Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Paypal pop-up requesting private info


  • Please log in to reply
1 reply to this topic

#1 geekomatic

geekomatic

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 15 May 2011 - 03:09 AM

Hi everyone,

Firstly- thanks in advance for any light you can shed on this for me.

I'm helping a friend with a strange pop-up. Specs are:

Compaq laptop running W7 Home Prem. 250GB drive/2GB RAM- typical low-end machine.

He'd had McAfee on for a few months- reported no issue w/it until this week when, if he tried to open it, got only a blank white box where the program window should be. He tried to uninstall it to do a re-install- but even the uninstall window was blank.

At about the same time, he had tried to log in to his Paypal account & a pop-up window presented itself asking for private banking details. Thankfully he called me & I told him to stop using the laptop until I could get antivirus on & scanned- which I did. 4 were detected and moved to the vault using Avira:

TR/Kazy.14517.41 trojan
JAVA/Exdoer.BN JAva virus
TR/VBKyrpt.cyxu trojan
TR/Kazy.14517.41 trojan (same name but from diff location)

I did run HJT- found a few things that looked odd- and I'm no expert...I fixed missing files and the rest look legit (to my untrained eyes).
I checked the hosts file & only have loopback 127.0.0.1

When my friend logs in to Paypal on my Linux machine- this pop-up isn't there- so I know it's the laptop itself.

How should I proceed? Screen shot of pop-up attached. Thanks!

Posted Image

BC AdBot (Login to Remove)

 


#2 geekomatic

geekomatic
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 15 May 2011 - 07:35 AM

Bump...

Has anyone here ever heard of this from PayPal?

Odder still is that I believe the true site (behind the pop-up in the photo) is the actual, legit site...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users