Jump to content
  • 0

Question

Posted (edited)

Name: Cody J. Marsden

Rank: Gunnery Sergeant

Type of issue: Software/Anti-virus

Brief Description of Issue: So at one point when I was installing DayZ commander I inadvertently clicked on an advertisement and downloaded the wrong file. I have gone through and done what I can to try and rectify this but am still getting issues with random adds popping up in the bottom right of my screen (most often a "Google" work from home add). Additionally I get random new tabs opened to F2P web based games and other items. It is making it so I am concerned about entering my passwords on Firefox any longer. I have run Maleware Bytes, Spybot Search&Destroy, AVG and Kapersky to no results. A tertiary issue I have noticed is often random words on my pages will be highlighted in blue with a double underscore with a direct link to (http://www.1stmarineraiders.com/index.php?act=post&do=new_post&f=19# [is just the link location given right now but when I select it goes elsewhere]{Link for google pop up [removed link for now so no one accidentally opens it] I don't know what information you would need to assist in a scrub of my browser but it would be much appreciated.

Thank you for your time.

***Medical Supply Staff ONLY Below this line***

Current Status: (Researching, Pending Reply, Resolved, Unresolved) Pending Reply.

Main Technician: Sgt. J. Bradley

Supporting Technician:

Edited by T. Brown 1st MRB

8 answers to this question

Recommended Posts

  • 0
Posted

Reinstalling your browser might do the trick, just remember to back up any favourites you might have.

Check to see if there are any unusual programs installed on your machine.

I'm assuming you're using Windows, open Task Manager and see if there are any unusual processes running (Googling a process will give you more info on it).

If you're still having no luck you could try running a system restore to before you downloaded the file.

Hope this helps.

  • 0
Posted

First off, you're correct in suspicions when entering passwords/usernames. I'd recommend not doing that for now.

Along with Bradley's queries, here's some more questions that will help us pinpoint just how serious a virus this is.

I'm assuming you downloaded the file and opened it, as opposed to just downloading it, noticing the error, and not opening it, correct?

Do you get popups when no browser is open? Is it ONLY when Firefox is up?

Has it changed your home page at all, or any of your other settings?

Finally (this is most important right now):

Open firefox.

Go to Options.

Then Advanced.

Click on the Network tab in there, then click on Settings (to the right of "How Firefox Connects to the Internet").

Check and see if it is set to connect to a proxy. If yes, make it set to no proxy, close options and firefox, then open it again and check to see if it reversed what you just did, then post and tell us what happened.

It COULD be just a simple browser-based thing (fixed by re-install of browser), or it could have messed with your registry and re-installing the browser will be fairly asinine. The answers to these questions will help us know what you have to do to be confident that no key-logger or other malicious spyware/malware is installed.

  • 0
Posted

So far I do not get any out of browser pop-ups, there is currently no proxy settings to my browser either. My homepage is still the same as well. Thus far I have removed the strange processes and their associated files but the issues in my browser remain which make me think it is add on based.

  • 0
Posted

That's good! Those horrible ones that force the browser into proxy redirects are a pain. Here's one more question I forgot:

If you google something, does it go to a google page, or does the URL at the bottom show a redirect site?

Look where this arrow is pointed; if no redirect, it'll show google or something similar. If there is redirect, it'll show a weird site and may come up with a weird search site instead of google's normal one.

browser-redirect-virus.jpg

  • 0
Posted (edited)

just googles, however weird redirect happens if i scroll and the corner add comes up. And if the corner add comes up I have to back twice to get off the page, first back will put me to what I was looking at without the add again.

Also when I got back to the thread from posting this it started connecting to some superfish.com shit and idrlc.com I believe were the two I saw, when hovering over the add it links to dv1q1p4wbzam8w.sitescoutadserver.com and then further URL ness

(full URL if needed: http://mot.sitescoutadserver.com/click/Y2x...ja2VuYyUyNTNE/)

Edited by Marsden 1st MRB
More Info
  • 0
Posted

Well sounds like it is some malicious re-direct code strictly Firefox-based then, which is good (well, better than the alternative). We can just try uninstalling Firefox and re-installing it to get rid of it; that's the easiest step before proceeding with system restores and whatnot.

Do you use Chrome at all? Or any other browser? You have some options available to you when re-installing Firefox that will allow you to save your Firefox settings. You can manually save the folders themselves, or you can import them into another browser and switch to using that (i.e. Chrome has a really easy feature to do this), or you can save the entire Firefox profile itself...all kind of depends on what you want to keep.

https://support.mozilla.org/en-US/kb/Recove...20old%20profile

This has all sorts of info on saving profiles.

If you just want to save bookmarks, this:

Open your current Firefox settings (AKA Firefox profile) folder using

Help > Troubleshooting Information > "Show Folder" button

In the folder that opens, double click the bookmarkbackups folder.

Copy all the files here to a safe location, e.g., USB flash drive, your Dropbox account, attach to an email and send to your webmail account, etc. Although in theory you only need the latest one, in case that is corrupted, take them all.

https://support.mozilla.org/en-US/kb/uninst...-your-computer: Easy directions on how to uninstall.

