tjg79 3 Posted February 24, 2016 Posted February 24, 2016 Hi, I'm getting aa.js/q.adrta.com pop-ups with IE11. I'm running Win 7 Pro x64 w/ ESET SS 9.0.318.0. Will ESET SS remove the virus? How do I eliminate the pop-ups? Every time a pop-up appears asking if I want to download or save, I click cancel. From my internet research, it appears that I may already be infected. I haven't received any indications from ESET SS that I've been infected and I'm surprised ESET SS doesn't eliminate the pop-up or indicate a warning. Thank you for your assistance. Regards
Administrators Marcos 5,443 Posted February 24, 2016 Administrators Posted February 24, 2016 To start off, please download and run ESET Log Collector. When done, drop me a pm with the output archive as well as a screen shot of the ad window that pops up.
tjg79 3 Posted February 24, 2016 Author Posted February 24, 2016 Below is a screen shot of the pop-up as an attachment.
Administrators Marcos 5,443 Posted February 25, 2016 Administrators Posted February 25, 2016 A couple of questions: - Does it happen with any browser? - Does it happen even if you run a browser in a so-called safe mode without add-ons loaded? - If you have more computers in the network, is it happening on all of them?
tjg79 3 Posted February 25, 2016 Author Posted February 25, 2016 I only have IE11 installed. This computer is not in a network. It's connected to the internet via a DSL modem. I haven't run the browser in so-called safe mode without add-ons loaded.
Administrators Marcos 5,443 Posted February 26, 2016 Administrators Posted February 26, 2016 To run IE without add-ons, click Start and type "Internet Explorer". As you type, you should see a shortcut to "Internet Explorer (No Add-ons)". Click it to start IE without add-ons and see if the issue occurs.
tjg79 3 Posted March 1, 2016 Author Posted March 1, 2016 The pop-up hasn't reappeared in either IE11 with add-ons or IE11 without add-ons in the past few days. I've run scans with the latest version of ESET SS, SuperAntiSpyware, Windows Defender, and Microsoft Safety Scanner with no detections. Everything I've read online indicates this was a virus. I'm surprised ESET SS didn't detect anything. I'll post again if the virus reappears. Did you see anything of interest in the log files? Regards
tjg79 3 Posted March 7, 2016 Author Posted March 7, 2016 I'm getting a different virus file pop-up, but the same indications. I get this pop-up in both IE11 with add-ons and IE11 without add-ons. A screen shot is attached. I suspect this is virus that targets my system from a particular website that attempts to cause a download by clicking "save" or "open." Does ESET SS protect from these types of attacks? Why doesn't the program prevent the pop-up from appearing?
tjg79 3 Posted March 7, 2016 Author Posted March 7, 2016 (edited) I've started getting the following ESET SS pop-up. I don't know if it's related to the pop-up in my previous post. Edited March 7, 2016 by tjg79
SweX 871 Posted March 7, 2016 Posted March 7, 2016 Do you see the orange popup on all/any websites or only on some specific websites you browse to ? And have you detection of PUAs, PUPs and Suspicious apps enabled in ESET ? (if not, enable all of them and run another scan, and keep them enabled from now on) hxxp://support.eset.com/kb3204/ If you have these detection categories enabled and ESET does still not detect and remove it. Then you can try the guide below, it is from 2013, but the method and tools used to remove it are still relevant today, and they are quite easy to use. Follow the description and what is shown in the screenshots and it should be pretty straight forward. (The tools used in the guide may probably also find items connected to "aa.js/q.adrta.com" that you mention in your first post, and possibly more, check the detection log and what each item belong to before you remove anything, so you don't remove anything you want to keep incase of FP.) https://malwaretips.com/blogs/ib-adnxs-popup-virus/
tjg79 3 Posted March 8, 2016 Author Posted March 8, 2016 (edited) SweX, on 07 Mar 2016 - 6:51 PM, said:SweX, on 07 Mar 2016 - 6:51 PM, said:SweX, on 07 Mar 2016 - 6:51 PM, said: Do you see the orange popup on all/any websites or only on some specific websites you browse to ? And have you detection of PUAs, PUPs and Suspicious apps enabled in ESET ? (if not, enable all of them and run another scan, and keep them enabled from now on) hxxp://support.eset.com/kb3204/ If you have these detection categories enabled and ESET does still not detect and remove it. Then you can try the guide below, it is from 2013, but the method and tools used to remove it are still relevant today, and they are quite easy to use. Follow the description and what is shown in the screenshots and it should be pretty straight forward. (The tools used in the guide may probably also find items connected to "aa.js/q.adrta.com" that you mention in your first post, and possibly more, check the detection log and what each item belong to before you remove anything, so you don't remove anything you want to keep incase of FP.) https://malwaretips.com/blogs/ib-adnxs-popup-virus/ The popups appear on some websites, not all. I changed my Antivirus settings. The scanner options had "Enable detection of potentially unsafe application" unchecked. I changed it to enabled. The ESET SS configuration on my system was the default as installed. I'll monitor the system and see if the change resolves the problem. Thanks for the assistance. Regards Edited March 8, 2016 by tjg79
Recommended Posts