• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

newegg trojan

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
I just use ff on the latest version with adblockplus and never had a problem
 
Just found this. Must have picked it up after I tried newegg with IE 11. It's Win32/Kovter, a Trojan. It was in C:Users\xxx\App Data\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QEJQQPBJ\Flash Player [1].exe MSE has it quarantined. Date and time stamp are 4/28/2016 12:47 PM At 12:46 PM I did this search on newegg http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&N=100007583 600006337&IsNodeId=1&bop=And&Order=PRICED&PageSize=30

I clicked to open a tab for product info on a case that is not in my search history between 12:46 and 12:47. I'm not going back to look for it, but it definitely came from newegg. I went through everything in my browsing history for Thursday (4/28) and the times coincide with when MSE claims it showed up. I'm going to uninstall Flash Player and download a fresh one, but I won't be visiting newegg for a while. Good thing I'm broke. LOL
 
EarthDog said:
Try a different browser guys?
Click to expand...

I uninstalled Pale Moon because it kept making itself the default browser, after telling it I didn't want to do that. I tried to fix it in Programs and Features with no luck. I don't like pushy software. (See my W 10 rants. LOL) I had Waterfox before reinstalling my OS and haven't gone back to it because of the horrific memory leakage. It would eat 5+ GB of RAM in about 10 minutes. I don't like Chrome, so I'm back to browser shopping. Which is turning out to be a royal PITA.
 
For the one that is IE asking "Do you want to allow this page to open an app?" I suspect they have a link to their Windows app on their page and IE is doing that for you.

Janus67 said:
Try vivaldi, made by the makers of Opera
Click to expand...

I'll be happy to try Vivaldi when they make it open source. It is completely unreasonable these days to trust any closed-source browser with certain TLAs and their shenanigans.
 
I've seen this before at the egg and another site too.
It would ask me if I wanted to update my flashplayer but I went into taskmanager and directly closed Firefox there after I simply unplugged my LAN to stop any potential data flow. I also noted weird web addresses with it as shown in the screenie.

BS popup.jpg

If you see this it's probrably the trojan trying to do it's dirty work.
 
I visited newegg a couple days ago and the opening page just had a glossy grey overlay and just kind of hung. I guess I'll go do scans and change all my passwords now : (
 
And again

This one was while surfing ebaum's world (I know, I know) and it came up in Waterfox. URL is a dead giveaway here, too. Seems to be a pretty popular bit of malware recently.



new one.PNG
 
just got one but from amazon asking to update my java and tried to dl a similar installer

DdL2AeR.png
 
You must log in or register to reply here.

Similar threads

T
Best Prebuilt pc in $1200-1600 range
Replies
4
Views
162
Evilsizer
Evilsizer
J
Newbie: Asus B650 Creator doesn't work with G.Skill Ripjaws. Help!
2
Replies
20
Views
2K
User5566
U
F
Pihole Build Thread - A Complete Walkthrough
Replies
2
Views
614
freakdiablo
F
F
EXPIRED $65 Newegg gift code with Yamaha S202
Replies
4
Views
654
ssjwizard
ssjwizard
mackerel
X299 and 7980XE in 2024
2 3 4 5
Replies
80
Views
3K
TechStuff
T
Back