lahudnell and api.recomme.me/widgets/... infected again. Please help.

lahudnell

New Member
Thread author
Verified
Jun 11, 2015
19
Maybe this will be spotted by THE, but if not, he helped me with this the last time.

I am prepared to go through the usual scanning, log uploading, scanning etc.. just tell me what you
recommend.

Beyond this, I am hoping you can offer some preventative measures (if any), so that this doesn't continue to
happen. It affects Internet Explorer, and Google Chrome so I am considering going to Fire Fox or some other
browser. By the way, I do have Kaspersky Total Internet Security on my computer.

I await your help.
 

lahudnell

New Member
Thread author
Verified
Jun 11, 2015
19
Maybe this will be spotted by THE, but if not, he helped me with this the last time.

I am prepared to go through the usual scanning, log uploading, scanning etc.. just tell me what you
recommend.

Beyond this, I am hoping you can offer some preventative measures (if any), so that this doesn't continue to
happen. It affects Internet Explorer, and Google Chrome so I am considering going to Fire Fox or some other
browser. By the way, I do have Kaspersky Total Internet Security on my computer.

I await your help.


No. It is happening in Chrome and Internet Explorer.
 

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
FRST.gif
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

lahudnell

New Member
Thread author
Verified
Jun 11, 2015
19
Hi THE. I have done the FRST scan. See the attached file.
 

Attachments

  • FRST.txt
    52.4 KB · Views: 1

lahudnell

New Member
Thread author
Verified
Jun 11, 2015
19
I thought Addition.txt report would only be generated if this was my first time running the scan. I have run the FRST
scan on this computer before so the program only generated a new FRST.txt. (But I do have a copy of the Addition.txt
file from 6/27/15).
 

lahudnell

New Member
Thread author
Verified
Jun 11, 2015
19
Got it this time. Sorry about that. I have attached both files this time.
 

Attachments

  • FRST.txt
    52.5 KB · Views: 2
  • Addition.txt
    39.4 KB · Views: 1

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
FRST.gif
FRST search

Once again we shall use FRST for additional checks. Re-run FRST/FRST64 by double-clicking:
  • Copy api.recomme.me;recomme into the Search: field in FRST then click the Search Registry button.
  • FRST will search your computer for files and when finished it will produce a log Search.txt in the same directory the tool is run.
  • Please attach it to your reply.
 

lahudnell

New Member
Thread author
Verified
Jun 11, 2015
19
Hi THE,

I have been on vacation for a week. Here is the search.txt file.

By the way, api.recomme.me has not shown up since the last scan *but* just before running this scan I
had the browser open and it started a redirect to another page called "Copy The Pro". I killed the page
before I had a chance to see the URL, so I may need to start another thread for the "new" malware that
appears to have taken up residence. ):
 

Attachments

  • Search.txt
    259 bytes · Views: 1

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top