Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Hijacker returns even after multiple cleaning, stops Defender


  • Please log in to reply
1 reply to this topic

#1 pissed_off

pissed_off

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:59 PM

Posted 25 May 2017 - 04:13 AM

Hi everyone.

 

Please help me with this. I have done adware removal multiple times, but the problem returns. Now more often than earlier.

 

Around a month ago, I found out that I installed some browser hijacker somehow. It has been infecting all my browsers, popping up ourluckysites, searchinme, etc.

 

I have noticed some more things along with the issue with the browser. Almost every time I switch on the laptop, I need to check if my Windows Defender is working. It is usually not turned on by itself. It takes some time in manually turning it on. It regularly asks for updating, even when the automatic updating is on. And often, the icon of Defender simply disappears from the taskbar. Some random game links appear on the desktop. On restarting the computer, and then manually turning on Defender, things work fine only to get bad again at some point of time.

 

I have unistalled and reinstalled browsers (commonly Chrome) many times. Corrected the search engine settings. I have cleaned using Adware removal tools multiple times in past. I notice many random "snare" and "kitty" containing folders appear and being deleted by the tool(s). But they appear again and again.

 

Please Support.

Thanks.


Edited by hamluis, 25 May 2017 - 05:23 AM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,855 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:06:59 PM

Posted 25 May 2017 - 05:37 AM

pissed_off:

:welcome: to the Bleeping Computer Am I Infected? - What Do I Do? Forum. My name is Phil . May I address you by your first name?

I am sorry to hear that you are having issues with continuous pop-ups and browser hijacks.

I think that we should run a few preliminary security scans on your computer and see what turns up.

.

:step1: ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you're using Chrome or Firefox, you will need to download and install the ESET Smart Installer tool before it can scan. See instructions here.
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.

  • Download esetsmartinstaller_enu.exe and save it to your Desktop.
  • Double click the icon.
  • Check YES, I accept the Terms of Use.
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Then select: "Enable detection of potentially unwanted applications" - Yes.
  • Click Advanced settings.
  • Check the following items.

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Change next to Current scan targets:
  • Place a check mark in any additional drive you wish to scan then click OK.
  • Click Start.
  • ESET will then download updates and begin scanning your computer.
  • If no threats are found simply click Uninstall application on close and hit Finish.
  • If threats are found click List of found threats.
  • Click Export to text file.
  • Save the file on your Desktop as ESET.txt.
  • Click Back.
  • Check Uninstall application on close and Delete quarantined files.
  • Click Finish.
  • Close the ESET Online Scanner window.
  • Copy and paste the contents of ESET.txt into your reply, if any threats were detected.

Don't forget to re-enable your antivirus when finished!

.


:step2: Please run a Malwarebytes Anti-Malware scan for me.

  • Please download Malwarebytes to your Desktop.
  • Double-click mb3-setup-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Next, please go to "Settings", "Protection", and turn on "Scan for rootkits", if it is not "On."
  • Ensure that under "Potential Threat Protetion", both switches are set to "Always Detect PUPs/PUMs (recommended).
  • Then scroll to the bottom of that page and ensure that "Automatic Quarantine" is turned "On."
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If an update of the definitions is available, it will be downloaded and installed before the scan commences.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

The Scan log is available through History ->Application logs. Please copy and paste the contents of the log into your next reply.

.


If I haven't responded to your reply in 48 hours, please send me a personal message.

Thank you and have a great day.

Regards,
-Phil


Graduate of the Bleeping Computer Malware Removal Study Hall





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users