- Local time
- 4:37 AM
- Messages
- 332
I have had a thread running for a few days now regarding this issue but I thought it pertinent to post this:
This is a copy of a report I have just sent to PayPal:
I appreciate that the problem is with my computer and not your organisation but this Phishing Trojan is targeting your site so it is in your interest to understand what is going on and what steps I have taken to eradicate it. Here is a full report to date; I am sending it to Kaspersky and it is also being posted on ‘Seven Forums’.
I do not normally need to survey my PayPal account other than to routinely ensure all is correct, but last Sunday (05/05/13) I needed to qualify a transaction from the previous month and it was then that I became aware of the problem: I attempted to open the ‘Show all transactions’ sub-page from my account home-page and a warning from my anti-virus software KIS 13 (fully updated) told me the page was not safe.
I accessed my account using my Tablet and all was well; the spoof page software is definitely on my computer so I set about trying to find it and remove it from my system.
I went and re-installed the correct certificate – just in case.
Then I went to the bad PayPal page and checked the security certificate against Steve Gibson’s site and discovered it did not match the official PayPal certificate. This is your genuine thumbprint:
21:77:48:25
C:4A:9C:54:CE:02:B0:70:92:8A:2E:72:CE:58:78:E7
and this is the one that appears when I access PayPal:
e3 ac 7c b1 69 30 59 63 a6 66 7c d4 b4 55 6e 41 6a 34 cd 5c
So, the next thing I did was run a deep scan using my KIS.13 web security facilities. It didn’t find anything.
Next thing was to un-install the recently updated Java and try your site again; that didn’t fix it.
Then I ran Windows Defender Offline.
Then I ran Malware Bytes.
Then I did a full default re-set on Internet Explorer (10).
I then tried Ad-aware.
Then ESET online cleaner.
Last night I ran Microsoft Malicious Software removal tool followed by Microsoft Safety Scanner.
The problem is still there. Any suggestions would be gratefully received. Keith.
This is a copy of a report I have just sent to PayPal:
I appreciate that the problem is with my computer and not your organisation but this Phishing Trojan is targeting your site so it is in your interest to understand what is going on and what steps I have taken to eradicate it. Here is a full report to date; I am sending it to Kaspersky and it is also being posted on ‘Seven Forums’.
I do not normally need to survey my PayPal account other than to routinely ensure all is correct, but last Sunday (05/05/13) I needed to qualify a transaction from the previous month and it was then that I became aware of the problem: I attempted to open the ‘Show all transactions’ sub-page from my account home-page and a warning from my anti-virus software KIS 13 (fully updated) told me the page was not safe.
I accessed my account using my Tablet and all was well; the spoof page software is definitely on my computer so I set about trying to find it and remove it from my system.
I went and re-installed the correct certificate – just in case.
Then I went to the bad PayPal page and checked the security certificate against Steve Gibson’s site and discovered it did not match the official PayPal certificate. This is your genuine thumbprint:
21:77:48:25
C:4A:9C:54:CE:02:B0:70:92:8A:2E:72:CE:58:78:E7and this is the one that appears when I access PayPal:
e3 ac 7c b1 69 30 59 63 a6 66 7c d4 b4 55 6e 41 6a 34 cd 5c
So, the next thing I did was run a deep scan using my KIS.13 web security facilities. It didn’t find anything.
Next thing was to un-install the recently updated Java and try your site again; that didn’t fix it.
Then I ran Windows Defender Offline.
Then I ran Malware Bytes.
Then I did a full default re-set on Internet Explorer (10).
I then tried Ad-aware.
Then ESET online cleaner.
Last night I ran Microsoft Malicious Software removal tool followed by Microsoft Safety Scanner.
The problem is still there. Any suggestions would be gratefully received. Keith.
My Computer
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Cyberpower PC
- OS
- windows 7 premium home 64bit
- CPU
- intel core i5 2500 3.3Ghz 6mb cache OEM
- Motherboard
- Asus P8Z68-V LX Intel Z68 Chipset DDR3 ATX USB 3
- Memory
- 8GB (2x4GB) PC10666 DDR3/1333mhz Dual
- Graphics Card(s)
- AMD ATI Radeon Powercolor HD5670 1GB passive cooled
- Sound Card
- Creative/Soundblaster Digital Music Premium HD/X-Fi-HD
- Monitor(s) Displays
- Samsung 22; Hanns.G 19
- Screen Resolution
- 1680 x 1050
- Hard Drives
- SSD: 120 GB Intel 520 Series SATA III
HDD2:West Dig 1TB SATA III 32mb 6gb/s
Hot swap HDD3: 1tb Barracuda Sata 3 32mb 6gb/s
- PSU
- Coolermaster Elitepower 500wt
- Case
- NZXT Hush 2
- Cooling
- Coolermaster Hyper TX3
- Mouse
- Logitech M570 Trackball
- Internet Speed
- 50mbs
- Antivirus
- Malwarebytes3. cont' below:
- Browser
- IE11
- Other Info
- Windows Firewall.
Hitman-Pro.alert3.
