Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

While using Flash Player, Chrome froze due to popup


  • This topic is locked This topic is locked
12 replies to this topic

#1 justme4now

justme4now

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 13 August 2015 - 12:44 PM

Hi. I'll try to be as clear as possible. Here is what happened:

 

I was watching a movie on tunemovies.com (Spy, with Melissa McCarthy, if you want to know, and yes, it's entertaining), when, after pausing

pausing the movie for a few minutes, I had a pop-up which froze everything. I took a picture with my phone of the exact URL:

myfavoritesweeps-ipadair-winner2.com/alertalert/warningwarning.php?cid=wTNE36KQCB117SAMOVHEU024

Text on the page:
========================================================================================

The page at myfavoritesweeps-ipadair-winner2.com says:

Critical programming error alert

The website you were attempting to access ahead is infected with mallware. (sic)

Unknown users on your computer are attempting to install harmful software and programs which will allow them to steal or delete information. This

is including but not limited to photographs, user passwords, instant message, and credit card numbers.

We strongly advise that you dial the number for customer care at (844)338-4691 this very moment for technical support.

[] Prevent this page from creating additional dialogs.




      [ok]   [cancel]
=============================================================================================================

This popup was on top of a red page with white text which I wasn't able to read because of the text above. It had a 6-sided white sign with red X.

I could only see some words like attack....information....dangerous. Underneath on bottom of that red background page was this:

[] Automatically report details of potential security incidents to Google. Privacy Policy

          button that said:           [Back to safety]

=========================================================================================

I am running Windows 7 home edition 64bit. I usually use only Firefox but this laptop which I purchased used and which has been working great so

far came with one caveat: I have been unable to use Flash Player in Firefox. It just wouldn't install. I never tried to figure out why because I

don't really like Flashplayer anyway because of the security risk, and I usually don't need it. When I do need it I go to Chrome which has it

already installed.
I was under the impression that Flashplayer updates automatically in Chrome, but I'm not sure.

Needless to say, I didn't click on anything except maybe [back to safety] which didn't help. Everything was frozen and I ended up closing down

Chrome. I haven't been back since.

I ran Malwarebites-Antimalware Home Premium which found nothing. I also have Panda Antivirus (free) which I made scan the critical areas only, not a deep scan. It found 1 thing that was resolved without needing to be quarantined.

Since Tuesday night when this happened I have only noticed a slight sluggishness a couple of times, but this morning I couldn't get online at first

even though I was connected to our WiFi and the status bar on bottom right was full. I disconnected and reconnected, and a message came on that

Firefox needed to install an update. It was unusual that this apparently caused my screen darken which really freaked me out. The update

installed and everything seems to be normal but I'm still suspicious.

 

By the way, I haven't shut down my computer since last week. I'm still worried Windows 10 will be prompted to install itself upon restarting (I get a popup every so often asking me to install it) and I wouldn't know how to stop it.

Does anyone have any idea if I should do anything and if so what? I looked at the section of your site that lists how to remove different viruses etc. but didn't

actually comb through all the pages. A search of your site for "myfavoritesweeps" didn't bring any results. It just kept churning and churning, and I

finally left.

 

Thanks in advance for any help or suggestions.
 



BC AdBot (Login to Remove)

 


#2 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 15 August 2015 - 02:17 PM

Every day when I log on there is a new problem. I definitely have some kind of malware.

 

Yesterday: All my search engines have disappeared! In the search box, the drop down menu - nothing there. At all. I am able to go to a search engine and perform a search, so, at least that.

 

Today: A new development - my regular homepage is no more. Instead it has the Firefox startpage (my default browser), and it features a search box which is of course dead.

 

I really wish somebody would take an interest in helping me, i know this post is being viewed. I am like watching a train wreck in slow motion. i am afraid by the time someone finally gets to this it will be too late.



#3 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 15 August 2015 - 02:40 PM

Omg omg omg. I just got blue screen of death when i attempted to remove things under processes in task manager. I quickly shut it down because i didnt know what else to do. I am now writing on my tablet.

#4 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 16 August 2015 - 05:45 PM

I'm here in safe mode. I'm thinking of downloading Combovirus remover. Good idea or not?

 

Here is the link to my original post:

http://www.bleepingcomputer.com/forums/t/586325/while-using-flash-player-chrome-froze-due-to-popup/

Mod Edit:  Merged topics - Hamluis.

 

I just realized for the first time that this laptop only has Service Pack 1 installed. That's very bad, I suppose. Should I take care of that first or leave it for later?

 

I also posted a link to the exact virus I have for which there is a tutorial online how to do it manually or with SpyHunter (not a free software, unfortunately). I don't want to do it manually again since that's when my screen turned blue. I followed the instructions and went into Processes in Task Manager, and kaboom. So I'd rather not repeat that and let a program tackle this.

 

Edit: Actually maybe not Combofix. It says it shouldn't be done by someone with no experience and no supervision.


Edited by hamluis, 18 August 2015 - 11:42 AM.


#5 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 16 August 2015 - 06:08 PM

I just downloaded Autoruns. It says to extract the file and THEN reboot in safe mode. I am already in safe mode now, but obviously with network. Should I close down and reboot in safe mode without network and then extract it? You are warning that the virus sometimes monitors key strokes. So maybe I should not extract the files while there is an internet connection?



#6 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 16 August 2015 - 06:17 PM

Oh, and I have MBAM Premium and it did not detect the virus. Neither did Panda.

