Page 2 of 13 FirstFirst 12345612 ... LastLast
Results 11 to 20 of 130

Thread: New advertising malware?

  1. #11
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Well... it's been about 3 hours, and I just got the rogue Iexplore processes again...

    I was reading the news (excite.com), and local newspaper (PilotOnline.com), hit my credit union website (Navy federal), then American Express, and all was fine. I decided to update my posts and share the good news. But, as soon as I loaded this page, there they were.

    A quick note about Eset... When I ran it a few days ago, it took about 8 hours to complete. I also noticed that it used the internet. I assume that's why it's an online tool. I have 9 1/2 hours at work, but internet is tightly controlled, so I don't have access to allow it to run. At home, I have about 5 hours a night. I am extremely time limited, so running it will probably have to wait until my next day off, Friday.

    I'm kinda thinking, maybe I should run FRST again, and remove the converters and codecs that I decided to keep...

    Any thoughts?

  2. #12
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Quote Originally Posted by Juliet View Post
    Could be or it came in bundled with other software you downloaded, How some of this stuff gets in is a total mystery.



    Yabba Dabba Do!
    Well... it's been about 3 hours, and I just got the rogue Iexplore processes again...

    I was reading the news (excite.com), and local newspaper (PilotOnline.com), hit my credit union website (Navy federal), then American Express, and all was fine. I decided to update my posts and share the good news. But, as soon as I loaded this page, there they were.

    A quick note about Eset... When I ran it a few days ago, it took about 8 hours to complete. I also noticed that it used the internet. I assume that's why it's an online tool. I have 9 1/2 hours at work, but internet is tightly controlled, so I don't have access to allow it to run. At home, I have about 5 hours a night. I am extremely time limited, so running it will probably have to wait until my next day off, Friday.

    I'm kinda thinking, maybe I should run FRST again, and remove the converters and codecs that I decided to keep...

    Any thoughts?

  3. #13
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I'm kinda thinking, maybe I should run FRST again, and remove the converters and codecs that I decided to keep...
    We can do that but first let's try this:

    If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.
    Emergency Backup Procedure - Tech Support Forum

    Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

    How to use ComboFix

    Download ComboFix from here:
    Link 1
    Link 2
    Link 3

    Place ComboFix.exe on your Desktop <--Important
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
      * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.



      You can get help on disabling your protection programs here
    • Double click on ComboFix.exe & follow the prompts.
    • You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)
    • Your desktop may go blank. This is normal. It will return when ComboFix is done. Combofix may need to reboot your computer more than once to do its job this is normal.
    • When finished, it shall produce a log for you. Post that log in your next reply

      Note:
      Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


      Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

      ---------------------------------------------------------------------------------------------
    • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

      Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
      Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
      ---------------------------------------------------------------------------------------------
    • If there are Internet issues after running ComboFix:
      Internet Explorer:
      Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" and check to "Automatically detect settings". Also clear any proxy address and port. ok, apply (only if applicable), ok.
      Firefox:
      Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection. "No Proxy" should be selected, unless you have one set up yourself.
      Chrome:
      Select -> Tools menu -> then "Options", then go to "Change Proxy Settings", then "LAN Settings" , then take out the check mark for "Use a proxy server for your LAN" if set, unless you set this up yourself.
      Safari
      Launch Safari
      Go to general settings menu
      Then in Preferences/ Advanced
      Then on line click Proxies change settings ...
      Click Internet Options, then click the Connections tab, click Network Settings.
      Disable option (uncheck) for the use of proxy server ...
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  4. #14
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Quote Originally Posted by Juliet View Post
    Could be or it came in bundled with other software you downloaded, How some of this stuff gets in is a total mystery.



    Yabba Dabba Do!

    Got it again...

    I tried to post replies, twice, but for some reason they're not in the thread. Kinda odd... the rogue Iexplore processes popped up at one point when I got to the forums here.

    It used to show up in about a minute or so. After the first fix, it took about 15 minutes. This time, about 3 or 4 hours.

    I'm thinking maybe I should run FRST again, and remove the converters and codecs that I decided to keep. Any thoughts on that?

  5. #15
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Quote Originally Posted by Juliet View Post
    We can do that but first let's try this:
    I'll give you a steel ruler so you can rap my knuckles... I didn't realize that this thread hit the second page. That's why I didn't see my replies, and ended up posting 3 times...

    I got your message, and have copied it off for print/reference, as well as the ComboFix instructions. I'll do a file copy over the network tomorrow. That ought to be fun, I have about a half a Terabyte of files. I do routine backups to two separate locations, but those are compressed/procesed backups. I don't know if the ComboFix instructions to do a straight file copy is for a technical based reason, or just to make things easier for people that are... um... computer literacy challenged?

  6. #16
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    If you have a recent backup that should suffice.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #17
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    OK, sounds good. I have everything ready to go on this end, but will have to wait until tomorrow before I can run ComboFix. I didn't see anything about posting a log file after it completes... am I missing something?

  8. #18
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    When finished, it shall produce a log for you. Post that log in your next reply
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #19
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Still having rogue Iexplore processes?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #20
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Quote Originally Posted by Juliet View Post
    Still having rogue Iexplore processes?
    Yes, I am, but I haven't run ComboFix yet. I'm getting ready to do that now... will keep you posted.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •