Help Click On Probable Phishing Link

[A Ninja]

I was on outpost and check my trades like usual. Click on the link this guy put down. Pretty sure it's phishing as the guy had no trades/ no game time in TF 2/ any games.  He was talking about how I was doing some type of scam this other guy did. When I clicked on the link it led me to some playhard website about this new scam Valve was patching or something. There was a video but I didn't have the plugin to load it.

 

I have norton and malware bytes. Ran scans on both. Downloaded  some trojan removers anything else to do?

[fluffyy]

no

[ShadowMan]

The scheme is that you need to download something like "FLASHPLUGIN6.66" which is obvious script to take over your pc or whatever

[DejaQ]

You didn't download the "plugin" to run it, you're fine. It wasn't a real plugin, it would go into your files and steal your steam info.

[Sakamoto]

Reported the offer, that would suck if you downloaded it.

[Rainford]

If you didn't open the file you're fine

[A Ninja]

Was the phishing part where I download the plugin to watch the video?

[DejaQ]

Was the phishing part where I download the plugin to watch the video?

Yes. The plugin wasn't a real plugin. Like I said.

[Pilobacon]

You fell for the oldest trick in the book, I'd suggest you report the offer and try to remove whatever you downloaded from your computer.

[pomp]

Fine until you launch the thing you downloaded.

[A Ninja]

 

Trojan Remover v.1.3.7.2

Report file date: 5/3/2015 12:17:14 PM

Last update:      5/3/2015 12:17:14 PM

 

Scanning for 1510087 virus strains and unwanted programs.

 

Licensed:         UNREGISTERED

Windows version:  Windows 8.1 x64 (version 6.3)

Username:         ----

Computer name:    ------

 

Starting the file scan:

 

Standard Scan started

Scanning process...

----- C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe ---- General Threat

Adware.FPL.Gen.vb

FileVer: 3, 2, 12, 1

MD5: 3299CF9F952485991C7968BEBE7018F1:300528

FUZ: 6144:6knN4CVUIm6uk06ZLYgvBA+8xmrxgmA+3cclptVopAJoTmino:fnNhuBoY8SorxgmA+nlvVlIno

RIC: 7ACB3A5C4A4D01E084EC47D6703CBAE5:50336

RFH: 384:Zx8WogF2nrTWIbHDMSK8loe2d7mB95dwYzauRZW3A/VLlqnlJ/ICJ86PHHn9gxHH:DHKn/LNsMB959lCANLlqnjFG6v6qb6b

SUBS: Win32 GUI

PE: x86

EP: 60BE008046008DBE0090F9FF57EB0B908A064688074701DB75078B1E83EEFC11DB72EDB80100000001DB75078B1E83EEFC11DB11C001DB730B75288B1E83EEFC11

EPSEC: 1

EPRVA: 0009FCA0

IBASE: 00400000

SEC:

UPX0:E0000080:00000000000000000000000000000000:0

UPX1:E0000040:4F206CAAD7FA9840441E842828F8126C:229376

.rsrc:C0000040:26DF41DD50B8BBAB39056937BC95A5F9:55296

 

 

----- C:\Program Files (x86)\Pando Networks\ ---- General Threat

Adware.FPL.Gen.vb

 

 

----- C:\ProgramData\Lenovo-14133.vbs ---- General Threat

Malware.MPL.Heur.vb

MD5: F04E3E2E8D1E6F377D1F4F8EE0165025:198

 

 

----- c:\windows\Reimage.ini ---- General Threat

Adware.PL.Gen.vb

MD5: 6F3D2D95D88346B63F00E9C84AF6DF94:128

 

 

----- HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 ---- Registry Threat

Adware.RPL.Toolbar.vb

 

 

----- HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi ---- Registry Threat

Adware.RPL.Toolbar.vb

 

 

----- HKLM\SOFTWARE\Classes\s ---- Registry Threat

Adware.RPL.Babylon.vb

 

 

Checking Startup...

Checking Services...

Checking BHO...

Checking ActiveX...

Checking Files...

