Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chrome Browser Hijack leading to Adware, Trojan, and other Malware


  • Please log in to reply
5 replies to this topic

#1 idl99

idl99

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 20 April 2017 - 11:32 PM

Hey everyone,

 

Around two days ago, i installed Daemon Tools Lite, as it was a software that i used for years on my old laptop with no issues. However, i hadn't update Daemon Tools Lite in my old laptop in years. Anyways, I decided to install Daemon Tools Lite on my new laptop to mount an ISO File. Soon after installing, when i logged on to Chrome, i realized my browser had been hijacked and the homepage was set to initialpage123.com . Later, when I searched Google, i realized Daemon Tools have gone rogue since of late. At the time, I had Windows Defender and SMADAV AV installed, and after scanning using SMADAV, the results showed up a TenCent Virus, which I cleaned using SMADAV. However, i was not satisfied because Windows Defender kept prompting me to run a virus scan.

 

So, i googled more and followed Malware Removal Guides on your forum (bleepingcomputer.com) as well as another REDDIT post. I installed BitDefender, MalwareBytes, MalwareBytes ADW Cleaner, Malware Junk Removal Tool, and HitMan Pro. To my bitter sweet happiness, each virus scanner, found various issues in my laptop, ranging from WinSAP, SNARE, Kitty.DLL, and various other registry issues. Despite cleaning WinSAP and Snare, it showed up yet again on MalwareBytes ADW the following day. Can someone please instruct me on how to fix these issues permanently? I've stored BitDefender, MalwareBytes, ADWCleaner, HitMan Pro logs. Should I post them here? I'm new to your forum, so please guide me.

 

Thanks in advance



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:44 AM

Posted 02 May 2017 - 09:40 AM

Hi, disable add ons in Chrome one at a time to find the guilty one or just do all and see if it sops.

How To Disable Individual Plug-ins in Google Chrome
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 idl99

idl99
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 02 May 2017 - 08:26 PM

Hi, disable add ons in Chrome one at a time to find the guilty one or just do all and see if it sops.

How To Disable Individual Plug-ins in Google Chrome

 

First of all, thanks a lot for replying to my post, @boopme. I've actually solved my browser hijack issue weeks ago, soon after the problem hijack occurred. The culprit turned out to be a trojan horse, which was picked up by Hitman Pro if im not mistaken. Now the Chrome issue has been fixed. However, i've been detected Tencent Virus by SMADAV antivirus, WinSap, SNARE, Kitty viruses by Malwarebytes ADW Cleaner every 4-5 days or so, after cleaning them, and some Adaware.Elex by Malwarebytes. At the same time strange things have been happening in my laptop. For i.e.: yesterday i was unable to shutdown my PC as it kept going back to the login screen. However I solved this issue, by turning off Fast Startup in Power Options. i do have all my Malwarebytes, Hitman Pro, ADW Cleaner logs for your reference. What should I do? 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:44 AM

Posted 03 May 2017 - 01:25 PM

Hi you probably have other malware that's protected.. I say we get a deeper look .. Start at Step six and make a new topic.
You can repost the issue above.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 idl99

idl99
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 05 May 2017 - 11:28 AM

@boopme I'm unable to run FarBar Recovery Scan Tool as it is getting blocked by Windows Defender SmartScreen.

 

UPDATE : I chose the run anyway option. Is it safe?


Edited by idl99, 05 May 2017 - 11:38 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:44 AM

Posted 05 May 2017 - 01:10 PM

Yes


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users