Jump to content

Watch out for links & ADs you click on.

You are about to reply to a thread that has been inactive for 4569 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts


Just a warning to everyone to watch out the Links, and AD's you click on where it be in Second Life such as the Second Life Browser which is way less secure, or Outside of SL, even people posting on these forums, even your friends, even me watch out the links you click on, and I will say why I posted this here.

Anyways Like 3 days ago, I was on the Internet downloading a new Free 2 Play game called Rode, Rise OF The Dragon Era, and while  I was in the middle of a download all of a sudden my Internet Explorer closed itself, along with a bunch of Tabs I had open such as Msn, Google, and MMORPG, Yahoo, and IGN. Anyways when this happend I figured meh another internet explorer closed error sometimes that is common on Vista 64 computers, but instead I was presented with a Rogue Exploit, or Virus on my computer which installed itself called Microsoft Windows Security 2012 which is not made by Microsoft. After investergation of everything I discovered it wasn't installed from any Links I clicked on, but that random AD's which popup through certain Java Scripts in the background can be used to deploy this rogue exploit onto any victim's computer from any site they are visiting.

A lot of computer Hackers, or people who give Viruses are using cheap AD's such as an ad hosting service like google, and posting these things on AD's as well the moment you click them, you can kiss your computer goodbye unless you know how to fix it of course, and it only costs them about 10 cents or less to do this to a large number of people, but not only this, by clicking on them you can give them all your basic information such as IP Address, Computer Operating System, Browser, Computer Versions, and possibly even GeoLocate you, it doesn't have to contain an exploit, or virus to do this.

This virus/Rogue Exploit called Windows Security 2012  has been going around for quite some time now starting in 2009, however people have been changing the name of it, editing, and modify the way it works on different versions to effect more people. The virus looks like a real security program, and will detect your personal files as a virus, disable any Anti Virus, you have including Norton, Mcafee, AVG, etc, and even if your AntiVirus detects it as a virus the first thing it does is effect your system restore by trying to remove a non virus file vital to system restore called Rstrui.exe, if it is removed you are screwed unless you have a backup copy or something. But anyways once it has bypassed these it rewrites your registry keys your .EXE files all execute the virus, and nothing on your computer as a .exe works at all, and they ask for money to fix it aka they ask for your CreditCard information do not be fooled as this is fake, and will be used for malicious purposes.

The way I found to remove it after looking through some tutorials on YouTube was to end the process tree of the virus through the task manager, go to the virus location Delete it, in which your EXE registry path is no longet valid nothing will work but no more virus just system corruption, then you go into your registry, reset all your EXE, and File Exe back to the default as shown on YouTube, however the regedit command will not work so you actually have to right click and run it as an administrator to get into the regedit to chagne those keys. Once done you can then restart your computer, go into services.msc, set any services with the command of services.msc back to start automatically when computer loads, boot your computer into safe mode, then hit system restore command, and start it as an administrator from the start menu, and if you are lucky and do this your system will restore before you got the virus it will be gone.

This Virus, or Rogue Exploit, also overides your Computer OS into thinking it is the default security program, and it is unknown why or how it got past my Router Firewall, my computer FireWall, and Virus Scanner, however it did, and there was really no warning, I think it went through my Virus Security as it desguized itself to look like an Actual MicroSoft program and was allowed through the Anti Virus. This could of course have been something else like a Temporary File that got stored on my computer, and was activiated at a certain date or time, but Microsoft says it was an AD Popup most likely that did this.

Also this virus may contain things such as Keyloggers, or Trojans which send information and info typed back to known hackers so it might be best to pull the plug from the internet as soon as you know you have been infected, and this can occur in many ways such as clicking a Link, an automatic AD Popup which happend to me but this is the first time this has ever happend in years, and or through Second Life  clicking a link, possibly through land media although that has never been tested it is recommend that for privacy issues everyone keep their media off, to avoid rogue scanning of their system information from those bot detectors such as CDS, Red Zone, or any others out there anyways.

The reason I say to watch out for any Links anyone clicks on even myself, is because there has been a lot of gaming account hacking going on recently, and you never know when your friend has been compromised, such as an Email, address book, Second Life account, or gaming account, and by clicking on a link in a post it could give you a virus similar to this or worse, and it seems to be getting worse, as Sony ,Square Enix, BioWare, have all been hacked and I am sure others have as well, and in the past my World OF Warcraft account was compromised twice in a row, as well as recently my Lineage  account.

