We use cookie files to improve site functionality and personalisation. By continuing to use HUKD, you accept our cookie and privacy policy.
Expired

Threat Detected: Immediate Action Required (pops up on screen, while on HUKD, what's happening? )

dave09 Avatar
dave091y, 8m agoPosted 1 year, 8 months ago
I was on HUKD & this pops up on screen, as it doesnt look like my AVG has kicked in as it doesnt have AVG mentioned? i'll try & post a screengrab pic
dave09 Avatar
dave091y, 8m agoPosted 1 year, 8 months ago
Options

All Responses

(12) Jump to unreadPost an answer
Responses/page:
SUMMONER#1
download and run Malwarebytes
dave09#2
Here is the pic http://imageshack.us/photo/my-images/513/05qg.jpg/
here


Edited By: dave09 on Sep 13, 2013 02:23
dave09#3
SUMMONER
download and run Malwarebytes

Running now.
SUMMONER#4
fatal registry error
Wow, the error is fatal.
https://lh4.googleusercontent.com/-L-Iohtm3eUk/UicuejETYSI/AAAAAAAAAxE/SHl7Dg7Bpcg/w151-h61-no/ROFLSmiley.gif

Looks to me like an advert, trying to badger you into installing and paying for some useless software.

Edited By: SUMMONER on Sep 13, 2013 02:28
dave09#5
SUMMONER
fatal registry error
Wow, the error is fatal.

Looks like an advert, trying to badger you into installing and paying for some useless software.

Yeah, it certainly looks like it, i've seen some similar one's come up before that looked really obvious as a scam, but this is trying to look as real as it can get as its similar to the red screen that AVG has.
dave09#6
I've had a closer look at the top of page, the url says http://fix-issues.openvn.com/?sov=62570201&ctrl1=nodl&id=XNSX.nodl, as i;m just posting it to see if anyone else has come across it

To be honest, i hate getting **** like that, as its not really ROFL stuff

Edited By: dave09 on Sep 13, 2013 02:34
SUMMONER#7
Have you been to any rouge porn websites lately? Never mind, don't answer that question. (_;)

Let Malwarebytes run a full scan and see what it shows.

Looking at the URL you posted, it appears to be just a Flash advert/pop-up. Likely triggered by a website you have been to.

Edited By: SUMMONER on Sep 13, 2013 02:40: ..
dave09#8
SUMMONER
Have you been to any rouge porn websites lately? Never mind, don't answer that question. (_;)

Let Malwarebytes run a full scan and see what it shows. Most likely that is just a Flash advert, from some website you have been to.

I wish that could be the excuse, but i've just logged on here, 5m later i get this, lol!

Scan finished: found 2 PUP.Optional.Babylon ToolbarA, there's probably more info on the log?
SUMMONER#9
dave09
Scan finished: found 2 PUP.Optional.Babylon ToolbarA, there's probably more info on the log?

from Wikipedia...
Babylon's translation software will attempt to hijack the user's system by adding the Babylon Toolbar, which has been widely identified as a browser hijacker. The toolbar also comes bundled as an add-on with other software downloads. It changes browser preferences such as the user's home page and search engine, changes that can be very difficult to reverse.
Tell Malwarebytes to remove it, restart the computer and then run another full scan, just to be on the safe side.

Edited By: SUMMONER on Sep 13, 2013 02:46
dave09#10
SUMMONER
Have you been to any rouge porn websites lately? Never mind, don't answer that question. (_;)

Let Malwarebytes run a full scan and see what it shows.

Looking at the URL you posted, it appears to be just a Flash advert/pop-up. Likely triggered by a website you have been to.

Registry Keys Detected: 2
HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.

The only other pages i've open is isohunt & bluesbrotherscentral.com

Gonna restart now.


Edited By: dave09 on Sep 13, 2013 02:50
dave09#11
Registry Keys Detected: 0
(No malicious items detected)

Sounds like all 'good under the hood' now, but since i'm here, i might as well post another thing that's been bugging me for a while regarding Windows updates.
Leturrip#12
I got the same thing yesterday. looks like isohunt maybe the common website visited

Post an Answer

You don't need an account to leave a response. Just enter your email address. We'll keep it private.

...OR log in with your social account