jerryi

Members
  • Content count

    51
  • Joined

  • Last visited

About jerryi

  • Rank
    Regular Member
  1. Results of screen317's Security Check version 0.99.81 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 51 Adobe Reader XI Mozilla Firefox (28.0) Google Chrome 33.0.1750.154 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
  2. One final question: Do you think the invasive script is on the external website, or somewhere in my computer(s)? Thanks for your help.
  3. I meant to say it seems UNNECESSARY to uncheck the java box.
  4. Here's an interesting twist. I have not yet pursued your idea re. adjusting through the java control panel, but the links are gone when I open the problem site in Chrome. However, the links are present when I open the site with IE. My Chrome settings currently show that I "Allow all sites to run javascript" (i.e., the box is checked). So it seems necessary to uncheck the java permission box. I cannot explain why I observed the links previously.
  5. I just found your note about market research (I didn't realize I now have to go to page two of this string.) Yes, I saw the words 'market research' in one of the logs a few days ago, and I mentally red-flagged it. But I forgot to mention it to you. It is not a program that I can delete through Control Panel. I'm glad to hear that you are willing to pursue the problem; thus far with Firefox, I am having trouble getting to my gmail inbox and cannot find a path to enable cookies because their instructions are apparently out of date with their current menu structure. Also I cannot sign in to New York Times. Maybe these items are related to no script. I would much prefer to stick with Chrome (the devil I know). I changed my chrome content settings to disallow javascript, and that keeps the Sailnet site from showing the rogue links!!!!!! So it is a javascript problem. Is the javascript native to the Sailnet site, or is it lurking somewhere in my computer? But Chrome suggests allowing javascript. When I tried to find adblock, the javascript setting prevented access to the adblock website. So then I allowed javascript in order to get to the website to install adblock. Then when I installed adblock, the rogue links reappeared on the Sailnet site, so adblock IMHO is useless, and disallowing javascript is problematic. How can we proceed to kill 'market research'?
  6. Noscript is compatible with Firefox, but not with Chrome. I don't remember why or when I quit using Firefox and shifted to Chrome but there may have been a valid reason. Anyway, I have just now downloaded Firefox and am able to demonstrate that the problem site shows the four malware links on the Sailnet website. Then I implemented Noscript and I have verified that Noscript eliminates the invasive links. Now I will determine whether I can find any reason not to use Firefox for my default browser. Are you interested in pursuing this problem further? Would you like for me to continue using Chrome to try to find other infected sites? I appreciate your help and will continue to work if you have any academic interest in this problem, but I can certainly understand that you probably never want to hear from me again. I will in either case contribute a modest amount to your fund for the tremendous effort that you have exerted. Thank you. Jerry Isaacs
  7. At the beginning of this project, I recall seeing the links on various sites from time to time. Back then, I wasn't paying attention whether the ads appeared only on html pages. Some while back they appeared occasionally on my own website, but I have not been able to reproduce the problem lately. A few minutes ago I visited several websites to try to locate html pages and I found a few government sites that used html and that did not show any signs of infestation by ad choices. I will have continue to look for additional examples of the problem, but right now I have found only the one example. I do not now whether the problem has resolved, but I am very suspicious that it has not, because it still recurs on the sailnet site. I will report back as soon as I encounter an 'attack' on another web page.
  8. With extensions disabled I still see four ad choices links in Chrome and in IE at the subject url: http://sailnet.com/forums/gear-maintenance/47896-garhauer-traveler-mt-ub2-unit.html The links are on the words 'new', 'model', 'purchase', and 'improve' in the text from that url, as follows: ---------------------------------------------------------------------------- Hey folks, Just returned from the Annapolis Show with a deposit on a new Garhauer MT UB2 traveler for our boat. Before I actually call them with specs I wanted to see if anyone has had some experience with their travelers, and more specifically this model. I also purchased their stainless risers to replace the original teak risers, I think its gonna look sharp and drastically improve our ability to use the darn thing more often. (Currently, under a load I cant budge the sucker, requires tightening the vang or loosening the main sheet ) Again, big kudos to this company, a class act all the way!!! ----------------------------------------------------------------------------- Those words also appear as links on my separate Win 8 computer. Apparently, both of my computers have the same infection. I routinely back up from my Win 7 computer to my Win8 via my network. Both computers are protected with Malwarebytes Pro and with MSE. I just now checked the site on my iPad, and the four words do not appear as links.
  9. The ad choices links still appear at the ref site. Fixlog.txt
  10. The thing that I find most repulsive is that quasi-respectable companies like Volkswagen and Microsoft pay these scumbags to riddle my computer with these ads and make us waste our time trying to protect ourselves from this pukeware. I already hated Microsoft anyway, but now Volkswagen can also be sure that I will never buy a product from them again. Addition.txt FRST.txt Shortcut.txt
  11. Attached is combofix. Seems that combofix destroyed all of the recent favorites on my chrome toolbar which I had to reconstruct yesterday because they had disappeared earlier in this little adventure. But it replaced the latest destroyed set with set that I lost earlier. combofix.txt
  12. I ran TDSSKiller and found nothing. Kapersky report attahed. When I tried to run ComboFix I got a suspicious popup that I am too paranoid to execute. See combofix.png below. Should I run it? kapersky report.txt
  13. I use Chrome almost exclusively. The problem occurs on Chrome and Internet Exporer. I uninstalled and reinstaled Chrome yesterday, to no avail. I have not tried any other browsers recently. I will try Mozilla if you want me to install it.
  14. But the problem certainly doesn't occur on all html pages. At the following link I do not see any popup links for ad choices http://pages.motors.ebay.com/sell/howto/manage-participate.html