I ran a full system scan recently for any known viruses and keyloggers using 3 seperate programs nothing found therefore since my L2 account was compromised, as well as a lot of other peoples recently I think there are some serious security issues going around on the internet right now.

OF course there is no reason why you should not enjoy the internet, and your friends just watch out for these type of links, and phishing attempts like people using the SL Market Place link with a fake spelling where once you have entered your SL name & password you just gave your info to some random person you dont know, and always if you feel your account has been compromised, Contact support immediately, and change your password as fast as possible if you can otherwise they could take full control and lock you out.

Another thing is that Knowledge is power, you get a virus like this, often it is an easy fix, however you have to have the Tools, and knowledge to do such, the most you have to worry about usually is having to format your hard disk drive, and I hate having to do that, but if you do have to, that is an easy fix considering you have multiple hard disks, always keep at least two backup's of your files you never wish to loose, and then start a backup copy of your files before you format, if your OS is corrupted and can't do it you can back them up by using another harddrive or computer and using the hard drive that is infected as a slave drive to back it up then format it and such, taking a computer to a store like this would cost you around $99 or more just for a single fix not including their charge for backup, in my case it only took me 4 hours to learn exactly what the virus did to my computer and remove it without having to format. Another helpful thing is keeping all your Music files, temporary files, and games on another hard disk like if you use steam for example, it will speed up the access time during game play to the games, as well as if your primary drive fails you wont have to install as many back again it takes less time to fix, and of course you can use SSD's if you really have the money to spend those really do help but if you don't at least a 1TB Western Digital works pretty good ive had some for over 7 years no problems so far, and I would always check extended specs on the disk drive the difference between a 32 MB cache, and 64 mb, as well as the RPM i try to stay at 7200 or above faster access times.

The reason to keep two backup's is incase you copy the files over to another drive, and it actually copy's the virus as well wouldn't want to loose everything.

Another thing is even if you do not get infected with a virus you never know when a EMP just might occur in an area near you, a  Lightning Strike, or just a Head Crash on your disk drive, so thats another reason to keep all your data backed up, and protect it.


Those Surveys you get in SL, or take, also watch out for them as well you can give them a bit too much information, always be sure to read the privacy policy, and such before filling one out for example if I take a survey for burger king, it has a seperate privacy policy than the survey provider that gave me the survey and such. I know some people like taking these and in some cases there is nothing wrong with it, but too much info can be a problem as well.


For those that don't know what SOPA is, it is called Stop Online Piracy Act.  It gives the Entertainment Industry the power to shut down, and censor anything they believe is piracy, as well as jail people just for an act of Copyright infringement, where it be a song playing in the background of YouTube, or something for example, not only this, but messing around with the internets is a way to compromise security for everyone, We in America have the right for Free Information, and Free Speech, We do not need such an Act, or policy censoring our internet. I hate piracy like SL is bad with it, but its those that do with Evil people, espically RP sims that help other griefers, and those RP groups that make big alliances with people from other countries who steal the work from other developers on the grid and give it out in SL and such. Not only this, but Copyright works both ways, so people importing mesh without the ceonsent of the game, or a license to use such can get into trouble as well. Hey I like a lot of different games and content from other games for example, but if they have a copyright, and don't want other people using their work it has to be respected, espically if you are just doing to to make a profit and take credit for stuff they did not create which believe it or not I see some that do it.

Link to comment
Share on other sites

SOPA doesn't give the power to the entertainment industry.   It vests the Attorney General with it, basically giving the Justice Department an internet Kill Switch.    The power to act isn't based on due process or the order of any court, it is based solely on accusation.  And not even an accusation from the copy right or patent owner, by anyone, including a competitor. 

Not only does it giver the DOJ the power to shut down the website of the alleged offender, but it makes all advertisers and contributors to the web site co-conspirators .   They become liable for damages just for participating in the web site and, if they have a website that may be shut down too.

If, by chance, it is a web site in a foreign country, they may block US citizens from accessing that web site.   This sounds more intune with the actions of Communist China or Iran than the US.   

I don't know about anyone else, but I don't trust any government, and especially this Attorney General with this much power.

Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 4569 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...