Jump to content

Chrome Malware Issue


Recommended Posts

I have a screen that pops up in Chrome when using MSN.com that attempts to spoof Microsoft and orders me to call a toll free number for 'help".  I have premium Malwarebytes which does not block this screen.  Any thoughts on why it is not being blocked?  The website is 

https://necoditaffencedon.icu/.

A screen shot of the page is attached.

 

 

Screenshot - 6_21_2019 , 4_17_44 PM.jpg

Edited by AdvancedSetup
Removed live hyperlink
Link to post
Share on other sites

Hi ken430tx   :welcome:

Thanks for the screen grab.

That is a bogus, scam display.   If it is still there, or, if it happens again....you can force it to close.

I understand that this is on Chrome.

Look at the very topmost right corner of the browser itself.
I mean the one for Chrome or Firefox or Edge browser itself ( or matter of fact any browser).
Move the mouse pointer over the X at the very far right-top corner and click that.
That will close the browser and its display and the audio too ( if any).

 

You could also use Alt-key + F then click on Exit.

.

Other ways available, if the one above is not a success.
You can easily use keyboard key-press shortcuts to get rid of the false pages displayed. ( see below). And if there is any video with this, it will stop when the page is closed.

 

When this fake is in the foreground and in a web browser, there are many ways to get it off the screen.
I would suggest to do a few keyboard presses to get rid of the windows on-screen.

 

press and hold CTRL key on keyboard and then tap W key. CTRL + W 
 

image.png.1d7fd72bd8bfffa194d8a1d6f2df6abd.png


That should close the Tab page of the web browser in the foreground.
You can repeat as needed.

 

Every web browser will recognize the CTRL+W key-presses as a "close this window" command.

.

.

Other ways to get rid of screen:
Press and hold ALT-key on keyboard and then tap the F4 function key a to get the foreground windows closed and done away with. ( repeat use of ALT + F4 sequence). 


ALT + F4 is especially helpful against the smaller window ( if any) that is up in front.
If your machine is a notebook or laptop, you should depress and hold the ALT + FN (function key) + F4 keys.

ALT + HOME key on the keyboard will put your browser page back onto your prior choice for Home page. That easily deals with the bigger full page displayed.
Then while still in the web browser, press and hold SHIFT + CTRL + DELete keys to start the process to delete all browser cache & history.


Other ways to get rid of the bogus display are listed below:

There is always the ability to end the web-browser program thru using Windows' Task Manager applet.
Click the Start button and type: 
taskmgr.exe
and then press Enter. 
( or you can press and hold CTRL-key on keyboard + ALT-key +DELETE key to get Task Manager option).

In the processes tab, find the process for whichever browser you are running: 
_iexplore.exe, firefox.exe, chrome.exe, MicrosoftEdge.exe, MicrosoftEdgeCP.exe_ and then click _End Process_ or _Terminate_.



Look at the following Malwarebytes Blog article and scroll down to the section marked *Clear your browser's cache* 
and do that for each of your web browser programs.
https://blog.malwarebytes.com/puppum/2017/04/adware-the-series-part-1/


 

Link to post
Share on other sites

reply # 2  ( follow up)

Tech support scammers use fake warnings and lie about the state of your computer to frighten you into giving them money.

Even after stopping contact with them, they will probably call back to attempt another scam, or sell your information to another scammer.  Be on your guard.

You can learn more about this scam here: https://blog.malwarebytes.com/tech-support-scams/

 

Browser lockers reside in the browser cache only, it does not involve actual malware on your computer that can be detected by Malwarebytes.

Cleaning the browser history removes the pop-up.

The pop-up that you see is sourced from the website being visited and does not infect the actual PC.

There are roughly 600,000 of these sites registered daily, sometimes reappearing hours after being taken down by authorities. 

.

get & install the Malwarebytes beta Chrome extension,   It will help to keep dodgy sites away from Chrome.

Open this link in your Chrome browser: https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

Then proceed with the setup.

Edited by Maurice Naggar
Link to post
Share on other sites

I recommend the Malwarebytes beta Chrome extension  ( listed in prior reply).

also, check out

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

Consider adding Scriptblock to the Chrome browser

https://chrome.google.com/webstore/detail/scriptblock/hcdjknjpbnhdoabbngpmfekaecnpajba?hl=en

 

These types of tech support scams move to different locations at hyper speed.  Beefing up each of your browsers is best.

You indicate you have got the scam screen disposed of.

I would advise that delete all cache in Chrome, and, then just do a scan with Malwarebytes for Windows just as a check - precaution.

Most of these scam displays are just visual pests, designed to snare the innocent;  but they carry no actual malicious malware.

 

Let me know if you need anything else.

Cheers,

Maurice

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.