Jump to content

New Zeus infection??


Recommended Posts

I run latest Malwarebytes 3.0 Pro on home Windows 7 Pro desktop pc. Attached is pic of my two-screens. on left is apparent malware attack I got from one of the other tabs (also shown in pic).  I *think* the malware came from record label link, but here's how it hap[pened:  I started on  facebook, opened an article pointing to a british newspapaer article, followed a link in that to the archive of African pop music.  I think I was drilling down into music of Guinea Conakry archive when the alert (from newpaper URL, judging by Defender... heading of the alert. message).

I can retrieve the actual URLS from browser history or by starting again with the FB article.  But it could be that the ZEUS was already on my PC? If so malware bytes didn't notice it, nor did MS antimalware.  What else do I need?

I grabbed the screen, disabled my network connection, and shut right down, I don't know if booting from a recovery disc or knoppix etc  would be safe.  I have a 2nd SATA drive installed, it has a recent mirror copy of my boot drive, because I've been getting ready to replace the first Windows boot drive which is losing sectors and acting bad. I don't know if Zeus infects all Windows boot partitions, or all drives or what?  If I could boot, where would I look for evidence of malware?  Hope I'm in the right group here on Malwarebytes. 

hacked.png

Link to post
Share on other sites

You will see your screen is similar to the below and it is as much a fake event and scam as the below.

I have created a series of videos generated from these fraud sites for the purposes of recognition and education.  They are all  videos from real web sites.  ALL are FRAUDS.

MalwareScam.wmv

MalwareScam-1.wmv

MalwareScam-2.wmv

MalwareScam-3.wmv

MalwareScam-4.wmv

MalwareScam-5.wmv

MalwareScam-6.wmv

( **Also located at "My Online Security" - Some videos of typical tech support scams )

You will also see I do my best to submit as many sites as possible such that Malwarebytes' products can block access to them.  You can see my submissions in;  Newest IP or URL Threats  labeled as "HTML.FakeAlert".

Reference:   
US FBI PSA - Tech Support Scam

 

 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.