I have a user running Win7 Pro 64.
They are continually being directed in FireFox to a fake "your computer is infected site"
I have run a full Avast scan - no items found
A MalwareBytes scan - nothing found
Windows Defender - nothing dound
FF has no add-ins or extensions
completely deleted their FF profile
Done a system restore back as far as possible
I cant get a clear answer from the user if it will happen when FF is not running (I think it has to be open, but could be in the background). I myself have clicked on a totally clean link and been redirected to the "your infected" page, but as I said I think FF just needs to be open, no link click necessary.
All startup programs and services are legit
The URL to the site is a very long string
h t t p : //code-ss57.stream/guest/01234567891011121314151617181920212223....
Any thoughts, or help would be appreciated
Edited by JPNYC, 14 January 2018 - 10:10 AM.