Malware/Adware from an ad?

Hello! I just was recently surfing the web and I went to get a drink of water.. I came back and I was at one of these suspicious sites. I quickly clicked off the site and ran a Norton Antivirus scan and found nothing. Let me show you what was in my history so  you can better understand. Should I change my passwords, etc?

I encoutered same problem once but when I turned on Norton, everything was fine, no threads found. Maybe it's just pop up ad...

Ok, I will post back once I get a response.

No problems, lmacri,

Looking at the times we both posted together.  wink

Cheers!

aren3000:

Hi, how do I post my Farbar Recovery Scan logs? ...

Hi aren3000:

It looks like you found their instructions for using pastebin.com to post your FRST logs in your new thread Do I have any type of unwanted Malware,etc on my computer?.  Good luck, and be sure to post back and let us know how things went once you're finished in qmalwareremoval and they've given you the final "all clear" that your system is clean.

EDIT: Sorry Krusty13, didn't realize you'd already replied.
--------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS v22.11.2.7 * Process Explorer v16.21

Instructions here  -  https://qmalwareremoval.freeforums.net/thread/1665/2nd-step-infected.

And here is how to upload the logs  -  https://qmalwareremoval.freeforums.net/thread/1923/3rd-step-upload-wikisend-com.

Any questions about the other forum are better asked on that forum.

Thanks.

Hi, how do I post my Farbar Recovery Scan logs? What do I do? Do I just do a scan and take screenshots of the things that came out?

aren3000:

Ok, I have posted back a qmalware but I want to know if I run Malwarebytes, and Norton Scans and they come back clean. Does that mean I can be pretty sure that I am free of the nasty malware, worms, adware, etc.

Hi aren3000:

You've asked that same question three times, and my original answer <here> that "If your Norton v22 Full System Scan and Malwarebytes v3 Threat Scan both came back clean it's very unlikely you have hidden malware/PUPs on your system" hasn't changed.

...and you still haven't posted  Farbar Recovery Scan Tool (FRST) logs on qmalwareremoval.  They can't tell you if you have hidden malware on your system if you won't provide the diagnostic logs they requested in their forum guideline at http://qmalwareremoval.freeforums.net/thread/1665/2nd-step-infected.
--------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS v22.11.2.7 * Process Explorer v16.21

I want to also thank you for your help, you've been a big help. thank you!

Ok, I have posted back a qmalware but I want to know if I run Malwarebytes, and Norton Scans and they come back clean. Does that mean I can be pretty sure that I am free of the nasty malware, worms, adware, etc.

Hi aren3000:

...and further to my previous post, let the folks at qmalwareremoval know if these detections and browser redirects happen when you are playing a game (or running some other application) or visiting one particular website.  It's not unusual for .exe and .dll files from Steam games to be flagged by Norton as potential threats, but these are typically heuristic (behaviour-based) detections that are triggered because the file shares similar characteristics with known trojans (e.g., the executable tries to download a file or open a backdoor connection to a remote server).  With Steam games that suspicious behaviour often has more to do with sloppy programming than malicious intent.
--------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS v22.11.2.7 * Process Explorer v16.21

Hi aren3000:

If you're still concerned, I'd suggest you post back in your qmalwareremoval thread at http://qmalwareremoval.freeforums.net/thread/2098/gamebarpresencewriter-exe and ask the malware removal specialist helping you what they suggest.  That thread isn't locked yet and they still might be willing to take a quick look at some diagnostic logs from the Farbar Recovery Scan Tool (FRST) for any signs of a malware/PUP infection.  Let them know that your Norton and Malwarebytes Threat Scan were both clean but that that you're still worried about your recent Norton Web Attack: CCTV-DVR Remote Code Execution detections and website re-direction blocks.

Just FYI for future reference, their forum guidelines for users who believe they are infected <here> include instructions for running the Farbar Recovery Scan Tool (see 2nd step - I think I am Infected. What do I do?) and I don't see the requested FRST.txt or Addition.txt logs attached to your original post.
--------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS v22.11.2.7 * Process Explorer v16.21

Hi, okay thank you for that. I've gotten Process Explorer. Also, I just want to make sure.. if I have ran scans on Malwarebytes and Norton I can be pretty sure that I don't have anything bad on my computer. Correct?

Hi aren3000:

If your Norton v22 Full System Scan and Malwarebytes v3 Threat Scan both came back clean it's very unlikely you have hidden malware/PUPs on your system, so I don't think you have any cause for concern.  Post back if you continue to see any unexpected behaviour like browser re-directs or adware pop-ups and include details about your Windows OS, default browser and Norton product name and version (go to Help | General Information | About - the latest version is currently v22.11.2.7) and we can investigate further.

I noticed you recently posted a thread <here> about what you felt was excessive (~40%) memory consumption.  Here's a screenshot for my own machine using a utility called Process Explorer that shows over 60% of my 3 GB of RAM consumed when only one instance of my Firefox ESR browser (i.e., with no multi-processing) is loaded into memory. Results are sorted by Private Bytes (the amount of memory each process has reserved for itself) and show that Firefox, Norton and Malwarebytes are the biggest memory hogs on my computer.

If you want to try Microsoft Sysinternal's Process Explorer [Note: after ProcessExplorer.zip is unzipped there is no installation required - just double-click procexp.exe (32-bit OS) or procexp64.exe (64-bit OS) to run] here's a useful tip.  Go to Options | VirusTotal.com and click Check VirusTotal.com.  Process Explorer will then submit every executable running on your computer to VirusTotal.com for analysis by ~ 65 common antivirus engines (e.g., AVG, McAfee, Kaspersky, Malwarebytes, Symantec/Norton, etc.) and display a detection rate for each file.  A detection rate of 0/65, for example, means that all 65 antivirus scan engines determined the file is safe, while 2/65 means 2 of 65 antivirus scan engines think the file is suspicious.  If you have a process running on your computer with a high detection rate then double-clicking the detection rate in the VirusTotal column will take you directly to the detailed analysis report on VirusTotal.com. (Hint: If you don't see the VirusTotal results in the main Process Explorer window go to View | Select Columns | Process Image and enable the column for VirusTotal).
--------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS v22.11.2.7 * Process Explorer v16.21
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Yeah, I just installed Malwarebytes free version and ran a Threat Scan along with another Norton scan. Now I can be sure that I've got no malware or adware installed on my computer?

Hi aren3000:

As SendOfJive noted, Norton has several layers of protection to block/detect malware, but if you have any concerns that Norton missed a lower-risk PUP (potentially unwanted program) like a browser hijacker or adware you can run a second-opinion scan with the free Malwarebytes.  Hints for using this software are posted in BevStra's thread MyWay Search.
--------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * Norton Security Premium v22.11.2.7 * MB v3.3.1

 

Hi, aren3000. No, you should be fine now. As SOJ said, If your scans found nothing, you are almost certainly safe. 

 

Alright, came back with No Threats Found. (: Should I take any more precautions?

Alright, thank you. I am going to run a system scan in Safe Mode. I will get back to you when I am finished and tell you results. (:

Right click the Norton icon in the system tray.  Select "View Recent History."