i was browsing merrily on a forum i regularly use, and up pops a box that says i’m infeceted and my computer will now be scanned. I couldn’t close the background window so clicked the ‘X’ on the top right of the popup and quickly closed the browser down, i’d noticed that i’d been redirected to a website that had a circle in the middle, like a progress bar.
the message on the pop-up read something along the lines of “e-set will now scan your computer”… sorry so vague but i just quickly closed it all down to stop anything from happening. i’m now using microsoft IE, was using chrome when it happened. not sure if the security issue is with chrome, avast or the website itself…
has anyone else seen or heard of this scareware?
is there anyway to tell if i’ve been infected and is there a way to stop this happening again (short of not visiting the website in question)?
i’m doing a full scan and going to run windows defender as well after. never ever had an issue on this machine with virus’ so hopefully i’m clean?
Yes looks like a drive by attack (possibly the site has been hacked) of a rogue/fake AV scam/scumware.
Personally I would continue using Chrome (or firefox with the NoScript add-on) rather than IE.
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
[li]1. MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
The forum you use has probably been hacked, or you clicked a link to a hacked/malicious site.
It is a page that pretends to scan your machine (when in fact it is just images and popups) and then offers a download of a scanner. This is in fact a rogue.
right, downloaded the OTS program and ran it. Please find the results attached.
I checked the options listed in the guide you posted, is there any reason all of the boxes and options are not meant to be ticked, thus giving a deeper more thorough scan?
Also would I be right in assuming browsing in Google Chrome, especially with ‘Incognito’ activated is going to be better than using Microsofts IE? The only extension I’m using is a biometric fingerprint reader .crx that allows me to swipe fingers rather than entering passwords. Surely just running this in Chrome or IE is ok?
The options that you ticked for this run were the normal Hijack points - generally I use the other sections for trouble shooting, although OTS is flexible enough for me to look at anything
Nothing apparent there, so by not clicking the page but closing it saved you some grief.
To be on the safe side I will clear all your temp folders, when you run OTS you will lose your desktop as all processes will be killed, that is normal. Are you experiencing any problems ?
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
ahhh, no need. this time it rebooted as soon as i clicked ‘yes’, has there been an update to the program (as i had to ok changes to the comp when i opened OTS this time around)?