Dafuq?

[Computer-Lab in Basement]

dafuq is this???

Has anyone else seen these? Or should I run a virus scan on my PC?

****'s freaking me out...

[Michael]

Not a virus, but a browser hack. I had the same thing. Need to run some anti-malware

[meiosis]

Adware/Spyware

[demik]

l2adblock noob.

obi wan's reaction is priceless tho. so say we all!

[Pacifist]

What's with your white GH?

[Dubsgalore]

might be something in your extensions? sometimes bull**** things like that sneak into chrome..just go uninstall it or uncheck it

and adblock it up too

[uberknarf]

What's with your white GH?

I think's its the Thoriated theme, if I'm not mistaken.

http://geekhack.org/index.php?action=profile;area=theme, then click "change" at the toppish.

[Computer-Lab in Basement]

might be something in your extensions? sometimes bull**** things like that sneak into chrome..just go uninstall it or uncheck it

and adblock it up too

Had adblock installed since I installed Chrome. Must have snuck past it...

Gonna try some anti-malware/adware and see if that takes care of it.

[Computer-Lab in Basement]

Any suggestions for a free anti-malware software?

[Puddsy]

Any suggestions for a free anti-malware software?

malwarebytes

So good I paid for pro.

It's still got 60 days free or something.

[Computer-Lab in Basement]

Any suggestions for a free anti-malware software?

malwarebytes

So good I paid for it.

Thanks, already running it.

[Puddsy]

Any suggestions for a free anti-malware software?

malwarebytes

So good I paid for it.

Thanks, already running it.

I ninja edited like 3 times sorry :| :|

[keymaster]

Post your extensions/plugins. You probably installed some software recently that installed spyware into Chrome.

[tp4tissue]

Nothing like Restoring from an Image.. for peace of mind... saves so much time...

[Computer-Lab in Basement]

Post your extensions/plugins. You probably installed some software recently that installed spyware into Chrome.

That's the weird thing, I haven't installed anything lately except for a couple games through Steam (and Steam itself).

(could that do it?)

[Puddsy]

Post your extensions/plugins. You probably installed some software recently that installed spyware into Chrome.

That's the weird thing, I haven't installed anything lately except for a couple games through Steam (and Steam itself).

(could that do it?)

Steam no, games yes

Some games are a bit fishy, especially greenlight games.

I limit myself to indie (not greenlight) and AAA games.

Still only play DotA.

[Computer-Lab in Basement]

Post your extensions/plugins. You probably installed some software recently that installed spyware into Chrome.

That's the weird thing, I haven't installed anything lately except for a couple games through Steam (and Steam itself).

(could that do it?)

Steam no, games yes

Some games are a bit fishy, especially greenlight games.

I limit myself to indie (not greenlight) and AAA games.

Still only play DotA.

Games installed: COD Black Ops and COD Black Ops II

Only just started noticing this after I got done playing multiplayer (can malware be transferred through games like that?)

[Computer-Lab in Basement]

Ran Malwarebytes, removed all threats, didn't resolve the problem.

Next step: Windows Defender (cuz I don't have any use for real antivirus 99% of the time).

[Jack]

Try it again, quick scan will do, may uncover things that were being protected by what was removed on the first pass.

Check chrome://extensions/ and see if there's anything unfamiliar. Try disabling them one at a time and see when the problem goes away.

Never heard of malware through playing a game (that is, the playing itself). Could have adware/PUP bundled if you didn't pay attention to the installer, or maybe driveby download.

HJT may show something useful.

http://www.bleepingcomputer.com/download/hijackthis/

Getting a log: http://www.malwarehelp.org/how-to-curepart-3-using-hijackthis-scan-and-save.html
Comprehensive manual: http://www.bleepingcomputer.com/tutorials/how-to-use-hijackthis/

[kmiller8]

as others said, chrome://extensions

I had this same problem, it was the Ask toolbar extensions. I think it was bundled with java or flash or something. Something required to use the internet to the full extent

And not to start a flame war, but don't adblock :/ that's just a douche-move

[eth0s]

use the spock button, luke.

