If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Authentication Scam Pop-Up
Win7, 64-bit
This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA |
Ads |
#2
|
|||
|
|||
Authentication Scam Pop-Up
On Tue, 7 Feb 2017 20:11:47 -0000 (UTC)
Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA That is a result of the NSA cloning your hard drive. |
#4
|
|||
|
|||
Authentication Scam Pop-Up
On Tue, 7 Feb 2017 15:43:30 -0500, Wolf K
wrote: On 2017-02-07 15:11, Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. I think somebody is masquerading as Lowes. In Firefox: Menubar View Toolbars check Status Bar. The Status Bar open at the bottom of the main FF window. Next time you hover over "Lowes Official Site", you should see the URL link on the status bar. If you see the bogus URL, you know it's not on/in your system. I'm running Firefox 51.0.1. It does not have the option "Toolbars" on the View Menu. So I can't Check Status Bar. DC |
#5
|
|||
|
|||
Authentication Scam Pop-Up
On Tue, 07 Feb 2017 15:07:26 -0600, wrote:
On Tue, 7 Feb 2017 15:43:30 -0500, Wolf K wrote: On 2017-02-07 15:11, Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. I think somebody is masquerading as Lowes. In Firefox: Menubar View Toolbars check Status Bar. The Status Bar open at the bottom of the main FF window. Next time you hover over "Lowes Official Site", you should see the URL link on the status bar. If you see the bogus URL, you know it's not on/in your system. I'm running Firefox 51.0.1. It does not have the option "Toolbars" on the View Menu. So I can't Check Status Bar. Yes you can. You don't have to turn the status bar on. It automatically appears when there's something to see there. See https://support.mozilla.org/en-US/kb...ned-status-bar |
#6
|
|||
|
|||
Authentication Scam Pop-Up
wrote:
Wolf K wrote: Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. I think somebody is masquerading as Lowes. In Firefox: Menubar View Toolbars check Status Bar. The Status Bar open at the bottom of the main FF window. Next time you hover over "Lowes Official Site", you should see the URL link on the status bar. If you see the bogus URL, you know it's not on/in your system. I'm running Firefox 51.0.1. It does not have the option "Toolbars" on the View Menu. So I can't Check Status Bar. Hover the mouse cursor over a hyperlink. A pseudo-statusbar popup will appear at the bottom of the window showing the effective URL. This is NOT the same as the actual URL (see my reply to Boris and below) and why it cannot be trusted to show you to where you actually go when clicking on a hyperlink. Hovering the mouse cursor over a Google search hit on "lowes" will show "www.lowes.com" in the popup pseudo-status bar. That's not the actual hyperlink. Right-click on the hyperlink and select Inspect Element to see the hyperlink was actually: a href="/url?sa=t&rct=j&q=&esrc=s&source=we b&cd=1&cad=rja&uact=8&ved=0ahUKEwj Biq7__P7RAhUE4SYKHQlIDgIQFggcMAA&url=https%3A% 2F%2Fwww.lowes.com%2F&usg=AFQjCNHgZZjs6eFBd4pY SY3gQfVS5ZiPyA" onmousedown="return rwt(this,'','','','1','AFQjCNHgZZjs6eFBd4pYSY3gQfV S5ZiPyA','','0ahUKEwjBiq7__P7RAhUE4SYKHQlIDgIQFggc MAA','','',event)"Lowe's Home Improvement: Appliances, Tools, Hardware, Paint .../a www.lowes.com is in there but as an argument. The actual (first) destination is a Google tracker URL. If you right-click on the hyperlink and select "Copy location" and paste elsewhere (e.g., Notepad), you'll see the variables/args got replaced so the actual destination is: https://www.google.com/url?sa=t&rct=...SY3gQfVS5ZiPyA Google wants to track logistics on its search engine. It has you go to their URL to record on what you clicked and then redirects you to the target site you intended to visit. Yes, this can be used for tracking but also get used to improve their search engine, especially regarding relevancy order of the search results. Because some users don't like their web visits to get tracked for any purpose, they use alternative search engines (e.g., DuckDuckGo or Ixquick/StartPage). |
#7
|
|||
|
|||
Authentication Scam Pop-Up
Boris wrote:
Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. Disable any ad blocker add-ons a retest. Or start the web browser in its safe mode which disables all add-ons during that session, including those that you did install. Inspect your 'hosts' file. Should only have the "127.0.0.1 localhost" equivalence unless you've added more or are using someone else's pre-compiled 'hosts' lists as an ad/content blocker. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. Sure looks like malware. Could be an add-on you did not intend to install, something iffy you did install and decided to eventually trigger, or something running outside of the web browser. The URL you get is probably trying to get more malware on your computer. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I did a Google search on "lowes". The first hit is a sponsored link and it did take me to lowes.com. In the Google search results and when the mouse is hovered over the hyperlink to Lowes, www.lowes.com shows up in the status bar (Firefox). That's not really the URL for that hyperlink. It's what the script wants you to see in the status bar. The actual URL is: https://www.google.com/url?sa=t&someArgs&url=https%3A%2F%2Fwww.lowes.co m%2F&moreArgs ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ https://www.lowes.com/ --------------------------------------' where %3A = : (colon) ---.--- entity codes %2F = / (forward slash) ---' (avoid parsing error on special chars) All the rest of the URL is for Google tracking (to record logistics on their search engine). I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. That runs as a separate process. Does not stop you from using your computer but obviously anything that runs can impact responsiveness of the computer. You already have malware on your computer. Do you really want to postpone its detected and eradication to do other work which may be in jeopardy? There is also the possibly of DNS poisoning. Flush your own DNS cache by running in a command shell: ipconfig /flushdns You cannot control DNS poisoning up on the DNS server that you use. There is malware that changes which DNS server to which you connect so check your DNS settings. Rather than have mine dynamically assigned by the upstream DHCP server (which results in me using my ISP's DNS server which fails about 2-4 times per year), I use alternative DNS servers that are statically defined by me, like OpenDNS and GoogleDNS in that preference order. |
#8
|
|||
|
|||
Authentication Scam Pop-Up
On 2/7/2017 12:11 PM, Boris wrote:
Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA AVG AntVirus Free blocked the Web page as a malware site. When I disabled AVG's LinkScanner Surf-Shield, Mozilla's Safe Browsing capability -- as implemented in SeaMonkey -- failed to block the site. That capability uses a database obtained from Google, which is why I am not surprised that the capability failed to block the site. -- David E. Ross http://www.rossde.com/ Paraphrasing Mark Twain, who was quoting someone else: There are three kinds of lies: lies, damned lies, and alternative truths. |
#9
|
|||
|
|||
Authentication Scam Pop-Up
On Tue, 7 Feb 2017 20:11:47 -0000 (UTC), Boris wrote:
This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". Doesn't your browser show you the URL when you hover the mouse pointer over a link? If it doesn't, junk it and get one that does. (Same advice for your email program.) NEVER click on a link without knowing where it will take you. I'll bet you anything "Lowes Official Site" isn't lowes.com -- the real site doesn't have to call itself "official". -- Stan Brown, Oak Road Systems, Tompkins County, New York, USA http://BrownMath.com/ http://OakRoadSystems.com/ Shikata ga nai... |
#10
|
|||
|
|||
Authentication Scam Pop-Up
Boris wrote:
Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. This is what I see. Lowes.com - Official Website Ad www.lowes.com/‎ ‎+91 99112 44209 Now, that number off to the side, is a long distance number to "Pedro Teh Scammer". (The phone number is likely in Uttar Pradesh, India.) That's your hint something is wrong with the link. When the advertisement was sold, there was probably some domain check, that the phone number was "local" to the website location. Another "ad" link near the top, lists a phone number of (416) 689-3570, which is a Lowes in Toronto. This does not authenticate the link - it's just a visual hint that something "unusual" is going on. I might notice that out of the corner of my eye, and move down the page out of harms way. ******* Firefox is doing this, and Seamonkey is not. ******* One suggestion was to use "encrypted.google.com" for your search instead. That's if you don't understand the hack involved, and want to move on. Paul |
#11
|
|||
|
|||
Authentication Scam Pop-Up
On 2/7/2017 2:27 PM, David E. Ross wrote:
On 2/7/2017 12:11 PM, Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA AVG AntVirus Free blocked the Web page as a malware site. When I disabled AVG's LinkScanner Surf-Shield, Mozilla's Safe Browsing capability -- as implemented in SeaMonkey -- failed to block the site. That capability uses a database obtained from Google, which is why I am not surprised that the capability failed to block the site. Regarding the failure of the Mozilla capability for Safe Browsing to detect the site as a phishing site, I submitted bug #1337549. See https://bugzilla.mozilla.org/show_bug.cgi?id=1337549. -- David E. Ross http://www.rossde.com/ Paraphrasing Mark Twain, who was quoting someone else: There are three kinds of lies: lies, damned lies, and alternative truths. |
