Jump to content

promark

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you. Yes, it was similar to MalwareScam-5.wmv
  2. I was advised in another forum to post this incident here. I am using Malwarebytes Anti-malware Premium. There were no alerts from Anti-malware or the antivirus. Here is my report from the other forum. My setup: Windows 10 Home 1607 x64 - Firefox ESR 45.4.0 - OpenDNS with Security options On - Avast free - Malwarebytes anti-malware premium - Malwarebytes anti-exploit While browsing Facebook, I clicked on a link about the passing of Jane Fonda, which triggered a couple of center page popups and an audio which alerted that Windows had detected an infection that could be sending out personal information. I don't remember all of the specifics. The audio instructs to call Microsoft at the number provided to be walked through the fix or repair or whatever. It goes on to say that if the message is closed before making the call, Microsoft will be forced to "disable your computer". I did not listen to the whole message. All attempts to close or cancel the dialog box fail. The browser tab could not be closed. I closed the browser. When I checked the browser history, after reboot, there was a very long list of entries beginning with the following, all named Microsoft Official Support: http://microsoft.com-00005.info/?num=305-902-4549 http://microsoft.com-00005.info/?num= http://microsoft.com-00005.info/msie1.php http://microsoft.com-00005.info/0 http://microsoft.com-00005.info/01 http://microsoft.com-00005.info/012 http://microsoft.com-00005.info/0123 http://microsoft.com-00005.info/01234 http://microsoft.com-00005.info/012345 http://microsoft.com-00005.info/0123456 http://microsoft.com-00005.info/01234567 http://microsoft.com-00005.info/012345678 http://microsoft.com-00005.info/0123456789 http://microsoft.com-00005.info/012345678910 http://microsoft.com-00005.info/01234567891011 http://microsoft.com-00005.info/0123456789101112 http://microsoft.com-00005.info/012345678910111213 http://microsoft.com-00005.info/01234567891011121314 http://microsoft.com-00005.info/0123456789101112131415 It continued on like this for a little more than one minute. There were several HUNDRED of these in the browser history, with each one incremented in the same manner from the previous address. After a restart, I ran a full scan with Malwarebytes anti-malware, Avast and Adwcleaner. AdwCleaner tagged a single line in Firefox prefs.js related to a SpeedDial link to a ghacks.net article: http://www.ghacks.net/2012/02/02/why-i-switched-to-the-duck-duck-go-search-engine/ This is a legitimate link. Everything else was clean.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.