 

Is someone actually going to give me a  hand or not? It's quite frankly frustrating to see people being helped immediately who don't even have an emergency, just annoying stuff on their computer, while I have been asking for help for 3 days with an active virus that is wrecking my laptop and getting increasingly worse. :clapping: :bounce: :halloween: :hello: :scratchhead: :crazy: :busy:



#7 Havachat

Havachat

  • Members
  • 1,136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sleepy Hollow - Geelong - Go Cats.
  • Local time:05:18 PM

Posted 16 August 2015 - 06:44 PM

Im not an Expert , but in my opinion with what you have allready tried and having access to the internet via Ipad ?

 

1/ I would see if you have a Recovery Partition on the Laptop and restore it to the day it was bought.

    This will wipe all on the drive and reinstall Win 7 from the Recovery Image Partition.

 

2/ As you can get into safe mode , save all personal  documents and files to an external drive or usb stick.

 

3/ Go to the manufacturers website of the laptop for instructions on how to perform a Recovery from the saved image.

 

If you dont have a recovery partition - you may have to wait until someone else can assist you.



#8 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 17 August 2015 - 09:58 AM

Thank you Havachat. That would frankly be my last resort but it's good to know it exists. But I figure sinve I know what causes all this trouble I should be able to eliminate it. The difficulty I run into is that I don't know the names it is hiding under in the registry. I was able to delete itfrom Chrome but that was easy. I might just have to swallow the bitter pill and buy SpyHunter.

#9 hamluis

hamluis

    Moderator


  • Moderator
  • 56,287 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:18 AM

Posted 18 August 2015 - 11:43 AM

If you would stop posting multiple topics concerning the same situation...you might give someone with some knowledge of malware...a chance to assist you.  Just my opinion.

 

We are aware that you are seeking assistance...but there are some things that should be done in the proper manner, cognizant of the fact that all members here are volunteering their services in their "free" time and that such "free" time varies from person to person, situation to situation.

 

Your topic has been posted on the "3-Day" list...please exercise some patience and I suggest that you stop fiddling with the system, pending the results of all checks for malware.

 

Louis


Edited by hamluis, 18 August 2015 - 11:49 AM.


#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:02:18 AM

Posted 18 August 2015 - 06:29 PM

Hello justme4now,

 

Please don't miss Louis' post above!

 

==========

 

My name is bloopie and it is a pleasure to meet you! :)

 

It is difficult to see exactly what is going on with your machine due to the multiple posts and merged topics. For this reason (and to avoid additional topic clutter here), I'd suggest you start a fresh topic in the Malware Removal forum so that we can get proper logs posted and get a much better look into the system, all in one topic. To do this, please follow the Preparation Guide starting with Step :step6:. Step 6 is there to guide you in creating the proper logs...then in step 7, you'll find instructions on creating a new topic in the Malware Removal forum. If you have any questions about the instructions, please don't hesitate to ask!

 

Once this is done, please post back here with a link to the new topic, and I will then close this topic to avoid confusion. If anyone else has not taken your new topic by the time I check this thread tomorrow evening, I will assist you myself.

 

 

Thanks for your understanding, patience, and cooperation!

 

bloopie

 

P.S. If you have created your new topic, and posted back here with no reply to either topic by this time tomorrow evening, please send me a PM.



#11 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 23 August 2015 - 04:23 PM

Hello Bloopie, pleased to meet you too. :love4u:

Bloopie and Louis, I am very sorry I got so impatient, and I know I was out of line, but this was really sabotaging my work to the point where I needed to google and also search this site and tried to fix things myself because I really need use of my computer. I am so screwed without it, so please forgive me, I very much admire you guys and your know-how, and I am totally awed by your knowledge.

 

I seem to have fixed the problem with Panda Cloud Cleaner, except I am not SURE that everything has been eradicated. All the search engines returned, and my homepage is the way I set it up before, so things FEEL and LOOK normal but there is no proof that the thing isn't still lurking somewhere in my machine. 

 

I wrote a new post last night but forgot to put in the FRST logs. I had them done though, and I was just going to edit the post now and include those 2 logs but I am unable to find the post. It appears to have been moved to somewhere else. I will try to look some more, and when i find it, come back here and post the link after I included the scan logs. If not, I will create a new post with the logs and post the link here. I hope I am not again messing things up. I'm aware it's bad practice to have different posts like that but i really am trying to find the one from last night.



#12 justme4now

justme4now
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:02:18 AM

Posted 23 August 2015 - 04:50 PM

Ok, I found the post and added the logs. I looked over the items and changed the font of some of them to orange because they look very much like the things in Task Master that I tried to delete and which prompted a blue screen. There are probably more of those but I just highlighted a few to draw your attention to them. Thanks.

 

http://www.bleepingcomputer.com/forums/t/587697/infected-with-myfavoritesweeps-ipadair-winner2dotcom/



#13 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:02:18 AM

Posted 23 August 2015 - 08:59 PM

Hello justme4now,

 

We accept your apology! :)

 

Many thanks for admitting, and huge kudos for manning up!

 

...I was going to take your topic anyway...but that just made me happy to do it! Very happy to see that! :lol:

 

==========

 

Now that your logs have been properly posted, this topic is closed to avoid confusion. Please allow me some time to look over your logs, and I will respond in your new topic! :thumbup2:

 

Anyone else, please begin a new topic!

 

Thank you!

 

bloopie






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users