[Computer-Lab in Basement]

Try it again, quick scan will do, may uncover things that were being protected by what was removed on the first pass.

Check chrome://extensions/ and see if there's anything unfamiliar. Try disabling them one at a time and see when the problem goes away.

Never heard of malware through playing a game (that is, the playing itself). Could have adware/PUP bundled if you didn't pay attention to the installer, or maybe driveby download.

Getting it from an installer is damn near impossible considering the way I install things (I ALWAYS make sure I am installing JUST the software I want, with none of the bull**** that will slow my computer down).  So that's out...

Whatever it was, it was called "Better Surf" and it was a Chrome extension. No ****ing idea how the hell it got installed, cuz I sure as hell didn't do it...

Also got a few Windows Defender alerts saying it found a keylogger and "WPAkiller" (whatever that is). Removed both.

[Computer-Lab in Basement]

use the spock button, luke.

Show Image

But why would Spock need to use the Spock button? 

[eth0s]

use the spock button, luke.

Show Image

But why would Spock need to use the Spock button? 

Show Image

cuz he's afraid to use the force?

[Computer-Lab in Basement]

use the spock button, luke.

Show Image

But why would Spock need to use the Spock button? 

Show Image

cuz he's afraid to use the force?

Please, no intertwining of the Star Trek/Wars...

And logic trumps the force.

[Jack]

http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=HackTool%3AWin32%2FWpakill#tab_2

It may have been necessary if you have an ~alternatively acquired~ copy of Windows.

Glad you found the cause though. Now maybe it's time for password changes, given the keylogger.

[swill]

I had something similar happen.  I had to disable all my extensions and turn them on 1 by 1 to find which one was the culprit.  I did not have to do anything other than isolate the extension and remove it...

Hope that helps...

[nubbinator]

Do you have Flash running or Java enabled in the browser?  Sometimes you can get a driveby spyware/malware installation that way.  That's why I have Java disabled by default, Flashblock installed, and Adblock Pro installed.

As for spyware/malware software, Malwarebytes (MBAM) that was already mention is solid, as is SuperAntiSpyware.  There are also some good AVs you can install now that Defender is on the way to no longer being supported.  If you're super paranoid, you can boot with ClamAV, Avast, Kaspersky, F-Secure, AVG, and so on live discs.

[MKULTRA]

That is what you call adware.  Lots of mirror sites like CNET can give you that ****.

[iri]

If you're super paranoid, you can boot with ClamAV, Avast, Kaspersky, F-Secure, AVG, and so on live discs.

it's so much fun to boot with kasperskiy and nod32 and look how they fight each other. that's what microsoft windows is for!

[Computer-Lab in Basement]

http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=HackTool%3AWin32%2FWpakill#tab_2

It may have been necessary if you have an ~alternatively acquired~ copy of Windows.

Glad you found the cause though. Now maybe it's time for password changes, given the keylogger.

Oh, so now I'm gonna have to re-install my "make my Windows legit" software... ndb.

And I'm not even sure if it was a keylogger, I think I misread "keygen" for "keylogger" (cuz I know I have some keygens on my PC, for pirated stuff).  Even if it was a keylogger, all my passwords were autosaves/autofills anyways, so I'm not even gonna bother with a ****-ton of password changes.


Oh, and the reason why I posted this here to begin with was because this malware thing only showed up on Geekhack, so I was afraid it might have been the beginning of a r00tw0rm 2.0 or something...

[kolonelkadat]

I REALLY wanted that ad to say "meet horny singles in Basement" like those geoip ads are wont to do. I would have laughed for days.

[Computer-Lab in Basement]

I REALLY wanted that ad to say "meet horny singles in Basement" like those geoip ads are wont to do. I would have laughed for days.

[kolonelkadat]

 ) Thank you. This has made my day.

[catnipz0098]

I REALLY wanted that ad to say "meet horny singles in Basement" like those geoip ads are wont to do. I would have laughed for days.

(Attachment Link)

I thought that was the original spam ad until I looked back at the OP.  )