Chess.com SPYWARE infestation!

Did you read the OP(sorry)

But this isn't related

Just for fun, a little while ago, I grabbed a couple of Linux Live USB thumb drives (just a couple of random lightweight Linux distros that I had laying around; PeppermintOS and MX Linux) and booted each one up. I tried logging into the site via Firefox, Chrome, and Chromium, and I didn't add any extensions to the browsers. I made sure to go to the Live chess room. In each case, I got lots of ads, but no popups (except for the one asking to allow notifications) or "scanning your browser" messages. If you're concerned about Cloudflare or evil, elite programmers, this might be a workable solution, as the Linux thumb drives have no connection to your other OS, and they don't even have persistence (changes aren't kept after rebooting). If you wanted persistence, you could always actually install the full Linux OS to the thumb drive. And the only cost would be the cost of the thumb drive, which you may already have.

I just ran another test. I booted up my MX Linux Live thumb drive, installed the Google Chrome browser, then installed Adblock Plus, NoScript, and uBlock Origin in the browser. (For NoScript, in order to log into Chess.com, you have to allow two scripts: Chess.com, and Chesscomfiles.com.) I logged into Chess.com, and the only Chess.com popup I got was asking to allow notifications, which I just closed without answering yes or no.

I checked a few forum posts, then I went to Live Chess and played one game against a bot. It let me play the game, and I never got another popup. Of course, no ads due to the other extensions being installed.

Now, the only real difference between my experience and yours is the OS. I was running Linux, and I'm assuming you're running Windows 10, since you previously mentioned Windows Defender.

I'm wondering if your problems could be caused by the malware that may already be on your system?

Try it with win 10  x64.    Scanned for malware, couldn't find it.  It only happens when I log in to chess.com  Must be some inter system virus or system scan that is activated when logging in.  It must be some crooked a s s stuff because Cloudflare is involved.  Google Cloudflare scams and abuse, you will see hundreds and hundreds of blog with complaints. Chess.com is in bed w Cloudflare.  There is no end to the corruption.

Win 10 is a problem for me. When I left Win 7 last January due to end of life, I refused to go to Win 10 due to all the problems with it, including the increased telemetry. That's what forced me to decide to go to Linux. So, I don't run Win 10 and can't run tests based on it.

Regarding your situation, Windows Defender is decent, but there could be stuff on your system that it just can't find. You might try going to Bleepingcomputer.com and downloading their AdwCleaner program. Also, there's a USB bootable AV program called "Bitdefender Rescue CD" that I've had good luck with. If you can't find the download link, I could look it up. You download the ISO file and use Rufus to burn it to a USB thumb drive. Then boot into it to run the Bitdefender AV program. The advantage of Bitdefender is that it scans your system when Windows isn't running.

Well, I'm having a hard time finding the link to the Bitdefender ISO file. It's been a while since I downloaded it, and it looks like they changed up their download pages. Also, reviewing my notes, I had problems trying to burn the ISO using Rufus, but the Stickifier burner worked OK. If I can find the links, I'll post them here, but it looks like they may be trying to hide them these days. :-(

Nevermind about Bitdefender Rescue CD - After a bit of searching, it appears that they are no longer offering that software. (sad face) The bad news for me is that's one less AV program I can use - The good news for me is that's one thumb drive freed up for other uses. :-)

I hate to say it, but if I were in your shoes, if AdwCleaner doesn't do the job, I'd consider a fresh install of Win 10 along with a HD reformat. (Make a cloned image of your present install first, just in case the fresh install goes south on you.)

Yeah, I kept my Win 7 setup. I have a two-hard drive, dual-boot arrangement, but my Win 7 never sees the internet these days.

Also, when I clear my cache, and login, the browser is "read" by chess.com and cloudflare.  After a few logins, the browser confirmation scan won't appear.  But clear the cache and login fresh and you get hit with it again.

Mate people legit ran test, disproving you

It. Is. A. Problem. With. Your. System.

👍w

I don't use much specialized software in Linux, so for the most part, Linux works for me. However, the one app that causes me to boot into Win 7 the most is Rufus, believe it or not. Rufus is just so convenient for burning bootable ISOs to thumb drives. There are Linux apps that I can use to do the job (even dd if forced to), but none of them are as convenient and work as consistently as Rufus. I wish Rufus supported Linux.

https://www.chess.com/clubs/forum/view/spyware

Thanks for nothing - You just caused me to join the Help & Support club. :-)

(I was curious to see your posts, haha.)

oops sorry

just wanted to show you there was nothing to worry about vp said

Actually, I *could* run yet another test using Win 10 and the Chrome browser, but it would be a lot of work for me to set it up.

A while ago, I bought an old desktop PC real cheap that had Win 7 on it. (My plans were to eventually use it as either another Linux PC or as a homemade router using pfSense.) Before putting the PC in long-term storage, I made the free upgrade to Win 10 so that I'd be able to run Win 10 on it if I ever needed to do that.

I *could* drag that PC out of storage, set it up, let Win 10 make the mega-updates that I'm sure it would want to do, then install the Chrome browser with the three needed extensions. But it's just not worth the hassle to me for just one more test. :-)

No problem, I don't really mind joining another club. :-)

In the back of my mind, I guess I knew that I'd eventually make one more test. :-)

I pulled the Win 10 machine out of storage (Windows 10 Pro 64-bit), updated Windows, updated the Chrome browser, cleared all browser cache, installed the three extensions into Chrome (Adblocker Plus, NoScript, and uBlock Origin), and enabled the two required NoScript scripts.

I logged into Chess.com, and I never got the scan of the browser. I went right into Live Chess, and it allowed me to play rated games. Other than the one-time browser popup asking if I wanted to save the password and the one-time Chess.com popup asking if I wanted to accept notifications, I never received another popup; and of course, no ads due to the adblockers.

I don't know what else to say; I couldn't reproduce any of the problems you're experiencing. At this point, I think you should assume that you picked up malware from somewhere. If you can't find and get rid of the malware, I'd suggest a reformat of the HD and a fresh install of Windows. Good luck with your problem.

You really worked it.   The 'scan the  browser' is not  a constant.  I would get it one time out of 5 or 6 logins.   When I clear my cache I would get it, but sometimes not.  It's coming from chess.com for sure. It's always and only after a login.  If you login everyday, you will eventually get it.  I can't be the only one.   After that, I added the 3 programs to the browser, and could not play live games.  Time will tell if other's write in as well.

If you really wanted to get to the bottom of this, you could do some testing yourself.

1) A Linux Live bootable flash drive. That would at least tell you if it was coming from within the site. (I doubt it, but who knows.)

2) If you have an extra hard drive, pull your existing hard drive, install the spare HD, and make a new install of Windows. (You'd need a Win 10 installation flash drive at the ready.) After the testing, just swap out the hard drives and you're back to the beginning.