Farmville Staying Safe From Malware Popups on The Farm


spamscampic
Have you been seeing strange and scary popups on your farm lately about upgrading your version of flash or Microsoft finding malware? These are in fact SCAM VIRUS popups and it is important to never click any of them. We have some tips for you on staying safe and a way to avoid seeing some of them at all. Check out the details below and please do share with friends if you find our post helpful.
Last updated 11th October, 2016
Exactly what are these popups? Well most are a form of Ransomware. They trick people by saying their programs are out of date or they have a virus, and when clicked they install a virus. Then they run fake scans, find fake problems ask for money for a program to remove the problems they themselves caused. These are difficult and time consuming to remove if one infects your system and if you are not super-techy or do not have someone close to you who is, it can be a very expensive process.


Date
Url to Block
Reported by & Thanks to
   
Nov 2016
.*.iasrv.maha-media.com
 

 For URLS like Bounceme that have many different domains, if you do not use any legitimate sites on that domain you can set up a block that looks like this .*.bounceme.net and it will block all urls that match that domain.

If you are having difficulty with myvnc urls coming through despite being blocked Dirt Farmer Dennis has discovered that placing that in a separate line or better yet a separate block set is more effective. These urls are not read properly by the extensions when placed in the same line, but a separate blockset is an effective fix.


Read more from Trendmicro on the first one here. The second one has only people asking for removal help on various product forums, appears to be new. We will update as soon as an antivirus company publishes some details, but better to be safe than sorry.


It is important to never click anywhere on any of them. With some even the X out button will install the virus. To close one, hold down the CTRL, ALT and DELETE buttons on your keyboard at the same time. Choose “Start Task Manager” on the ensuing screen and use the “End Task” function in Task Manager to close the entire browser.  If you opt for this method, it is important to click “NO” when you reopen the browser and it asks if you would like your tabs restored.


If you are not comfortable using the CRTL, ALT, DELETE method, you can alternately simply restart your computer.



Note: It is always important to have a good antivirus program installed at all times as well. There are many dangers on the internet, and while it is wise to know some manual methods to combat them, it is also key to have sound overall protection.

Preventing access with Browser Extensions


We have been testing some free browser extensions that have worked out very well for us in blocking many of these dangerous popups. Below we will go through how to obtain, install and utilize these extensions on Chrome or Firefox based browsers. IF YOU OPT TO USE THESE EXTENSIONS MAKE SURE TO READ THE FULL POST AND FOLLOW THE STEPS IN ORDER FOR YOUR CHOSEN BROWSER. THEY WILL NOT BLOCK THE URLS IF YOU DO NOT INPUT ALL REQUIRED SETTINGS.


DISCLAIMER : Using these extensions does not guarantee that you will never see another malware popup on your farm. It is entirely possible that the scammers will add additional urls. It does however mean that you can only see each once. If you get another popup in the future, simply make note of the url before closing and add it to your block set.


NOTE: These extensions use an average of 10MB of memory at all times. If you find that your browser or farm is slowing down after installing and using, you will have to make a personal choice between the additional speed and the extra layer of protection they provide.

nannyram

For CHROME based browsers


The Extension is Nanny For Google Chrome formerly known as Chrome Nanny, you can install it here. This extension has been tested on and is working on Google Chrome, Comodo Dragon, SRWare Iron and Chrome Canary. It does not appear to be compatible with Opera Next at this time Thank you to Farmer Lindsey V. for letting us know it also works on Torch.


Simply Click the link above and then click “Add To Chrome”

nanny1


Then click “Add” in the ensuing screen

nanny2



You will get a popup indicating that Nanny for Google Chrome has been added to Chrome

nanny3


To access it  for setup if you are using Google Chrome, Chrome Canary or SRWare Iron click the 3 lines at upper right of browser then tools then extensions.

chrome



To access it for setup if you are using Comodo Dragon click the dragon eye in upper left of browser then tools, then extensions.

dragon


On the ensuing page, locate Nanny for Google Chrome,  make sure the box next to “enabled” is checked and then click on “Options”

nanny5


When the settings menu pops up, you have the option to set a name for the block set. I have chosen Malware.

name


The second step is to enter the urls you wish to block. The malware popups  that I have seen on my farm and in screenshots in our groups and from friends   so far come from related8.info, plenty8.info and variations of servehttp.com so I have opted to block those.

urls


The third step is to set the block time. It is set in military time and setting it from 0000-2359 will cover 24 hours per day. (Thanks to Farmer Robbin for helping me make sense of military time).




