Sorry to have my first post be a 'help wanted' rather than an 'help offered'.
I'm a newbie to Slackware64 13 (been on ubuntu for a couple of years) and I recently followed alien Bob's + slackbook instructions to set up my network (ethernet). I have Windows 7 on dual boot that doesn't see this problem.
I'm using DHCP and Google DNSs (18.104.22.168 and 22.214.171.124 both entered into /etc/resolv.conf) through ethernet (eth0).
Now I don't know which website I clicked (mostly been looking at Slack related help forums etc) but on two different occasions I was redirected to some page, which popped up 'Your windows computer has virus, scan now.' Pop makes you click okay and then a simulated windows folder with a scan bar shows up.
There were three URLs that were in the history. I'm sorry I did not record all of them, but one of them (the final one I think) is here:
DO NOT CLICK ON THIS LINK BELOW, IT IS MALICIOUS.
Googling didn't reveal much and after trying to figure out what's going on, I'm here to ask for help. I have logged out of all accounts and changed my passwords for the accounts I was logged into then.
1. I have mounted the windows drives that are accessible through Home > Filesystem > Windows Drive. Is this going to be affected.
2. Can there be any malware stored somewhere in the Linux directories? I was running as root because I was configuring my wifi card at the time.
3. What can I do to get rid of this problem? I looked at clamav but it looks remedial action rather than preventative.
I downloaded my Slackware Iso from the http mirror : slackware.cs.utah.edu. I did NOT check the md5hash though.
Kindly help or direct me towards existing solutions to this as I searched around and I'm slowly getting frustrated that this is happening
Thanks a lot.
: The nameserver seems to have been overwritten by the router to the default gateway after the last reboot, haven't clicked on many links since then, but this redirect hasn't happened yet this time.
Here's the whois on that domain name, registered yesterday:
EDIT 2: I can see Norton just posted the update an hour ago. http://safeweb.norton.com/report/sho...firesavez7.com
I'm guessing this has to do with the websites I visited and nothing to do with my computer.