Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Need help finding how malware works
- John Davis
November 4, 2012, 1:59 pm
rate this thread
I'm not sure if this is the correct place to ask this question, so if
you know of any other/better place let me know.
I've encountered some kind a "malware" on my pc (Windows 7), and it
turned out be quite popular - "yield manager ad".
It shows a popup window with ad on every page, on Google Chrome and
I've found many "how to remove" articles, but before I remove it, I
want to understand how it works,
so if anybody can help, I will appreciate that.
What I've done so far is:
1) Using SysInternals's "ProcessExplorer:, I've checked all the
modules that are loaded into GC/IE - all seem to be familiar/signed.
2) Using nirsoft's "DriverView" - I've checked all drivers - all seem
to be familiar/signed.
In |familiar" I mean the company name relates to some known company or
software which is considered to be known/illegitimate.
Now - I'm stuck - what is the next step ?
Or is it possible/common that this malware also inject itself the
"process explorer" to hide itself ?
Thanks for any help.
Re: Need help finding how malware works
It is adware but not necessarily malware. As far as I can tell from
reading about it, it exists as a cookie on your machine and is
supported by your browser. You can disallow the adware server by
'blocking' the domain.
- » Antivirus pioneer John McAfee is on the run from murder charges in Belize (!)
- — Next thread in » Anti-Virus Software