Jump to content

Adware infection - need help please


Recommended Posts

I am not a computer geek so please bare with me. I have anti malwarebytes and ransomware installed.  This computer is only about 2 years old and has had the above since day 1.  Lately I have had a very strange thing happen.  I was on "wheel of fortune" TV game site.  On their pages there was a message saying I had "1 new message".  I figured it was from Wheel (maybe saying I had won something) so I clicked on it.  It took me to a totally different page with a recording saying my computer was infected with a virus and I needed to call them or they would shut my computer down so as to not infect the network.  The only way out of that page (and I did not call them) was to shut my computer down (pulled the plug) and reboot.  Then all was o.k.  This has happened twice in the last week and I am certain it was due to some message saying "1 new message" on a legitimate site I was visiting(that I clicked on to get the message)  Could this be a virus in my computer or just the threat trying to get into it?  I have seen where anti malwarebytes has detected something on several occasions lately.  Is this how Odin or one of the other viruses work?  If you answer to this please advise where to report such a thing as has happened to me lately and what do I send them other than my story to investigate. Thanks. Debony123

Link to post
Share on other sites

Hi @Debony123:)

These messages are simply ads that impersonates a message. They aren't real and are meant as "bait" to make you click on them. As a result, you were redirecting to a fake error message prompting you to call technical support which would end up scamming you by selling you support you don't need because you weren't infected in the first place. This is known as malvertising and tech support scam.

Locky have a variant which appends .odin to the encrypted files. Locky is a Ransomware and not a tech support scam, so it doesn't work the same way (well it does in a way where Ransomware are also delivered via malvertising as it's a big attack vector). 

If you believe that you are infected, please start a new thread in the Malware Removal section by following the instructions in the thread below.

https://forums.malwarebytes.org/topic/9573-im-infected-what-do-i-do-now/

Thank you!

Link to post
Share on other sites

Will do Ron, thank you :)

Debony, please follow the instructions in the thread I linked in my previous post, and copy/paste the content of the FRST.txt and Addition.txt logs you'll get from running FRST, and we'll get started!

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.