----- C:\Users\\AppData\Local\Microsoft\Windows\INetCache\IE\AH4M6DGT\ReimageRepair[1].exe ---- General Threat

PUP.Win32.Gen.vb!n

ProdVer: 1.297

FileVer: 1.297

Name: Reimage Repair

Company: Reimage\u00AE

NAC: 6E660B46F84B442FDAE5BF12B549DF8D:22

MD5: A8BABA223AF4D93480C52DB789C8DC35:779016

RIC: 350F16392ACB589C0AC486D1AA45A205:7336

RFH: 192:sTOEE2EEEaEEERI1wwpwwwVAwwwfwb:sTOEE2EEEaEEEEEEEEEEEEEEEEEEEEE9

SUBS: Win32 GUI

PE: x86

EP: 81ECD4020000535556576A2033ED5E896C2418C744241068A24000896C2414FF15309040006801800000FF15B490400055FF15C09240006A08A398EB4700E8362A

EPSEC: 0

EPRVA: 000038AF

IBASE: 00400000

SEC:

.text:60000020:419D4E1BE1AC35A5DB9C47F553B27CEA:29696

.rdata:40000040:CCA1CA3FBF99570F6DE9B43CE767F368:11264

.data:C0000040:77F0839F8EBEA31040E462523E1C770E:512

.ndata:C0000080:00000000000000000000000000000000:0

.rsrc:40000040:50E774B3ECBD7036D3339B225E85E5FC:23552

.reloc:42000040:E063636159726C3015651E655429F7B7:4096

 

 

----- C:\Users\\Downloads\HSS-3.42-install-e-550-plain.exe ---- General Threat

Adware.Win32.VGen.vb!s5

FileVer: 3.42.0.25251

Name: Hotspot Shield

NAC: 2B3FE466C3B1B91FC0AF9EB621F58720:14

MD5: 45F4E1BB4EFD12F0E8B949174A198BF3:7787136

RIC: AC0A11A79C0AD28FF39BB53F73E5E079:29728

RFH: 384:jIL0XpgD0+VXp0W5XpkXprEL9ebtn6t7/9LQ66RCFV0gT0SKJQNsteCNZ+:u0XWo+VXHX6XewWVc2QgTdo8stp

SUBS: Win32 GUI

PE: x86

EP: 81ECD4020000535556576A2033ED5E896C2418C744241070854000896C2414FF15308040006801800000FF15B480400055FF15B08240006A08A3B8EE7E00E86727

EPSEC: 0

EPRVA: 000033FF

IBASE: 00400000

SEC:

.text:60000020:0222E192E15F5DAE2B2916129612C20E:25600

.rdata:40000040:7EB0899A4B6211F8BC545228417D92AD:6656

.data:C0000040:6966CFC8C85A950BB67188D20603933D:512

.ndata:C0000080:00000000000000000000000000000000:0

.rsrc:40000040:AAAAFDE22206575B752327890F3BB6D0:36864

 

 

Scan completed

 

Scan result:         9 detected items

Scan completed in:   Scan completed in 57 minute(s) 35 sec.

Files were scanned:  45659

 

 

Should I remove these what I scan said to remove?

[Flaim]

Just let this be a warning to everyone. Never trust any links on tf2outpost.  If someone offers and it is a link just report the offer, and leave a comment warning everyone viewing it to NOT click. (if the link is somewhere you trust like tf2outpst. com/trade/blahblahblah#latest there is no reason to report it, just let them know you dont want to click any links)

[Alex From Security]

Reformat windows to be safe.

Even if your anti-virus did not catch it, it could have been crypted.

Change passwords aswell.

[BOOM!]

You guys are all stupid lol.

Anyone every heard of a JDB? Java Drive By, meaning that if you have Java installed it automatically installs the virus on your computer without you knowing, generally requires older versions of Java but there are newer ones out there.

 

And with Norton it would have never caught it anyway.

 

1) Uninstall norton, its basically adware and does nothing to protect your PC but make it lag

2) Install AVG free or other good anti-viruses.

3) Download herdProtect and run a full scan

[demo demo pan]

Links are bad they make you sad