#12
|
|||
|
|||
Authentication Scam Pop-Up
"David E. Ross" wrote in
news On 2/7/2017 2:27 PM, David E. Ross wrote: On 2/7/2017 12:11 PM, Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA AVG AntVirus Free blocked the Web page as a malware site. When I disabled AVG's LinkScanner Surf-Shield, Mozilla's Safe Browsing capability -- as implemented in SeaMonkey -- failed to block the site. That capability uses a database obtained from Google, which is why I am not surprised that the capability failed to block the site. Regarding the failure of the Mozilla capability for Safe Browsing to detect the site as a phishing site, I submitted bug #1337549. See https://bugzilla.mozilla.org/show_bug.cgi?id=1337549. After reading your first post, that AVG Free detected and blocked the site, I thought I'd install AVG Free, and see what happens. After installing AVG Free,I tried Firefox again, and this time, a Google search didn't bring up "Lowe's - Official Site", it brought up "Lowe's Home Improvement: Appliances, Tools, Hardware, Paint ...", as the first link. When I hovered over this link, the status bar showed "www.lowes.com, and nota google redirect. Hmmm...something has changed for the better. I tried IE, with the same (good) results. I read your bug report. Thanks. So, it looks like I didn't have any malware installed on my machine, only phising attempts. Shame on you Google. Never cared for google, don't do Chrome, and have no google account, let alone gmail. |
#13
|
|||
|
|||
Authentication Scam Pop-Up
VanguardLH wrote in :
Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. Disable any ad blocker add-ons a retest. Or start the web browser in its safe mode which disables all add-ons during that session, including those that you did install. No luck. Inspect your 'hosts' file. Should only have the "127.0.0.1 localhost" equivalence unless you've added more or are using someone else's pre-compiled 'hosts' lists as an ad/content blocker. My Windows hosts is all REM'd out, including the line with 127.0.0.1. I've never altered the hosts file. An ipconfig/all shows the only DNS server with an IP of my router, which is connected to a comcast modem. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. Sure looks like malware. Could be an add-on you did not intend to install, something iffy you did install and decided to eventually trigger, or something running outside of the web browser. The URL you get is probably trying to get more malware on your computer. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I did a Google search on "lowes". The first hit is a sponsored link and it did take me to lowes.com. In the Google search results and when the mouse is hovered over the hyperlink to Lowes, www.lowes.com shows up in the status bar (Firefox). That's not really the URL for that hyperlink. It's what the script wants you to see in the status bar. The actual URL is: https://www.google.com/url?sa=t&someArgs&url=https%3A%2F% 2Fwww.lowes. com%2F&moreArgs ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ https://www.lowes.com/ --------------------------------------' where %3A = : (colon) ---.--- entity codes %2F = / (forward slash) ---' (avoid parsing error on special chars) All the rest of the URL is for Google tracking (to record logistics on their search engine) Thanks, I didn't know why the URL results in google searches were so long, and didn't point to the search term.. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. That runs as a separate process. Does not stop you from using your computer but obviously anything that runs can impact responsiveness of the computer. You already have malware on your computer. Do you really want to postpone its detected and eradication to do other work which may be in jeopardy? There is also the possibly of DNS poisoning. Flush your own DNS cache by running in a command shell: ipconfig /flushdns You cannot control DNS poisoning up on the DNS server that you use. There is malware that changes which DNS server to which you connect so check your DNS settings. Rather than have mine dynamically assigned by the upstream DHCP server (which results in me using my ISP's DNS server which fails about 2-4 times per year), I use alternative DNS servers that are statically defined by me, like OpenDNS and GoogleDNS in that preference order. |
#14
|
|||
|
|||
Authentication Scam Pop-Up
On 2/7/2017 7:46 PM, Boris wrote:
