Recently got infected with something where, in all browsers (IE9, FF, Cx), a 3.5" square popup appears on many sites in the lower left (or right) corners. It wants me to download something or watch videos or install plugins, or shows ads, etc. I'm looking at it right now on SuperUser.com. Doesn't show up on bing, google, ibm, facebook, etc. but get it here, stackoverflow.com, and triumph.com (for example).
- Hosts file has 127.0.0.1 localhost and ::1 localhost.
- Had browser DNS settings at 4.2.2.1-4 but restored to TWC.
- Full scans in updated malwarebytes and MSE each returned 10 threats, which i've removed.
- Kapersky TDSSKiller found one threat, and removed it.
- Doesn't happen on another system, so probably not the router.
Must be something in my network config right? Where is this coming from and how can i kill it?
Answer
Looks like malware to me; I've found ComboFix (http://www.bleepingcomputer.com/download/combofix/) to be extremely useful in such cases, especially with rootkits and other garbage that most virus/malware scanners can't see.
No comments:
Post a Comment