|09 May 2013||#1|
| || |
I have had a thread running for a few days now regarding this issue but I thought it pertinent to post this:
This is a copy of a report I have just sent to PayPal:
I appreciate that the problem is with my computer and not your organisation but this Phishing Trojan is targeting your site so it is in your interest to understand what is going on and what steps I have taken to eradicate it. Here is a full report to date; I am sending it to Kaspersky and it is also being posted on ‘Seven Forums’.
I do not normally need to survey my PayPal account other than to routinely ensure all is correct, but last Sunday (05/05/13) I needed to qualify a transaction from the previous month and it was then that I became aware of the problem: I attempted to open the ‘Show all transactions’ sub-page from my account home-page and a warning from my anti-virus software KIS 13 (fully updated) told me the page was not safe.
I accessed my account using my Tablet and all was well; the spoof page software is definitely on my computer so I set about trying to find it and remove it from my system.
I went and re-installed the correct certificate – just in case.
Then I went to the bad PayPal page and checked the security certificate against Steve Gibson’s site and discovered it did not match the official PayPal certificate. This is your genuine thumbprint:
and this is the one that appears when I access PayPal:
e3 ac 7c b1 69 30 59 63 a6 66 7c d4 b4 55 6e 41 6a 34 cd 5c
So, the next thing I did was run a deep scan using my KIS.13 web security facilities. It didn’t find anything.
Next thing was to un-install the recently updated Java and try your site again; that didn’t fix it.
Then I ran Windows Defender Offline.
Then I ran Malware Bytes.
Then I did a full default re-set on Internet Explorer (10).
I then tried Ad-aware.
Then ESET online cleaner.
Last night I ran Microsoft Malicious Software removal tool followed by Microsoft Safety Scanner.
The problem is still there. Any suggestions would be gratefully received. Keith.
|My System Specs|
|12 May 2013||#3|
| || |
Just for reference purposes: KIS 13 are using a 'sandbox' approach that has either been quietly upgraded/changed in the background or else it is a conflict with IE 10 to which I have recently upgraded; probably the latter, but once the problem was fixed we didn't bother trying to discover exactly why it happened.
|My System Specs|
|Similar help and support threads for2: Hidden Nasty|
|One Nasty Virus (Several Issues occuring)||System Security|
|Nasty little app||Security News|
|Need help restoring lost data after nasty virus. Everything hidden.||General Discussion|
|My pc is not showing Hidden Folders even after enabling - "Show Hidden||Performance & Maintenance|
|Never had one this nasty!!||System Security|
|A Nasty Virus||System Security|
|Is this a REAL Update or something nasty?||General Discussion|