Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with ScreenAddict and Google Chrome keeps closing.


  • This topic is locked This topic is locked
3 replies to this topic

#1 ssdunn

ssdunn

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:33 AM

Posted 02 February 2017 - 12:13 PM

Here's the deal: I've been haunted with this virus for three to four months. Upon startup of my computer, I will open Google Chrome and go about my usual tasks. Then, randomly, it will close on me. I'll try to reopen Google but the program won't respond, and when I open task manager it appears that Google is still running. My windows malware blocker will be going crazy, taking up to 99% of my computer's usage. I force close Google, reopen the program, and get the stereotypical 'restore your tabs?'. However, when I restore my tabs they are not the ones that I had previously, but a blank new tab and a tab directed to screenaddict.thewhizproducts.com. The longer I use my computer the less that Google closes, so I've taken to just never shutting my computer off. I've scoured my entire computer and have found no traces of the usual screenaddict virus, which is actually just a typical unwanted ad program. I've been through my chrome extensions, as well, and have uninstalled and reinstalled everything at least three times. I've also installed at least three virus/malware removal tools and none of them have helped. Google actually closed three times as I tried to make this post. Please help!

Attached Files


Edited by ssdunn, 02 February 2017 - 01:18 PM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:33 PM

Posted 02 February 2017 - 02:11 PM

Welcome:

RKill is a program developed at BleepingComputer.com that was originally designed for the use in our virus removal guides. It was created so that we could have an easy to use tool that kills known processes and remove Windows Registry entries that stop a user from using their normal security applications. Simple as that. Nothing fancy. Just kill known malware processes and clean up some Registry keys so that your security programs can do their job.

So in summary, RKill just kills 32-bit and 64-bit malware processes and scans the registry for entries that would not allow you to run various legitimate programs. When scanning the Registry, Rkill will search for malicious Image File Execution Objects, DisallowRuns entries, executable hijacks, and policies that restrict your use of various Windows utilities. When changing Windows Registry entries it will create a backup of these entries and save them in the rkill folder on your desktop. Each registry backup will contain a time stamp so that the backups are not overwritten on subsequent runs of Rkill.

Since RKill only terminates processes and does not remove the offending files, when it is finished you should not reboot your computer. If you do, these malware processes that are set to start automatically, will just start up again. Instead, after running RKill you should scan your computer using your malware removal tool of choice. If there is a problem after running RKill, just reboot your computer and you will be back to where you started before running the program.

RKill can be downloaded from the following location:

http://www.bleepingcomputer.com/download/rkill/

A report, rkill.log will be created in the root directory, usualy C:\. Post that report on your next reply, then proceed as follows without restarting the computer.
 
ESETOnline.png Scan with ESET Online Scanner

Temporarily disable your AntiVirus and AntiSpyware protection - instructions here.
  • Please visit the ESET Online Scanner website
  • Click the SCAN NOW button to download the esetonlinescanner_enu.exe file to the Desktop
  • Double click esetonlinescanner_enu.exe. Accept the Terms of Use
  • Select Enable detection of potentially unwanted applications
  • In Advanced Settings: make sure that Clean threats automatically is unchecked 
  • And Enable detection of potentially unsafe applications, Enable detection of suspicious applications, Scan archives, and Enable Anti-Stealth technology are all checked.
  • Click Scan
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When completed it'll show a list of "Threats found", click beneath it on Save to text file.... and save it as ESET log.txt on your Desktop.
  • Then click Do not clean. Place a checkmark at Delete application's data on close, click Finish and close the program.
Don't forget to re-enable previously switched-off protection software!

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:33 PM

Posted 12 February 2017 - 09:12 PM

Are you still with us?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,843 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:33 PM

Posted 18 February 2017 - 02:40 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users