We use cookie files to improve site functionality and personalisation. By continuing to use HUKD, you accept our cookie and privacy policy.
Close
12
Responses

Threat Detected: Immediate Action Required (pops up on screen, while on HUKD, what's happening? )

dave09dave09

I was on HUKD & this pops up on screen, as it doesnt look like my AVG has kicked in as it doesnt have AVG mentioned? i'll try & post a screengrab pic

All Responses (12)

Jump to unread Post an Answer
    SUMMONER
    download and run Malwarebytes
    dave09
    Here is the pic http://imageshack.us/photo/my-images/513/05qg.jpg/
    here


    Edited By: dave09 on Sep 13, 2013 02:23
    dave09
    SUMMONER
    download and run Malwarebytes


    Running now.
    SUMMONER
    fatal registry error

    Wow, the error is fatal.
    https://lh4.googleusercontent.com/-L-Iohtm3eUk/UicuejETYSI/AAAAAAAAAxE/SHl7Dg7Bpcg/w151-h61-no/ROFLSmiley.gif

    Looks to me like an advert, trying to badger you into installing and paying for some useless software.

    Edited By: SUMMONER on Sep 13, 2013 02:28
    dave09
    SUMMONER
    fatal registry error

    Wow, the error is fatal.

    Looks like an advert, trying to badger you into installing and paying for some useless software.


    Yeah, it certainly looks like it, i've seen some similar one's come up before that looked really obvious as a scam, but this is trying to look as real as it can get as its similar to the red screen that AVG has.
    dave09
    I've had a closer look at the top of page, the url says http://fix-issues.openvn.com/?sov=62570201&ctrl1=nodl&id=XNSX.nodl, as i;m just posting it to see if anyone else has come across it

    To be honest, i hate getting **** like that, as its not really ROFL stuff

    Edited By: dave09 on Sep 13, 2013 02:34
    SUMMONER
    Have you been to any rouge porn websites lately? Never mind, don't answer that question. (_;)

    Let Malwarebytes run a full scan and see what it shows.

    Looking at the URL you posted, it appears to be just a Flash advert/pop-up. Likely triggered by a website you have been to.

    Edited By: SUMMONER on Sep 13, 2013 02:40: ..
    dave09
    SUMMONER
    Have you been to any rouge porn websites lately? Never mind, don't answer that question. (_;)

    Let Malwarebytes run a full scan and see what it shows. Most likely that is just a Flash advert, from some website you have been to.


    I wish that could be the excuse, but i've just logged on here, 5m later i get this, lol!

    Scan finished: found 2 PUP.Optional.Babylon ToolbarA, there's probably more info on the log?
    SUMMONER
    dave09
    Scan finished: found 2 PUP.Optional.Babylon ToolbarA, there's probably more info on the log?


    from Wikipedia...
    Babylon's translation software will attempt to hijack the user's system by adding the Babylon Toolbar, which has been widely identified as a browser hijacker. The toolbar also comes bundled as an add-on with other software downloads. It changes browser preferences such as the user's home page and search engine, changes that can be very difficult to reverse.

    Tell Malwarebytes to remove it, restart the computer and then run another full scan, just to be on the safe side.

    Edited By: SUMMONER on Sep 13, 2013 02:46
    dave09
    SUMMONER
    Have you been to any rouge porn websites lately? Never mind, don't answer that question. (_;)

    Let Malwarebytes run a full scan and see what it shows.

    Looking at the URL you posted, it appears to be just a Flash advert/pop-up. Likely triggered by a website you have been to.


    Registry Keys Detected: 2
    HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully.


    The only other pages i've open is isohunt & bluesbrotherscentral.com

    Gonna restart now.


    Edited By: dave09 on Sep 13, 2013 02:50
    dave09
    Registry Keys Detected: 0
    (No malicious items detected)

    Sounds like all 'good under the hood' now, but since i'm here, i might as well post another thing that's been bugging me for a while regarding Windows updates.
    Leturrip
    I got the same thing yesterday. looks like isohunt maybe the common website visited

Post an Answer

You don't need an account to leave a comment. Just enter your email address. We'll keep it private.

I Approve
Your Comments On This Post
Comment Preview
Close

PRIVATE MESSAGE

Close
Sorry, you can’t currently send PMs. Once you’re a more active member of the forum, the PM service will be unlocked for you.
Welcome to HUKD!
Close
Join the Community