Try re-installing Firefox and seeing if that fixes the problem. Make sure and browse a good amount upon re-installation to make sure you're confident that the problems are no longer persisting BEFORE you try putting in passwords or anything else you're nervous about. If you feel up to it, you can always restart your computer and enter into safe mode, then reinstall. This will prevent any malicious code from reaching out into the internets. However, you probably won't need this if all your problems are confined to the browser.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Recent Posts

    • MARINE CORPS ENLISTMENT OFFICE Camp Pendleton, CA   RECRUITMENT LETTER     Hello James Buford, Thank you for taking interest in joining the 1st Marine Raider Battalion.   During your trial period the following will occur: Once accepted as a Recruit, you will remain as a Recruit for 2 weeks from the day of your acceptance until the next BCT Class is offered. During your time as a recruit, it is highly encouraged to play within the Public Server and join Discord with our other members. Upon acceptance, you will be contacted by one of our DIs when the next available BCT is scheduled via the appropriate Discord channel.   We have a BCT class every two weeks. Please keep an eye out for when the next one is made available once you've completed your time requirements!   Upon stating that you understand all the information here, an admin will change your forum name and login to be :   Buford 1st MRB   Take the time now to change your Steam and in-game name to:   Rec. J. Buford [1st MRB] (Example: Rec. J. Doe [1st MRB])   Please make sure to verify your forum account by checking your email. Also, please respond below with a reply showing that you have read and understand these rules. You cannot be fully accepted until you do so. We have a limit on the time to reply, if you do not do so within 48 hours, your application will be denied. Once you reply, you will be approved for your trial period unless otherwise posted.  
    • jelly3384's application for Enlistment Form Questions Name you wish to use and Age: (Our unit uses realistic names, this does not have to be your real name) Pigeon, 16 Platform Type Epic Games Store Steam ID (Use 17 Digit SteamID 64 / PC Game Pass Account Username): Pigeon_theft   Do you have a microphone? Yes   Which game title are you applying for? Hell Let Loose   If you've selected Hell Let Loose, do you understand that this game is currently not cross platform capable and only PC players currently may apply? ( Steam or PC Game Pass) Yes   Why do you wish to join the 1st Marine Raiders? I've played BFV and milsimed in it, and it was a lot more fun when I milsimed. and I enjoy playing HLL, so I think it is going to be more fun when I join.   Did any of our current members play a part in you enlisting? If so, who? If none, how did you learn about us: I found you guys from a website called disboard when looking for HLL milsim groups to join.   This unit offers more than just a place to play games with each other, do you have any online skills you think would be useful? no   Do you have any Leadership experience that you think will be helpful? I'm not sure if it will be helpfull,but I used to be in BFV milsim groups and in my last one I got to [E-7] out of [E-1] to [O-8], so I was a NCO and I helped the officers with whatever they needed doing, weather it was assisting with training, settling disputes or helping them decide what was appropriate disciplinary action. And when we were in combat I was usually assigned to lead my own squad.   Have you ever been in a realism unit before, and if so, which unit was it? yes. I was in quite a few BFV milsim groups, although I was only in one at any given time. unfortunately, I have left the discord servers and I do not remember the names of them. if you would like, I could probably give a reference to someone who was an officer in most of the groups I was in.   By posting this Enlistment form, I acknowledge the instructions completely, declare that I am 16 years old or older, and agree that I have and will follow server and unit rules maturely and respectfully or face immediate rejection. Yes   Application stats UserId: 943213736024498227 Username: jelly3384 User: @Rec. J. Buford Duration: 1131 seconds Joined guild at: a day ago
    • 2nd Platoon Weekly Attendance   Week of 09MAR2025   P = Present | E = Excused | A = Absent   Platoon Staff WO. A. Pitteway - Excused MSgt. J. Candy - Present TSgt. A Yoder - Present   1st Squad Squad leader:  TSgt. R. Fielding- Excused Cpl. B. Grande - Present Cpl. M. Noel - Excused Pfc. R. Smith - Present Pfc. C. Keebler - Present Pfc. D. Moffat - Present     2nd Squad Squad leader:  Sgt. S. Holquist - Present Cpl. T. Scary - Present Pfc. C. Marsh - Present Pfc. M. Oake - Excused Pfc. W. Swift - - Present Pvt. R. Zera - Present   Helpers:  Ret. A. Cannon
    • 2nd Platoon Weekly Attendance   Week of 02MAR2025   P = Present | E = Excused | A = Absent   Platoon Staff WO. A. Pitteway - Excused MSgt. J. Candy - Present TSgt. A Yoder - Present   1st Squad Squad leader:  TSgt. R. Fielding- Excused Cpl. B. Grande - Present Cpl. M. Noel - Present Pfc. R. Smith - Present Pfc. C. Keebler - Present Pfc. D. Moffat - Excused     2nd Squad Squad leader:  Sgt. S. Holquist - Present Cpl. T. Scary - Present Pfc. C. Marsh - Present Pfc. M. Oake - Excused Pfc. W. Swift - - Present Pvt. R. Zera - Absent II   Helpers:  Pfc. J. Arsenault   *Cannon, Clement, Whistle moved to reserves
    • Welcome to the 1st Marine Raider Battalion! Now that you have been accepted don't forget to: 1. Check in at the Recruit Depot 2. Read the Marine Raider Handbook (you are expected to know everything in it) 3. Change your steam friends Avatar 4. Download, install and log into Discord NOTE: Please be aware that you will not have access to the above links until an officer has given you full access to the forum. Access to the forum should be given to you within the next day.
×
×
  • Create New...