01/2018 Location: AustraliaPosts: 1095 |
CCleaner (free) is good for removing stuff especially with the start-up stuff but it is a nagging "virus" in itself. Often I had to kill it in Task Manager to get rid of the nag screens to proceed. Got to be careful it doesn't load Anti Virus SW as well. Went looking for it the other day a couple of PC's but I must have completely deleted it. ChopperP |
||||
Mixtel90 Guru Joined: 05/10/2019 Location: United KingdomPosts: 7869 |
I have CCleaner installed on my main machine. Only the free version so it comes with occasional pops, but I accept that as IMHO it's a good tool. However, only install it from the official site (as with all maintenance software as it's a great way to distribute malware). Sorry folks, I'm out of commission at the moment so no PicoStuff. Had one of my little epilepsy episodes and bashed my face in a bit! In hospital at the moment, hoping the neurologist will let me out tomorrow. Mick Zilog Inside! nascom.info for Nascom & Gemini Preliminary MMBasic docs & my PCB designs |
||||
| Chopperp Guru Joined: 03/01/2018 Location: AustraliaPosts: 1095 |
Sorry to hear that Mick. (you being in hospital, not the Pico stuff) Hope you are out very soon. Brian ChopperP |
||||
| stanleyella Guru Joined: 25/06/2022 Location: United KingdomPosts: 2540 |
Hope you get better soon. |
||||
| Mixtel90 Guru Joined: 05/10/2019 Location: United KingdomPosts: 7869 |
I've just got home from hospital in time for Christmas. :) Nothing serious to follow up on either. Mick Zilog Inside! nascom.info for Nascom & Gemini Preliminary MMBasic docs & my PCB designs |
||||
 Print this page |
 |
The Back Shed's forum code is written, and hosted, in Australia. | © JAQ Software 2025 |
