Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange Ad appearing all across my browsers, spotify, and so on


  • Please log in to reply
21 replies to this topic

#1 Kouen

Kouen

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 26 February 2017 - 02:32 PM

Hello, I have the suspicion about being infected with a virus, it shows the ad i am uploading as an attachment.

Malwarebytes Pro doesnt find anything neither hitman pro, nonetheless the ad appears consistently in all my browsers and even on spotify. any help would be gratly appreciated.

Attached Files


Edited by hamluis, 26 February 2017 - 03:21 PM.
Moved from MRL to am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 26 February 2017 - 02:36 PM

PS: I have this problem on 2 computers



#3 buddy215

buddy215

  • Moderator
  • 13,253 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:32 PM

Posted 26 February 2017 - 07:38 PM

It is possible your router is compromised. A reset and resecuring would fix that problem. If the two computers are able to read and write to each other

that would be a strong possibility of the source for the ad.

 

It could also be that you downloaded the same software or visited the same hacked website on both computers.

Give the programs below a shot at cleaning, removing adware and removing malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

download Zemana AntiMalware and install it

  • Run the application
  • Click "Next" and then Scan
  • When the scan has finished click Next to remove any threats.
  • Click the bars in the top right corner to display the logs, double click your log
  • copy and paste the log into your reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 27 February 2017 - 02:02 PM

Running Check ups



#5 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 27 February 2017 - 05:16 PM

Ccleaner Ran properly and cleaned a lot of stuff

ADW Showed system clean, i cant find any log

Junkware Log -----------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by Jeremias-Romina (Administrator) on lun. 27/02/2017 at 16:54:06,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 0 
 
 
 
 
Registry: 1 
 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0245331488223613mcinstcleanup (Registry Key) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on lun. 27/02/2017 at 17:07:01,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 

------------------------------------------------------------------------

Running Zemana... i will post on done...



#6 buddy215

buddy215

  • Moderator
  • 13,253 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:32 PM

Posted 27 February 2017 - 07:18 PM

Not sure but I think what JRT found and removed is leftover from a McAfee Security program.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 27 February 2017 - 08:48 PM

Zemana says System Clean

Log: -----------------------------

 

Zemana AntiMalware 2.72.2.101 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2017/2/27
Operating System       : Windows 10 64-bit
Processor              : 2X Intel® Pentium® CPU B940 @ 2.00GHz
BIOS Mode              : Legacy
CUID                   : 126C0BB1E118B19807376D
Scan Type              : System Scan
Duration               : 37m 24s
Scanned Objects        : 130340
Detected Objects       : 0
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : ASDFKGH_DAKJHKJ,0,2
 
Detected Objects
-------------------------------------------------------
 
No threats detected


#8 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 27 February 2017 - 08:49 PM

Thanks for the reply.

I have used MCafee Cleanup Tool a few time ago.



#9 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 27 February 2017 - 08:52 PM

On one of the computers Comodo Give me a hard time. It seems something got corrupted. Resetting to defaults win 10.



#10 buddy215

buddy215

  • Moderator
  • 13,253 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:32 PM

Posted 28 February 2017 - 07:11 AM

Free Comodo will install adware.

 

Are you still seeing the ad?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 28 February 2017 - 08:15 PM

I will have to check if the problem on the computer with windows 10 resetted to defaults disappeared.

And on the other machine all tools says clean. should i do some other steps?? i installed comodo on both computers by the way...

and uninstalled it because problems with incompatibilities.

How can i know what kind of adware comodo firewall have set on my system??

how do i will continue??

Thanks for the help



#12 buddy215

buddy215

  • Moderator
  • 13,253 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:32 PM

Posted 01 March 2017 - 06:42 AM

Look in the list of installed programs for Comodo Dragon....uninstall if it is in that list.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 01 March 2017 - 07:09 AM

There is no comodo dragon installed (custom install and already uninstalled)

#14 buddy215

buddy215

  • Moderator
  • 13,253 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:32 PM

Posted 01 March 2017 - 07:44 AM

Okay...what problem if any still exists?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 Kouen

Kouen
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 03 March 2017 - 08:25 PM

it seems the ad has disappeared. i read about comodo tricks with https

http://www.pcworld.com/article/2887632/secure-advertising-tool-privdog-compromises-https-security.html

. i deleted the certificates from comodo just in case, Thanks.

If i found further suspicious behaviour i will come back.

Thanks a lot for your Help.

Salutations. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users