OpieRadio Logo
Compound Media Logo
Jim Norton Logo

Annoying ad popups/malware infection

Discussion in 'Wackbag Tech Support' started by Party Rooster, Aug 28, 2012.

  1. Party Rooster

    Party Rooster Unleash The Beast

    Joined:
    Apr 27, 2005
    Messages:
    40,304
    Likes Received:
    7,462
    [​IMG]

    Just recently started getting these. Tried Malwarebytes and a Combofix scan and it didn't clean it. Also ran an AVG Free scan and nothing came up. Happens on both Chrome and Firefox. On Chrome you can click the X and it goes away, but you can't on Firefox.

    I think it reset some either proxies or DNS redirects, and I didn't notice anything in the hosts file but I notice my google searches on Chrome are getting redirected and were also on Firefox until I disabled the proxy settings in there, so it had to mess with some proxy settings at least.

    I also noticed at the top of Google search results there's entries for traffic.*******.com, so I think that has something to do with it. I'm leary to click on anything because of being hijacked.

    Speaking of hijacked, I ran a Hijackthis scan and there were too many things in there I was unsure of so I haven't gone that route yet.

    Any ideas?
     
  2. Neon

    Neon ネオン
    Donator

    Joined:
    Mar 23, 2008
    Messages:
    51,651
    Likes Received:
    18,420
    Did you try running those scans in safe mode? Sometimes that's the only way to detect the malware or whatever it is.
     
  3. fletcher

    fletcher Darkness always says hello.
    Donator

    Joined:
    Feb 20, 2006
    Messages:
    59,552
    Likes Received:
    19,770
    Im no expert but have you cleared your cache?

    But more seriously, are you running a flash blocker? I get zero popups using it in FF.

    ClIcK HeRe 4 a FrEe IpAd!!!1!
     
  4. samurai

    samurai Ridiculum Anserini

    Joined:
    May 16, 2007
    Messages:
    20,593
    Likes Received:
    4,110
    For me: NoScript, Flashblock and Adblock plus.

    Sweetness ensues.
     
  5. ruckstande

    ruckstande Posts mostly from the shitter.

    Joined:
    Apr 2, 2005
    Messages:
    14,655
    Likes Received:
    4,224
    Register at the forum for hijack this. I can't remember the name of it but you can post your scan log and people will tell you what is safe to remove. Post it here if you want to actually. Maybe we can help.
     
  6. Party Rooster

    Party Rooster Unleash The Beast

    Joined:
    Apr 27, 2005
    Messages:
    40,304
    Likes Received:
    7,462
    I run Adblock but this thing is impervious to it. Want to find out what it is because I don't want some trojan lingering in my system anyway.

    I downloaded Macafee and have that running a full scan. But now I can't access my computer from my phone via TeamViewer because of the firewall block. I fucking hate how they've dumbed down everything so you can't customize what you want it to ignore. That's why I don't even have an AV program installed in the first place.
     
  7. fletcher

    fletcher Darkness always says hello.
    Donator

    Joined:
    Feb 20, 2006
    Messages:
    59,552
    Likes Received:
    19,770
    Did you get the same popup on the same sites? Flashblock will take care of that no problem. You have thrown a ton of things at something that might just be a simple problem, DL Flashblock already!
     
  8. GrammatonCleric

    GrammatonCleric Registered User

    Joined:
    Nov 19, 2008
    Messages:
    5,043
    Likes Received:
    1,304
    Ditto. The other plus is that if you go to a questionable porn site then you have the list of sites trying to run scripts on that page.

    Go to bleepingcomputer.com and download rkill.com (it's a dos file) then after running that without restarting your computer, download malwarebytes then update it and run it.
     
  9. Party Rooster

    Party Rooster Unleash The Beast

    Joined:
    Apr 27, 2005
    Messages:
    40,304
    Likes Received:
    7,462
    Isn't that kind of like turning up the radio in your car because you hear funny noises coming from the engine?

    Thanks, I'll try that next. McAffee was worthless, found like two things but neither helped with the problem.
     
  10. fletcher

    fletcher Darkness always says hello.
    Donator

    Joined:
    Feb 20, 2006
    Messages:
    59,552
    Likes Received:
    19,770
    Pop up ads for anti malware software doesnt mean you have malware on your computer, grampa. And no, you werent the 1,000,000th visitor to that other site you went to. ;)
     
  11. blazin

    blazin Registered User

    Joined:
    Dec 9, 2004
    Messages:
    3,858
    Likes Received:
    411
    probably got a rootkit.

    Try TDSSKILLER first
     
  12. whiskeyguy

    whiskeyguy PR representative for Drunk Whiskeyguy.

    Joined:
    Jan 12, 2010
    Messages:
    36,179
    Likes Received:
    21,788
    Ironically, the chat box at the bottom of the porn website he goes to is actually a girl from his hometown that wants to fuck him.
     
  13. SOS

    SOS ONA
    Wackbag Staff

    Joined:
    Aug 14, 2000
    Messages:
    47,924
    Likes Received:
    8,825
    I need to have a Firefox add-ons thread tomorrow.
     
  14. freddyfox

    freddyfox Registered User

    Joined:
    May 19, 2009
    Messages:
    268
    Likes Received:
    107
  15. mr. sin

    mr. sin Registered User

    Joined:
    Mar 30, 2005
    Messages:
    27,007
    Likes Received:
    13,942
    sounds like you have the Enhanced Ads issues?!?
     
  16. Party Rooster

    Party Rooster Unleash The Beast

    Joined:
    Apr 27, 2005
    Messages:
    40,304
    Likes Received:
    7,462
    Looks like that was it. Thanks. Downloaded that and ran it and it found one. Looks like that cleared it up. Wish I would have wrote it down, but I didn't. Does that program create a log file because I couldn't find it.
     
  17. blazin

    blazin Registered User

    Joined:
    Dec 9, 2004
    Messages:
    3,858
    Likes Received:
    411
    yes, on the root of the c:\ you should see a text file
     
  18. Party Rooster

    Party Rooster Unleash The Beast

    Joined:
    Apr 27, 2005
    Messages:
    40,304
    Likes Received:
    7,462
    Thanks. It was the "Virus.Win32.Rloader.a" rootkit.
     
  19. blazin

    blazin Registered User

    Joined:
    Dec 9, 2004
    Messages:
    3,858
    Likes Received:
    411
    Word. Rootkits are fun. Sneaky little fuckers.
     
  20. OccupyWackbag

    OccupyWackbag Registered User

    Joined:
    Dec 12, 2011
    Messages:
    3,416
    Likes Received:
    189
    Just poor bleach in the computer. It will kill the infection.

    Sent from my Galaxy S3 using Tapatalk 2
     

Share This Page