I think this is a strange one. I have a dual boot 7 / 8.1 desktop machine, two dual-boot Thinkpad laptops, and two single-boot Thinkpads. Everything is 7 or 8.1. I'll leave my Windows Home Server box out of the equation.
For the last couple days, I've been getting large full-screen popups on all these machines with amazing regularity. Whenever I click on my insurance company's Logon link (Farmers), a popup for "GetMyInsurance.com" opens up. When I click on most (not all) links on the local newspaper site, a talking popup for some sort of update appeared. When I clicked on the Anandtech Forums to post this, up came a large popup for something. Some of them can only be cleared with task manager.
Trend "House Call", Eset, SuperAntiSpyware, Malware Bytes, Symantec Endpont Protection, and ADWCleaner have all come up clean other than a sporadic tracking cookie.
The system is a cable modem (Cox ISP) connected to a Cisco E3000 wireless router. The desktop is hard-wired; the others are wireless. Temporarily using a wired connection didn't affect the problem.
I took out the router, and tried connecting two of the machines, in turn, directly to the wired cable modem connection. It was awkward - took multiple resets of the router and disabling/enabling the laptop's Nics to get internet connectivity. In brief testing the problem Did Not occur.
I just took a laptop over to a nearby Starbucks and connected. The problem Did Not occur. Came back here and it once again gave the popups from Farmers and the local newspaper.
Has anyone ever heard of a bleedin' ROUTER being infected??? It's starting to really look like that. I reset the router once without affecting anything.
None of the machines show a spurious proxy server being injected.
Any pontification out there would be welcome. I can get another wireless router in a few days; I loaned my old Belkin to a friend and it hasn't ever been connected.
As I said, this is a strange one.
Art
This seems to have been resolved but I am moving it out of Computer Help so that someone else might benefit from it in the future.
admin allisolm
For the last couple days, I've been getting large full-screen popups on all these machines with amazing regularity. Whenever I click on my insurance company's Logon link (Farmers), a popup for "GetMyInsurance.com" opens up. When I click on most (not all) links on the local newspaper site, a talking popup for some sort of update appeared. When I clicked on the Anandtech Forums to post this, up came a large popup for something. Some of them can only be cleared with task manager.
Trend "House Call", Eset, SuperAntiSpyware, Malware Bytes, Symantec Endpont Protection, and ADWCleaner have all come up clean other than a sporadic tracking cookie.
The system is a cable modem (Cox ISP) connected to a Cisco E3000 wireless router. The desktop is hard-wired; the others are wireless. Temporarily using a wired connection didn't affect the problem.
I took out the router, and tried connecting two of the machines, in turn, directly to the wired cable modem connection. It was awkward - took multiple resets of the router and disabling/enabling the laptop's Nics to get internet connectivity. In brief testing the problem Did Not occur.
I just took a laptop over to a nearby Starbucks and connected. The problem Did Not occur. Came back here and it once again gave the popups from Farmers and the local newspaper.
Has anyone ever heard of a bleedin' ROUTER being infected??? It's starting to really look like that. I reset the router once without affecting anything.
None of the machines show a spurious proxy server being injected.
Any pontification out there would be welcome. I can get another wireless router in a few days; I loaned my old Belkin to a friend and it hasn't ever been connected.
As I said, this is a strange one.
Art
This seems to have been resolved but I am moving it out of Computer Help so that someone else might benefit from it in the future.
admin allisolm
Last edited by a moderator:
Facebook
Twitter