OT: Source of this?

[Terry Pinnell]

A friend reports he is getting this small image overlaid on many posts in
several forums he uses, usually over an embedded image included with the
post. I'm guessing some software accidentally installed, or option
unknowingly enabled. Anyone recognise it please?

https://dl.dropboxusercontent.com/u/4019461/OverlaidImage.jpg

 

[Mentalguy2k8]

A friend reports he is getting this small image overlaid on many posts in
several forums he uses, usually over an embedded image included with the
post. I'm guessing some software accidentally installed, or option
unknowingly enabled. Anyone recognise it please?

https://dl.dropboxusercontent.com/u/4019461/OverlaidImage.jpg

I'd scan for malware, and disable any browser add-ons that aren't
recognised/needed, the procedure is different for each browser.

Try this software, I've found it excellent:

http://www.malwarebytes.org/products/malwarebytes_free/

Install it and do a "quick scan", it normally picks up the stuff that
shouldn't be there and it's free.

 

[Mentalguy2k8]

I'd scan for malware, and disable any browser add-ons that aren't
recognised/needed, the procedure is different for each browser.

Try this software, I've found it excellent:

http://www.malwarebytes.org/products/malwarebytes_free/

Install it and do a "quick scan", it normally picks up the stuff that
shouldn't be there and it's free.

I should add that any "malware" scanning software will give you a list of
results of malware that's on your PC after the scan, and you can then look
them up online if you're interested in where a particular malware originated
or how it works, and the (possible) effects it can have.

 

[Shadow]

A friend reports he is getting this small image overlaid on many posts in
several forums he uses, usually over an embedded image included with the
post. I'm guessing some software accidentally installed, or option
unknowingly enabled. Anyone recognise it please?

https://dl.dropboxusercontent.com/u/4019461/OverlaidImage.jpg

It's spyware. I get it on 4shared. There are 4 boxes, from
left to right:

Facebook spyware
Google spyware
Twitter spyware
Dunno, probably KGB

Analyzing the Twitter icon:

http://www.4shared.com/servlet/signin/twitter?fp=http://www.4shared.com/account/home.jsp"

Which will allow 4Shared to:

Read Tweets from your timeline.
See who you follow, and follow new people.
Update your profile.
Post Tweets for you.

IOW, be you, sell you, **** with you.

Just put google, twitter, facebook and KGB in your hosts file.
You will be safe(r).
[]'s

 

[Terry Pinnell]

A friend reports he is getting this small image overlaid on many posts in
several forums he uses, usually over an embedded image included with the
post. I'm guessing some software accidentally installed, or option
unknowingly enabled. Anyone recognise it please?

https://dl.dropboxusercontent.com/u/4019461/OverlaidImage.jpg

It's spyware. I get it on 4shared. There are 4 boxes, from
left to right:

Facebook spyware
Google spyware
Twitter spyware
Dunno, probably KGB

Analyzing the Twitter icon:

http://www.4shared.com/servlet/signin/twitter?fp=http://www.4shared.com/account/home.jsp"

Which will allow 4Shared to:

Read Tweets from your timeline.
See who you follow, and follow new people.
Update your profile.
Post Tweets for you.

IOW, be you, sell you, **** with you.

Just put google, twitter, facebook and KGB in your hosts file.
You will be safe(r).
[]'s

Thanks!

 

[Mark Warner]

I'd scan for malware, and disable any browser add-ons that aren't
recognised/needed, the procedure is different for each browser.

Try this software, I've found it excellent:

http://www.malwarebytes.org/products/malwarebytes_free/

Install it and do a "quick scan", it normally picks up the stuff that
shouldn't be there and it's free.

In this case, I'd also suggest a run of SuperAntiSpyware. Between the
two, that should clean up any crap that they've picked up.

 

[Brian Gaff]

So what software is he using for the group.

Brian

 

[Brian Gaff]

One has to ask why anyone would read posts in a newsgroup online in the
first place instead of with a client that shows the bare text, but I can say
that Malwarebytes is very good, though just lately less so for the blind due
to inaccessible text on some screens.

Brian

 

[Terry Pinnell]

One has to ask why anyone would read posts in a newsgroup online in the
first place instead of with a client that shows the bare text, but I can say
that Malwarebytes is very good, though just lately less so for the blind due
to inaccessible text on some screens.

Brian

And for sighted members of forums discussing and exchanging images and
videos? For which 'bare text' has some rather obvious limitations!

 

[alan]

Try this software, I've found it excellent:

http://www.malwarebytes.org/products/malwarebytes_free/

Install it and do a "quick scan", it normally picks up the stuff that
shouldn't be there and it's free.

+1 for Malwarebytes

Also go into the menu Malwarebytes "More Tools" and download the
Anti-Rootkit (Beta) which is also free.

 

[harry]

I'd scan for malware, and disable any browser add-ons that aren't
recognised/needed, the procedure is different for each browser.

Try this software, I've found it excellent:

http://www.malwarebytes.org/products/malwarebytes_free/

Install it and do a "quick scan", it normally picks up the stuff that
shouldn't be there and it's free.

Just tried it. (I am having trouble with popup adverts)
It found eight "undesireables" which looked advertising related. I
deleted them but the problem remains.

 

[Shadow]

Just tried it. (I am having trouble with popup adverts)
It found eight "undesireables" which looked advertising related. I
deleted them but the problem remains.

Try *hijackythis. Look for anything out of the ordinary,
specially BHOs and redirects.

*available on sourceforge
[]'s

 

[Mark Warner]

Just tried it. (I am having trouble with popup adverts)
It found eight "undesireables" which looked advertising related. I
deleted them but the problem remains.

Clear all your restore points. Then re-run MBAM and SAS:

http://www.superantispyware.com/

Might be wise to run both in Safe Mode followed by both in Normal Mode.

 

[Terry Pinnell]

+1 for Malwarebytes

Also go into the menu Malwarebytes "More Tools" and download the
Anti-Rootkit (Beta) which is also free.

I'm pretty sure that after a scan using MalwareBytes I used to be able to
right click on an entry in the results and get some details of it. But
that's not true now if it ever was.

Also, what is the point of 'Vendor information'? It just takes me to the
MalwareBytes home page. Elsewhere in the right click menu the term
'vendor' appears to mean the author or supplier of the malware entry...