Jump to content

Recommended Posts

Posted

Hi ESET Team,

 

Once of the device, of our client has been infected with trojan virus/Emotet, the action taken from the client was to push an on demand scan, my recommendation to her would be to run an in-depth scan, she said that after updating the version of google chrome . the problem started , can you give us a recommendation on how to rectify this issue, for your reference see the below information:

 

"SAMPLE OF THE DIALOG BOXES THAT KEEP THROWING UP ON MY SCREEN ONLY ON MY DESKTOP COMPUTER AND SOME FUNCTIONS ON MY COMPUTER WILL NOT WORK. THEY KEEP CHANGING ALL THE TIME AND IT WAS HARD TO SUCCESSFULLY  SCREEN SHOT THEM.  WHEN I EVENTUALLY DID I MANAGED TO GET THE SCREENSHOT ON A USB STICK, SAVE IT AND GET THE SCREENSHOT ONTO THIS EMAIL ON MY LAPTOP COMPUTER,  WHICH IS   I MANAGED TO SCAN WITH ESET BUT NO DETECTIONS WERE FOUND AND I HAVE NO IDEA WHAT TO DO.   

I DID VISIT A NEW WEBSITE YESTERDAY. ALL WAS WELL,WHEN, ALL OF A SUDDEN, WHILE I WAS THERE, THE COMPUTER MADE LOUD RINGING NOISES AND ALL THESE DIALOG BOXES SIMILAR TO THE ONES IN THIS SCREENSHOT KEPT THROWING UP AND IT WAS AS IF MY COMPUTER FROZE AND COULD NOT DO ANYTHING.    THE ONLY WAY I COULD STOP THIS WAS TO TURN THE POWER OFF AT THE WALL, BUT WHEN IT TURNED THE COMPUTER BACK ON AGAIN, BACK THEY CAME.- CLIENT "

 

image.png.53363a32e362f7f6ac396dfb8db9d567.png

 

Looking forward hearing from you.

 

 

Cheers,
Gil

  • Administrators
Posted

Please provide the file C:\Users\%USER%\AppData\Local\Google\Chrome\User Data\Default\Preferences. It appears the user has granted notification permissions for a dodgy website which now sends fake notifications to the browser.

Posted (edited)
13 hours ago, Microbe said:

she said that after updating the version of google chrome .

You should instruct your clients to never respond to browser popups for updating, malfunctioning behavior, etc. when surfing the web. Most of these are phishing attacks to get the user to install malware, coin miners, you name it. A couple of examples given below;

https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn

https://www.varutra.com/ctp/threatpost/postDetails/Fake-Browser-Updates-Delivering-BitRAT-and-Lumma-Stealer-Malware/UmtBQlRvOW9tQzN3YXVlVUZxUXp4Zz09

Edited by itman
  • Solution
Posted

Hi ESET Team, 

This case has been resolved, do an in-depth and clear caching of the device helps to resolved the issue

 

You can close this case

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...