Yesterday afternoon I turned on my computer and opened Internet Explorer, typed in www.palottery.com and clicked enter. That is when Internet Explorer froze/locked up and 2 pop up windows appeared. One on top of the other! the one stated:
"Dear Pennteledata inc. customer,
Your IP: 184.108.40.206 has been blocked
A serious malfunction has been detected with Windows Vista / Server 2008 and you IE 9.0. Please call the toll-free number below for a certified technician to help you resolve the issue.
For your safety, closing the IE browser has been disabled without support of the certified technician to avoid corruption to the registry of your Windows Vista / Server 2008 operating system
Please contact support at the toll-free Helpline 855-203-2052
DO NOT SHUT DOWN OR RESTART THE COMPUTER, DOING THAT MAY LEAD TO DATA LOSS AND POSSIBLE FAILURE OF THE OPERATING SYSTEM AND POTENTIAL NON BOOTABLE SITUATION RESULTING IN COMPLETE DATA LOSS, CONTACT MICROSOFT CERTIFIED TECHNICIANS TO RESOLVE THE ISSUE CALLING TOLL FREE - 855-203-2052"
I tried clicking to close the top window so I could see the window underneath, but it kept popping back up! Took a screen shot of the top message and then timed it so when I closed the top window I was able to get a screen shot of the bottom window/message.
I then game on here and opened a topic in the section: "Am I infected? What do I do?" Here is the link to my post there:
I then did a scan with MBAM free and Microsoft Security Essentials. they both detected Nothing. I then did a scan with SUPERAntiSpyware free and that detected nothing.
Then I saw the section on Ransomware and I thought I made a mistake and posted in the wrong section. So I made a new topic Post in the Ransomware section, Here is that link:
It was recommended that I wait for a reply to my original posting and that they did not think I had Ransomware, But just to be safe I should have my computer checked. SO I went back to my original post and one person recommended I contact/send a PM to Curie who had helped me with my most recent problem dealing with the "kovter" infection which was closed 4 days ago and ask to have another look at my system. I then sent a PM to Curie and explained my current problem. Curie responded back saying they were unable to help me at this time because they were busy and that I should open a new topic post in this section and follow the directions in the link they gave me. Which I did.
I do not know if I have any Ransomware, remnants of the "Kovter" infection or as one of the people who responded mentioned It was most likely a Phony Tech Support Scam. They recommend that I have my computer given a thorough going over just to be safe!
I am attaching: FRST.txt, Addition.txt which was requested.
Also I am including: MBAM scan result log, and the 2 screen shots of the pop up messages.