"David E. Ross" wrote in news On 2/7/2017 2:27 PM, David E. Ross wrote: On 2/7/2017 12:11 PM, Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA AVG AntVirus Free blocked the Web page as a malware site. When I disabled AVG's LinkScanner Surf-Shield, Mozilla's Safe Browsing capability -- as implemented in SeaMonkey -- failed to block the site. That capability uses a database obtained from Google, which is why I am not surprised that the capability failed to block the site. Regarding the failure of the Mozilla capability for Safe Browsing to detect the site as a phishing site, I submitted bug #1337549. See https://bugzilla.mozilla.org/show_bug.cgi?id=1337549. After reading your first post, that AVG Free detected and blocked the site, I thought I'd install AVG Free, and see what happens. After installing AVG Free,I tried Firefox again, and this time, a Google search didn't bring up "Lowe's - Official Site", it brought up "Lowe's Home Improvement: Appliances, Tools, Hardware, Paint ...", as the first link. When I hovered over this link, the status bar showed "www.lowes.com, and nota google redirect. Hmmm...something has changed for the better. I tried IE, with the same (good) results. I read your bug report. Thanks. So, it looks like I didn't have any malware installed on my machine, only phising attempts. Shame on you Google. Never cared for google, don't do Chrome, and have no google account, let alone gmail. I sent feedback to Google about the ad and how it was for a phishing Web site. Apparently, they killed the ad. The problem is that they did not do any due diligence on the ad in the first place. Instead, they waited for a complaint. -- David E. Ross http://www.rossde.com/ Paraphrasing Mark Twain, who was quoting someone else: There are three kinds of lies: lies, damned lies, and alternative truths. |
#15
|
|||
|
|||
Authentication Scam Pop-Up
"David E. Ross" wrote in
news On 2/7/2017 7:46 PM, Boris wrote: "David E. Ross" wrote in news On 2/7/2017 2:27 PM, David E. Ross wrote: On 2/7/2017 12:11 PM, Boris wrote: Win7, 64-bit This is happening in both Firefox and Internet Explorer browsers, when I use Google as a search engine, and only when I Google "lowes" in the URL box, and then select the first result, "Lowes Official Site". It doesn't happen with any other search, for instance Best Buy or Home Depot. If I enter "www.lowes.com" all is fine.,but if I do as I say in the above paragraph, and then click on the "Lowe's Official Site", I get the pop-up: Authentication Required http://fixed786.xyx is requesting your User Name and Password. 0x80070424 warning: Activation Kay Damages!!! Call Help Desl +1 844 891 1032 TOLL FREE A window appears with fields to enter user name and password, with an official Microsoft lookin web page in the background, with "fixed786.xyz/main' in the URL box. The screen is locked up, so I use Task Manager to kill the pop-up, and I can get back to work. I haven't tried this on my XP or Win10 machines, and don't want to (yet), just in case this is a problem with the Google link. I'd hate to have to clean up Win10. I have not installed any add-on or programs in days. I haven't run Malwarebytes yet, as I need to use this machine and Malwarebytes takes a long time to scan the entire disk. I did do a quick scan with Miscrosoft Security Essentials, with no results. Any ideas? TIA AVG AntVirus Free blocked the Web page as a malware site. When I disabled AVG's LinkScanner Surf-Shield, Mozilla's Safe Browsing capability -- as implemented in SeaMonkey -- failed to block the site. That capability uses a database obtained from Google, which is why I am not surprised that the capability failed to block the site. Regarding the failure of the Mozilla capability for Safe Browsing to detect the site as a phishing site, I submitted bug #1337549. See https://bugzilla.mozilla.org/show_bug.cgi?id=1337549. After reading your first post, that AVG Free detected and blocked the site, I thought I'd install AVG Free, and see what happens. After installing AVG Free,I tried Firefox again, and this time, a Google search didn't bring up "Lowe's - Official Site", it brought up "Lowe's Home Improvement: Appliances, Tools, Hardware, Paint ...", as the first link. When I hovered over this link, the status bar showed "www.lowes.com, and nota google redirect. Hmmm...something has changed for the better. I tried IE, with the same (good) results. I read your bug report. Thanks. So, it looks like I didn't have any malware installed on my machine, only phising attempts. Shame on you Google. Never cared for google, don't do Chrome, and have no google account, let alone gmail. I sent feedback to Google about the ad and how it was for a phishing Web site. Apparently, they killed the ad. The problem is that they did not do any due diligence on the ad in the first place. Instead, they waited for a complaint. With most products these days, It seems that the customer/end user is the QA person. Thanks again. |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|