Step 4 is to set the max block time here you would enter 60 minutes per hour to ensure they are ALWAYS blocked.

time


Step 5 Select the days, check the boxes next to every day.

days


Step 6 is to click “save url”

savenanny


You should then see a block set list beneath the option to input new ones.

nannyblocksets


To make sure your block sets are active at any time  click on the Nanny For Google Chrome clock icon in the upper right corner of your browser and check for “URLs blocked now”.

chromenannyactive



As an example of what to expect, when a malware popup attempts to come through my farm, instead of the fake antivirus that is hard to close and risky, I now simply see this



For Mozilla Firefox based browser users

The extension for Mozilla source code based browsers is Leechblock you can download it here. This extension has been tested and is working on Firefox, Waterfox, Comodo Ice Dragon and Pale Moon.


First click the green “Add to Firefox” button

leechblock1

Then click “Install Now”

leechblock2


Some browsers will require restart before use. If yours does you will see the following in the upper left corner of your browser. Simply click “Restart Now”.

leechblock3


Once you have restarted to access it for set up click on the browser name in the upper left, then click on “add ons”.

leechblock4


In the ensuing screen click on “extensions”.

leechblock5


Then locate Leechblock and click on options.

leechblock6


Choose a name for the block set if you wish.

lbname

Enter the urls you wish to block. The malware popups  that I have seen on my farm  and in screenshots in our groups and from friends so far come from related8.info, plenty8.info and variations of servehttp.com so I have opted to block those. Note that with this program you must list only one url per line.

lburls


Then click “Next”

lbnext1


Next you must set the time to block in military time. Entering 0000-2359 here will block for the entire day.



Set your time limit to block after 0 minutes in every hour.

lblimit


Set when to block as “within time periods or after time limit”.

lbwhentoblock


Check the boxes next to every day for when to block.

lbdays


Then click next

lbnext2


Leechblock will show it’s default screen to let you know a url has been blocked.

lboptions3


Make sure to check the box for “Actively block pages  for these sites after time period entered or time limit exceeded. You do not want them to load after a delay, you want them blocked from your system.

lbops3checkactiveblock

Then Click ok and you are done.

lbok


We hope you will find these safety tips helpful. Happy and safe farming!

dfinvestigations





Post a Comment Blogger

  1. You guys are so awesome...............Thanks so very much for taking the time. I posted on my wall, and I think everyone should use these.

    ReplyDelete
  2. i have installed this add on and have only one comment that needs to be corrected in the instructions. On time limit after which to block = you asked that we enter zero minutes. but i had to enter one minute , zero was not a valid entry. thx for the help with this, and may i suggest anyone who can spare the $5 send it in to the individual out there developing these add-ons! i did! thx again "Dirt Farmer"!

    ReplyDelete
  3. I didn't get the Clock Icon on my Browser Bar! Do I have to close the browser and hope to see it there when I reopen or is there a magic solution?

    "To make sure your block sets are active at any time click on the Nanny For Google Chrome clock icon in the upper right corner of your browser and check for “URLs blocked now”."

    ReplyDelete
  4. Everyday there are new ones. May have to give up the games and that would make me very sad. Can't Zynga do anything about these.

    ReplyDelete
  5. I don't know if I have a virus but FB/Zynga games are not working right on my computer. I cannot ask for quest items, I cannot ask for votes, I cannot share items. I have these problems with Hidden Shadows, Gardens of Time, Bubble Safari and Bubble Ocean, Seaside Hideaways. If I try to do any of the above the game will dim and freeze. If you can give me any suggestions I would appreciate it very much. I have un/reinstalled FV, DF Click Trap Remover, Mozilla and I can't remember what all but nothing has worked. Thank You.

    ReplyDelete

 
Farmville Dirt Farmer © 2016. Trademarks are the property of their respective owners. Game content and materials (c) Zynga Inc.
All rights reserved. Site Maintained by STC Network
Top