My computer Online Scan

[Raymond]

Received an email from my cousin which contains only a single link and nothing else.
hxxp://cee.toko.edu.tw/23i352.html

First I get a notice with the following message:

Warning!!! Your computer contains various signs of viruses and malware programs presence. Your system requires immediate anti viruses check! System Security will perform a quick and free scanning of your PC for viruses and malicious programs

Clicking OK and it shows an animation of My Computer with virus being detected from a simple scan.



After the scanning has finished, shows the following message:

DANGER!!!
Viruses was found on your computer!
Click 'OK' to install free System Security Antivirus

Then prompts to download a 2.2MB freesystemscan.exe.
[WARNING] DO NOT DOWNLOAD OR RUN THE FILE WITH THE NAME ABOVE!

I haven't analyze what freesystemscan.exe does because lack of time. Might just do it later and update this post.

[JayCub]

Looks really dodgy to be honest and not one i would or intend to run.. might interest blue.dot.. even the warning is OTT, thank you for the heads up Raymond..

[Bearcat]

Yeah, I've gotten this same thing myself Raymond. I've never done anything, but close it out and run a security scan on my system to check for nasty little surprises.

[INDRANIL]

Thanks for the heads up Ray . Kindaa old method but cool .

[Boyfriend]

Thanks Raymond for info When I try to browse URL, KIS warns me and classify it as malicious URL. If I ignore the warning, I am forwarded to my country Google home page (not my default home page). It seems that above threat has something related to Google like Google redirect threat?

[Bluedot]

Ah the old Rogueware infection technique. I have a few of these files. One of them even has the AVG icon and calls itself Dr. Web Antivirus.

[INDRANIL]

Just did a little test of that url --> First Detected by Avast HTML:RedirME-inf . That url contains another redirecting url hxxp://gr....ooppd.in.ua/go.php also detected in urlvoid (rate 5 ) . This page the redirect you to hxxp://software-...e.co.cc/scan1/187. That scans I think. I can't go further lack of time. Got some work. Hope Ray would describe more specific .

[Boyfriend]

Raymond provided URL redirects to hxxp://grkkkkbbbooppd.in.ua/go.php. Reported at MBAM forum here: New Rogue

[grr]

Thanks Ray.
I got into a similar trap last year..

[rohithnarayan.n91]

Received an email from my cousin which contains only a single link and nothing else.
hxxp://cee.toko.edu.tw/23i352.html

First I get a notice with the following message:
Clicking OK and it shows an animation of My Computer with virus being detected from a simple scan.



After the scanning has finished, shows the following message:
Then prompts to download a 2.2MB freesystemscan.exe.
[WARNING] DO NOT DOWNLOAD OR RUN THE FILE WITH THE NAME ABOVE!

I haven't analyze what freesystemscan.exe does because lack of time. Might just do it later and update this post.

They are just spam...!! Your system might not have contained any virus ..! But it will show as it contains virus and make you to download and install their antivirus which they may need ask to pay or it will be a big spam ,adware etc...